From e90d28dcc280831ac736e4ac2c6906611913fdc5 Mon Sep 17 00:00:00 2001 From: Ole Markus With Date: Sun, 10 Apr 2022 08:37:55 +0200 Subject: [PATCH 1/2] Fix channels make target --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 2cd866bd25..2fdc4cd990 100644 --- a/Makefile +++ b/Makefile @@ -236,7 +236,7 @@ channels-amd64 channels-arm64: channels-%: GOOS=linux GOARCH=$* go build ${GCFLAGS} ${BUILDFLAGS} ${EXTRA_BUILDFLAGS} -o ${DIST}/linux/$*/channels ${LDFLAGS}"${EXTRA_LDFLAGS} -X k8s.io/kops.Version=${VERSION} -X k8s.io/kops.GitVersion=${GITSHA}" k8s.io/kops/channels/cmd/channels .PHONY: channels -nodeup: channels-amd64 +channels: channels-amd64 .PHONY: crossbuild-channels crossbuild-channels: channels-amd64 channels-arm64 From 5f6b480f815d2f170f253006ab54d45d4cf88eeb Mon Sep 17 00:00:00 2001 From: Ole Markus With Date: Sun, 10 Apr 2022 08:36:00 +0200 Subject: [PATCH 2/2] Update cert-manager dependency to 1.8.0 --- channels/pkg/channels/BUILD.bazel | 8 +- channels/pkg/channels/addon.go | 4 +- channels/pkg/channels/addons_test.go | 2 +- channels/pkg/channels/channel_version.go | 2 +- channels/pkg/channels/channel_version_test.go | 4 +- channels/pkg/cmd/BUILD.bazel | 4 +- channels/pkg/cmd/apply_channel.go | 2 +- channels/pkg/cmd/apply_channel_test.go | 2 +- channels/pkg/cmd/factory.go | 2 +- go.mod | 35 +- go.sum | 195 +- tests/e2e/go.mod | 46 +- tests/e2e/go.sum | 296 +++- .../Azure/azure-sdk-for-go/version/version.go | 2 +- .../go-autorest/autorest/adal/BUILD.bazel | 2 +- .../autorest/adal/go_mod_tidy_hack.go | 1 + .../Azure/go-autorest/autorest/adal/token.go | 2 +- .../go-autorest/autorest/adal/token_1.13.go | 1 + .../go-autorest/autorest/adal/token_legacy.go | 1 + .../go-autorest/autorest/go_mod_tidy_hack.go | 1 + .../autorest/retriablerequest_1.7.go | 1 + .../autorest/retriablerequest_1.8.go | 1 + .../Azure/go-autorest/autorest/sender.go | 5 + .../go-autorest/autorest/utility_1.13.go | 1 + .../go-autorest/autorest/utility_legacy.go | 1 + .../cert-manager/LICENSE | 0 .../cert-manager/LICENSES | 1047 +++++------ .../cert-manager/pkg/apis/acme/BUILD.bazel | 4 +- .../cert-manager/pkg/apis/acme/doc.go | 0 .../pkg/apis/acme/v1}/BUILD.bazel | 9 +- .../cert-manager/pkg/apis/acme/v1/const.go | 0 .../cert-manager/pkg/apis/acme/v1/doc.go | 3 - .../cert-manager/pkg/apis/acme/v1/register.go | 2 +- .../cert-manager/pkg/apis/acme/v1/types.go | 4 +- .../pkg/apis/acme/v1/types_challenge.go | 2 +- .../pkg/apis/acme/v1/types_issuer.go | 17 +- .../pkg/apis/acme/v1/types_order.go | 2 +- .../pkg/apis/acme/v1/zz_generated.deepcopy.go | 10 +- .../pkg/apis/certmanager/BUILD.bazel | 9 + .../cert-manager/pkg/apis/certmanager/doc.go | 0 .../pkg/apis/certmanager/v1/BUILD.bazel | 10 +- .../pkg/apis/certmanager/v1/const.go | 0 .../pkg/apis/certmanager/v1/doc.go | 3 - .../pkg/apis/certmanager/v1/generic_issuer.go | 2 +- .../pkg/apis/certmanager/v1/register.go | 2 +- .../pkg/apis/certmanager/v1/types.go | 16 +- .../apis/certmanager/v1/types_certificate.go | 74 +- .../v1/types_certificaterequest.go | 4 +- .../pkg/apis/certmanager/v1/types_issuer.go | 6 +- .../certmanager/v1/zz_generated.deepcopy.go | 30 +- .../cert-manager/pkg/apis/meta/BUILD.bazel | 4 +- .../cert-manager/pkg/apis/meta/doc.go | 0 .../cert-manager/pkg/apis/meta/v1/BUILD.bazel | 6 +- .../cert-manager/pkg/apis/meta/v1/doc.go | 4 +- .../cert-manager/pkg/apis/meta/v1/register.go | 2 +- .../cert-manager/pkg/apis/meta/v1/types.go | 0 .../pkg/apis/meta/v1/zz_generated.deepcopy.go | 0 .../client/clientset/versioned/BUILD.bazel | 19 + .../client/clientset/versioned/clientset.go | 130 ++ .../pkg/client/clientset/versioned/doc.go | 0 .../clientset/versioned/fake/BUILD.bazel | 31 + .../versioned/fake/clientset_generated.go | 92 + .../client/clientset/versioned/fake/doc.go | 0 .../clientset/versioned/fake/register.go | 16 +- .../clientset/versioned/scheme/BUILD.bazel | 21 + .../client/clientset/versioned/scheme/doc.go | 0 .../clientset/versioned/scheme/register.go | 16 +- .../versioned/typed/acme/v1}/BUILD.bazel | 8 +- .../versioned/typed/acme/v1/acme_client.go | 24 +- .../versioned/typed/acme/v1/challenge.go | 4 +- .../clientset/versioned/typed/acme/v1/doc.go | 0 .../versioned/typed/acme/v1/fake/BUILD.bazel | 8 +- .../versioned/typed/acme/v1/fake/doc.go | 0 .../typed/acme/v1/fake/fake_acme_client.go | 2 +- .../typed/acme/v1/fake/fake_challenge.go | 4 +- .../typed/acme/v1/fake/fake_order.go | 4 +- .../typed/acme/v1/generated_expansion.go | 0 .../versioned/typed/acme/v1/order.go | 4 +- .../typed/certmanager/v1/BUILD.bazel | 8 +- .../typed/certmanager/v1/certificate.go | 4 +- .../certmanager/v1/certificaterequest.go | 4 +- .../certmanager/v1/certmanager_client.go | 24 +- .../typed/certmanager/v1/clusterissuer.go | 4 +- .../versioned/typed/certmanager/v1/doc.go | 0 .../typed/certmanager/v1/fake/BUILD.bazel | 8 +- .../typed/certmanager/v1}/fake/doc.go | 0 .../certmanager/v1/fake/fake_certificate.go | 4 +- .../v1/fake/fake_certificaterequest.go | 4 +- .../v1/fake/fake_certmanager_client.go | 2 +- .../certmanager/v1/fake/fake_clusterissuer.go | 4 +- .../typed/certmanager/v1/fake/fake_issuer.go | 4 +- .../certmanager/v1/generated_expansion.go | 0 .../versioned/typed/certmanager/v1/issuer.go | 4 +- .../containerd/containerd/images/image.go | 55 + .../containerd/remotes/docker/fetcher.go | 4 + .../remotes/docker/httpreadseeker.go | 25 + .../remotes/docker/schema1/converter.go | 9 +- .../containerd/containerd/version/version.go | 2 +- .../docker/distribution/.golangci.yml | 20 + .../docker/distribution/.gometalinter.json | 16 - .../github.com/docker/distribution/.mailmap | 17 + .../docker/distribution/.travis.yml | 51 - .../github.com/docker/distribution/Dockerfile | 53 +- .../github.com/docker/distribution/Makefile | 2 +- .../github.com/docker/distribution/README.md | 2 +- .../github.com/docker/distribution/blobs.go | 2 +- .../docker/distribution/docker-bake.hcl | 65 + .../docker/distribution/manifests.go | 2 +- .../distribution/reference/normalize.go | 29 + .../distribution/reference/reference.go | 2 +- .../registry/api/errcode/errors.go | 6 +- .../distribution/registry/api/v2/urls.go | 12 - .../client/auth/challenge/authchallenge.go | 4 +- .../registry/client/repository.go | 9 +- .../docker/distribution/vendor.conf | 4 +- .../form3tech-oss/jwt-go/.travis.yml | 12 - .../form3tech-oss/jwt-go/MIGRATION_GUIDE.md | 97 - .../jwt-go => golang-jwt/jwt/v4}/.gitignore | 1 - .../jwt-go => golang-jwt/jwt/v4}/BUILD.bazel | 6 +- .../jwt-go => golang-jwt/jwt/v4}/LICENSE | 1 + .../golang-jwt/jwt/v4/MIGRATION_GUIDE.md | 22 + .../jwt-go => golang-jwt/jwt/v4}/README.md | 51 +- .../jwt/v4}/VERSION_HISTORY.md | 19 +- .../jwt-go => golang-jwt/jwt/v4}/claims.go | 41 +- .../jwt-go => golang-jwt/jwt/v4}/doc.go | 0 .../jwt-go => golang-jwt/jwt/v4}/ecdsa.go | 30 +- .../jwt/v4}/ecdsa_utils.go | 8 +- .../github.com/golang-jwt/jwt/v4/ed25519.go | 81 + .../golang-jwt/jwt/v4/ed25519_utils.go | 64 + .../jwt-go => golang-jwt/jwt/v4}/errors.go | 6 +- .../jwt-go => golang-jwt/jwt/v4}/hmac.go | 6 +- .../jwt/v4}/map_claims.go | 62 +- .../jwt-go => golang-jwt/jwt/v4}/none.go | 2 +- .../jwt-go => golang-jwt/jwt/v4}/parser.go | 12 +- .../jwt-go => golang-jwt/jwt/v4}/rsa.go | 6 +- .../jwt-go => golang-jwt/jwt/v4}/rsa_pss.go | 6 +- .../jwt-go => golang-jwt/jwt/v4}/rsa_utils.go | 16 +- .../jwt/v4}/signing_method.go | 6 +- .../golang-jwt/jwt/v4/staticcheck.conf | 1 + .../jwt-go => golang-jwt/jwt/v4}/token.go | 32 +- .../cert-manager/pkg/apis/acme/v1/BUILD.bazel | 27 - .../pkg/apis/acme/v1alpha2/BUILD.bazel | 27 - .../pkg/apis/acme/v1alpha2/const.go | 21 - .../pkg/apis/acme/v1alpha2/doc.go | 23 - .../pkg/apis/acme/v1alpha2/register.go | 58 - .../pkg/apis/acme/v1alpha2/types.go | 38 - .../pkg/apis/acme/v1alpha2/types_challenge.go | 145 -- .../pkg/apis/acme/v1alpha2/types_issuer.go | 597 ------- .../pkg/apis/acme/v1alpha2/types_order.go | 238 --- .../acme/v1alpha2/zz_generated.deepcopy.go | 891 ---------- .../pkg/apis/acme/v1alpha3/const.go | 21 - .../pkg/apis/acme/v1alpha3/doc.go | 23 - .../pkg/apis/acme/v1alpha3/register.go | 58 - .../pkg/apis/acme/v1alpha3/types.go | 43 - .../pkg/apis/acme/v1alpha3/types_challenge.go | 145 -- .../pkg/apis/acme/v1alpha3/types_issuer.go | 597 ------- .../pkg/apis/acme/v1alpha3/types_order.go | 238 --- .../acme/v1alpha3/zz_generated.deepcopy.go | 891 ---------- .../pkg/apis/acme/v1beta1/BUILD.bazel | 27 - .../cert-manager/pkg/apis/acme/v1beta1/doc.go | 23 - .../pkg/apis/acme/v1beta1/register.go | 58 - .../pkg/apis/acme/v1beta1/types.go | 43 - .../pkg/apis/acme/v1beta1/types_challenge.go | 145 -- .../pkg/apis/acme/v1beta1/types_issuer.go | 596 ------- .../pkg/apis/acme/v1beta1/types_order.go | 239 --- .../acme/v1beta1/zz_generated.deepcopy.go | 891 ---------- .../pkg/apis/certmanager/BUILD.bazel | 9 - .../pkg/apis/certmanager/v1alpha2/BUILD.bazel | 27 - .../pkg/apis/certmanager/v1alpha2/const.go | 43 - .../pkg/apis/certmanager/v1alpha2/doc.go | 24 - .../certmanager/v1alpha2/generic_issuer.go | 85 - .../pkg/apis/certmanager/v1alpha2/types.go | 203 --- .../certmanager/v1alpha2/types_certificate.go | 444 ----- .../v1alpha2/types_certificaterequest.go | 207 --- .../apis/certmanager/v1alpha2/types_issuer.go | 341 ---- .../v1alpha2/zz_generated.deepcopy.go | 995 ----------- .../pkg/apis/certmanager/v1alpha3/BUILD.bazel | 27 - .../pkg/apis/certmanager/v1alpha3/const.go | 43 - .../pkg/apis/certmanager/v1alpha3/doc.go | 24 - .../certmanager/v1alpha3/generic_issuer.go | 85 - .../pkg/apis/certmanager/v1alpha3/register.go | 62 - .../pkg/apis/certmanager/v1alpha3/types.go | 193 -- .../certmanager/v1alpha3/types_certificate.go | 451 ----- .../v1alpha3/types_certificaterequest.go | 205 --- .../apis/certmanager/v1alpha3/types_issuer.go | 341 ---- .../v1alpha3/zz_generated.deepcopy.go | 995 ----------- .../pkg/apis/certmanager/v1beta1/BUILD.bazel | 26 - .../pkg/apis/certmanager/v1beta1/const.go | 43 - .../pkg/apis/certmanager/v1beta1/doc.go | 24 - .../pkg/apis/certmanager/v1beta1/register.go | 62 - .../pkg/apis/certmanager/v1beta1/types.go | 193 -- .../certmanager/v1beta1/types_certificate.go | 449 ----- .../v1beta1/types_certificaterequest.go | 208 --- .../apis/certmanager/v1beta1/types_issuer.go | 343 ---- .../v1beta1/zz_generated.deepcopy.go | 995 ----------- .../client/clientset/versioned/BUILD.bazel | 25 - .../client/clientset/versioned/clientset.go | 195 -- .../clientset/versioned/fake/BUILD.bazel | 49 - .../versioned/fake/clientset_generated.go | 134 -- .../clientset/versioned/scheme/BUILD.bazel | 27 - .../versioned/typed/acme/v1/BUILD.bazel | 23 - .../versioned/typed/acme/v1alpha2/BUILD.bazel | 23 - .../typed/acme/v1alpha2/acme_client.go | 94 - .../typed/acme/v1alpha2/challenge.go | 195 -- .../typed/acme/v1alpha2/fake/BUILD.bazel | 25 - .../acme/v1alpha2/fake/fake_acme_client.go | 44 - .../acme/v1alpha2/fake/fake_challenge.go | 142 -- .../typed/acme/v1alpha2/fake/fake_order.go | 142 -- .../acme/v1alpha2/generated_expansion.go | 23 - .../versioned/typed/acme/v1alpha2/order.go | 195 -- .../versioned/typed/acme/v1alpha3/BUILD.bazel | 23 - .../typed/acme/v1alpha3/acme_client.go | 94 - .../typed/acme/v1alpha3/challenge.go | 195 -- .../versioned/typed/acme/v1alpha3/doc.go | 20 - .../typed/acme/v1alpha3/fake/BUILD.bazel | 25 - .../versioned/typed/acme/v1alpha3/fake/doc.go | 20 - .../acme/v1alpha3/fake/fake_acme_client.go | 44 - .../acme/v1alpha3/fake/fake_challenge.go | 142 -- .../typed/acme/v1alpha3/fake/fake_order.go | 142 -- .../acme/v1alpha3/generated_expansion.go | 23 - .../versioned/typed/acme/v1alpha3/order.go | 195 -- .../typed/acme/v1beta1/acme_client.go | 94 - .../versioned/typed/acme/v1beta1/challenge.go | 195 -- .../versioned/typed/acme/v1beta1/doc.go | 20 - .../typed/acme/v1beta1/fake/BUILD.bazel | 25 - .../versioned/typed/acme/v1beta1/fake/doc.go | 20 - .../acme/v1beta1/fake/fake_acme_client.go | 44 - .../typed/acme/v1beta1/fake/fake_challenge.go | 142 -- .../typed/acme/v1beta1/fake/fake_order.go | 142 -- .../typed/acme/v1beta1/generated_expansion.go | 23 - .../versioned/typed/acme/v1beta1/order.go | 195 -- .../typed/certmanager/v1/fake/doc.go | 20 - .../typed/certmanager/v1alpha2/BUILD.bazel | 25 - .../typed/certmanager/v1alpha2/certificate.go | 195 -- .../v1alpha2/certificaterequest.go | 195 -- .../v1alpha2/certmanager_client.go | 104 -- .../certmanager/v1alpha2/clusterissuer.go | 184 -- .../typed/certmanager/v1alpha2/doc.go | 20 - .../certmanager/v1alpha2/fake/BUILD.bazel | 27 - .../typed/certmanager/v1alpha2/fake/doc.go | 20 - .../v1alpha2/fake/fake_certificate.go | 142 -- .../v1alpha2/fake/fake_certificaterequest.go | 142 -- .../v1alpha2/fake/fake_certmanager_client.go | 52 - .../v1alpha2/fake/fake_clusterissuer.go | 133 -- .../certmanager/v1alpha2/fake/fake_issuer.go | 142 -- .../v1alpha2/generated_expansion.go | 27 - .../typed/certmanager/v1alpha2/issuer.go | 195 -- .../typed/certmanager/v1alpha3/BUILD.bazel | 25 - .../typed/certmanager/v1alpha3/certificate.go | 195 -- .../v1alpha3/certificaterequest.go | 195 -- .../v1alpha3/certmanager_client.go | 104 -- .../certmanager/v1alpha3/clusterissuer.go | 184 -- .../typed/certmanager/v1alpha3/doc.go | 20 - .../certmanager/v1alpha3/fake/BUILD.bazel | 27 - .../typed/certmanager/v1alpha3/fake/doc.go | 20 - .../v1alpha3/fake/fake_certificate.go | 142 -- .../v1alpha3/fake/fake_certificaterequest.go | 142 -- .../v1alpha3/fake/fake_certmanager_client.go | 52 - .../v1alpha3/fake/fake_clusterissuer.go | 133 -- .../certmanager/v1alpha3/fake/fake_issuer.go | 142 -- .../v1alpha3/generated_expansion.go | 27 - .../typed/certmanager/v1alpha3/issuer.go | 195 -- .../typed/certmanager/v1beta1/BUILD.bazel | 25 - .../typed/certmanager/v1beta1/certificate.go | 195 -- .../certmanager/v1beta1/certificaterequest.go | 195 -- .../certmanager/v1beta1/certmanager_client.go | 104 -- .../certmanager/v1beta1/clusterissuer.go | 184 -- .../typed/certmanager/v1beta1/doc.go | 20 - .../certmanager/v1beta1/fake/BUILD.bazel | 27 - .../typed/certmanager/v1beta1/fake/doc.go | 20 - .../v1beta1/fake/fake_certificate.go | 142 -- .../v1beta1/fake/fake_certificaterequest.go | 142 -- .../v1beta1/fake/fake_certmanager_client.go | 52 - .../v1beta1/fake/fake_clusterissuer.go | 133 -- .../certmanager/v1beta1/fake/fake_issuer.go | 142 -- .../v1beta1/generated_expansion.go | 27 - .../typed/certmanager/v1beta1/issuer.go | 195 -- .../klauspost/compress/.goreleaser.yml | 4 + .../github.com/klauspost/compress/README.md | 14 + .../klauspost/compress/huff0/decompress.go | 230 +-- .../klauspost/compress/zstd/bitreader.go | 15 +- .../klauspost/compress/zstd/bitwriter.go | 22 +- .../klauspost/compress/zstd/blockenc.go | 98 +- .../klauspost/compress/zstd/enc_base.go | 24 +- .../klauspost/compress/zstd/enc_fast.go | 139 +- .../klauspost/compress/zstd/fse_decoder.go | 2 +- .../klauspost/compress/zstd/fse_encoder.go | 5 +- .../compress/zstd/internal/xxhash/BUILD.bazel | 3 +- .../zstd/internal/xxhash/xxhash_arm64.s | 189 ++ .../xxhash/{xxhash_amd64.go => xxhash_asm.go} | 7 +- .../zstd/internal/xxhash/xxhash_other.go | 4 +- .../klauspost/compress/zstd/seqdec.go | 4 +- .../mitchellh/copystructure/copystructure.go | 50 +- .../mitchellh/reflectwalk/reflectwalk.go | 18 + .../image-spec/specs-go/v1/annotations.go | 6 - .../image-spec/specs-go/v1/config.go | 11 - .../image-spec/specs-go/v1/index.go | 3 + .../image-spec/specs-go/v1/manifest.go | 3 + .../image-spec/specs-go/v1/mediatype.go | 9 - .../image-spec/specs-go/version.go | 4 +- .../v3/internal/experimental/registry/util.go | 56 - .../helm/v3/internal/version/version.go | 2 +- vendor/helm.sh/helm/v3/pkg/cli/environment.go | 7 +- vendor/helm.sh/helm/v3/pkg/getter/BUILD.bazel | 2 +- vendor/helm.sh/helm/v3/pkg/getter/getter.go | 2 +- .../helm.sh/helm/v3/pkg/getter/ocigetter.go | 8 +- .../helm/v3/pkg/helmpath/lazypath_darwin.go | 1 + .../helm/v3/pkg/helmpath/lazypath_unix.go | 1 + .../experimental => pkg}/registry/BUILD.bazel | 10 +- .../experimental => pkg}/registry/client.go | 198 ++- .../registry/constants.go | 4 +- vendor/helm.sh/helm/v3/pkg/registry/util.go | 131 ++ vendor/modules.txt | 101 +- vendor/oras.land/oras-go/LICENSE | 213 ++- .../oras-go/pkg/auth/docker/client.go | 33 + .../oras.land/oras-go/pkg/content/BUILD.bazel | 8 +- .../{decompressstore.go => decompress.go} | 43 +- .../oras.land/oras-go/pkg/content/errors.go | 1 + vendor/oras.land/oras-go/pkg/content/file.go | 275 ++- .../oras-go/pkg/content/interface.go | 10 +- .../oras.land/oras-go/pkg/content/manifest.go | 95 + .../oras.land/oras-go/pkg/content/memory.go | 177 +- .../oras-go/pkg/content/multireader.go | 11 +- .../oras-go/pkg/content/multiwriter.go | 11 + vendor/oras.land/oras-go/pkg/content/oci.go | 174 +- .../oras.land/oras-go/pkg/content/readerat.go | 25 +- .../oras.land/oras-go/pkg/content/registry.go | 84 + vendor/oras.land/oras-go/pkg/oras/BUILD.bazel | 11 +- vendor/oras.land/oras-go/pkg/oras/copy.go | 213 +++ vendor/oras.land/oras-go/pkg/oras/errors.go | 6 +- vendor/oras.land/oras-go/pkg/oras/opts.go | 254 +++ vendor/oras.land/oras-go/pkg/oras/provider.go | 79 + vendor/oras.land/oras-go/pkg/oras/pull.go | 150 -- .../oras.land/oras-go/pkg/oras/pull_opts.go | 150 -- vendor/oras.land/oras-go/pkg/oras/push.go | 126 -- .../oras.land/oras-go/pkg/oras/push_opts.go | 165 -- vendor/oras.land/oras-go/pkg/oras/store.go | 126 +- .../oras-go/pkg/registry/BUILD.bazel | 16 + .../oras-go/pkg/registry/reference.go | 177 ++ .../oras-go/pkg/registry/remote/BUILD.bazel | 19 + .../pkg/registry/remote/auth/BUILD.bazel | 20 + .../oras-go/pkg/registry/remote/auth/cache.go | 158 ++ .../pkg/registry/remote/auth/challenge.go | 166 ++ .../pkg/registry/remote/auth/client.go | 367 ++++ .../pkg/registry/remote/auth/credential.go | 39 + .../oras-go/pkg/registry/remote/auth/scope.go | 231 +++ .../remote/internal/errutil/BUILD.bazel | 9 + .../remote/internal/errutil/errors.go | 83 + .../remote/internal/syncutil/BUILD.bazel | 9 + .../registry/remote/internal/syncutil/once.go | 69 + .../oras-go/pkg/registry/remote/repository.go | 171 ++ .../oras-go/pkg/registry/remote/url.go | 42 + .../oras-go/pkg/registry/remote/utils.go | 72 + .../oras-go/pkg/registry/repository.go | 57 + .../oras.land/oras-go/pkg/target/BUILD.bazel | 10 + .../oras-go/pkg/target/target.go} | 19 +- .../pkg/cache/internal/informers_map.go | 58 +- vendor/sigs.k8s.io/gateway-api/LICENSE | 201 +++ .../gateway-api/apis/v1alpha2/BUILD.bazel | 28 + .../gateway-api/apis}/v1alpha2/doc.go | 9 +- .../apis/v1alpha2/gateway_types.go | 838 +++++++++ .../apis/v1alpha2/gatewayclass_types.go | 200 +++ .../apis/v1alpha2/httproute_types.go | 767 ++++++++ .../apis/v1alpha2/object_reference_types.go | 131 ++ .../gateway-api/apis/v1alpha2/policy_types.go | 41 + .../apis/v1alpha2/referencepolicy_types.go | 132 ++ .../gateway-api/apis/v1alpha2/shared_types.go | 403 +++++ .../apis/v1alpha2/tcproute_types.go | 86 + .../apis/v1alpha2/tlsroute_types.go | 130 ++ .../apis/v1alpha2/udproute_types.go | 86 + .../apis/v1alpha2/zz_generated.deepcopy.go | 1571 +++++++++++++++++ .../apis/v1alpha2/zz_generated.register.go} | 49 +- 372 files changed, 10967 insertions(+), 23891 deletions(-) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/LICENSE (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/LICENSES (99%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/BUILD.bazel (50%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/doc.go (100%) rename vendor/github.com/{jetstack/cert-manager/pkg/apis/acme/v1alpha3 => cert-manager/cert-manager/pkg/apis/acme/v1}/BUILD.bazel (64%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/const.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/doc.go (84%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/register.go (97%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/types.go (90%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/types_challenge.go (98%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/types_issuer.go (97%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/types_order.go (99%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/acme/v1/zz_generated.deepcopy.go (98%) create mode 100644 vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/BUILD.bazel rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/BUILD.bazel (58%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/const.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/doc.go (84%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/generic_issuer.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/register.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/types.go (92%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/types_certificate.go (83%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/types_certificaterequest.go (98%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/types_issuer.go (98%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/certmanager/v1/zz_generated.deepcopy.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/meta/BUILD.bazel (50%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/meta/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/meta/v1/BUILD.bazel (62%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/meta/v1/doc.go (85%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/meta/v1/register.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/meta/v1/types.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/apis/meta/v1/zz_generated.deepcopy.go (100%) create mode 100644 vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/BUILD.bazel create mode 100644 vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/clientset.go rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/doc.go (100%) create mode 100644 vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel create mode 100644 vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/fake/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/fake/register.go (69%) create mode 100644 vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/scheme/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/scheme/register.go (70%) rename vendor/github.com/{jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1 => cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1}/BUILD.bazel (57%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go (73%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go (97%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/BUILD.bazel (63%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_acme_client.go (93%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_challenge.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_order.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go (97%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel (59%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go (97%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go (97%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go (76%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go (97%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/BUILD.bazel (64%) rename vendor/github.com/{jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2 => cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1}/fake/doc.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificate.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificaterequest.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certmanager_client.go (93%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_clusterissuer.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_issuer.go (96%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go (100%) rename vendor/github.com/{jetstack => cert-manager}/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go (97%) create mode 100644 vendor/github.com/docker/distribution/.golangci.yml delete mode 100644 vendor/github.com/docker/distribution/.gometalinter.json delete mode 100644 vendor/github.com/docker/distribution/.travis.yml create mode 100644 vendor/github.com/docker/distribution/docker-bake.hcl delete mode 100644 vendor/github.com/form3tech-oss/jwt-go/.travis.yml delete mode 100644 vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/.gitignore (95%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/BUILD.bazel (73%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/LICENSE (96%) create mode 100644 vendor/github.com/golang-jwt/jwt/v4/MIGRATION_GUIDE.md rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/README.md (62%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/VERSION_HISTORY.md (84%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/claims.go (75%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/doc.go (100%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/ecdsa.go (79%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/ecdsa_utils.go (81%) create mode 100644 vendor/github.com/golang-jwt/jwt/v4/ed25519.go create mode 100644 vendor/github.com/golang-jwt/jwt/v4/ed25519_utils.go rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/errors.go (88%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/hmac.go (90%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/map_claims.go (66%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/none.go (94%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/parser.go (95%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/rsa.go (92%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/rsa_pss.go (94%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/rsa_utils.go (72%) rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/signing_method.go (79%) create mode 100644 vendor/github.com/golang-jwt/jwt/v4/staticcheck.conf rename vendor/github.com/{form3tech-oss/jwt-go => golang-jwt/jwt/v4}/token.go (74%) delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/const.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/register.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/zz_generated.deepcopy.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/const.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/register.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/zz_generated.deepcopy.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/register.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/zz_generated.deepcopy.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/const.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/generic_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/const.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/generic_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/register.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/const.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/register.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/zz_generated.deepcopy.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/clientset.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/acme_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_acme_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/generated_expansion.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/acme_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_acme_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/generated_expansion.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/acme_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_acme_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_challenge.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/generated_expansion.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/order.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certmanager_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/clusterissuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certmanager_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_clusterissuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/generated_expansion.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certmanager_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/clusterissuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certmanager_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_clusterissuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/generated_expansion.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certmanager_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/clusterissuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/BUILD.bazel delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/doc.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificate.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificaterequest.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certmanager_client.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_clusterissuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_issuer.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/generated_expansion.go delete mode 100644 vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/issuer.go create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s rename vendor/github.com/klauspost/compress/zstd/internal/xxhash/{xxhash_amd64.go => xxhash_asm.go} (55%) delete mode 100644 vendor/helm.sh/helm/v3/internal/experimental/registry/util.go rename vendor/helm.sh/helm/v3/{internal/experimental => pkg}/registry/BUILD.bazel (71%) rename vendor/helm.sh/helm/v3/{internal/experimental => pkg}/registry/client.go (71%) rename vendor/helm.sh/helm/v3/{internal/experimental => pkg}/registry/constants.go (91%) create mode 100644 vendor/helm.sh/helm/v3/pkg/registry/util.go rename vendor/oras.land/oras-go/pkg/content/{decompressstore.go => decompress.go} (75%) create mode 100644 vendor/oras.land/oras-go/pkg/content/manifest.go create mode 100644 vendor/oras.land/oras-go/pkg/content/registry.go create mode 100644 vendor/oras.land/oras-go/pkg/oras/copy.go create mode 100644 vendor/oras.land/oras-go/pkg/oras/opts.go create mode 100644 vendor/oras.land/oras-go/pkg/oras/provider.go delete mode 100644 vendor/oras.land/oras-go/pkg/oras/pull.go delete mode 100644 vendor/oras.land/oras-go/pkg/oras/pull_opts.go delete mode 100644 vendor/oras.land/oras-go/pkg/oras/push.go delete mode 100644 vendor/oras.land/oras-go/pkg/oras/push_opts.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/BUILD.bazel create mode 100644 vendor/oras.land/oras-go/pkg/registry/reference.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/BUILD.bazel create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/auth/BUILD.bazel create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/auth/cache.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/auth/challenge.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/auth/client.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/auth/credential.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/auth/scope.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/BUILD.bazel create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/errors.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/BUILD.bazel create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/once.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/repository.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/url.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/remote/utils.go create mode 100644 vendor/oras.land/oras-go/pkg/registry/repository.go create mode 100644 vendor/oras.land/oras-go/pkg/target/BUILD.bazel rename vendor/{github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/const.go => oras.land/oras-go/pkg/target/target.go} (56%) create mode 100644 vendor/sigs.k8s.io/gateway-api/LICENSE create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/BUILD.bazel rename vendor/{github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme => sigs.k8s.io/gateway-api/apis}/v1alpha2/doc.go (71%) create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gateway_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/policy_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/referencepolicy_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go create mode 100644 vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.deepcopy.go rename vendor/{github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/register.go => sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.register.go} (54%) diff --git a/channels/pkg/channels/BUILD.bazel b/channels/pkg/channels/BUILD.bazel index 7610d8bbf0..1cc7224984 100644 --- a/channels/pkg/channels/BUILD.bazel +++ b/channels/pkg/channels/BUILD.bazel @@ -18,8 +18,8 @@ go_library( "//upup/pkg/fi/utils:go_default_library", "//util/pkg/vfs:go_default_library", "//vendor/github.com/blang/semver/v4:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", @@ -45,8 +45,8 @@ go_test( "//channels/pkg/api:go_default_library", "//upup/pkg/fi:go_default_library", "//vendor/github.com/blang/semver/v4:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", diff --git a/channels/pkg/channels/addon.go b/channels/pkg/channels/addon.go index 44dbacc31f..5af51a11d7 100644 --- a/channels/pkg/channels/addon.go +++ b/channels/pkg/channels/addon.go @@ -26,7 +26,7 @@ import ( "k8s.io/kops/pkg/pki" "k8s.io/kops/util/pkg/vfs" - certmanager "github.com/jetstack/cert-manager/pkg/client/clientset/versioned" + certmanager "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/types" @@ -35,7 +35,7 @@ import ( "k8s.io/klog/v2" "k8s.io/kops/channels/pkg/api" - cmv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/channels/pkg/channels/addons_test.go b/channels/pkg/channels/addons_test.go index b88ca35732..8274ffa946 100644 --- a/channels/pkg/channels/addons_test.go +++ b/channels/pkg/channels/addons_test.go @@ -21,7 +21,7 @@ import ( "testing" "github.com/blang/semver/v4" - fakecertmanager "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake" + fakecertmanager "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" diff --git a/channels/pkg/channels/channel_version.go b/channels/pkg/channels/channel_version.go index cf21c9e068..e4ae0f7bbe 100644 --- a/channels/pkg/channels/channel_version.go +++ b/channels/pkg/channels/channel_version.go @@ -23,7 +23,7 @@ import ( "strconv" "strings" - certmanager "github.com/jetstack/cert-manager/pkg/client/clientset/versioned" + certmanager "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/channels/pkg/channels/channel_version_test.go b/channels/pkg/channels/channel_version_test.go index 26fb809fea..7744fbc928 100644 --- a/channels/pkg/channels/channel_version_test.go +++ b/channels/pkg/channels/channel_version_test.go @@ -20,8 +20,8 @@ import ( "context" "testing" - cmv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - fakecertmanager "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake" + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + fakecertmanager "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" fakekubernetes "k8s.io/client-go/kubernetes/fake" diff --git a/channels/pkg/cmd/BUILD.bazel b/channels/pkg/cmd/BUILD.bazel index e30422d1cf..7c9434731f 100644 --- a/channels/pkg/cmd/BUILD.bazel +++ b/channels/pkg/cmd/BUILD.bazel @@ -17,7 +17,7 @@ go_library( "//pkg/apis/kops/util:go_default_library", "//util/pkg/tables:go_default_library", "//vendor/github.com/blang/semver/v4:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned:go_default_library", "//vendor/github.com/spf13/cobra:go_default_library", "//vendor/github.com/spf13/viper:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", @@ -40,7 +40,7 @@ go_test( "//channels/pkg/api:go_default_library", "//channels/pkg/channels:go_default_library", "//upup/pkg/fi:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/client-go/kubernetes/fake:go_default_library", diff --git a/channels/pkg/cmd/apply_channel.go b/channels/pkg/cmd/apply_channel.go index b0b6f1600f..cd77dd616b 100644 --- a/channels/pkg/cmd/apply_channel.go +++ b/channels/pkg/cmd/apply_channel.go @@ -25,7 +25,7 @@ import ( "strings" "github.com/blang/semver/v4" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned" + "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" "github.com/spf13/cobra" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/dynamic" diff --git a/channels/pkg/cmd/apply_channel_test.go b/channels/pkg/cmd/apply_channel_test.go index 7991eee0e2..496b059126 100644 --- a/channels/pkg/cmd/apply_channel_test.go +++ b/channels/pkg/cmd/apply_channel_test.go @@ -20,7 +20,7 @@ import ( "context" "testing" - cmfake "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake" + cmfake "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" fakek8s "k8s.io/client-go/kubernetes/fake" diff --git a/channels/pkg/cmd/factory.go b/channels/pkg/cmd/factory.go index 13b1237a49..6bbd41f604 100644 --- a/channels/pkg/cmd/factory.go +++ b/channels/pkg/cmd/factory.go @@ -27,7 +27,7 @@ import ( _ "k8s.io/client-go/plugin/pkg/client/auth" - certmanager "github.com/jetstack/cert-manager/pkg/client/clientset/versioned" + certmanager "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" ) type Factory interface { diff --git a/go.mod b/go.mod index 341ed0a8df..82aad0f19e 100644 --- a/go.mod +++ b/go.mod @@ -37,9 +37,9 @@ replace ( require ( cloud.google.com/go v0.99.0 github.com/Azure/azure-pipeline-go v0.2.3 - github.com/Azure/azure-sdk-for-go v56.2.0+incompatible + github.com/Azure/azure-sdk-for-go v56.3.0+incompatible github.com/Azure/azure-storage-blob-go v0.13.0 - github.com/Azure/go-autorest/autorest v0.11.19 + github.com/Azure/go-autorest/autorest v0.11.20 github.com/Azure/go-autorest/autorest/azure/auth v0.5.7 github.com/Azure/go-autorest/autorest/to v0.4.0 github.com/MakeNowJust/heredoc/v2 v2.0.1 @@ -48,6 +48,7 @@ require ( github.com/aws/amazon-ec2-instance-selector/v2 v2.0.2 github.com/aws/aws-sdk-go v1.43.11 github.com/blang/semver/v4 v4.0.0 + github.com/cert-manager/cert-manager v1.8.0 github.com/digitalocean/godo v1.65.0 github.com/go-ini/ini v1.62.0 github.com/go-logr/logr v1.2.0 @@ -61,7 +62,6 @@ require ( github.com/hashicorp/hcl/v2 v2.10.1 github.com/hashicorp/vault/api v1.1.1 github.com/jacksontj/memberlistmesh v0.0.0-20190905163944-93462b9d2bb7 - github.com/jetstack/cert-manager v1.6.2 github.com/mitchellh/mapstructure v1.4.3 github.com/pelletier/go-toml v1.9.4 github.com/pkg/sftp v1.13.4 @@ -84,7 +84,7 @@ require ( gopkg.in/inf.v0 v0.9.1 gopkg.in/square/go-jose.v2 v2.5.1 gopkg.in/yaml.v2 v2.4.0 - helm.sh/helm/v3 v3.7.1 + helm.sh/helm/v3 v3.8.1 k8s.io/api v0.23.5 k8s.io/apimachinery v0.23.5 k8s.io/cli-runtime v0.23.5 @@ -97,14 +97,14 @@ require ( k8s.io/legacy-cloud-providers v0.23.5 k8s.io/mount-utils v0.23.5 k8s.io/utils v0.0.0-20211116205334-6203023598ed - sigs.k8s.io/controller-runtime v0.11.0 + sigs.k8s.io/controller-runtime v0.11.1 sigs.k8s.io/yaml v1.3.0 ) require ( github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.14 // indirect + github.com/Azure/go-autorest/autorest/adal v0.9.15 // indirect github.com/Azure/go-autorest/autorest/azure/cli v0.4.2 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect @@ -124,21 +124,20 @@ require ( github.com/cenkalti/backoff/v3 v3.0.0 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5 // indirect - github.com/containerd/containerd v1.5.7 // indirect + github.com/containerd/containerd v1.5.10 // indirect github.com/containerd/stargz-snapshotter/estargz v0.10.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dimchansky/utfbom v1.1.1 // indirect - github.com/docker/cli v20.10.10+incompatible // indirect - github.com/docker/distribution v2.7.1+incompatible // indirect - github.com/docker/docker v20.10.10+incompatible // indirect + github.com/docker/cli v20.10.11+incompatible // indirect + github.com/docker/distribution v2.8.1+incompatible // indirect + github.com/docker/docker v20.10.12+incompatible // indirect github.com/docker/docker-credential-helpers v0.6.4 // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.4.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect - github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect github.com/fsnotify/fsnotify v1.5.1 // indirect github.com/fvbommel/sortorder v1.0.1 // indirect github.com/ghodss/yaml v1.0.0 // indirect @@ -146,6 +145,7 @@ require ( github.com/go-openapi/jsonpointer v0.19.5 // indirect github.com/go-openapi/jsonreference v0.19.5 // indirect github.com/go-openapi/swag v0.19.14 // indirect + github.com/golang-jwt/jwt/v4 v4.0.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/golang/snappy v0.0.3 // indirect @@ -175,7 +175,7 @@ require ( github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/klauspost/compress v1.13.6 // indirect + github.com/klauspost/compress v1.14.1 // indirect github.com/kr/fs v0.1.0 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect github.com/magiconair/properties v1.8.5 // indirect @@ -183,10 +183,10 @@ require ( github.com/mattn/go-ieproxy v0.0.1 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect github.com/miekg/dns v1.1.48 // indirect - github.com/mitchellh/copystructure v1.1.1 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-wordwrap v1.0.0 // indirect - github.com/mitchellh/reflectwalk v1.0.1 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/moby/locker v1.0.1 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/moby/term v0.0.0-20210610120745-9d4ed1856297 // indirect @@ -196,7 +196,7 @@ require ( github.com/morikuni/aec v1.0.0 // indirect github.com/oklog/ulid v1.3.1 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect - github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 // indirect + github.com/opencontainers/image-spec v1.0.2 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pierrec/lz4 v2.5.2+incompatible // indirect github.com/pkg/errors v0.9.1 // indirect @@ -226,7 +226,7 @@ require ( golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect + google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5 // indirect google.golang.org/grpc v1.43.0 // indirect google.golang.org/protobuf v1.27.1 // indirect gopkg.in/ini.v1 v1.66.3 // indirect @@ -237,7 +237,8 @@ require ( k8s.io/csi-translation-lib v0.23.5 // indirect k8s.io/klog v1.0.0 // indirect k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 // indirect - oras.land/oras-go v0.4.0 // indirect + oras.land/oras-go v1.1.0 // indirect + sigs.k8s.io/gateway-api v0.4.1 // indirect sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 // indirect sigs.k8s.io/kustomize/api v0.10.1 // indirect sigs.k8s.io/kustomize/kyaml v0.13.0 // indirect diff --git a/go.sum b/go.sum index ea686b9be7..678559f672 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,4 @@ bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= -bazil.org/fuse v0.0.0-20200407214033-5883e5a4b512/go.mod h1:FbcW6z/2VytnFDhZfumh8Ss8zxHE6qpMP5sHTRe0EaM= bitbucket.org/bertimus9/systemstat v0.0.0-20180207000608-0eeff89b0690/go.mod h1:Ulb78X89vxKYgdL24HMTiXYHlyHEvruOj1ZPlqeNEZM= bitbucket.org/creachadair/shell v0.0.6/go.mod h1:8Qqi/cYk7vPnsOePHroKXDJYmb5x7ENhtiFtfZq8K+M= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= @@ -30,6 +29,7 @@ cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aD cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= +cloud.google.com/go v0.98.0/go.mod h1:ua6Ush4NALrHk5QXDWnjvZHN93OuF0HfuEPq9I1X0cM= cloud.google.com/go v0.99.0 h1:y/cM2iqGgGi5D5DQZl6D9STN/3dR/Vx5Mp8s752oJTY= cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= @@ -60,8 +60,8 @@ github.com/Azure/azure-pipeline-go v0.2.3 h1:7U9HBg1JFK3jHl5qmo4CTZKFTVgMwdFHMVt github.com/Azure/azure-pipeline-go v0.2.3/go.mod h1:x841ezTBIMG6O3lAcl8ATHnsOPVl2bqk7S3ta6S6u4k= github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v55.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v56.2.0+incompatible h1:2GrG1JkTSMqLquy1pqVsjeRJhNtZLjss2+rx8ogZXx4= -github.com/Azure/azure-sdk-for-go v56.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v56.3.0+incompatible h1:DmhwMrUIvpeoTDiWRDtNHqelNUd3Og8JCkrLHQK795c= +github.com/Azure/azure-sdk-for-go v56.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-storage-blob-go v0.13.0 h1:lgWHvFh+UYBNVQLFHXkvul2f6yOPA9PIH82RTG2cSwc= github.com/Azure/azure-storage-blob-go v0.13.0/go.mod h1:pA9kNqtjUeQF2zOSu4s//nUdBD+e64lEuc4sVnuOfNs= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= @@ -73,14 +73,14 @@ github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= -github.com/Azure/go-autorest/autorest v0.11.19 h1:7/IqD2fEYVha1EPeaiytVKhzmPV223pfkRIQUGOK2IE= -github.com/Azure/go-autorest/autorest v0.11.19/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= +github.com/Azure/go-autorest/autorest v0.11.20 h1:s8H1PbCZSqg/DH7JMlOz6YMig6htWLNPsjDdlLqCx3M= +github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= github.com/Azure/go-autorest/autorest/adal v0.9.2/go.mod h1:/3SMAM86bP6wC9Ev35peQDUeqFZBMH07vvUOmg4z/fE= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.14 h1:G8hexQdV5D4khOXrWG2YuLCFKhWYmWD8bHYaXN5ophk= -github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= +github.com/Azure/go-autorest/autorest/adal v0.9.15 h1:X+p2GF0GWyOiSmqohIaEeuNFNDY4I4EOlVuUQvFdWMk= +github.com/Azure/go-autorest/autorest/adal v0.9.15/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A= github.com/Azure/go-autorest/autorest/azure/auth v0.5.7 h1:8DQB8yl7aLQuP+nuR5e2RO6454OvFlSTXXaNHshc16s= github.com/Azure/go-autorest/autorest/azure/auth v0.5.7/go.mod h1:AkzUsqkrdmNhfP2i54HqINVQopw0CLDnvHpJ88Zz1eI= github.com/Azure/go-autorest/autorest/azure/cli v0.4.2 h1:dMOmEJfkLKW/7JsokJqkyoYSgmR08hi9KrhjZb+JALY= @@ -100,6 +100,7 @@ github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZ github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= @@ -123,7 +124,7 @@ github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZC github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= -github.com/Masterminds/squirrel v1.5.0/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= +github.com/Masterminds/squirrel v1.5.2/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= @@ -134,7 +135,6 @@ github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugX github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.1 h1:aPJp2QD7OOrhO5tQXqQoGSJc+DjDtWTGLOmNyAm6FgY= github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= @@ -144,15 +144,16 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim v0.8.18/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= -github.com/Microsoft/hcsshim v0.8.22 h1:CulZ3GW8sNJExknToo+RWD+U+6ZM5kkNfuxywSDPd08= github.com/Microsoft/hcsshim v0.8.22/go.mod h1:91uVCVzvX2QD16sMCenoxxXo6L1wJnLMX2PSufFMtF0= +github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= +github.com/Microsoft/hcsshim v0.9.1/go.mod h1:Y/0uV2jUab5kBI7SQgl62at0AVX7uaruzADAVmxm3eM= +github.com/Microsoft/hcsshim v0.9.2 h1:wB06W5aYFfUB3IvootYAY2WnOmIdgPGfqSI6tufQNnY= +github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= -github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= @@ -163,7 +164,7 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:H github.com/Venafi/vcert/v4 v4.14.3/go.mod h1:IL+6LA8QRWZbmcMzIr/vRhf9Aa6XDM2cQO50caWevjA= github.com/agext/levenshtein v1.2.1 h1:QmvMAjj2aEICytGiWzmxoE0x2KZvE0fvmqMOfy2tjT8= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/ahmetb/gen-crd-api-reference-docs v0.2.1-0.20201224172655-df869c1245d4/go.mod h1:TdjdkYhlOifCQWPs1UdTma97kQQMozf5h26hTuG70u8= +github.com/ahmetb/gen-crd-api-reference-docs v0.3.0/go.mod h1:TdjdkYhlOifCQWPs1UdTma97kQQMozf5h26hTuG70u8= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= github.com/akamai/AkamaiOPEN-edgegrid-golang v1.1.1/go.mod h1:kX6YddBkXqqywAe8c9LyvgTCyFuZCTMF4cRPQhc3Fy8= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -240,8 +241,11 @@ github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 h1:nvj0OLI3YqYXe github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c= github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= +github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cert-manager/cert-manager v1.8.0 h1:A5FH4FUYGE/4lFYO6QzAWRxvSZfKlb9DZukv6lBPEiw= +github.com/cert-manager/cert-manager v1.8.0/go.mod h1:95Ds29nFWH6YqEgLiQ9WTtsDnTcxrkUPRNfYaKVOzeM= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= @@ -294,8 +298,9 @@ github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1 github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= -github.com/containerd/cgroups v1.0.1 h1:iJnMvco9XGvKUvNQkv88bE4uJXxRQH18efbKo9w5vHQ= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= +github.com/containerd/cgroups v1.0.2 h1:mZBclaSgNDfPWtfhj2xJY28LZ9nYIgzB0pwSURPl6JM= +github.com/containerd/cgroups v1.0.2/go.mod h1:qpbpJ1jmlqsR9f2IyaLPsdkCdnt0rbDVqIDlhuu5tRY= github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= @@ -317,10 +322,10 @@ github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/containerd v1.5.4/go.mod h1:sx18RgvW6ABJ4iYUw7Q5x7bgFOAB9B6G7+yO0XBc4zw= -github.com/containerd/containerd v1.5.7 h1:rQyoYtj4KddB3bxG6SAqd4+08gePNyJjRqvOIfV3rkM= github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= +github.com/containerd/containerd v1.5.9/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ= +github.com/containerd/containerd v1.5.10 h1:3cQ2uRVCkJVcx5VombsE7105Gl9Wrl7ORAO3+4+ogf4= +github.com/containerd/containerd v1.5.10/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -329,7 +334,6 @@ github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cE github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/continuity v0.2.0/go.mod h1:wCYX+dRqZdImhGucXOqTQn05AhX6EUDaGEMUzTFFpLg= github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= @@ -350,6 +354,7 @@ github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJ github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= +github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+ELgxmo4gBUeJB0tl5dqH1Sdz0nJU1QM= github.com/containerd/stargz-snapshotter/estargz v0.10.0 h1:glqzafvxBBAMo+x2w2sdDjUDZeTqqLJmqZPY05qehCU= github.com/containerd/stargz-snapshotter/estargz v0.10.0/go.mod h1:aE5PCyhFMwR8sbrErO5eM2GcvkyXTTJremG883D4qF0= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= @@ -357,6 +362,7 @@ github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDG github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= +github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Evzy5KFQpQ= github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= @@ -427,22 +433,25 @@ github.com/digitalocean/godo v1.65.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2x github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= -github.com/distribution/distribution/v3 v3.0.0-20210804104954-38ab4c606ee3 h1:rEK0juuU5idazw//KzUcL3yYwUU3DIe2OnfJwjDBqno= -github.com/distribution/distribution/v3 v3.0.0-20210804104954-38ab4c606ee3/go.mod h1:gt38b7cvVKazi5XkHvINNytZXgTEntyhtyM3HQz46Nk= +github.com/distribution/distribution/v3 v3.0.0-20211118083504-a29a3c99a684 h1:DBZ2sN7CK6dgvHVpQsQj4sRMCbWTmd17l+5SUCjnQSY= +github.com/distribution/distribution/v3 v3.0.0-20211118083504-a29a3c99a684/go.mod h1:UfCu3YXJJCI+IdnqGgYP82dk2+Joxmv+mUTVBES6wac= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/cli v20.10.10+incompatible h1:kcbwdgWbrBOH8QwQzaJmyriHwF7XIl4HT1qh0HTRys4= +github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v20.10.10+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v20.10.11+incompatible h1:tXU1ezXcruZQRrMP8RN2z9N91h+6egZTS1gsPsKantc= +github.com/docker/cli v20.10.11+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= +github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v1.4.2-0.20200319182547-c7ad2b866182/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v17.12.1-ce+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.10+incompatible h1:GKkP0T7U4ks6X3lmmHKC2QDprnpRJor2Z5a8m62R9ZM= github.com/docker/docker v20.10.10+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.11+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.12+incompatible h1:CEeNmFM0QZIsJCZKMkZx0ZcahTiewkrgiwfYD+dfl1U= +github.com/docker/docker v20.10.12+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/docker-credential-helpers v0.6.4 h1:axCks+yV+2MR3/kZhAmy07yC56WZ2Pwu/fKWtKuZB0o= github.com/docker/docker-credential-helpers v0.6.4/go.mod h1:ofX3UI0Gz1TteYBjtgs07O36Pyasyp66D2uKT7H8W1c= @@ -479,8 +488,6 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws= github.com/euank/go-kmsg-parser v2.0.0+incompatible/go.mod h1:MhmAMZ8V4CYH4ybgdRwPr2TU5ThnS43puaKEMpja1uw= github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= -github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= @@ -499,7 +506,6 @@ github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSw github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c= github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y= github.com/frankban/quicktest v1.11.3 h1:8sXhOn0uLys67V8EsXLc6eszDs8VXWxL3iRvebPhedY= @@ -512,7 +518,6 @@ github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXt github.com/fullstorydev/grpcurl v1.6.0/go.mod h1:ZQ+ayqbKMJNhzLmbpCiurTVlaK2M/3nqZCxaQ2Ze/sM= github.com/fvbommel/sortorder v1.0.1 h1:dSnXLt4mJYH25uDDGa3biZNQsozaUWDSWeKJ0qqFfzE= github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7 h1:LofdAjjjqCSXMwLGgOgnE+rdPuvX9DxCqaHwKy7i/ko= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= @@ -537,11 +542,9 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v0.3.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v0.2.0/go.mod h1:qhKdvif7YF5GI9NWEpyxTSSBdGmzkNguibrdCNVPunU= github.com/go-logr/zapr v0.4.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= github.com/go-logr/zapr v1.2.0 h1:n4JnPI1T3Qq1SFEi/F8rwLrZERp2bso19PJZDB9dayk= github.com/go-logr/zapr v1.2.0/go.mod h1:Qa4Bsj2Vb+FAVeAKsLD8RLQ+YRJB8YDmOAKxaBQf7Ro= @@ -563,7 +566,6 @@ github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr6 github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= -github.com/gobuffalo/flect v0.2.2/go.mod h1:vmkQwuZYhN5Pc4ljYQZzP+1sq+NEkK+lh20jmEmX3jc= github.com/gobuffalo/flect v0.2.3/go.mod h1:vmkQwuZYhN5Pc4ljYQZzP+1sq+NEkK+lh20jmEmX3jc= github.com/gobuffalo/logger v1.0.3/go.mod h1:SoeejUwldiS7ZsyCBphOGURmWdwUFXs0J7TCjEhjKxM= github.com/gobuffalo/packd v1.0.0/go.mod h1:6VTc4htmJRFB7u1m/4LeMTWjFoYrUiBkU9Fdec9hrhI= @@ -575,7 +577,7 @@ github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6 github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godror/godror v0.24.2/go.mod h1:wZv/9vPiUib6tkoDl+AZ/QLf5YZgMravZ7jxH2eQWAE= -github.com/gofrs/flock v0.8.0/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= +github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= @@ -586,6 +588,8 @@ github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o= +github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= @@ -656,6 +660,7 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0= github.com/google/go-containerregistry v0.7.0 h1:u0onUUOcyoCDHEiJoyR1R1gx5er1+r06V5DBhUU5ndk= github.com/google/go-containerregistry v0.7.0/go.mod h1:2zaoelrL0d08gGbpdP3LqyUuBmhWbpD6IOe2s9nLS2k= github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk= @@ -724,6 +729,7 @@ github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= @@ -732,7 +738,6 @@ github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoA github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= -github.com/gotestyourself/gotestyourself v2.2.0+incompatible/go.mod h1:zZKM6oeNM8k+FRljX1mnzVYeS8wiGgQyvST1/GafPbY= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= @@ -746,6 +751,7 @@ github.com/grpc-ecosystem/grpc-gateway v1.12.1/go.mod h1:8XEsbTttt/W+VvjtQhLACqC github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= +github.com/hashicorp/consul/api v1.11.0/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M= github.com/hashicorp/consul/api v1.12.0/go.mod h1:6pVBMo0ebnYdt2S3H87XhekM/HHrUoTD2XXb/VrZVy0= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOjagTIwIR1vPms= @@ -805,13 +811,16 @@ github.com/hashicorp/hcl/v2 v2.10.1 h1:h4Xx4fsrRE26ohAk/1iGF/JBqRQbyUqu5Lvj60U54 github.com/hashicorp/hcl/v2 v2.10.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= +github.com/hashicorp/mdns v1.0.1/go.mod h1:4gW7WsVCke5TE7EPeYliwHlRUyBtfCwuFwuMg2DmyNY= github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= github.com/hashicorp/memberlist v0.1.4/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= +github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/memberlist v0.3.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/memberlist v0.3.1 h1:MXgUXLqva1QvpVEDQW1IQLG0wivQAtmFlHRQ+1vWZfM= github.com/hashicorp/memberlist v0.3.1/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= +github.com/hashicorp/serf v0.9.5/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk= github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f/go.mod h1:euTFbi2YJgwcju3imEt919lhJKF68nN1cQPq3aA+kBE= github.com/hashicorp/vault/api v1.1.1 h1:907ld+Z9cALyvbZK2qUX9cLwvSaEQsMVQB3x2KE8+AI= @@ -846,8 +855,6 @@ github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6t github.com/jacksontj/memberlistmesh v0.0.0-20190905163944-93462b9d2bb7 h1:q9rwMYjPWIFOSijnxXre4+RGo8xS0NVbJzXg+F0NMHc= github.com/jacksontj/memberlistmesh v0.0.0-20190905163944-93462b9d2bb7/go.mod h1:fFX3XoduobgoJsVtpzIFRTgKZAbNhsSJIDNOgeUU5g4= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jetstack/cert-manager v1.6.2 h1:g/8zxYdqygBwOq3pm27UKgsJadmU+C+4H3zBgCgr7gA= -github.com/jetstack/cert-manager v1.6.2/go.mod h1:1nXjnzzsYcIFvl4eLTkVqpvh9NQogkCq4FaCmgvNDDY= github.com/jhump/protoreflect v1.6.1/go.mod h1:RZQ/lnuN+zqeRVpQigTwO6o0AJUkxbnSnpuG7toUTG4= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= @@ -857,7 +864,8 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/jmoiron/sqlx v1.3.1/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ= +github.com/jmoiron/sqlx v1.3.4/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ= +github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/jonboulle/clockwork v0.2.0/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= @@ -887,8 +895,9 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/compress v1.14.1 h1:hLQYb23E8/fO+1u53d02A97a8UnsddcvYzq4ERRU4ds= +github.com/klauspost/compress v1.14.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -914,9 +923,11 @@ github.com/letsencrypt/pkcs11key/v4 v4.0.0/go.mod h1:EFUvBDay26dErnNb70Nd0/VW3tJ github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.8.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lib/pq v1.10.4/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/libopenstorage/openstorage v1.0.0/go.mod h1:Sp1sIObHjat1BeXhfMqLZ14wnOzEhNx2YQedreMcUyc= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/lpabon/godbc v0.1.1/go.mod h1:Jo9QV0cf3U6jZABgiJ2skINAXb9j8m51r07g4KI92ZA= github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= @@ -957,15 +968,17 @@ github.com/mattn/go-runewidth v0.0.6/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= -github.com/mattn/go-shellwords v1.0.11/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= +github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= +github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= -github.com/miekg/dns v1.1.34/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= +github.com/miekg/dns v1.1.47/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/dns v1.1.48 h1:Ucfr7IIVyMBz4lRE8qmGUuZ4Wt3/ZGu9hmcMT3Uu4tQ= github.com/miekg/dns v1.1.48/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= @@ -976,8 +989,8 @@ github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceT github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= github.com/mitchellh/cli v1.1.2/go.mod h1:6iaV0fGdElS6dPBx0EApTxHrcWvmJphyh2n8YBLPPZ4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= -github.com/mitchellh/copystructure v1.1.1 h1:Bp6x9R1Wn16SIz3OfeDr0b7RnCG2OB66Y7PQyC/cvq4= -github.com/mitchellh/copystructure v1.1.1/go.mod h1:EBArHfARyrSWO/+Wyr9zwEkc6XMFB9XyNgFNmRkZZU4= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= @@ -996,17 +1009,20 @@ github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGg github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/mitchellh/reflectwalk v1.0.1 h1:FVzMWA5RllMAKIdUSC8mdWo3XtwoecrH79BY70sEEpE= github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/moby/ipvs v1.0.1/go.mod h1:2pngiyseZbIKXNv7hsKj3O9UEz30c53MT9005gt2hxQ= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.4.1 h1:1O+1cHA1aujwEwwVMa2Xm2l+gIpUHyd3+D+d7LZh1kM= github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= +github.com/moby/sys/mountinfo v0.5.0 h1:2Ks8/r6lopsxWi9m58nlwjaeSzUX9iiL1vj5qB/9ObI= +github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= +github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/moby/term v0.0.0-20201216013528-df9cb8a40635/go.mod h1:FBS0z0QWA44HXygs7VXDUOGoN/1TV3RuWkLO04am3wc= github.com/moby/term v0.0.0-20210610120745-9d4ed1856297 h1:yH0SvLzcbZxcJXho2yh7CqdENGMQe73Cw3woZBpPli0= github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A= @@ -1051,23 +1067,24 @@ github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6 github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= -github.com/onsi/ginkgo v1.14.1/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.10.2/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= github.com/onsi/gomega v1.14.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= -github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.17.0 h1:9Luw4uT5HTjHTN8+aNcSThgH1vdXnmdJ8xIfZ4wyTRE= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -1078,8 +1095,9 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 h1:axgApq2XShTLwQii2zAnIkMPlhGVHbAXHUcHezu5G/k= github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM= +github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= @@ -1096,7 +1114,6 @@ github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mo github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/opencontainers/selinux v1.9.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY= @@ -1194,11 +1211,15 @@ github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFo github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= +github.com/sagikazarmark/crypt v0.3.0/go.mod h1:uD/D+6UF4SrIR1uGEv7bBNkNqLGqUr43MRiaGWX1Nig= github.com/sagikazarmark/crypt v0.4.0/go.mod h1:ALv2SRj7GxYV4HO9elxH9nS6M9gW+xDNxqmyJ6RfDFM= github.com/satori/go.uuid v1.2.1-0.20181028125025-b2ce2384e17b/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 h1:nn5Wsu0esKSJiIVhscUtVbo7ada43DJhG55ua/hjS5I= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= +github.com/segmentio/asm v1.1.3/go.mod h1:Ld3L4ZXGNcSLRg4JBsZ3//1+f/TjYl0Mzen/DQy1EJg= +github.com/segmentio/encoding v0.3.3/go.mod h1:n0JeuIqEQrQoPDGsjo8UNd1iA0U8d8+oHAA4E3G3OxM= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= @@ -1239,9 +1260,9 @@ github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tL github.com/spf13/cobra v0.0.6/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/cobra v0.0.7/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= -github.com/spf13/cobra v1.1.1/go.mod h1:WnodtKOvamDL/PwE2M4iKs8aMDBZ5Q5klgD3qfVJQMI= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= +github.com/spf13/cobra v1.3.0/go.mod h1:BrRVncBjOJa/eUcVVm9CE+oC6as8k+VYr4NY7WCi9V4= github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= @@ -1258,6 +1279,7 @@ github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DM github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= +github.com/spf13/viper v1.10.0/go.mod h1:SoyBPwAtKDzypXNDFKN5kzH7ppppbGZtls1UpIy5AsM= github.com/spf13/viper v1.10.1 h1:nuJZuYpG7gTj/XqiUwg8bA0cp1+M2mC3J4g5luUYBKk= github.com/spf13/viper v1.10.1/go.mod h1:IGlFPqhNAPKRxohIzWpI5QEy4kuI7tcl5WvR+8qy1rU= github.com/spotinst/spotinst-sdk-go v1.110.0 h1:5dcaXu4rbqljRIckTiqo5tngUrLSHEZ/VYF4fNLtz54= @@ -1291,7 +1313,6 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20200427203606-3cfed13b9966/go.mod h1 github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce/go.mod h1:o8v6yHRoik09Xen7gje4m9ERNah1d1PPsVq1VEx9vE4= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= -github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c/go.mod h1:hzIxponao9Kjc7aWznkXaL4U4TWaDSs8zcsY4Ka08nM= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= @@ -1397,15 +1418,13 @@ go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4= -go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= -go.uber.org/zap v1.8.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= -go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= +go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI= go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= @@ -1428,7 +1447,6 @@ golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3 golang.org/x/crypto v0.0.0-20191002192127-34f69633bfdc/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191122220453-ac88ee75c92c/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -1440,9 +1458,9 @@ golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -1565,6 +1583,7 @@ golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211111160137-58aab5ef257a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220107192237-5cfca573fb4d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -1583,7 +1602,6 @@ golang.org/x/oauth2 v0.0.0-20210427180440-81ed05c6b58c/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210810183815-faf39c7919d5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= @@ -1627,6 +1645,7 @@ golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1713,22 +1732,22 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211029165221-6e7872819dc8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -1747,7 +1766,6 @@ golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs= @@ -1770,6 +1788,7 @@ golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -1784,7 +1803,6 @@ golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200117012304-6edc0a871e69/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -1805,7 +1823,6 @@ golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200626171337-aa94e735be7f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -1815,6 +1832,7 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20200916195026-c9a70fc28ce3/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= @@ -1836,7 +1854,6 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.1.0/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY= gomodules.xyz/jsonpatch/v2 v2.2.0/go.mod h1:WXp+iVDkoLQqPudfQ9GBlwB2eZ5DKOnjQZCYdOS8GPY= gonum.org/v1/gonum v0.0.0-20180816165407-929014505bf4/go.mod h1:Y+Yx5eoAFn32cQvJDxZx5Dpnq+c3wtXuadVZAcxbbBo= @@ -1874,13 +1891,13 @@ google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59t google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= -google.golang.org/api v0.53.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU= google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= +google.golang.org/api v0.62.0/go.mod h1:dKmwPCydfsad4qCH08MSdgWjfHOyfpd4VtDGgRFdavw= google.golang.org/api v0.63.0 h1:n2bqqK895ygnBpdPDYetfy23K7fJ22wsrZKCyfuRkkA= google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= @@ -1925,6 +1942,7 @@ google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200527145253-8367513e4ece/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200626011028-ee7919e894b5/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200707001353-8e8330bf89df/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -1960,14 +1978,17 @@ google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEc google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211005153810-c76a74d43a8e/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211008145708-270636b82663/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211028162531-8db9c33dc351/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211111162719-482062a4217b/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211203200212-54befc351ae9/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa h1:I0YcKz0I7OAhddo7ya8kMnvprhcWM045PmkBdMO9zN0= google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5 h1:zzNejm+EgrbLfDZ6lu9Uud2IVvHySPl8vQzf04laR5Q= +google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= @@ -2002,7 +2023,6 @@ google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnD google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM= google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= @@ -2080,9 +2100,8 @@ gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81 gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -helm.sh/helm/v3 v3.7.0/go.mod h1:DajHtQTe8KrjNmvy5gxWkosFKaADrS3uRS5EkDtsmI4= -helm.sh/helm/v3 v3.7.1 h1:kED/HWx09QHHSJhYaJY6ttj/BhmzBmT1oupKslncibY= -helm.sh/helm/v3 v3.7.1/go.mod h1:3eOeBD3Z+O/ELiuu19zynZSN8jP1ErXLuyP21SZeMq8= +helm.sh/helm/v3 v3.8.1 h1:J1EzhvtvKJRdx9skjUVe5xPN7KK2VA1mVxiQ9Ic5+oU= +helm.sh/helm/v3 v3.8.1/go.mod h1:Nm0Z2ciZFFvR9cRKpiRE2SMhJTgqY0b+ezT2cDcyqNw= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -2113,8 +2132,8 @@ k8s.io/cri-api v0.23.5/go.mod h1:REJE3PSU0h/LOV1APBrupxrEJqnoxZC8KWzkBUHwrK4= k8s.io/csi-translation-lib v0.23.5 h1:QtbG9dSku/Dh0RvVsdKT+j2HtyOBu+ug6+tioB8MBNE= k8s.io/csi-translation-lib v0.23.5/go.mod h1:8RyFkoHAJrFU7c7MN1ZUjctm3ZhHclKm1FIHNSyGcuw= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20201203183100-97869a43a9d9/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c h1:GohjlNKauSai7gN4wsJkeZ3WAJx4Sh+oT/b5IYn5suA= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog v0.2.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= @@ -2124,14 +2143,12 @@ k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.8.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= -k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= +k8s.io/klog/v2 v2.10.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/klog/v2 v2.30.0 h1:bUO6drIvCIsvZ/XFgfxoGFQU/a4Qkh0iAlvUR7vlHJw= k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-aggregator v0.23.5/go.mod h1:3ynYx07Co6dzjpKPgipM+1/Mt2Jcm7dY++cRlKLr5s8= k8s.io/kube-controller-manager v0.23.5/go.mod h1:Pkg5lIk9YG9Qjj4F7Dn0gi6/k8cEYP63oLdgrlrrtu4= k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= -k8s.io/kube-openapi v0.0.0-20210527164424-3c818078ee3d/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 h1:E3J9oCLlaobFUqsjG9DfKbP2BmgwBL2p7pn0A3dG9W4= k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= k8s.io/kube-proxy v0.23.5/go.mod h1:/yCbRrOHgPCb1g1k4XmMJPmNesfdPhZTGrvwNlNgwo8= @@ -2150,10 +2167,9 @@ k8s.io/pod-security-admission v0.23.5/go.mod h1:aSyWfjev8Zil5DaZBZ+ICAObZmZlRqhn k8s.io/sample-apiserver v0.23.5/go.mod h1:m4cnT3HgRY5Dt2AjMVKGnb31D6rGY0B+xpKtRJUUC8w= k8s.io/system-validators v1.6.0/go.mod h1:bPldcLgkIUK22ALflnsXk8pvkTEndYdNuaHH6gRrl0Q= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210111153108-fddb29f9d009/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210305010621-2afb4311ab10/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20210722164352-7f3ee0f31471/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20210820185131-d34e5cb4466e/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211116205334-6203023598ed h1:ck1fRPWPJWsMd8ZRFsWc6mh/zHp5fZ/shhbrgPUxDAE= k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= @@ -2162,35 +2178,30 @@ modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= -oras.land/oras-go v0.4.0 h1:u6+7D+raZDYHwlz/uOwNANiRmyYDSSMW7A9E1xXycUQ= -oras.land/oras-go v0.4.0/go.mod h1:VJcU+VE4rkclUbum5C0O7deEZbBYnsnpbGSACwTjOcg= +oras.land/oras-go v1.1.0 h1:tfWM1RT7PzUwWphqHU6ptPU3ZhwVnSw/9nEGf519rYg= +oras.land/oras-go v1.1.0/go.mod h1:1A7vR/0KknT2UkJVWh+xMi95I/AhK8ZrxrnUSmXN0bQ= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/letsencrypt v0.0.3 h1:H7xDfhkaFFSYEJlKeq38RwX2jYcnTeHuDQyT+mMNMwM= -rsc.io/letsencrypt v0.0.3/go.mod h1:buyQKZ6IXrRnB7TdkHP0RyEybLx18HHyOSoTyoOLqNY= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27/go.mod h1:tq2nT0Kx7W+/f2JVE+zxYtUhdjuELJkVpNz+x/QN5R4= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.30/go.mod h1:fEO7lRTdivWO2qYVCVG7dEADOMo/MLDCVr8So2g88Uw= -sigs.k8s.io/controller-runtime v0.8.3/go.mod h1:U/l+DUopBc1ecfRZ5aviA9JDmGFQKvLf5YkZNx2e0sU= -sigs.k8s.io/controller-runtime v0.10.1/go.mod h1:CQp8eyUQZ/Q7PJvnIrB6/hgfTC1kBkGylwsLgOQi1WY= -sigs.k8s.io/controller-runtime v0.11.0 h1:DqO+c8mywcZLFJWILq4iktoECTyn30Bkj0CwgqMpZWQ= -sigs.k8s.io/controller-runtime v0.11.0/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA= -sigs.k8s.io/controller-tools v0.5.0/go.mod h1:JTsstrMpxs+9BUj6eGuAaEb6SDSPTeVtUyp0jmnAM/I= +sigs.k8s.io/controller-runtime v0.9.6/go.mod h1:q6PpkM5vqQubEKUKOM6qr06oXGzOBcCby1DA9FbyZeA= +sigs.k8s.io/controller-runtime v0.11.1 h1:7YIHT2QnHJArj/dk9aUkYhfqfK5cIxPOX5gPECfdZLU= +sigs.k8s.io/controller-runtime v0.11.1/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA= +sigs.k8s.io/controller-tools v0.6.2/go.mod h1:oaeGpjXn6+ZSEIQkUe/+3I40PNiDYp9aeawbt3xTgJ8= sigs.k8s.io/controller-tools v0.7.0/go.mod h1:bpBAo0VcSDDLuWt47evLhMLPxRPxMDInTEH/YbdeMK0= -sigs.k8s.io/gateway-api v0.3.0/go.mod h1:Wb8bx7QhGVZxOSEU3i9vw/JqTB5Nlai9MLMYVZeDmRQ= +sigs.k8s.io/gateway-api v0.4.1 h1:Tof9/PNSZXyfDuTTe1XFvaTlvBRE6bKq1kmV6jj6rQE= +sigs.k8s.io/gateway-api v0.4.1/go.mod h1:r3eiNP+0el+NTLwaTfOrCNXy8TukC+dIM3ggc+fbNWk= sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 h1:fD1pz4yfdADVNfFmcP2aBEtudwUQ1AlLnRBALr33v3s= sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= -sigs.k8s.io/kustomize/api v0.8.11/go.mod h1:a77Ls36JdfCWojpUqR6m60pdGY1AYFix4AH83nJtY1g= sigs.k8s.io/kustomize/api v0.10.1 h1:KgU7hfYoscuqag84kxtzKdEC3mKMb99DPI3a0eaV1d0= sigs.k8s.io/kustomize/api v0.10.1/go.mod h1:2FigT1QN6xKdcnGS2Ppp1uIWrtWN28Ms8A3OZUZhwr8= sigs.k8s.io/kustomize/cmd/config v0.10.2/go.mod h1:K2aW7nXJ0AaT+VA/eO0/dzFLxmpFcTzudmAgDwPY1HQ= sigs.k8s.io/kustomize/kustomize/v4 v4.4.1/go.mod h1:qOKJMMz2mBP+vcS7vK+mNz4HBLjaQSWRY22EF6Tb7Io= -sigs.k8s.io/kustomize/kyaml v0.11.0/go.mod h1:GNMwjim4Ypgp/MueD3zXHLRJEjz7RvtPae0AwlvEMFM= sigs.k8s.io/kustomize/kyaml v0.13.0 h1:9c+ETyNfSrVhxvphs+K2dzT3dh5oVPPEqPOE/cUpScY= sigs.k8s.io/kustomize/kyaml v0.13.0/go.mod h1:FTJxEZ86ScK184NpGSAQcfEqee0nul8oLCK30D47m4E= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.0/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= diff --git a/tests/e2e/go.mod b/tests/e2e/go.mod index 6bb0329dc3..f10223cd60 100644 --- a/tests/e2e/go.mod +++ b/tests/e2e/go.mod @@ -23,29 +23,33 @@ require ( cloud.google.com/go/storage v1.12.0 // indirect github.com/Azure/azure-pipeline-go v0.2.3 // indirect github.com/Azure/azure-storage-blob-go v0.13.0 // indirect + github.com/Microsoft/go-winio v0.5.2 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f // indirect github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d // indirect + github.com/acomagu/bufpipe v1.0.3 // indirect github.com/apparentlymart/go-cidr v1.1.0 // indirect github.com/armon/go-metrics v0.3.10 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/aws/aws-sdk-go v1.43.11 // indirect github.com/blang/semver v3.5.1+incompatible // indirect github.com/cenkalti/backoff/v3 v3.0.0 // indirect - github.com/containerd/stargz-snapshotter/estargz v0.10.0 // indirect - github.com/containers/image/v5 v5.9.0 // indirect - github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b // indirect - github.com/containers/ocicrypt v1.1.1 // indirect + github.com/containerd/stargz-snapshotter/estargz v0.11.1 // indirect + github.com/containers/image/v5 v5.21.0 // indirect + github.com/containers/libtrust v0.0.0-20200511145503-9c3a6c22cd9a // indirect + github.com/containers/ocicrypt v1.1.3 // indirect + github.com/containers/storage v1.38.3-0.20220301151551-d06b0f81c0aa // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/docker/cli v20.10.10+incompatible // indirect - github.com/docker/distribution v2.7.1+incompatible // indirect - github.com/docker/docker v20.10.10+incompatible // indirect + github.com/docker/cli v20.10.11+incompatible // indirect + github.com/docker/distribution v2.8.1+incompatible // indirect + github.com/docker/docker v20.10.14+incompatible // indirect github.com/docker/docker-credential-helpers v0.6.4 // indirect github.com/emirpasic/gods v1.12.0 // indirect github.com/fatih/color v1.13.0 // indirect github.com/go-git/gcfg v1.5.0 // indirect - github.com/go-git/go-billy/v5 v5.0.0 // indirect - github.com/go-git/go-git/v5 v5.2.0 // indirect + github.com/go-git/go-billy/v5 v5.3.1 // indirect + github.com/go-git/go-git/v5 v5.4.2 // indirect github.com/go-ini/ini v1.62.0 // indirect - github.com/go-logr/logr v1.2.0 // indirect + github.com/go-logr/logr v1.2.2 // indirect github.com/go-ole/go-ole v1.2.4 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -86,25 +90,25 @@ require ( github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect - github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd // indirect - github.com/klauspost/compress v1.13.6 // indirect + github.com/kevinburke/ssh_config v1.1.0 // indirect + github.com/klauspost/compress v1.15.1 // indirect github.com/klauspost/pgzip v1.2.5 // indirect github.com/kr/fs v0.1.0 // indirect github.com/kr/pretty v0.3.0 // indirect github.com/mattn/go-colorable v0.1.12 // indirect github.com/mattn/go-ieproxy v0.0.1 // indirect github.com/mattn/go-isatty v0.0.14 // indirect - github.com/mitchellh/copystructure v1.1.1 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-testing-interface v1.0.0 // indirect github.com/mitchellh/mapstructure v1.4.3 // indirect - github.com/mitchellh/reflectwalk v1.0.1 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/oklog/run v1.0.0 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect - github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 // indirect + github.com/opencontainers/image-spec v1.0.3-0.20211202193544-a5463b7f9c84 // indirect github.com/pierrec/lz4 v2.5.2+incompatible // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pkg/sftp v1.13.4 // indirect @@ -114,24 +118,24 @@ require ( github.com/sirupsen/logrus v1.8.1 // indirect github.com/smartystreets/assertions v1.2.0 // indirect github.com/spf13/cobra v1.4.0 // indirect - github.com/ulikunitz/xz v0.5.8 // indirect + github.com/ulikunitz/xz v0.5.10 // indirect github.com/vbatts/tar-split v0.11.2 // indirect - github.com/xanzy/ssh-agent v0.2.1 // indirect + github.com/xanzy/ssh-agent v0.3.1 // indirect go.opencensus.io v0.23.0 // indirect go.uber.org/atomic v1.9.0 // indirect golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 // indirect - golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd // indirect + golang.org/x/net v0.0.0-20220225172249-27dd8689420f // indirect golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect - golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e // indirect + golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9 // indirect golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect golang.org/x/text v0.3.7 // indirect golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect google.golang.org/api v0.63.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect - google.golang.org/grpc v1.43.0 // indirect + google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8 // indirect + google.golang.org/grpc v1.44.0 // indirect google.golang.org/protobuf v1.27.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/square/go-jose.v2 v2.5.1 // indirect diff --git a/tests/e2e/go.sum b/tests/e2e/go.sum index 6d754ca6d1..f12760201a 100644 --- a/tests/e2e/go.sum +++ b/tests/e2e/go.sum @@ -39,6 +39,7 @@ cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aD cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= +cloud.google.com/go v0.98.0/go.mod h1:ua6Ush4NALrHk5QXDWnjvZHN93OuF0HfuEPq9I1X0cM= cloud.google.com/go v0.99.0 h1:y/cM2iqGgGi5D5DQZl6D9STN/3dR/Vx5Mp8s752oJTY= cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= @@ -79,6 +80,7 @@ contrib.go.opencensus.io/resource v0.1.1/go.mod h1:F361eGI91LCmW1I/Saf+rX0+OFcig dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= git.apache.org/thrift.git v0.12.0/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg= github.com/14rcole/gopopulate v0.0.0-20180821133914-b175b219e774/go.mod h1:6/0dYRLLXyJjbkIPeeGyoJ/eKOSI0eU6eTlCBYibgd0= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h1:CzsSbkDixRphAF5hS6wbMKq0eI6ccJRb7/A0M6JBnwg= github.com/Azure/azure-amqp-common-go/v2 v2.1.0/go.mod h1:R8rea+gJRuJR6QxTir/XuEd+YuKoUiazDC/N96FiDEU= github.com/Azure/azure-pipeline-go v0.2.1/go.mod h1:UGSo8XybXnIGZ3epmeBw7Jdz+HiUVpqIlpz/HKHylF4= github.com/Azure/azure-pipeline-go v0.2.3 h1:7U9HBg1JFK3jHl5qmo4CTZKFTVgMwdFHMVtCdfBE21U= @@ -89,7 +91,7 @@ github.com/Azure/azure-sdk-for-go v30.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9mo github.com/Azure/azure-sdk-for-go v38.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v42.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v55.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v56.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v56.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-service-bus-go v0.9.1/go.mod h1:yzBx6/BUGfjfeqbRZny9AQIbIe3AcV9WZbAdpkoXOa0= github.com/Azure/azure-storage-blob-go v0.8.0/go.mod h1:lPI3aLPpuLTeUwh1sViKXFxwl2B6teiRqI0deQUvsw0= github.com/Azure/azure-storage-blob-go v0.13.0 h1:lgWHvFh+UYBNVQLFHXkvul2f6yOPA9PIH82RTG2cSwc= @@ -108,8 +110,8 @@ github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdA github.com/Azure/go-autorest/autorest v0.10.2/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630= github.com/Azure/go-autorest/autorest v0.11.17/go.mod h1:eipySxLmqSyC5s5k1CLupqet0PSENBEDP93LQ9a8QYw= github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= -github.com/Azure/go-autorest/autorest v0.11.19 h1:7/IqD2fEYVha1EPeaiytVKhzmPV223pfkRIQUGOK2IE= -github.com/Azure/go-autorest/autorest v0.11.19/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= +github.com/Azure/go-autorest/autorest v0.11.20 h1:s8H1PbCZSqg/DH7JMlOz6YMig6htWLNPsjDdlLqCx3M= +github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= github.com/Azure/go-autorest/autorest/adal v0.1.0/go.mod h1:MeS4XhScH55IST095THyTxElntu7WqB7pNbZo8Q5G3E= github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= github.com/Azure/go-autorest/autorest/adal v0.8.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc= @@ -119,8 +121,8 @@ github.com/Azure/go-autorest/autorest/adal v0.9.2/go.mod h1:/3SMAM86bP6wC9Ev35pe github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= github.com/Azure/go-autorest/autorest/adal v0.9.11/go.mod h1:nBKAnTomx8gDtl+3ZCJv2v0KACFHWTB2drffI1B68Pk= github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= -github.com/Azure/go-autorest/autorest/adal v0.9.14 h1:G8hexQdV5D4khOXrWG2YuLCFKhWYmWD8bHYaXN5ophk= -github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= +github.com/Azure/go-autorest/autorest/adal v0.9.15 h1:X+p2GF0GWyOiSmqohIaEeuNFNDY4I4EOlVuUQvFdWMk= +github.com/Azure/go-autorest/autorest/adal v0.9.15/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A= github.com/Azure/go-autorest/autorest/azure/auth v0.5.7/go.mod h1:AkzUsqkrdmNhfP2i54HqINVQopw0CLDnvHpJ88Zz1eI= github.com/Azure/go-autorest/autorest/azure/cli v0.4.2/go.mod h1:7qkJkT+j6b+hIpzMOwPChJhTqS8VbsqqgULzMNRugoM= github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= @@ -146,6 +148,8 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/BurntSushi/toml v1.0.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= @@ -173,7 +177,7 @@ github.com/Masterminds/sprig v2.15.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuN github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= github.com/Masterminds/sprig/v3 v3.0.2/go.mod h1:oesJ8kPONMONaZgtiHNzUShJbksypC5kWczhZAf6+aU= github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= -github.com/Masterminds/squirrel v1.5.0/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= +github.com/Masterminds/squirrel v1.5.2/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= @@ -185,6 +189,8 @@ github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JP github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= +github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= @@ -192,16 +198,21 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim v0.8.18/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= +github.com/Microsoft/hcsshim v0.8.20/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= -github.com/Microsoft/hcsshim v0.8.22/go.mod h1:91uVCVzvX2QD16sMCenoxxXo6L1wJnLMX2PSufFMtF0= +github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= +github.com/Microsoft/hcsshim v0.9.1/go.mod h1:Y/0uV2jUab5kBI7SQgl62at0AVX7uaruzADAVmxm3eM= +github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= -github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OpenPeeDeeP/depguard v1.0.1/go.mod h1:xsIw86fROiiwelg+jB2uM9PiKihMMmUx/1V+TNhjQvM= +github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= +github.com/ProtonMail/go-crypto v0.0.0-20210920160938-87db9fbc61c7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= +github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f h1:J2FzIrXN82q5uyUraeJpLIm7U6PffRwje2ORho5yIik= +github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= @@ -215,11 +226,13 @@ github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d h1:G0m3OIz70MZUW github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg= github.com/Venafi/vcert/v4 v4.14.3/go.mod h1:IL+6LA8QRWZbmcMzIr/vRhf9Aa6XDM2cQO50caWevjA= github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA= +github.com/VividCortex/ewma v1.2.0/go.mod h1:nz4BbCtbLyFDeC9SUHbtcT5644juEuWfUAUnGx7j5l4= github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat636LX7Bqt5lYEZ27JNDcqxfjdBQuJ/MM4CN/Lzo= +github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= +github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/ahmetb/gen-crd-api-reference-docs v0.2.1-0.20201224172655-df869c1245d4/go.mod h1:TdjdkYhlOifCQWPs1UdTma97kQQMozf5h26hTuG70u8= +github.com/ahmetb/gen-crd-api-reference-docs v0.3.0/go.mod h1:TdjdkYhlOifCQWPs1UdTma97kQQMozf5h26hTuG70u8= github.com/akamai/AkamaiOPEN-edgegrid-golang v1.1.1/go.mod h1:kX6YddBkXqqywAe8c9LyvgTCyFuZCTMF4cRPQhc3Fy8= -github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7 h1:uSoVVbwJiQipAclBbw+8quDsfcvFjOpI5iCf4p/cqCs= github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -227,6 +240,7 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= +github.com/alexflint/go-filemutex v1.1.0/go.mod h1:7P4iRhttt/nUvUOrYIhcpMzv2G6CY9UnI16Z+UJqRyk= github.com/andybalholm/brotli v0.0.0-20190621154722-5f990b63d2d6/go.mod h1:+lx6/Aqd1kLJ1GQfkvOnaZ1WGmLpMpbprPuIOOZX30U= github.com/andygrunwald/go-gerrit v0.0.0-20190120104749-174420ebee6c/go.mod h1:0iuRQp6WJ44ts+iihy5E/WlPqfg5RNeQxOmzRkxCdtk= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= @@ -300,6 +314,7 @@ github.com/bombsimon/wsl/v3 v3.0.0/go.mod h1:st10JtZYLE4D5sC7b8xV4zTKZwAQjCH/Hy2 github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= +github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= @@ -307,9 +322,12 @@ github.com/bwmarrin/snowflake v0.0.0/go.mod h1:NdZxfVWX+oR6y2K0o6qAYv6gIOP9rjG0/ github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c= github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= +github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= +github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cert-manager/cert-manager v1.8.0/go.mod h1:95Ds29nFWH6YqEgLiQ9WTtsDnTcxrkUPRNfYaKVOzeM= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= @@ -319,6 +337,7 @@ github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1 github.com/checkpoint-restore/go-criu/v4 v4.0.2/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= +github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -329,6 +348,7 @@ github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLI github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= +github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/clarketm/json v1.13.4/go.mod h1:ynr2LRfb0fQU34l07csRNBTcivjySLLiY1YzQqKVfdo= @@ -363,12 +383,15 @@ github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4S github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= +github.com/containerd/cgroups v1.0.2/go.mod h1:qpbpJ1jmlqsR9f2IyaLPsdkCdnt0rbDVqIDlhuu5tRY= +github.com/containerd/cgroups v1.0.3/go.mod h1:/ofk34relqNjSGyqPrmEULrO4Sc8LJhvJmWbUCUKqj8= github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= github.com/containerd/console v1.0.0/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= +github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= @@ -385,9 +408,11 @@ github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/containerd v1.5.4/go.mod h1:sx18RgvW6ABJ4iYUw7Q5x7bgFOAB9B6G7+yO0XBc4zw= github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= +github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc5qtSuYx1YUb/s= +github.com/containerd/containerd v1.5.9/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ= +github.com/containerd/containerd v1.5.10/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ= +github.com/containerd/containerd v1.6.1/go.mod h1:1nJz5xCZPusx6jJU8Frfct988y0NpumIq9ODB0kLtoE= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -397,7 +422,7 @@ github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cE github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= -github.com/containerd/continuity v0.2.0/go.mod h1:wCYX+dRqZdImhGucXOqTQn05AhX6EUDaGEMUzTFFpLg= +github.com/containerd/continuity v0.2.2/go.mod h1:pWygW9u7LtS1o4N/Tn0FoCFDIXZ7rxcMX7HX1Dmibvk= github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= @@ -406,6 +431,8 @@ github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1S github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= +github.com/containerd/go-cni v1.1.0/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= +github.com/containerd/go-cni v1.1.3/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= @@ -415,17 +442,21 @@ github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= +github.com/containerd/imgcrypt v1.1.3/go.mod h1:/TPA1GIDXMzbj01yd8pIbQiLdQxed5ue1wb8bP7PQu4= github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/stargz-snapshotter/estargz v0.0.0-20201217071531-2b97b583765b/go.mod h1:E9uVkkBKf0EaC39j2JVW9EzdNhYvpz6eQIjILHebruk= -github.com/containerd/stargz-snapshotter/estargz v0.10.0 h1:glqzafvxBBAMo+x2w2sdDjUDZeTqqLJmqZPY05qehCU= +github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+ELgxmo4gBUeJB0tl5dqH1Sdz0nJU1QM= github.com/containerd/stargz-snapshotter/estargz v0.10.0/go.mod h1:aE5PCyhFMwR8sbrErO5eM2GcvkyXTTJremG883D4qF0= +github.com/containerd/stargz-snapshotter/estargz v0.11.1 h1:mNQqxcAWmDrV6d6yUvzFhfY8puNzoQz9v4diW+Pmei4= +github.com/containerd/stargz-snapshotter/estargz v0.11.1/go.mod h1:6VoPcf4M1wvnogWxqc4TqBWWErCS+R+ucnPZId2VbpQ= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= +github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Evzy5KFQpQ= github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= @@ -438,26 +469,35 @@ github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNR github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= +github.com/containernetworking/cni v1.0.1/go.mod h1:AKuhXbN5EzmD4yTNtfSsX3tPcmtrBI6QcRV0NiNt15Y= github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= +github.com/containernetworking/plugins v1.0.1/go.mod h1:QHCfGpaTwYTbbH+nZXKVTxNBDZcxSOplJT5ico8/FLE= github.com/containers/image/v5 v5.6.0/go.mod h1:iUSWo3SOLqJo0CkZkKrHxqR6YWqrT98mkXFpE0MceE8= -github.com/containers/image/v5 v5.9.0 h1:dRmUtcluQcmasNo3DpnRoZjfU0rOu1qZeL6wlDJr10Q= github.com/containers/image/v5 v5.9.0/go.mod h1:blOEFd/iFdeyh891ByhCVUc+xAcaI3gBegXECwz9UbQ= -github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b h1:Q8ePgVfHDplZ7U33NwHZkrVELsZP5fYj9pM5WBZB2GE= +github.com/containers/image/v5 v5.21.0 h1:pDS3kjJBlaGDItKzjvJDqKXwyQs01gv54b6QuMuaH4g= +github.com/containers/image/v5 v5.21.0/go.mod h1:2nEPM0WuinC/0ssPsMv5Iy8YaRueUUTmTp3C7bn5uro= github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= +github.com/containers/libtrust v0.0.0-20200511145503-9c3a6c22cd9a h1:spAGlqziZjCJL25C6F1zsQY05tfCKE9F5YwtEWWe6hU= +github.com/containers/libtrust v0.0.0-20200511145503-9c3a6c22cd9a/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= github.com/containers/ocicrypt v1.0.3/go.mod h1:CUBa+8MRNL/VkpxYIpaMtgn1WgXGyvPQj8jcy0EVG6g= github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= -github.com/containers/ocicrypt v1.1.1 h1:prL8l9w3ntVqXvNH1CiNn5ENjcCnr38JqpSyvKKB4GI= github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= +github.com/containers/ocicrypt v1.1.2/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= +github.com/containers/ocicrypt v1.1.3 h1:uMxn2wTb4nDR7GqG3rnZSfpJXqWURfzZ7nKydzIeKpA= +github.com/containers/ocicrypt v1.1.3/go.mod h1:xpdkbVAuaH3WzbEabUd5yDsl9SwJA5pABH85425Es2g= github.com/containers/storage v1.23.5/go.mod h1:ha26Q6ngehFNhf3AWoXldvAvwI4jFe3ETQAf/CeZPyM= github.com/containers/storage v1.23.7/go.mod h1:cUT2zHjtx+WlVri30obWmM2gpqpi8jfPsmIzP1TVpEI= +github.com/containers/storage v1.38.3-0.20220301151551-d06b0f81c0aa h1:rdJIWaQ7PwS2N0ZWgn6NXDp+8KtvfSmPTJ3S5i6fJr4= +github.com/containers/storage v1.38.3-0.20220301151551-d06b0f81c0aa/go.mod h1:LkkL34WRi4dI4jt9Cp+ImdZi/P5i36glSHimT5CP5zM= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= +github.com/coreos/go-iptables v0.6.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -502,28 +542,30 @@ github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8 github.com/digitalocean/godo v1.65.0/go.mod h1:p7dOjjtSBqCTUksqtA5Fd3uaKs9kyTq2xcz76ulEJRU= github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= -github.com/distribution/distribution/v3 v3.0.0-20210804104954-38ab4c606ee3/go.mod h1:gt38b7cvVKazi5XkHvINNytZXgTEntyhtyM3HQz46Nk= +github.com/distribution/distribution/v3 v3.0.0-20211118083504-a29a3c99a684/go.mod h1:UfCu3YXJJCI+IdnqGgYP82dk2+Joxmv+mUTVBES6wac= github.com/djherbis/atime v1.0.0/go.mod h1:5W+KBIuTwVGcqjIfaTwt+KSYX1o6uep8dtevevQP/f8= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v0.0.0-20200130152716-5d0cf8839492/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/cli v20.10.10+incompatible h1:kcbwdgWbrBOH8QwQzaJmyriHwF7XIl4HT1qh0HTRys4= github.com/docker/cli v20.10.10+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v20.10.11+incompatible h1:tXU1ezXcruZQRrMP8RN2z9N91h+6egZTS1gsPsKantc= +github.com/docker/cli v20.10.11+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v0.0.0-20191216044856-a8371794149d/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= +github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v1.4.2-0.20191219165747-a9416c67da9f/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v1.4.2-0.20200203170920-46ec8731fbce/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v1.4.2-0.20200319182547-c7ad2b866182/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v17.12.1-ce+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.10+incompatible h1:GKkP0T7U4ks6X3lmmHKC2QDprnpRJor2Z5a8m62R9ZM= github.com/docker/docker v20.10.10+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.11+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.12+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.14+incompatible h1:+T9/PRYWNDo5SZl5qS1r9Mo/0Q8AwxKKPtu9S1yxM0w= +github.com/docker/docker v20.10.14+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/docker-credential-helpers v0.6.4 h1:axCks+yV+2MR3/kZhAmy07yC56WZ2Pwu/fKWtKuZB0o= github.com/docker/docker-credential-helpers v0.6.4/go.mod h1:ofX3UI0Gz1TteYBjtgs07O36Pyasyp66D2uKT7H8W1c= @@ -567,7 +609,6 @@ github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0= github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= @@ -584,7 +625,6 @@ github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= -github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c= github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/fortytw2/leaktest v1.2.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= @@ -613,15 +653,19 @@ github.com/go-critic/go-critic v0.4.1/go.mod h1:7/14rZGnZbY6E38VEGk2kVhoq6itzc1E github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.0.0 h1:7NQHvd9FVid8VL4qVUMm8XifBK+2xCoZ2lSk0agRrHM= github.com/go-git/go-billy/v5 v5.0.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= +github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-git-fixtures/v4 v4.0.1/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw= -github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12 h1:PbKy9zOy4aAKrJ5pibIRpVO2BXnK1Tlcg+caKI7Ox5M= github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw= +github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8= +github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= github.com/go-git/go-git/v5 v5.0.0/go.mod h1:oYD8y9kWsGINPFJoLdaScGCN6dlKg23blmClfZwtUVA= github.com/go-git/go-git/v5 v5.1.0/go.mod h1:ZKfuPUoY1ZqIG4QG9BDBh3G4gLM5zvPuSJAozQrZuyM= -github.com/go-git/go-git/v5 v5.2.0 h1:YPBLG/3UK1we1ohRkncLjaXWLW+HKp5QNM/jTli2JgI= github.com/go-git/go-git/v5 v5.2.0/go.mod h1:kh02eMX+wdqqxgNMEyq8YgwlIOsDOa9homkUq1PoTMs= +github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= +github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -640,13 +684,15 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v0.3.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.1/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.2 h1:ahHml/yUpnlb96Rp8HCvtYVPY8ZYpxq3g7UYchIYwbs= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jTKKwI= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v0.1.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= github.com/go-logr/zapr v0.1.1/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= -github.com/go-logr/zapr v0.2.0/go.mod h1:qhKdvif7YF5GI9NWEpyxTSSBdGmzkNguibrdCNVPunU= github.com/go-logr/zapr v0.4.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= github.com/go-logr/zapr v1.2.0/go.mod h1:Qa4Bsj2Vb+FAVeAKsLD8RLQ+YRJB8YDmOAKxaBQf7Ro= github.com/go-ole/go-ole v1.2.1/go.mod h1:7FAglXiTm7HKlQRDeOQ6ZNUHidzCWXuZWq/1dTyBNF8= @@ -663,7 +709,6 @@ github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= github.com/go-openapi/spec v0.19.4/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/spec v0.19.5/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk= github.com/go-openapi/spec v0.19.6/go.mod h1:Hm2Jr4jv8G1ciIAo+frC/Ft+rR2kQDh8JHKHb3gWUSk= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= @@ -696,7 +741,6 @@ github.com/go-toolsmith/strparse v1.0.0/go.mod h1:YI2nUKP9YGZnL/L1/DLFBfixrcjslW github.com/go-toolsmith/typep v1.0.0/go.mod h1:JSQCQMUPdRlMZFswiq3TGpNp1GMktqkR2Ns5AIQkATU= github.com/go-xmlfmt/xmlfmt v0.0.0-20191208150333-d5b6f63a941b/go.mod h1:aUCEOzzezBEjDBbFBoSiya/gduyIiWYRP6CnSFIV8AM= github.com/gobuffalo/envy v1.6.5/go.mod h1:N+GkhhZ/93bGZc6ZKhJLP6+m+tCNPKwgSpH9kaifseQ= -github.com/gobuffalo/flect v0.2.2/go.mod h1:vmkQwuZYhN5Pc4ljYQZzP+1sq+NEkK+lh20jmEmX3jc= github.com/gobuffalo/flect v0.2.3/go.mod h1:vmkQwuZYhN5Pc4ljYQZzP+1sq+NEkK+lh20jmEmX3jc= github.com/gobuffalo/logger v1.0.3/go.mod h1:SoeejUwldiS7ZsyCBphOGURmWdwUFXs0J7TCjEhjKxM= github.com/gobuffalo/packd v1.0.0/go.mod h1:6VTc4htmJRFB7u1m/4LeMTWjFoYrUiBkU9Fdec9hrhI= @@ -707,10 +751,11 @@ github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblf github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godror/godror v0.24.2/go.mod h1:wZv/9vPiUib6tkoDl+AZ/QLf5YZgMravZ7jxH2eQWAE= github.com/gofrs/flock v0.0.0-20190320160742-5135e617513b/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gofrs/flock v0.7.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= -github.com/gofrs/flock v0.8.0/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= +github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s= github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= @@ -725,6 +770,8 @@ github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o= +github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/gddo v0.0.0-20190419222130-af0f2af80721/go.mod h1:xEhNfoBDX1hzLm2Nf80qUvZ2sVwoMZ8d6IE2SrsQfh4= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= @@ -811,6 +858,7 @@ github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-containerregistry v0.0.0-20200115214256-379933c9c22b/go.mod h1:Wtl/v6YdQxv397EREtzwgd9+Ud7Q5D8XMbi3Zazgkrs= github.com/google/go-containerregistry v0.3.0/go.mod h1:BJ7VxR1hAhdiZBGGnvGETHEmFs1hzXc4VM1xjOPO9wA= +github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0= github.com/google/go-containerregistry v0.7.0 h1:u0onUUOcyoCDHEiJoyR1R1gx5er1+r06V5DBhUU5ndk= github.com/google/go-containerregistry v0.7.0/go.mod h1:2zaoelrL0d08gGbpdP3LqyUuBmhWbpD6IOe2s9nLS2k= github.com/google/go-github v17.0.0+incompatible h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY= @@ -818,6 +866,7 @@ github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+u github.com/google/go-github/v29 v29.0.3/go.mod h1:CHKiKKPHJ0REzfwc14QMklvtHwCveD0PxlMjLlzAM5E= github.com/google/go-github/v33 v33.0.0 h1:qAf9yP0qc54ufQxzwv+u9H0tiVOnPJxo0lI/JXqw3ZM= github.com/google/go-github/v33 v33.0.0/go.mod h1:GMdDnVZY/2TsWgp/lkYnpSAh6TrzhANBBwm6k6TTEXg= +github.com/google/go-intervals v0.0.2/go.mod h1:MkaR3LNRfeKLPmqgJYs4E66z5InYjmCjbbr4TQlcT6Y= github.com/google/go-licenses v0.0.0-20191112164736-212ea350c932/go.mod h1:16wa6pRqNDUIhOtwF0GcROVqMeXHZJ7H6eGDFUh5Pfk= github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= @@ -914,7 +963,6 @@ github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/ad github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gostaticanalysis/analysisutil v0.0.0-20190318220348-4088753ea4d3/go.mod h1:eEOZF4jCKGi+aprrirO9e7WKB3beBRtWgqGunKl6pKE= github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= -github.com/gotestyourself/gotestyourself v2.2.0+incompatible/go.mod h1:zZKM6oeNM8k+FRljX1mnzVYeS8wiGgQyvST1/GafPbY= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/gregjones/httpcache v0.0.0-20190212212710-3befbb6ad0cc/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= @@ -931,6 +979,7 @@ github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFb github.com/h2non/gock v1.0.9/go.mod h1:CZMcB0Lg5IWnr9bF79pPMg9WeV6WumxQiUJ1UvdO1iE= github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI= github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= +github.com/hashicorp/consul/api v1.11.0/go.mod h1:XjsvQN+RJGWI2TWy1/kqaE16HrR2J/FWgkYjdZQsX9M= github.com/hashicorp/consul/api v1.12.0/go.mod h1:6pVBMo0ebnYdt2S3H87XhekM/HHrUoTD2XXb/VrZVy0= github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= github.com/hashicorp/consul/sdk v0.8.0/go.mod h1:GBvyrGALthsZObzUGsfgHZQDXjg4lOjagTIwIR1vPms= @@ -1004,12 +1053,15 @@ github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T github.com/hashicorp/hcl/v2 v2.10.1/go.mod h1:FwWsfWEjyV/CMj8s/gqAuiviY72rJ1/oayI9WftqcKg= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= +github.com/hashicorp/mdns v1.0.1/go.mod h1:4gW7WsVCke5TE7EPeYliwHlRUyBtfCwuFwuMg2DmyNY= github.com/hashicorp/mdns v1.0.4/go.mod h1:mtBihi+LeNXGtG8L9dX59gAEa12BDtBQSp4v/YAJqrc= github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= github.com/hashicorp/memberlist v0.1.4/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= +github.com/hashicorp/memberlist v0.2.2/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/memberlist v0.3.0/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/memberlist v0.3.1/go.mod h1:MS2lj3INKhZjWNqd3N0m3J+Jxf3DAOnAH9VT3Sh9MUE= github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= +github.com/hashicorp/serf v0.9.5/go.mod h1:UWDWwZeL5cuWDJdl0C6wrvrUwEqtQ4ZKBKKENpqIUyk= github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpTwn9UV4= github.com/hashicorp/vault/api v1.0.5-0.20200519221902-385fac77e20f/go.mod h1:euTFbi2YJgwcju3imEt919lhJKF68nN1cQPq3aA+kBE= github.com/hashicorp/vault/api v1.1.1/go.mod h1:29UXcn/1cLOPHQNMWA7bCz2By4PSd0VKPAydKXS5yN0= @@ -1043,7 +1095,9 @@ github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/influxdata/influxdb v0.0.0-20161215172503-049f9b42e9a5/go.mod h1:qZna6X/4elxqT3yI9iZYdZrWWdeFOOprn86kgg4+IzY= +github.com/intel/goresctrl v0.2.0/go.mod h1:+CZdzouYFn5EsxgqAQTEzMfwKwuc0fVdMrT9FCCAVRQ= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= +github.com/j-keck/arping v1.0.2/go.mod h1:aJbELhR92bSk7tp79AWM/ftfc90EfEi2bQJrbBFOsPw= github.com/jacksontj/memberlistmesh v0.0.0-20190905163944-93462b9d2bb7/go.mod h1:fFX3XoduobgoJsVtpzIFRTgKZAbNhsSJIDNOgeUU5g4= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= @@ -1051,7 +1105,7 @@ github.com/jcmturner/gofork v0.0.0-20190328161633-dc7c13fece03/go.mod h1:MK8+TM0 github.com/jcmturner/gofork v1.0.0/go.mod h1:MK8+TM0La+2rjBD4jE12Kj1pCCxK7d2LK/UM3ncEo0o= github.com/jenkins-x/go-scm v1.5.79/go.mod h1:PCT338UhP/pQ0IeEeMEf/hoLTYKcH7qjGEKd7jPkeYg= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jetstack/cert-manager v1.6.2/go.mod h1:1nXjnzzsYcIFvl4eLTkVqpvh9NQogkCq4FaCmgvNDDY= +github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jhump/gopoet v0.0.0-20190322174617-17282ff210b3/go.mod h1:me9yfT6IJSlOL3FCfrg+L6yzUEZ+5jW6WHt4Sk+UPUI= github.com/jhump/gopoet v0.1.0/go.mod h1:me9yfT6IJSlOL3FCfrg+L6yzUEZ+5jW6WHt4Sk+UPUI= github.com/jhump/goprotoc v0.5.0/go.mod h1:VrbvcYrQOrTi3i0Vf+m+oqQWk9l72mjkJCYo7UvLHRQ= @@ -1075,7 +1129,7 @@ github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHW github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/jmoiron/sqlx v1.2.1-0.20190826204134-d7d95172beb5/go.mod h1:1FEQNm3xlJgrMD+FBdI9+xvCksHtbpVBBw5dYhBSsks= -github.com/jmoiron/sqlx v1.3.1/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ= +github.com/jmoiron/sqlx v1.3.4/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ= github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= @@ -1104,8 +1158,10 @@ github.com/karrick/godirwalk v1.15.8/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1q github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= -github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd h1:Coekwdh0v2wtGp9Gmz1Ze3eVRAWJMLokvN3QjdzCHLY= github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/kevinburke/ssh_config v1.1.0 h1:pH/t1WS9NzT8go394IqZeJTMHVm6Cr6ZJ6AQ+mdNo/o= +github.com/kevinburke/ssh_config v1.1.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= @@ -1118,8 +1174,12 @@ github.com/klauspost/compress v1.11.0/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYs github.com/klauspost/compress v1.11.1/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc= github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/compress v1.14.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/compress v1.14.3/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/compress v1.14.4/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= +github.com/klauspost/compress v1.15.1 h1:y9FcTHGyrebwfP0ZZqFiaxTaiDnUrGkJkI+f583BL1A= +github.com/klauspost/compress v1.15.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/cpuid v0.0.0-20180405133222-e7e905edc00e/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/pgzip v1.2.1/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= @@ -1153,12 +1213,15 @@ github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.8.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lib/pq v1.10.4/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/logrusorgru/aurora v0.0.0-20181002194514-a7b3b318ed4e/go.mod h1:7rIyQOR62GCctdiQpZ/zOJlFyk6y+94wXzv6RNZgaR4= github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ= +github.com/magefile/mage v1.13.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= @@ -1168,6 +1231,7 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/manifoldco/promptui v0.8.0/go.mod h1:n4zTdgP0vr0S3w7/O/g98U+e0gwLScEXGwov2nIKuGQ= +github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= github.com/maratori/testpackage v1.0.1/go.mod h1:ddKdw+XG0Phzhx8BFDTKgpWP4i7MpApTE5fXSKAqwDU= github.com/markbates/errx v1.1.0/go.mod h1:PLa46Oex9KNbVDZhKel8v1OT7hD5JZ2eI7AHhA0wswc= github.com/markbates/inflect v1.0.4/go.mod h1:1fR9+pO2KHEO9ZRtto13gDwwZaAKstQzferVeWqbgNs= @@ -1175,6 +1239,8 @@ github.com/markbates/oncer v1.0.0/go.mod h1:Z59JA581E9GP6w96jai+TGqafHPW+cPfRxz2 github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/matoous/godox v0.0.0-20190911065817-5d6d842e92eb/go.mod h1:1BELzlh859Sh1c6+90blK8lbYy0kwQf1bYlBhBysy1s= +github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= +github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattbaird/jsonpatch v0.0.0-20171005235357-81af80346b1a/go.mod h1:M1qoD/MqPgTZIk0EWKB38wE28ACRfVcn+cU08jyArI0= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= @@ -1202,10 +1268,12 @@ github.com/mattn/go-runewidth v0.0.6/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.8/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= +github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.9/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/mattn/go-shellwords v1.0.10/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/mattn/go-shellwords v1.0.11/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= +github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= github.com/mattn/go-sqlite3 v1.9.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/mattn/go-sqlite3 v2.0.1+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= @@ -1219,19 +1287,20 @@ github.com/maxbrunsfeld/counterfeiter/v6 v6.3.0/go.mod h1:fcEyUyXZXoV4Abw8DX0t7w github.com/mholt/archiver/v3 v3.3.0/go.mod h1:YnQtqsp+94Rwd0D/rk5cnLrxusUBUXg+08Ebtr1Mqao= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= -github.com/miekg/dns v1.1.34/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= +github.com/miekg/dns v1.1.47/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/dns v1.1.48/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME= github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= +github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/mistifyio/go-zfs v2.1.1+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXxx3xhI= github.com/mitchellh/cli v1.1.2/go.mod h1:6iaV0fGdElS6dPBx0EApTxHrcWvmJphyh2n8YBLPPZ4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= -github.com/mitchellh/copystructure v1.1.1 h1:Bp6x9R1Wn16SIz3OfeDr0b7RnCG2OB66Y7PQyC/cvq4= -github.com/mitchellh/copystructure v1.1.1/go.mod h1:EBArHfARyrSWO/+Wyr9zwEkc6XMFB9XyNgFNmRkZZU4= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= @@ -1253,8 +1322,9 @@ github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGg github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/mitchellh/reflectwalk v1.0.1 h1:FVzMWA5RllMAKIdUSC8mdWo3XtwoecrH79BY70sEEpE= github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mmarkdown/mmark v2.0.40+incompatible/go.mod h1:Uvmoz7tvsWpr7bMVxIpqZPyN3FbOtzDmnsJDFp7ltJs= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= @@ -1262,7 +1332,12 @@ github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0Gq github.com/moby/sys/mountinfo v0.1.3/go.mod h1:w2t2Avltqx8vE7gX5l+QiBKxODu2TX0+Syr3h52Tw4o= github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= +github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= +github.com/moby/sys/mountinfo v0.6.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= +github.com/moby/sys/signal v0.6.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= +github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6BMgR/gFs= +github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/moby/term v0.0.0-20200915141129-7f0af18e79f2/go.mod h1:TjQg8pa4iejrUrjiz0MCtMV38jdMNW4doKSiBrEvCQQ= github.com/moby/term v0.0.0-20201216013528-df9cb8a40635/go.mod h1:FBS0z0QWA44HXygs7VXDUOGoN/1TV3RuWkLO04am3wc= github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A= @@ -1326,6 +1401,7 @@ github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+ github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.13.0/go.mod h1:+REjRxOmWfHCjfv9TTWB1jD1Frx4XydAD3zm1lskyM0= github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.14.1/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= @@ -1355,8 +1431,11 @@ github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zM github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.2-0.20200206005212-79b036d80240/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 h1:axgApq2XShTLwQii2zAnIkMPlhGVHbAXHUcHezu5G/k= github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.3-0.20211202193544-a5463b7f9c84 h1:g47eG1u/gw0JB7mZ88TcHKCmsy7sWUNZD8ZS9Jhi0O8= +github.com/opencontainers/image-spec v1.0.3-0.20211202193544-a5463b7f9c84/go.mod h1:Qnt1q4cjDNQI9bT832ziho5Iw2BhK8o1KwLOwW56VP4= github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= @@ -1364,6 +1443,7 @@ github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rm github.com/opencontainers/runc v1.0.0-rc91/go.mod h1:3Sm6Dt7OT8z88EbdQqqcRN2oCT54jbi72tT/HqgflT8= github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= +github.com/opencontainers/runc v1.1.0/go.mod h1:Tj1hFw6eFWp/o33uxGf5yF2BX5yz2Z6iptFpuvbbKqc= github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= @@ -1376,11 +1456,13 @@ github.com/opencontainers/selinux v1.5.1/go.mod h1:yTcKuYAh6R95iDpefGLQaPaRwJFwy github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/opencontainers/selinux v1.9.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= +github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= +github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= github.com/openzipkin/zipkin-go v0.2.0/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4= github.com/ostreedev/ostree-go v0.0.0-20190702140239-759a8c1ac913/go.mod h1:J6OG6YJVEWopen4avK3VNQSnALmmjvniMmni/YFYAwc= +github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f/go.mod h1:J6OG6YJVEWopen4avK3VNQSnALmmjvniMmni/YFYAwc= github.com/otiai10/copy v1.0.2/go.mod h1:c7RpqBkwMom4bYTSkLSym4VSJz/XtncWRAj/J4PEIMY= github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= @@ -1424,6 +1506,7 @@ github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSg github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/pquerna/ffjson v0.0.0-20181028064349-e517b90714f7/go.mod h1:YARuvh7BUWHNhzDq2OM5tzR2RiCcN2D7sapiKyCel/M= github.com/pquerna/ffjson v0.0.0-20190813045741-dac163c6c0a9/go.mod h1:YARuvh7BUWHNhzDq2OM5tzR2RiCcN2D7sapiKyCel/M= +github.com/proglottis/gpgme v0.1.1/go.mod h1:fPbW/EZ0LvwQtH8Hy7eixhp1eF3G39dtx7GUN+0Gmy0= github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.2/go.mod h1:OsXs2jCmiKlQ1lTBmv21f2mNfw4xf/QclQDMrYNZzcM= @@ -1453,6 +1536,7 @@ github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8b github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= github.com/prometheus/common v0.28.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= +github.com/prometheus/common v0.30.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= @@ -1466,6 +1550,7 @@ github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+Gx github.com/prometheus/procfs v0.0.10/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= +github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/psampaz/go-mod-outdated v0.5.0/go.mod h1:Ow0f464qFSBVyz//3QyVLNPtL8/lLvjouMnjmVzNT/U= github.com/psampaz/go-mod-outdated v0.7.0/go.mod h1:r78NYWd1z+F9Zdsfy70svgXOz363B08BWnTyFSgEESs= @@ -1475,6 +1560,7 @@ github.com/quasilyte/go-consistent v0.0.0-20190521200055-c6f3937de18c/go.mod h1: github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rcrowley/go-metrics v0.0.0-20190706150252-9beb055b7962/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= @@ -1486,6 +1572,7 @@ github.com/rs/cors v1.7.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU= github.com/rubenv/sql-migrate v0.0.0-20210614095031-55d5740dbbcc/go.mod h1:HFLT6i9iR4QBOF5rdCyjddC9t59ArqWJV2xx+jwcCMo= github.com/rubiojr/go-vhd v0.0.0-20200706105327-02e210299021/go.mod h1:DM5xW0nvfNNm2uytzsvhI3OnX8uzaRAg8UX/CnDqbto= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryancurrah/gomodguard v1.0.2/go.mod h1:9T/Cfuxs5StfsocWr4WzDL36HqnX0fVb9d5fSEaLhoE= @@ -1494,16 +1581,23 @@ github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFo github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= +github.com/safchain/ethtool v0.0.0-20210803160452-9aa261dae9b1/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= +github.com/sagikazarmark/crypt v0.3.0/go.mod h1:uD/D+6UF4SrIR1uGEv7bBNkNqLGqUr43MRiaGWX1Nig= github.com/sagikazarmark/crypt v0.4.0/go.mod h1:ALv2SRj7GxYV4HO9elxH9nS6M9gW+xDNxqmyJ6RfDFM= github.com/saschagrunert/ccli v1.0.2-0.20200423111659-b68f755cc0f5/go.mod h1:nF6F8YjOZIYqRQ2GVOi43O13vaN2W1OQq1LcxUGdAfw= github.com/saschagrunert/go-modiff v1.2.0/go.mod h1:YHrztU7folCi4YSHksLOYTX5KFGdHNr9O9DVKjpINMs= github.com/saschagrunert/go-modiff v1.2.1/go.mod h1:VnFx2OyDvvEpm0okmv5Kgih+4Zh7bBifqdB2FBcAiQE= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw= github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= github.com/sclevine/spec v1.4.0/go.mod h1:LvpgJaFyvQzRvc1kaDs0bulYwzC70PbiYjC4QnFHkOM= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= +github.com/sebdah/goldie/v2 v2.5.3/go.mod h1:oZ9fp0+se1eapSRjfYbsV/0Hqhbuu3bJVvKI/NNtssI= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= +github.com/seccomp/libseccomp-golang v0.9.2-0.20210429002308-3879420cc921/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= github.com/securego/gosec v0.0.0-20200103095621-79fbf3af8d83/go.mod h1:vvbZ2Ae7AzSq3/kywjUDxSNq2SJ27RxCz2un0H3ePqE= +github.com/segmentio/asm v1.1.3/go.mod h1:Ld3L4ZXGNcSLRg4JBsZ3//1+f/TjYl0Mzen/DQy1EJg= +github.com/segmentio/encoding v0.3.3/go.mod h1:n0JeuIqEQrQoPDGsjo8UNd1iA0U8d8+oHAA4E3G3OxM= github.com/sendgrid/rest v2.4.1+incompatible/go.mod h1:kXX7q3jZtJXK5c5qK83bSGMdV6tsOE70KbHoqJls4lE= github.com/sendgrid/rest v2.6.1+incompatible/go.mod h1:kXX7q3jZtJXK5c5qK83bSGMdV6tsOE70KbHoqJls4lE= github.com/sendgrid/rest v2.6.2+incompatible/go.mod h1:kXX7q3jZtJXK5c5qK83bSGMdV6tsOE70KbHoqJls4lE= @@ -1562,6 +1656,7 @@ github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHN github.com/spf13/cobra v1.1.1/go.mod h1:WnodtKOvamDL/PwE2M4iKs8aMDBZ5Q5klgD3qfVJQMI= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= +github.com/spf13/cobra v1.3.0/go.mod h1:BrRVncBjOJa/eUcVVm9CE+oC6as8k+VYr4NY7WCi9V4= github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= @@ -1579,6 +1674,7 @@ github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfD github.com/spf13/viper v1.6.2/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= +github.com/spf13/viper v1.10.0/go.mod h1:SoyBPwAtKDzypXNDFKN5kzH7ppppbGZtls1UpIy5AsM= github.com/spf13/viper v1.10.1/go.mod h1:IGlFPqhNAPKRxohIzWpI5QEy4kuI7tcl5WvR+8qy1rU= github.com/spotinst/spotinst-sdk-go v1.110.0/go.mod h1:qIh4nc5hbkVEAdCG9QTf3EaFHX5cmkj8U37iZn2KpCE= github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI= @@ -1598,9 +1694,12 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/sylabs/release-tools v0.1.0/go.mod h1:pqP/z/11/rYMQ0OM/Nn7TxGijw7KfZwW9UolD/J1TUo= +github.com/sylabs/sif/v2 v2.4.2/go.mod h1:6gQvzNKRIqr4FS08XBfHpkpnxv9b7h58GLkSJ1zdK9A= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= @@ -1623,8 +1722,9 @@ github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c/go.mod h1:hzIxponao9 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= -github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= +github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ultraware/funlen v0.0.2/go.mod h1:Dp4UiAus7Wdb9KUZsYWZEWiRzGuM2kXM1lPbfaF6xhA= github.com/ultraware/whitespace v0.0.4/go.mod h1:aVMh/gQve5Maj9hQ/hg+F75lr/X5A89uZnzAmWSineA= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= @@ -1644,15 +1744,18 @@ github.com/vbatts/tar-split v0.11.1/go.mod h1:LEuURwDEiWjRjwu46yU3KVGuUdVv/dcnpc github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME= github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= github.com/vbauerster/mpb/v5 v5.3.0/go.mod h1:4yTkvAb8Cm4eylAp6t0JRq6pXDkFJ4krUlDqWYkakAs= +github.com/vbauerster/mpb/v7 v7.3.2/go.mod h1:wfxIZcOJq/bG1/lAtfzMXcOiSvbqVi/5GX5WCSi+IsA= github.com/vdemeester/k8s-pkg-credentialprovider v0.0.0-20200107171650-7c61ffa44238/go.mod h1:JwQJCMWpUDqjZrB5jpw0f5VbN7U95zxFy1ZDpoEarGo= github.com/vdemeester/k8s-pkg-credentialprovider v1.13.12-1/go.mod h1:Fko0rTxEtDW2kju5Ky7yFJNS3IcNvW8IPsp4/e9oev0= github.com/vdemeester/k8s-pkg-credentialprovider v1.18.1-0.20201019120933-f1d16962a4db/go.mod h1:grWy0bkr1XO6hqbaaCKaPXqkBVlMGHYG6PGykktwbJc= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= +github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= +github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= @@ -1660,12 +1763,15 @@ github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59b github.com/weaveworks/mesh v0.0.0-20191105120815-58dbcc3e8e63/go.mod h1:RZebXKv56dax5zXcLIJZm1Awk28sx0XODXF94Z8WssY= github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70= github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= +github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= +github.com/xanzy/ssh-agent v0.3.1 h1:AmzO1SSWxw73zxFZPRwaMN1MohDw8UyHnmuxyceTEGo= +github.com/xanzy/ssh-agent v0.3.1/go.mod h1:QIE4lCeL7nkC25x+yA3LBIYfwCc1TFziCtG7cBAac6w= github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c/go.mod h1:lB8K/P019DLNhemzwFU4jHLhdvlE6uDZjXFejJXr49I= github.com/xdg/stringprep v1.0.0/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190809123943-df4f5c81cb3b/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= github.com/xeipuuv/gojsonschema v1.1.0/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= @@ -1681,6 +1787,7 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= @@ -1721,16 +1828,25 @@ go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0/go.mod h1:vEhqr0m4eTc+DWxfsXoXue2GBgV2uUwVznkGIHW/e5w= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= +go.opentelemetry.io/otel v1.3.0/go.mod h1:PWIKzi6JCp7sM0k9yZ43VX+T345uNbAkDKwHVjb2PTs= go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.3.0/go.mod h1:VpP4/RMn8bv8gNo9uK7/IMY4mtWLELsS+JIP0inH0h4= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.3.0/go.mod h1:hO1KLR7jcKaDDKDkvI9dP/FIhpmna5lkqPUQdEjFAM8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.3.0/go.mod h1:keUU7UfnwWTWpJ+FWnyqmogPa82nuU5VUANFq49hlMY= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.3.0/go.mod h1:QNX1aly8ehqqX1LEa6YniTU7VY9I6R3X/oPxhGdTceE= go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= +go.opentelemetry.io/otel/sdk v1.3.0/go.mod h1:rIo4suHNhQwBIPg9axF8V9CA72Wz2mKF1teNrup8yzs= go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= +go.opentelemetry.io/otel/trace v1.3.0/go.mod h1:c/VDhno8888bvQYmbYLqe41/Ldmr/KKunbvWM4/fEjk= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +go.opentelemetry.io/proto/otlp v0.11.0/go.mod h1:QpEjXPrNQzrFDZgoTo49dgHR9RYRSrg3NAKnUGl9YpQ= go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5/go.mod h1:nmDLcffg48OtT/PSW0Hg7FvpRQsQh5OSqIylirxKC7o= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= @@ -1749,12 +1865,11 @@ go.uber.org/multierr v1.4.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+ go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= -go.uber.org/zap v1.8.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM= go.uber.org/zap v1.14.1/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= -go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= +go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= gocloud.dev v0.19.0/go.mod h1:SmKwiR8YwIMMJvQBKLsC3fHNyMwXLw3PMDO+VVteJMI= @@ -1798,10 +1913,10 @@ golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= @@ -1843,7 +1958,6 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.3.1-0.20200828183125-ce943fd02449/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -1910,9 +2024,9 @@ golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210224082022-3d97a244fca7/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= +golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= @@ -1925,11 +2039,16 @@ golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210929193557-e81a3d93ecf6/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211111160137-58aab5ef257a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd h1:O7DYs+zxREGLKzKoMQrtrEacpb0ZVXA5rIwylE2Xchk= +golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220107192237-5cfca573fb4d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1948,7 +2067,6 @@ golang.org/x/oauth2 v0.0.0-20210427180440-81ed05c6b58c/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210810183815-faf39c7919d5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= @@ -2069,7 +2187,6 @@ golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -2081,6 +2198,7 @@ golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210503080704-8803ae5d1324/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -2090,19 +2208,28 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210903071746-97244b99971b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211001092434-39dca1131b70/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211029165221-6e7872819dc8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9 h1:nhht2DYV/Sn3qOayu8lM+cU1ii9sTLUeBQwQQfUHtrs= +golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -2125,7 +2252,6 @@ golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs= @@ -2182,7 +2308,6 @@ golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200102140908-9497f49d5709/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= @@ -2239,6 +2364,7 @@ golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.6-0.20210820212750-d4cc65f0b2ff/go.mod h1:YD9qOF0M9xpSpdWTBbzEl5e/RnCefISl8E5Noe10jFM= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2288,13 +2414,13 @@ google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59t google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= -google.golang.org/api v0.53.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU= google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= +google.golang.org/api v0.62.0/go.mod h1:dKmwPCydfsad4qCH08MSdgWjfHOyfpd4VtDGgRFdavw= google.golang.org/api v0.63.0 h1:n2bqqK895ygnBpdPDYetfy23K7fJ22wsrZKCyfuRkkA= google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= @@ -2388,14 +2514,18 @@ google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEc google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211005153810-c76a74d43a8e/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211008145708-270636b82663/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211028162531-8db9c33dc351/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211111162719-482062a4217b/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211203200212-54befc351ae9/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa h1:I0YcKz0I7OAhddo7ya8kMnvprhcWM045PmkBdMO9zN0= google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8 h1:U9V52f6rAgINH7kT+musA1qF8kWyVOxzF8eYuOVuFwQ= +google.golang.org/genproto v0.0.0-20220304144024-325a89244dc8/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= @@ -2437,8 +2567,9 @@ google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9K google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM= google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg= +google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -2526,8 +2657,7 @@ gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= helm.sh/helm/v3 v3.1.1/go.mod h1:WYsFJuMASa/4XUqLyv54s0U/f3mlAaRErGmyy4z921g= -helm.sh/helm/v3 v3.7.0/go.mod h1:DajHtQTe8KrjNmvy5gxWkosFKaADrS3uRS5EkDtsmI4= -helm.sh/helm/v3 v3.7.1/go.mod h1:3eOeBD3Z+O/ELiuu19zynZSN8jP1ErXLuyP21SZeMq8= +helm.sh/helm/v3 v3.8.1/go.mod h1:Nm0Z2ciZFFvR9cRKpiRE2SMhJTgqY0b+ezT2cDcyqNw= honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -2550,8 +2680,10 @@ k8s.io/cloud-provider v0.22.2/go.mod h1:HUvZkUkV6dIKgWJQgGvnFhOeEHT87ZP39ij4K0fg k8s.io/code-generator v0.17.1/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= k8s.io/code-generator v0.17.2/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= k8s.io/code-generator v0.17.3/go.mod h1:l8BLVwASXQZTo2xamW5mQNFCe1XPiAesVq7Y1t7PiQQ= -k8s.io/code-generator v0.21.0/go.mod h1:hUlps5+9QaTrKx+jiM4rmq7YmH8wPOIko64uZCHDh6Q= +k8s.io/code-generator v0.19.7/go.mod h1:lwEq3YnLYb/7uVXLorOJfxg+cUu2oihFhHZ0n9NIla0= +k8s.io/code-generator v0.22.0/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o= k8s.io/code-generator v0.22.2/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o= +k8s.io/code-generator v0.23.4/go.mod h1:S0Q1JVA+kSzTI1oUvbKAxZY/DYbA/ZUb4Uknog12ETk= k8s.io/component-base v0.22.2/go.mod h1:5Br2QhI9OTe79p+TzPe9JKNQYvEKbq9rTJDWllunGug= k8s.io/component-helpers v0.22.2/go.mod h1:+N61JAR9aKYSWbnLA88YcFr9K/6ISYvRNybX7QW7Rs8= k8s.io/controller-manager v0.22.2/go.mod h1:zeDUbCc66IcMZ81U8qC5Z5pm9A8QkqD7839H8t7//yY= @@ -2561,6 +2693,8 @@ k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8 k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20191108084044-e500ee069b5c/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20201203183100-97869a43a9d9/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= @@ -2573,15 +2707,14 @@ k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.8.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= +k8s.io/klog/v2 v2.10.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/klog/v2 v2.30.0 h1:bUO6drIvCIsvZ/XFgfxoGFQU/a4Qkh0iAlvUR7vlHJw= k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-aggregator v0.22.2/go.mod h1:hsd0LEmVQSvMc0UzAwmcm/Gk3HzLp50mq/o6cu1ky2A= k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= -k8s.io/kube-openapi v0.0.0-20210305001622-591a79e4bda7/go.mod h1:wXW5VT87nVfh/iLV8FpR2uDvrFyomxbtb1KivDbvPTE= +k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= -k8s.io/kube-openapi v0.0.0-20210527164424-3c818078ee3d/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= k8s.io/kubectl v0.22.2/go.mod h1:BApg2j0edxLArCOfO0ievI27EeTQqBDMNU9VQH734iQ= k8s.io/kubelet v0.22.2/go.mod h1:ORIRua2/wTcx5UnEvxWosu650/8fatmzbMRC7m6WjAM= @@ -2601,9 +2734,10 @@ k8s.io/utils v0.0.0-20200229041039-0a110f9eb7ab/go.mod h1:sZAwmy6armz5eXlNoLmJcl k8s.io/utils v0.0.0-20200912215256-4140de9c8800/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210111153108-fddb29f9d009/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210305010621-2afb4311ab10/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20210722164352-7f3ee0f31471/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20210820185131-d34e5cb4466e/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211116205334-6203023598ed h1:ck1fRPWPJWsMd8ZRFsWc6mh/zHp5fZ/shhbrgPUxDAE= k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= @@ -2619,7 +2753,7 @@ mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed/go.mod h1:Xkxe497xwlCKkIa mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b/go.mod h1:2odslEg/xrtNQqCYg2/jCoyKnw3vv5biOc3JnIcYfL4= mvdan.cc/unparam v0.0.0-20190720180237-d51796306d8f/go.mod h1:4G1h5nDURzA3bwVMZIVpwbkw+04kSxk3rAtzlimaUJw= mvdan.cc/xurls/v2 v2.0.0/go.mod h1:2/webFPYOXN9jp/lzuj0zuAVlF+9g4KPFJANH1oJhRU= -oras.land/oras-go v0.4.0/go.mod h1:VJcU+VE4rkclUbum5C0O7deEZbBYnsnpbGSACwTjOcg= +oras.land/oras-go v1.1.0/go.mod h1:1A7vR/0KknT2UkJVWh+xMi95I/AhK8ZrxrnUSmXN0bQ= pack.ag/amqp v0.11.0/go.mod h1:4/cbmt4EJXSKlG6LCfWHoqmN0uFdy5i/+YFz+fTfhV4= pack.ag/amqp v0.11.2/go.mod h1:4/cbmt4EJXSKlG6LCfWHoqmN0uFdy5i/+YFz+fTfhV4= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= @@ -2627,17 +2761,17 @@ rsc.io/letsencrypt v0.0.3/go.mod h1:buyQKZ6IXrRnB7TdkHP0RyEybLx18HHyOSoTyoOLqNY= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27/go.mod h1:tq2nT0Kx7W+/f2JVE+zxYtUhdjuELJkVpNz+x/QN5R4= sigs.k8s.io/boskos v0.0.0-20200526191642-45fc818e2d00/go.mod h1:L1ubP7d1CCMSQSjKiZv6dGbh7b4kfoG+dFPj8cfYDnI= sigs.k8s.io/boskos v0.0.0-20200710214748-f5935686c7fc h1:O/XIKGebDWPSGEkC7eCeoacAEeJjoqLMFxlq5BuS5tI= sigs.k8s.io/boskos v0.0.0-20200710214748-f5935686c7fc/go.mod h1:ZO5RV+VxJS9mb6DvZ1yAjywoyq/wQ8b0vDoZxcIA5kE= sigs.k8s.io/controller-runtime v0.5.0/go.mod h1:REiJzC7Y00U+2YkMbT8wxgrsX5USpXKGhb2sCtAXiT8= sigs.k8s.io/controller-runtime v0.5.4/go.mod h1:JZUwSMVbxDupo0lTJSSFP5pimEyxGynROImSsqIOx1A= -sigs.k8s.io/controller-runtime v0.8.3/go.mod h1:U/l+DUopBc1ecfRZ5aviA9JDmGFQKvLf5YkZNx2e0sU= -sigs.k8s.io/controller-runtime v0.10.1/go.mod h1:CQp8eyUQZ/Q7PJvnIrB6/hgfTC1kBkGylwsLgOQi1WY= -sigs.k8s.io/controller-runtime v0.11.0/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA= -sigs.k8s.io/controller-tools v0.5.0/go.mod h1:JTsstrMpxs+9BUj6eGuAaEb6SDSPTeVtUyp0jmnAM/I= +sigs.k8s.io/controller-runtime v0.9.6/go.mod h1:q6PpkM5vqQubEKUKOM6qr06oXGzOBcCby1DA9FbyZeA= +sigs.k8s.io/controller-runtime v0.11.1/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA= +sigs.k8s.io/controller-tools v0.6.2/go.mod h1:oaeGpjXn6+ZSEIQkUe/+3I40PNiDYp9aeawbt3xTgJ8= sigs.k8s.io/controller-tools v0.7.0/go.mod h1:bpBAo0VcSDDLuWt47evLhMLPxRPxMDInTEH/YbdeMK0= -sigs.k8s.io/gateway-api v0.3.0/go.mod h1:Wb8bx7QhGVZxOSEU3i9vw/JqTB5Nlai9MLMYVZeDmRQ= +sigs.k8s.io/gateway-api v0.4.1/go.mod h1:r3eiNP+0el+NTLwaTfOrCNXy8TukC+dIM3ggc+fbNWk= sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= sigs.k8s.io/kubetest2 v0.0.0-20220224035534-5e5d3e9eebc6 h1:OlOThE5LCL799Dr5TTV76XA+dIbdr4WTi5pnVsOf/+c= sigs.k8s.io/kubetest2 v0.0.0-20220224035534-5e5d3e9eebc6/go.mod h1:99HO7HbhRZ1kJ7j9Ell5bdsYISpkYvyllTK9Y58ysdM= @@ -2650,8 +2784,8 @@ sigs.k8s.io/kustomize/kyaml v0.13.0/go.mod h1:FTJxEZ86ScK184NpGSAQcfEqee0nul8oLC sigs.k8s.io/mdtoc v1.0.1/go.mod h1:COYBtOjsaCg7o7SC4eaLwEXPuVRSuiVuLLRrHd7kShw= sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e h1:4Z09Hglb792X0kfOBBJUPFEyvVfQWrYT/l8h5EKA6JQ= sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= +sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.1.0/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.0/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= diff --git a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go b/vendor/github.com/Azure/azure-sdk-for-go/version/version.go index b4ee25278c..757681af33 100644 --- a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go +++ b/vendor/github.com/Azure/azure-sdk-for-go/version/version.go @@ -4,4 +4,4 @@ package version // Licensed under the MIT License. See License.txt in the project root for license information. // Number contains the semantic version of this SDK. -const Number = "v56.2.0" +const Number = "v56.3.0" diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/BUILD.bazel b/vendor/github.com/Azure/go-autorest/autorest/adal/BUILD.bazel index 2d581a1d14..a544029f0a 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/BUILD.bazel +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/BUILD.bazel @@ -19,7 +19,7 @@ go_library( "//vendor/github.com/Azure/go-autorest/autorest/date:go_default_library", "//vendor/github.com/Azure/go-autorest/logger:go_default_library", "//vendor/github.com/Azure/go-autorest/tracing:go_default_library", - "//vendor/github.com/form3tech-oss/jwt-go:go_default_library", + "//vendor/github.com/golang-jwt/jwt/v4:go_default_library", "//vendor/golang.org/x/crypto/pkcs12:go_default_library", ], ) diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go index 7551b79235..647a61bb8c 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go @@ -1,3 +1,4 @@ +//go:build modhack // +build modhack package adal diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go index 1d0241f8e4..20767178c4 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go @@ -37,7 +37,7 @@ import ( "github.com/Azure/go-autorest/autorest/date" "github.com/Azure/go-autorest/logger" - "github.com/form3tech-oss/jwt-go" + "github.com/golang-jwt/jwt/v4" ) const ( diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go index 953f755028..aa5ea47d9b 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go @@ -1,3 +1,4 @@ +//go:build go1.13 // +build go1.13 // Copyright 2017 Microsoft Corporation diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go index 729bfbd0ab..6a4690a25b 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go +++ b/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go @@ -1,3 +1,4 @@ +//go:build !go1.13 // +build !go1.13 // Copyright 2017 Microsoft Corporation diff --git a/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go index da65e1041e..792f82d4b6 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go +++ b/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go @@ -1,3 +1,4 @@ +//go:build modhack // +build modhack package autorest diff --git a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.7.go b/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.7.go index 7143cc61b5..4c87030e81 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.7.go +++ b/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.7.go @@ -1,3 +1,4 @@ +//go:build !go1.8 // +build !go1.8 // Copyright 2017 Microsoft Corporation diff --git a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.8.go b/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.8.go index ae15c6bf96..05847c08ba 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.8.go +++ b/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.8.go @@ -1,3 +1,4 @@ +//go:build go1.8 // +build go1.8 // Copyright 2017 Microsoft Corporation diff --git a/vendor/github.com/Azure/go-autorest/autorest/sender.go b/vendor/github.com/Azure/go-autorest/autorest/sender.go index 6818bd1859..7a495f732a 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/sender.go +++ b/vendor/github.com/Azure/go-autorest/autorest/sender.go @@ -272,6 +272,7 @@ func DoRetryForAttempts(attempts int, backoff time.Duration) SendDecorator { if err == nil { return resp, err } + logger.Instance.Writef(logger.LogError, "DoRetryForAttempts: received error for attempt %d: %v\n", attempt+1, err) if !DelayForBackoff(backoff, attempt, r.Context().Done()) { return nil, r.Context().Err() } @@ -326,6 +327,9 @@ func doRetryForStatusCodesImpl(s Sender, r *http.Request, count429 bool, attempt if err == nil && !ResponseHasStatusCode(resp, codes...) || IsTokenRefreshError(err) { return resp, err } + if err != nil { + logger.Instance.Writef(logger.LogError, "DoRetryForStatusCodes: received error for attempt %d: %v\n", attempt+1, err) + } delayed := DelayWithRetryAfter(resp, r.Context().Done()) // if this was a 429 set the delay cap as specified. // applicable only in the absence of a retry-after header. @@ -392,6 +396,7 @@ func DoRetryForDuration(d time.Duration, backoff time.Duration) SendDecorator { if err == nil { return resp, err } + logger.Instance.Writef(logger.LogError, "DoRetryForDuration: received error for attempt %d: %v\n", attempt+1, err) if !DelayForBackoff(backoff, attempt, r.Context().Done()) { return nil, r.Context().Err() } diff --git a/vendor/github.com/Azure/go-autorest/autorest/utility_1.13.go b/vendor/github.com/Azure/go-autorest/autorest/utility_1.13.go index 4cb5e6849f..3133fcc08e 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/utility_1.13.go +++ b/vendor/github.com/Azure/go-autorest/autorest/utility_1.13.go @@ -1,3 +1,4 @@ +//go:build go1.13 // +build go1.13 // Copyright 2017 Microsoft Corporation diff --git a/vendor/github.com/Azure/go-autorest/autorest/utility_legacy.go b/vendor/github.com/Azure/go-autorest/autorest/utility_legacy.go index ebb51b4f53..851e152db4 100644 --- a/vendor/github.com/Azure/go-autorest/autorest/utility_legacy.go +++ b/vendor/github.com/Azure/go-autorest/autorest/utility_legacy.go @@ -1,3 +1,4 @@ +//go:build !go1.13 // +build !go1.13 // Copyright 2017 Microsoft Corporation diff --git a/vendor/github.com/jetstack/cert-manager/LICENSE b/vendor/github.com/cert-manager/cert-manager/LICENSE similarity index 100% rename from vendor/github.com/jetstack/cert-manager/LICENSE rename to vendor/github.com/cert-manager/cert-manager/LICENSE diff --git a/vendor/github.com/jetstack/cert-manager/LICENSES b/vendor/github.com/cert-manager/cert-manager/LICENSES similarity index 99% rename from vendor/github.com/jetstack/cert-manager/LICENSES rename to vendor/github.com/cert-manager/cert-manager/LICENSES index 2b794be577..9b5291637c 100644 --- a/vendor/github.com/jetstack/cert-manager/LICENSES +++ b/vendor/github.com/cert-manager/cert-manager/LICENSES @@ -2926,205 +2926,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ================================================================================ -================================================================================ -= vendor/github.com/containerd/continuity licensed under: = - - - Apache License - Version 2.0, January 2004 - https://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright The containerd Authors - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -= vendor/github.com/containerd/continuity/LICENSE 1269f40c0d099c21a871163984590d89 -================================================================================ - - ================================================================================ = vendor/github.com/coreos/go-semver licensed under: = @@ -4304,7 +4105,7 @@ Apache License END OF TERMS AND CONDITIONS - Copyright 2013-2017 Docker, Inc. + Copyright 2013-2018 Docker, Inc. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -4318,7 +4119,7 @@ Apache License See the License for the specific language governing permissions and limitations under the License. -= vendor/github.com/docker/docker/LICENSE 9740d093a080530b5c5c6573df9af45a += vendor/github.com/docker/docker/LICENSE 4859e97a9c7780e77972d989f0823f28 ================================================================================ @@ -5121,22 +4922,6 @@ Copyright (c) 2016 Felix Geisendörfer (felix@debuggable.com) ================================================================================ -================================================================================ -= vendor/github.com/form3tech-oss/jwt-go licensed under: = - -Copyright (c) 2012 Dave Grijalva - -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - - -= vendor/github.com/form3tech-oss/jwt-go/LICENSE 276f2f3ba3749d25f6a6f5fb852d462e -================================================================================ - - ================================================================================ = vendor/github.com/fsnotify/fsnotify licensed under: = @@ -6154,6 +5939,23 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ================================================================================ +================================================================================ += vendor/github.com/golang-jwt/jwt/v4 licensed under: = + +Copyright (c) 2012 Dave Grijalva +Copyright (c) 2021 golang-jwt maintainers + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + + += vendor/github.com/golang-jwt/jwt/v4/LICENSE a21b708d8b320c68979c44ac9dba9b0d +================================================================================ + + ================================================================================ = vendor/github.com/golang/groupcache licensed under: = @@ -12317,36 +12119,6 @@ SOFTWARE. ================================================================================ -================================================================================ -= vendor/github.com/Microsoft/go-winio licensed under: = - -The MIT License (MIT) - -Copyright (c) 2015 Microsoft - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - - -= vendor/github.com/Microsoft/go-winio/LICENSE 69205ff73858f2c22b2ca135b557e8ef -================================================================================ - - ================================================================================ = vendor/github.com/miekg/dns licensed under: = @@ -13584,6 +13356,35 @@ SOFTWARE. ================================================================================ +================================================================================ += vendor/github.com/morikuni/aec licensed under: = + +The MIT License (MIT) + +Copyright (c) 2016 Taihei Morikuni + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + += vendor/github.com/morikuni/aec/LICENSE 86852eb2df591157c788f3ba889c8aec +================================================================================ + + ================================================================================ = vendor/github.com/munnerz/crd-schema-fuzz licensed under: = @@ -13832,40 +13633,6 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ================================================================================ -================================================================================ -= vendor/github.com/Nvveen/Gotty licensed under: = - -Copyright (c) 2012, Neal van Veen (nealvanveen@gmail.com) -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -1. Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -The views and conclusions contained in the software and documentation are those -of the authors and should not be interpreted as representing official policies, -either expressed or implied, of the FreeBSD Project. - -= vendor/github.com/Nvveen/Gotty/LICENSE ab11220c6af5f3758ccae7bf525f8dec -================================================================================ - - ================================================================================ = vendor/github.com/nxadm/tail licensed under: = @@ -14559,205 +14326,6 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================================================ -================================================================================ -= vendor/github.com/opencontainers/runc licensed under: = - - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2014 Docker, Inc. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - -= vendor/github.com/opencontainers/runc/LICENSE 435b266b3899aa8a959f17d41c56def8 -================================================================================ - - ================================================================================ = vendor/github.com/patrickmn/go-cache licensed under: = @@ -16001,6 +15569,64 @@ SOFTWARE. ================================================================================ +================================================================================ += vendor/github.com/segmentio/asm licensed under: = + +MIT License + +Copyright (c) 2021 Segment + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + += vendor/github.com/segmentio/asm/LICENSE ca1c7e031ab736c26f94ee4439ab227f +================================================================================ + + +================================================================================ += vendor/github.com/segmentio/encoding licensed under: = + +MIT License + +Copyright (c) 2019 Segment.io, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + += vendor/github.com/segmentio/encoding/LICENSE 6f71e571802c25d02519c1deef1785d8 +================================================================================ + + ================================================================================ = vendor/github.com/sergi/go-diff licensed under: = @@ -25782,30 +25408,209 @@ third-party archives. ================================================================================ = vendor/oras.land/oras-go licensed under: = - MIT License + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ - Copyright (c) Microsoft Corporation. All rights reserved. + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - Permission is hereby granted, free of charge, to any person obtaining a copy - of this software and associated documentation files (the "Software"), to deal - in the Software without restriction, including without limitation the rights - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - copies of the Software, and to permit persons to whom the Software is - furnished to do so, subject to the following conditions: + 1. Definitions. - The above copyright notice and this permission notice shall be included in all - copies or substantial portions of the Software. + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - SOFTWARE. + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. -= vendor/oras.land/oras-go/LICENSE 89786dd3e4c7f38d2a0244f574839070 + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2021 ORAS Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + += vendor/oras.land/oras-go/LICENSE 019fcb726ce54798fc2e56a02520dae8 ================================================================================ @@ -26645,6 +26450,252 @@ third-party archives. ================================================================================ +================================================================================ += vendor/sigs.k8s.io/json licensed under: = + +Files other than internal/golang/* licensed under: + + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + +------------------ + +internal/golang/* files licensed under: + + +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + += vendor/sigs.k8s.io/json/LICENSE 545d3f23616dee7495323aeb0b098df3 +================================================================================ + + ================================================================================ = vendor/sigs.k8s.io/kustomize/api licensed under: = diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/BUILD.bazel similarity index 50% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/BUILD.bazel index 94a716886a..8706cb84a1 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/BUILD.bazel @@ -3,7 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["doc.go"], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/acme", - importpath = "github.com/jetstack/cert-manager/pkg/apis/acme", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme", + importpath = "github.com/cert-manager/cert-manager/pkg/apis/acme", visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/BUILD.bazel similarity index 64% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/BUILD.bazel index 2248e17d9a..f28f8ba70d 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/BUILD.bazel @@ -12,16 +12,17 @@ go_library( "types_order.go", "zz_generated.deepcopy.go", ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3", - importpath = "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1", + importpath = "github.com/cert-manager/cert-manager/pkg/apis/acme/v1", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/acme:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/api/core/v1:go_default_library", "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/sigs.k8s.io/gateway-api/apis/v1alpha2:go_default_library", ], ) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/const.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/const.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/const.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/const.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/doc.go similarity index 84% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/doc.go index 81ca0a3628..92b6583d62 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/doc.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/doc.go @@ -16,8 +16,5 @@ limitations under the License. // Package v1 is the v1 version of the API. // +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/acme -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta // +groupName=acme.cert-manager.io package v1 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/register.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/register.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/register.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/register.go index 0acb819e36..e36ef7cf21 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/register.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/register.go @@ -21,7 +21,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - "github.com/jetstack/cert-manager/pkg/apis/acme" + "github.com/cert-manager/cert-manager/pkg/apis/acme" ) // SchemeGroupVersion is group version used to register these objects diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types.go similarity index 90% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types.go index 13467b2b3a..edfc16f1e6 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types.go @@ -17,6 +17,7 @@ limitations under the License. package v1 const ( + // ACMECertificateHTTP01IngressNameOverride is annotation to override ingress name. // If this annotation is specified on a Certificate or Order resource when // using the HTTP01 solver type, the ingress.name field of the HTTP01 // solver's configuration will be set to the value given here. @@ -24,6 +25,7 @@ const ( // a 1:1 mapping between endpoint IP and Ingress resource. ACMECertificateHTTP01IngressNameOverride = "acme.cert-manager.io/http01-override-ingress-name" + // ACMECertificateHTTP01IngressClassOverride is annotation to override ingress class. // If this annotation is specified on a Certificate or Order resource when // using the HTTP01 solver type, the ingress.class field of the HTTP01 // solver's configuration will be set to the value given here. @@ -32,7 +34,7 @@ const ( // solver for each ingress class. ACMECertificateHTTP01IngressClassOverride = "acme.cert-manager.io/http01-override-ingress-class" - // IngressEditInPlaceAnnotation is used to toggle the use of ingressClass instead + // IngressEditInPlaceAnnotationKey is used to toggle the use of ingressClass instead // of ingress on the created Certificate resource IngressEditInPlaceAnnotationKey = "acme.cert-manager.io/http01-edit-in-place" diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_challenge.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_challenge.go similarity index 98% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_challenge.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_challenge.go index 6cd396e63e..cfc4f24142 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_challenge.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_challenge.go @@ -19,7 +19,7 @@ package v1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" ) // +genclient diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_issuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_issuer.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_issuer.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_issuer.go index b9fb5f89d1..56c28f6b45 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_issuer.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_issuer.go @@ -19,8 +19,9 @@ package v1 import ( corev1 "k8s.io/api/core/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + gwapi "sigs.k8s.io/gateway-api/apis/v1alpha2" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" ) // ACMEIssuer contains the specification for an ACME issuer. @@ -160,7 +161,7 @@ type ACMEChallengeSolver struct { DNS01 *ACMEChallengeSolverDNS01 `json:"dns01,omitempty"` } -// CertificateDomainSelector selects certificates using a label selector, and +// CertificateDNSNameSelector selects certificates using a label selector, and // can optionally select individual DNS names within those certificates. // If both MatchLabels and DNSNames are empty, this selector will match all // certificates and DNS names within them. @@ -254,10 +255,16 @@ type ACMEChallengeSolverHTTP01GatewayHTTPRoute struct { // +optional ServiceType corev1.ServiceType `json:"serviceType,omitempty"` - // The labels that cert-manager will use when creating the temporary - // HTTPRoute needed for solving the HTTP-01 challenge. These labels - // must match the label selector of at least one Gateway. + // Custom labels that will be applied to HTTPRoutes created by cert-manager + // while solving HTTP-01 challenges. + // +optional Labels map[string]string `json:"labels,omitempty"` + + // When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. + // cert-manager needs to know which parentRefs should be used when creating + // the HTTPRoute. Usually, the parentRef references a Gateway. See: + // https://gateway-api.sigs.k8s.io/v1alpha2/api-types/httproute/#attaching-to-gateways + ParentRefs []gwapi.ParentRef `json:"parentRefs,omitempty"` } type ACMEChallengeSolverHTTP01IngressPodTemplate struct { diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_order.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_order.go similarity index 99% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_order.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_order.go index b589008df7..e9a50a3013 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/types_order.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/types_order.go @@ -19,7 +19,7 @@ package v1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" ) // +genclient diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/zz_generated.deepcopy.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/zz_generated.deepcopy.go similarity index 98% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/zz_generated.deepcopy.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/zz_generated.deepcopy.go index 82e9191f57..bdd020a3ff 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1/zz_generated.deepcopy.go @@ -22,11 +22,12 @@ limitations under the License. package v1 import ( - metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + metav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" corev1 "k8s.io/api/core/v1" apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" + v1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -199,6 +200,13 @@ func (in *ACMEChallengeSolverHTTP01GatewayHTTPRoute) DeepCopyInto(out *ACMEChall (*out)[key] = val } } + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]v1alpha2.ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } return } diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/BUILD.bazel new file mode 100644 index 0000000000..c0af53fc43 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/BUILD.bazel @@ -0,0 +1,9 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["doc.go"], + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager", + importpath = "github.com/cert-manager/cert-manager/pkg/apis/certmanager", + visibility = ["//visibility:public"], +) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/BUILD.bazel similarity index 58% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/BUILD.bazel index 60f106ded8..a96d2f4cf3 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/BUILD.bazel @@ -13,13 +13,13 @@ go_library( "types_issuer.go", "zz_generated.deepcopy.go", ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1", - importpath = "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1", + importpath = "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/const.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/const.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/const.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/const.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/doc.go similarity index 84% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/doc.go index 287802aa60..348211c685 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/doc.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/doc.go @@ -16,9 +16,6 @@ limitations under the License. // Package v1 is the v1 version of the API. // +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/certmanager -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta // +groupName=cert-manager.io // +groupGoName=Certmanager package v1 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/generic_issuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/generic_issuer.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/generic_issuer.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/generic_issuer.go index f87f557de7..d757978fe0 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/generic_issuer.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/generic_issuer.go @@ -20,7 +20,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - cmacme "github.com/jetstack/cert-manager/pkg/apis/acme/v1" + cmacme "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" ) type GenericIssuer interface { diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/register.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/register.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/register.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/register.go index 7c3fb49c5e..fb745dbb64 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/register.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/register.go @@ -21,7 +21,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - "github.com/jetstack/cert-manager/pkg/apis/certmanager" + "github.com/cert-manager/cert-manager/pkg/apis/certmanager" ) // SchemeGroupVersion is group version used to register these objects diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types.go similarity index 92% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types.go index dcff5a37a3..dc3ce3e2a7 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types.go @@ -57,15 +57,15 @@ const ( ) const ( - // issuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. + // IngressIssuerNameAnnotationKey holds the issuerNameAnnotation value which can be + // used to override the issuer specified on the created Certificate resource. IngressIssuerNameAnnotationKey = "cert-manager.io/issuer" - // clusterIssuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. The Certificate will reference the - // specified *ClusterIssuer* instead of normal issuer. + // IngressClusterIssuerNameAnnotationKey holds the clusterIssuerNameAnnotation value which + // can be used to override the issuer specified on the created Certificate resource. The Certificate + // will reference the specified *ClusterIssuer* instead of normal issuer. IngressClusterIssuerNameAnnotationKey = "cert-manager.io/cluster-issuer" - // acmeIssuerHTTP01IngressClassAnnotation can be used to override the http01 ingressClass - // if the challenge type is set to http01 + // IngressACMEIssuerHTTP01IngressClassAnnotationKey holds the acmeIssuerHTTP01IngressClassAnnotation value + // which can be used to override the http01 ingressClass if the challenge type is set to http01 IngressACMEIssuerHTTP01IngressClassAnnotationKey = "acme.cert-manager.io/http01-ingress-class" // IngressClassAnnotationKey picks a specific "class" for the Ingress. The @@ -110,7 +110,7 @@ const ( // as namespace/name. The certificate is expected to have the is-serving-for annotations. WantInjectAnnotation = "cert-manager.io/inject-ca-from" - // WantInjectAPIServerCAAnnotation, if set to "true", will make the cainjector + // WantInjectAPIServerCAAnnotation will - if set to "true" - make the cainjector // inject the CA certificate for the Kubernetes apiserver into the resource. // It discovers the apiserver's CA by inspecting the service account credentials // mounted into the cainjector pod. diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_certificate.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_certificate.go similarity index 83% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_certificate.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_certificate.go index 35860347a3..dcf967bd78 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_certificate.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_certificate.go @@ -19,7 +19,7 @@ package v1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" ) // +genclient @@ -138,10 +138,11 @@ type CertificateSpec struct { // denoted issuer. SecretName string `json:"secretName"` - // SecretTemplate defines annotations and labels to be propagated - // to the Kubernetes Secret when it is created or updated. Once created, - // labels and annotations are not yet removed from the Secret when they are - // removed from the template. See https://github.com/jetstack/cert-manager/issues/4292 + // SecretTemplate defines annotations and labels to be copied to the + // Certificate's Secret. Labels and annotations on the Secret will be changed + // as they appear on the SecretTemplate when added or removed. SecretTemplate + // annotations are added in conjunction with, and cannot overwrite, the base + // set of annotations cert-manager sets on the Certificate's Secret. // +optional SecretTemplate *CertificateSecretTemplate `json:"secretTemplate,omitempty"` @@ -187,6 +188,14 @@ type CertificateSpec struct { // +kubebuilder:validation:ExclusiveMaximum=false // +optional RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty"` // Validated by the validating webhook. + + // AdditionalOutputFormats defines extra output formats of the private key + // and signed certificate chain to be written to this Certificate's target + // Secret. This is an Alpha Feature and is only enabled with the + // `--feature-gates=AdditionalCertificateOutputFormats=true` option on both + // the controller and webhook components. + // +optional + AdditionalOutputFormats []CertificateAdditionalOutputFormat `json:"additionalOutputFormats,omitempty"` } // CertificatePrivateKey contains configuration options for private keys @@ -203,6 +212,7 @@ type CertificatePrivateKey struct { // will be generated whenever a re-issuance occurs. // Default is 'Never' for backward compatibility. // +optional + // +kubebuilder:validation:Enum=Never;Always RotationPolicy PrivateKeyRotationPolicy `json:"rotationPolicy,omitempty"` // The private key cryptography standards (PKCS) encoding for this @@ -230,7 +240,7 @@ type CertificatePrivateKey struct { // If `algorithm` is set to `Ed25519`, Size is ignored. // No other values are allowed. // +optional - Size int `json:"size,omitempty"` // Validated by webhook. Be mindful of adding OpenAPI validation- see https://github.com/jetstack/cert-manager/issues/3644 + Size int `json:"size,omitempty"` // Validated by webhook. Be mindful of adding OpenAPI validation- see https://github.com/cert-manager/cert-manager/issues/3644 } // Denotes how private keys should be generated or sourced when a Certificate @@ -249,6 +259,48 @@ var ( RotationPolicyAlways PrivateKeyRotationPolicy = "Always" ) +// CertificateOutputFormatType specifies which additional output formats should +// be written to the Certificate's target Secret. +// Allowed values are `DER` or `CombinedPEM`. +// When Type is set to `DER` an additional entry `key.der` will be written to +// the Secret, containing the binary format of the private key. +// When Type is set to `CombinedPEM` an additional entry `tls-combined.pem` +// will be written to the Secret, containing the PEM formatted private key and +// signed certificate chain (tls.key + tls.crt concatenated). +// +kubebuilder:validation:Enum=DER;CombinedPEM +type CertificateOutputFormatType string + +const ( + // CertificateOutputFormatDERKey is the name of the data entry in the Secret + // resource used to store the DER formatted private key. + CertificateOutputFormatDERKey string = "key.der" + + // CertificateOutputFormatDER writes the Certificate's private key in DER + // binary format to the `key.der` target Secret Data key. + CertificateOutputFormatDER CertificateOutputFormatType = "DER" + + // CertificateOutputFormatCombinedPEMKey is the name of the data entry in the Secret + // resource used to store the combined PEM (key + signed certificate). + CertificateOutputFormatCombinedPEMKey string = "tls-combined.pem" + + // CertificateOutputFormatCombinedPEM writes the Certificate's signed + // certificate chain and private key, in PEM format, to the + // `tls-combined.pem` target Secret Data key. The value at this key will + // include the private key PEM document, followed by at least one new line + // character, followed by the chain of signed certificate PEM documents + // (` + \n + `). + CertificateOutputFormatCombinedPEM CertificateOutputFormatType = "CombinedPEM" +) + +// CertificateAdditionalOutputFormat defines an additional output format of a +// Certificate resource. These contain supplementary data formats of the signed +// certificate chain and paired private key. +type CertificateAdditionalOutputFormat struct { + // Type is the name of the format type that should be written to the + // Certificate's target Secret. + Type CertificateOutputFormatType `json:"type"` +} + // X509Subject Full X509 name specification type X509Subject struct { // Organizations to be used on the Certificate. @@ -331,6 +383,8 @@ type PKCS12Keystore struct { type CertificateStatus struct { // List of status conditions to indicate the status of certificates. // Known condition types are `Ready` and `Issuing`. + // +listType=map + // +listMapKey=type // +optional Conditions []CertificateCondition `json:"conditions,omitempty"` @@ -383,6 +437,14 @@ type CertificateStatus struct { // not set or False. // +optional NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` + + // The number of continuous failed issuance attempts up till now. This + // field gets removed (if set) on a successful issuance and gets set to + // 1 if unset and an issuance has failed. If an issuance has failed, the + // delay till the next issuance will be calculated using formula + // time.Hour * 2 ^ (failedIssuanceAttempts - 1). + // +optional + FailedIssuanceAttempts *int `json:"failedIssuanceAttempts,omitempty"` } // CertificateCondition contains condition information for an Certificate. diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_certificaterequest.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_certificaterequest.go similarity index 98% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_certificaterequest.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_certificaterequest.go index dd2d2fa921..6c8d857d3e 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_certificaterequest.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_certificaterequest.go @@ -19,7 +19,7 @@ package v1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" ) const ( @@ -132,6 +132,8 @@ type CertificateRequestSpec struct { type CertificateRequestStatus struct { // List of status conditions to indicate the status of a CertificateRequest. // Known condition types are `Ready` and `InvalidRequest`. + // +listType=map + // +listMapKey=type // +optional Conditions []CertificateRequestCondition `json:"conditions,omitempty"` diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_issuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_issuer.go similarity index 98% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_issuer.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_issuer.go index 61d351e529..b4d4c8e09c 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/types_issuer.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/types_issuer.go @@ -19,8 +19,8 @@ package v1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - cmacme "github.com/jetstack/cert-manager/pkg/apis/acme/v1" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + cmacme "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" ) // +genclient @@ -291,6 +291,8 @@ type CAIssuer struct { type IssuerStatus struct { // List of status conditions to indicate the status of a CertificateRequest. // Known condition types are `Ready`. + // +listType=map + // +listMapKey=type // +optional Conditions []IssuerCondition `json:"conditions,omitempty"` diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/zz_generated.deepcopy.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/zz_generated.deepcopy.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/zz_generated.deepcopy.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/zz_generated.deepcopy.go index ba39e08587..2877503395 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1/zz_generated.deepcopy.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1/zz_generated.deepcopy.go @@ -22,8 +22,8 @@ limitations under the License. package v1 import ( - acmev1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" - apismetav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" + acmev1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + apismetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -82,6 +82,22 @@ func (in *Certificate) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateAdditionalOutputFormat) DeepCopyInto(out *CertificateAdditionalOutputFormat) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateAdditionalOutputFormat. +func (in *CertificateAdditionalOutputFormat) DeepCopy() *CertificateAdditionalOutputFormat { + if in == nil { + return nil + } + out := new(CertificateAdditionalOutputFormat) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CertificateCondition) DeepCopyInto(out *CertificateCondition) { *out = *in @@ -446,6 +462,11 @@ func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { *out = new(int32) **out = **in } + if in.AdditionalOutputFormats != nil { + in, out := &in.AdditionalOutputFormats, &out.AdditionalOutputFormats + *out = make([]CertificateAdditionalOutputFormat, len(*in)) + copy(*out, *in) + } return } @@ -495,6 +516,11 @@ func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { *out = new(string) **out = **in } + if in.FailedIssuanceAttempts != nil { + in, out := &in.FailedIssuanceAttempts, &out.FailedIssuanceAttempts + *out = new(int) + **out = **in + } return } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/BUILD.bazel similarity index 50% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/meta/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/BUILD.bazel index b807ffe969..03f4080eb7 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/BUILD.bazel @@ -3,7 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = ["doc.go"], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/meta", - importpath = "github.com/jetstack/cert-manager/pkg/apis/meta", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta", + importpath = "github.com/cert-manager/cert-manager/pkg/apis/meta", visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/meta/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/BUILD.bazel similarity index 62% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/BUILD.bazel index 045fc13e6a..795c9ba07f 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/BUILD.bazel @@ -8,11 +8,11 @@ go_library( "types.go", "zz_generated.deepcopy.go", ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1", - importpath = "github.com/jetstack/cert-manager/pkg/apis/meta/v1", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1", + importpath = "github.com/cert-manager/cert-manager/pkg/apis/meta/v1", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/meta:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", ], diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/doc.go similarity index 85% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/doc.go index ccc29c9dde..9a673685d6 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/doc.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/doc.go @@ -14,10 +14,8 @@ See the License for the specific language governing permissions and limitations under the License. */ -// Package meta contains meta types for cert-manager APIs +// Package v1 contains meta types for cert-manager APIs // +k8s:deepcopy-gen=package -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta // +gencrdrefdocs:force // +groupName=meta.cert-manager.io package v1 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/register.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/register.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/register.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/register.go index 074c53d833..d3c19886e4 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/register.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/register.go @@ -20,7 +20,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta" + cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta" ) // SchemeGroupVersion is group version used to register these objects diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/types.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/types.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/types.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/types.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/zz_generated.deepcopy.go b/vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/zz_generated.deepcopy.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1/zz_generated.deepcopy.go rename to vendor/github.com/cert-manager/cert-manager/pkg/apis/meta/v1/zz_generated.deepcopy.go diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/BUILD.bazel new file mode 100644 index 0000000000..93a65476ab --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/BUILD.bazel @@ -0,0 +1,19 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "clientset.go", + "doc.go", + ], + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned", + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1:go_default_library", + "//vendor/k8s.io/client-go/discovery:go_default_library", + "//vendor/k8s.io/client-go/rest:go_default_library", + "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library", + ], +) diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/clientset.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/clientset.go new file mode 100644 index 0000000000..cde65d3776 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/clientset.go @@ -0,0 +1,130 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + "net/http" + + acmev1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + AcmeV1() acmev1.AcmeV1Interface + CertmanagerV1() certmanagerv1.CertmanagerV1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + acmeV1 *acmev1.AcmeV1Client + certmanagerV1 *certmanagerv1.CertmanagerV1Client +} + +// AcmeV1 retrieves the AcmeV1Client +func (c *Clientset) AcmeV1() acmev1.AcmeV1Interface { + return c.acmeV1 +} + +// CertmanagerV1 retrieves the CertmanagerV1Client +func (c *Clientset) CertmanagerV1() certmanagerv1.CertmanagerV1Interface { + return c.certmanagerV1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + + var cs Clientset + var err error + cs.acmeV1, err = acmev1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + cs.certmanagerV1, err = certmanagerv1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.acmeV1 = acmev1.New(c) + cs.certmanagerV1 = certmanagerv1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/doc.go diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel new file mode 100644 index 0000000000..842643c18d --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel @@ -0,0 +1,31 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "clientset_generated.go", + "doc.go", + "register.go", + ], + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake", + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", + "//vendor/k8s.io/client-go/discovery:go_default_library", + "//vendor/k8s.io/client-go/discovery/fake:go_default_library", + "//vendor/k8s.io/client-go/testing:go_default_library", + ], +) diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 0000000000..ecb72c06d7 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,92 @@ +/* +Copyright The cert-manager Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned" + acmev1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1" + fakeacmev1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + fakecertmanagerv1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) + +// AcmeV1 retrieves the AcmeV1Client +func (c *Clientset) AcmeV1() acmev1.AcmeV1Interface { + return &fakeacmev1.FakeAcmeV1{Fake: &c.Fake} +} + +// CertmanagerV1 retrieves the CertmanagerV1Client +func (c *Clientset) CertmanagerV1() certmanagerv1.CertmanagerV1Interface { + return &fakecertmanagerv1.FakeCertmanagerV1{Fake: &c.Fake} +} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/register.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/register.go similarity index 69% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/register.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/register.go index d7cc64fdd6..57e79bae60 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/register.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake/register.go @@ -19,14 +19,8 @@ limitations under the License. package fake import ( - acmev1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" - acmev1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - acmev1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - acmev1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - certmanagerv1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - certmanagerv1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - certmanagerv1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" + acmev1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -38,13 +32,7 @@ var scheme = runtime.NewScheme() var codecs = serializer.NewCodecFactory(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ - acmev1alpha2.AddToScheme, - acmev1alpha3.AddToScheme, - acmev1beta1.AddToScheme, acmev1.AddToScheme, - certmanagerv1alpha2.AddToScheme, - certmanagerv1alpha3.AddToScheme, - certmanagerv1beta1.AddToScheme, certmanagerv1.AddToScheme, } diff --git a/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel new file mode 100644 index 0000000000..8942963152 --- /dev/null +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel @@ -0,0 +1,21 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "register.go", + ], + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme", + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library", + ], +) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/register.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/register.go similarity index 70% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/register.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/register.go index 094050d6e0..f58ebe3895 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/register.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme/register.go @@ -19,14 +19,8 @@ limitations under the License. package scheme import ( - acmev1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" - acmev1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - acmev1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - acmev1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - certmanagerv1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - certmanagerv1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - certmanagerv1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" + acmev1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -38,13 +32,7 @@ var Scheme = runtime.NewScheme() var Codecs = serializer.NewCodecFactory(Scheme) var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ - acmev1alpha2.AddToScheme, - acmev1alpha3.AddToScheme, - acmev1beta1.AddToScheme, acmev1.AddToScheme, - certmanagerv1alpha2.AddToScheme, - certmanagerv1alpha3.AddToScheme, - certmanagerv1beta1.AddToScheme, certmanagerv1.AddToScheme, } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel similarity index 57% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel index cb678efae9..6ed4733436 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel @@ -9,12 +9,12 @@ go_library( "generated_expansion.go", "order.go", ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1", + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go similarity index 73% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go index 8c97a5835d..ff077b6604 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/acme_client.go @@ -19,8 +19,10 @@ limitations under the License. package v1 import ( - v1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + "net/http" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -44,12 +46,28 @@ func (c *AcmeV1Client) Orders(namespace string) OrderInterface { } // NewForConfig creates a new AcmeV1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*AcmeV1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new AcmeV1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*AcmeV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go index d9472b877a..225f3983fb 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/challenge.go @@ -22,8 +22,8 @@ import ( "context" "time" - v1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/BUILD.bazel similarity index 63% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/BUILD.bazel index c4f6742e98..aa2bd970af 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/BUILD.bazel @@ -8,12 +8,12 @@ go_library( "fake_challenge.go", "fake_order.go", ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake", + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/acme/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_acme_client.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_acme_client.go similarity index 93% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_acme_client.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_acme_client.go index e8ddac8e5b..938de918f8 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_acme_client.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_acme_client.go @@ -19,7 +19,7 @@ limitations under the License. package fake import ( - v1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1" + v1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_challenge.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_challenge.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_challenge.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_challenge.go index b96038f6a4..e551dc742b 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_challenge.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_challenge.go @@ -21,7 +21,7 @@ package fake import ( "context" - acmev1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" + acmev1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -117,7 +117,7 @@ func (c *FakeChallenges) UpdateStatus(ctx context.Context, challenge *acmev1.Cha // Delete takes name of the challenge and deletes it. Returns an error if one occurs. func (c *FakeChallenges) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(challengesResource, c.ns, name), &acmev1.Challenge{}) + Invokes(testing.NewDeleteActionWithOptions(challengesResource, c.ns, name, opts), &acmev1.Challenge{}) return err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_order.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_order.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_order.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_order.go index 5abd2b4196..afad27140a 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_order.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake/fake_order.go @@ -21,7 +21,7 @@ package fake import ( "context" - acmev1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" + acmev1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -117,7 +117,7 @@ func (c *FakeOrders) UpdateStatus(ctx context.Context, order *acmev1.Order, opts // Delete takes name of the order and deletes it. Returns an error if one occurs. func (c *FakeOrders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(ordersResource, c.ns, name), &acmev1.Order{}) + Invokes(testing.NewDeleteActionWithOptions(ordersResource, c.ns, name, opts), &acmev1.Order{}) return err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/generated_expansion.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go index c6047b71ce..35f3f138b2 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/order.go @@ -22,8 +22,8 @@ import ( "context" "time" - v1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + v1 "github.com/cert-manager/cert-manager/pkg/apis/acme/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel similarity index 59% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel index c31e0734b1..8e0eb27c70 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/BUILD.bazel @@ -11,12 +11,12 @@ go_library( "generated_expansion.go", "issuer.go", ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1", + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go index 850255cf74..f7e396186f 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificate.go @@ -22,8 +22,8 @@ import ( "context" "time" - v1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go index 05e11e3a80..99633aad07 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certificaterequest.go @@ -22,8 +22,8 @@ import ( "context" "time" - v1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go similarity index 76% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go index 7b5dd7f9cf..d4c9c38007 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/certmanager_client.go @@ -19,8 +19,10 @@ limitations under the License. package v1 import ( - v1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + "net/http" + + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) @@ -54,12 +56,28 @@ func (c *CertmanagerV1Client) Issuers(namespace string) IssuerInterface { } // NewForConfig creates a new CertmanagerV1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). func NewForConfig(c *rest.Config) (*CertmanagerV1Client, error) { config := *c if err := setConfigDefaults(&config); err != nil { return nil, err } - client, err := rest.RESTClientFor(&config) + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new CertmanagerV1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*CertmanagerV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) if err != nil { return nil, err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go index d1e2fed990..3e8c33984a 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/clusterissuer.go @@ -22,8 +22,8 @@ import ( "context" "time" - v1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/BUILD.bazel b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/BUILD.bazel similarity index 64% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/BUILD.bazel rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/BUILD.bazel index b7bafdef74..41f0ee8b83 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/BUILD.bazel +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/BUILD.bazel @@ -10,12 +10,12 @@ go_library( "fake_clusterissuer.go", "fake_issuer.go", ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake", + importmap = "k8s.io/kops/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake", + importpath = "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake", visibility = ["//visibility:public"], deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1:go_default_library", + "//vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/doc.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/doc.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/doc.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/doc.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificate.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificate.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificate.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificate.go index 9c934aad33..0496f05621 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificate.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificate.go @@ -21,7 +21,7 @@ package fake import ( "context" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -117,7 +117,7 @@ func (c *FakeCertificates) UpdateStatus(ctx context.Context, certificate *certma // Delete takes name of the certificate and deletes it. Returns an error if one occurs. func (c *FakeCertificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificatesResource, c.ns, name), &certmanagerv1.Certificate{}) + Invokes(testing.NewDeleteActionWithOptions(certificatesResource, c.ns, name, opts), &certmanagerv1.Certificate{}) return err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificaterequest.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificaterequest.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificaterequest.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificaterequest.go index 095861f171..b2a3169f67 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificaterequest.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certificaterequest.go @@ -21,7 +21,7 @@ package fake import ( "context" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -117,7 +117,7 @@ func (c *FakeCertificateRequests) UpdateStatus(ctx context.Context, certificateR // Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. func (c *FakeCertificateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificaterequestsResource, c.ns, name), &certmanagerv1.CertificateRequest{}) + Invokes(testing.NewDeleteActionWithOptions(certificaterequestsResource, c.ns, name, opts), &certmanagerv1.CertificateRequest{}) return err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certmanager_client.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certmanager_client.go similarity index 93% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certmanager_client.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certmanager_client.go index 9299a959f9..b56ece834a 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certmanager_client.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_certmanager_client.go @@ -19,7 +19,7 @@ limitations under the License. package fake import ( - v1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" + v1 "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_clusterissuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_clusterissuer.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_clusterissuer.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_clusterissuer.go index 5a3f84c4ee..ef68542470 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_clusterissuer.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_clusterissuer.go @@ -21,7 +21,7 @@ package fake import ( "context" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -110,7 +110,7 @@ func (c *FakeClusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *ce // Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. func (c *FakeClusterIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(clusterissuersResource, name), &certmanagerv1.ClusterIssuer{}) + Invokes(testing.NewRootDeleteActionWithOptions(clusterissuersResource, name, opts), &certmanagerv1.ClusterIssuer{}) return err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_issuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_issuer.go similarity index 96% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_issuer.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_issuer.go index 04cc913375..42f24b4f3e 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_issuer.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/fake_issuer.go @@ -21,7 +21,7 @@ package fake import ( "context" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -117,7 +117,7 @@ func (c *FakeIssuers) UpdateStatus(ctx context.Context, issuer *certmanagerv1.Is // Delete takes name of the issuer and deletes it. Returns an error if one occurs. func (c *FakeIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { _, err := c.Fake. - Invokes(testing.NewDeleteAction(issuersResource, c.ns, name), &certmanagerv1.Issuer{}) + Invokes(testing.NewDeleteActionWithOptions(issuersResource, c.ns, name, opts), &certmanagerv1.Issuer{}) return err } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go similarity index 100% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/generated_expansion.go diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go similarity index 97% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go rename to vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go index a1051e78c3..2baeb107b6 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go +++ b/vendor/github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/issuer.go @@ -22,8 +22,8 @@ import ( "context" "time" - v1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" + v1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + scheme "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/vendor/github.com/containerd/containerd/images/image.go b/vendor/github.com/containerd/containerd/images/image.go index 27384c16dd..2e5cd61c9a 100644 --- a/vendor/github.com/containerd/containerd/images/image.go +++ b/vendor/github.com/containerd/containerd/images/image.go @@ -19,6 +19,7 @@ package images import ( "context" "encoding/json" + "fmt" "sort" "time" @@ -154,6 +155,10 @@ func Manifest(ctx context.Context, provider content.Provider, image ocispec.Desc return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "manifest: invalid desc %s", desc.Digest) + } + var manifest ocispec.Manifest if err := json.Unmarshal(p, &manifest); err != nil { return nil, err @@ -194,6 +199,10 @@ func Manifest(ctx context.Context, provider content.Provider, image ocispec.Desc return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "manifest: invalid desc %s", desc.Digest) + } + var idx ocispec.Index if err := json.Unmarshal(p, &idx); err != nil { return nil, err @@ -336,6 +345,10 @@ func Children(ctx context.Context, provider content.Provider, desc ocispec.Descr return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "children: invalid desc %s", desc.Digest) + } + // TODO(stevvooe): We just assume oci manifest, for now. There may be // subtle differences from the docker version. var manifest ocispec.Manifest @@ -351,6 +364,10 @@ func Children(ctx context.Context, provider content.Provider, desc ocispec.Descr return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "children: invalid desc %s", desc.Digest) + } + var index ocispec.Index if err := json.Unmarshal(p, &index); err != nil { return nil, err @@ -368,6 +385,44 @@ func Children(ctx context.Context, provider content.Provider, desc ocispec.Descr return descs, nil } +// unknownDocument represents a manifest, manifest list, or index that has not +// yet been validated. +type unknownDocument struct { + MediaType string `json:"mediaType,omitempty"` + Config json.RawMessage `json:"config,omitempty"` + Layers json.RawMessage `json:"layers,omitempty"` + Manifests json.RawMessage `json:"manifests,omitempty"` + FSLayers json.RawMessage `json:"fsLayers,omitempty"` // schema 1 +} + +// validateMediaType returns an error if the byte slice is invalid JSON or if +// the media type identifies the blob as one format but it contains elements of +// another format. +func validateMediaType(b []byte, mt string) error { + var doc unknownDocument + if err := json.Unmarshal(b, &doc); err != nil { + return err + } + if len(doc.FSLayers) != 0 { + return fmt.Errorf("media-type: schema 1 not supported") + } + switch mt { + case MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest: + if len(doc.Manifests) != 0 || + doc.MediaType == MediaTypeDockerSchema2ManifestList || + doc.MediaType == ocispec.MediaTypeImageIndex { + return fmt.Errorf("media-type: expected manifest but found index (%s)", mt) + } + case MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex: + if len(doc.Config) != 0 || len(doc.Layers) != 0 || + doc.MediaType == MediaTypeDockerSchema2Manifest || + doc.MediaType == ocispec.MediaTypeImageManifest { + return fmt.Errorf("media-type: expected index but found manifest (%s)", mt) + } + } + return nil +} + // RootFS returns the unpacked diffids that make up and images rootfs. // // These are used to verify that a set of layers unpacked to the expected diff --git a/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go b/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go index 5796fbf4a1..4b2c10e9a3 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go @@ -60,6 +60,10 @@ func (r dockerFetcher) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.R log.G(ctx).WithError(err).Debug("failed to parse") continue } + if u.Scheme != "http" && u.Scheme != "https" { + log.G(ctx).Debug("non-http(s) alternative url is unsupported") + continue + } log.G(ctx).Debug("trying alternative url") // Try this first, parse it diff --git a/vendor/github.com/containerd/containerd/remotes/docker/httpreadseeker.go b/vendor/github.com/containerd/containerd/remotes/docker/httpreadseeker.go index 704eba4278..58c866bcde 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/httpreadseeker.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/httpreadseeker.go @@ -26,12 +26,16 @@ import ( "github.com/pkg/errors" ) +const maxRetry = 3 + type httpReadSeeker struct { size int64 offset int64 rc io.ReadCloser open func(offset int64) (io.ReadCloser, error) closed bool + + errsWithNoProgress int } func newHTTPReadSeeker(size int64, open func(offset int64) (io.ReadCloser, error)) (io.ReadCloser, error) { @@ -53,6 +57,27 @@ func (hrs *httpReadSeeker) Read(p []byte) (n int, err error) { n, err = rd.Read(p) hrs.offset += int64(n) + if n > 0 || err == nil { + hrs.errsWithNoProgress = 0 + } + if err == io.ErrUnexpectedEOF { + // connection closed unexpectedly. try reconnecting. + if n == 0 { + hrs.errsWithNoProgress++ + if hrs.errsWithNoProgress > maxRetry { + return // too many retries for this offset with no progress + } + } + if hrs.rc != nil { + if clsErr := hrs.rc.Close(); clsErr != nil { + log.L.WithError(clsErr).Errorf("httpReadSeeker: failed to close ReadCloser") + } + hrs.rc = nil + } + if _, err2 := hrs.reader(); err2 == nil { + return n, nil + } + } return } diff --git a/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go b/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go index 8314c01d5a..f15a9acf3e 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go @@ -256,6 +256,9 @@ func (c *Converter) fetchManifest(ctx context.Context, desc ocispec.Descriptor) if err := json.Unmarshal(b, &m); err != nil { return err } + if len(m.Manifests) != 0 || len(m.Layers) != 0 { + return errors.New("converter: expected schema1 document but found extra keys") + } c.pulledManifest = &m return nil @@ -472,8 +475,10 @@ type history struct { } type manifest struct { - FSLayers []fsLayer `json:"fsLayers"` - History []history `json:"history"` + FSLayers []fsLayer `json:"fsLayers"` + History []history `json:"history"` + Layers json.RawMessage `json:"layers,omitempty"` // OCI manifest + Manifests json.RawMessage `json:"manifests,omitempty"` // OCI index } type v1History struct { diff --git a/vendor/github.com/containerd/containerd/version/version.go b/vendor/github.com/containerd/containerd/version/version.go index b0d1fd48cf..73857aef8d 100644 --- a/vendor/github.com/containerd/containerd/version/version.go +++ b/vendor/github.com/containerd/containerd/version/version.go @@ -23,7 +23,7 @@ var ( Package = "github.com/containerd/containerd" // Version holds the complete version number. Filled in at linking time. - Version = "1.5.7+unknown" + Version = "1.5.10+unknown" // Revision is filled with the VCS (e.g. git) revision being used to build // the program at linking time. diff --git a/vendor/github.com/docker/distribution/.golangci.yml b/vendor/github.com/docker/distribution/.golangci.yml new file mode 100644 index 0000000000..1ba6cb9162 --- /dev/null +++ b/vendor/github.com/docker/distribution/.golangci.yml @@ -0,0 +1,20 @@ +linters: + enable: + - structcheck + - varcheck + - staticcheck + - unconvert + - gofmt + - goimports + - golint + - ineffassign + - vet + - unused + - misspell + disable: + - errcheck + +run: + deadline: 2m + skip-dirs: + - vendor diff --git a/vendor/github.com/docker/distribution/.gometalinter.json b/vendor/github.com/docker/distribution/.gometalinter.json deleted file mode 100644 index 9df5b14bcb..0000000000 --- a/vendor/github.com/docker/distribution/.gometalinter.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "Vendor": true, - "Deadline": "2m", - "Sort": ["linter", "severity", "path", "line"], - "EnableGC": true, - "Enable": [ - "structcheck", - "staticcheck", - "unconvert", - - "gofmt", - "goimports", - "golint", - "vet" - ] -} diff --git a/vendor/github.com/docker/distribution/.mailmap b/vendor/github.com/docker/distribution/.mailmap index 0f48321d49..8f3738f3d0 100644 --- a/vendor/github.com/docker/distribution/.mailmap +++ b/vendor/github.com/docker/distribution/.mailmap @@ -30,3 +30,20 @@ Helen Xie Helen-xie Mike Brown Mike Brown Manish Tomar Manish Tomar Sakeven Jiang sakeven +Milos Gajdos Milos Gajdos +Derek McGowan Derek McGowa +Adrian Plata Adrian Plata <@users.noreply.github.com> +Sebastiaan van Stijn Sebastiaan van Stijn +Vishesh Jindal Vishesh Jindal +Wang Yan Wang Yan +Chris Patterson Chris Patterson +Eohyung Lee Eohyung Lee +João Pereira <484633+joaodrp@users.noreply.github.com> +Smasherr Smasherr +Thomas Berger Thomas Berger +Samuel Karp Samuel Karp +Justin Cormack +sayboras +CrazyMax +CrazyMax <1951866+crazy-max@users.noreply.github.com> +CrazyMax diff --git a/vendor/github.com/docker/distribution/.travis.yml b/vendor/github.com/docker/distribution/.travis.yml deleted file mode 100644 index 44ced60451..0000000000 --- a/vendor/github.com/docker/distribution/.travis.yml +++ /dev/null @@ -1,51 +0,0 @@ -dist: trusty -sudo: required -# setup travis so that we can run containers for integration tests -services: - - docker - -language: go - -go: - - "1.11.x" - -go_import_path: github.com/docker/distribution - -addons: - apt: - packages: - - python-minimal - - -env: - - TRAVIS_GOOS=linux DOCKER_BUILDTAGS="include_oss include_gcs" TRAVIS_CGO_ENABLED=1 - -before_install: - - uname -r - - sudo apt-get -q update - -install: - - go get -u github.com/vbatts/git-validation - # TODO: Add enforcement of license - # - go get -u github.com/kunalkushwaha/ltag - - cd $TRAVIS_BUILD_DIR - -script: - - export GOOS=$TRAVIS_GOOS - - export CGO_ENABLED=$TRAVIS_CGO_ENABLED - - DCO_VERBOSITY=-q script/validate/dco - - GOOS=linux script/setup/install-dev-tools - - script/validate/vendor - - go build -i . - - make check - - make build - - make binaries - # Currently takes too long - #- if [ "$GOOS" = "linux" ]; then make test-race ; fi - - if [ "$GOOS" = "linux" ]; then make coverage ; fi - -after_success: - - bash <(curl -s https://codecov.io/bash) -F linux - -before_deploy: - # Run tests with storage driver configurations diff --git a/vendor/github.com/docker/distribution/Dockerfile b/vendor/github.com/docker/distribution/Dockerfile index 9537817ca3..ae8c040c73 100644 --- a/vendor/github.com/docker/distribution/Dockerfile +++ b/vendor/github.com/docker/distribution/Dockerfile @@ -1,22 +1,49 @@ -FROM golang:1.11-alpine AS build +# syntax=docker/dockerfile:1.3 -ENV DISTRIBUTION_DIR /go/src/github.com/docker/distribution -ENV BUILDTAGS include_oss include_gcs +ARG GO_VERSION=1.16.15 +ARG GORELEASER_XX_VERSION=1.2.5 -ARG GOOS=linux -ARG GOARCH=amd64 -ARG GOARM=6 +FROM --platform=$BUILDPLATFORM crazymax/goreleaser-xx:${GORELEASER_XX_VERSION} AS goreleaser-xx +FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine AS base +COPY --from=goreleaser-xx / / +RUN apk add --no-cache file git +WORKDIR /go/src/github.com/docker/distribution -RUN set -ex \ - && apk add --no-cache make git file +FROM base AS build +ENV GO111MODULE=auto +ENV CGO_ENABLED=0 +# GIT_REF is used by goreleaser-xx to handle the proper git ref when available. +# It will fallback to the working tree info if empty and use "git tag --points-at" +# or "git describe" to define the version info. +ARG GIT_REF +ARG TARGETPLATFORM +ARG PKG="github.com/distribution/distribution" +ARG BUILDTAGS="include_oss include_gcs" +RUN --mount=type=bind,rw \ + --mount=type=cache,target=/root/.cache/go-build \ + --mount=target=/go/pkg/mod,type=cache \ + goreleaser-xx --debug \ + --name="registry" \ + --dist="/out" \ + --main="./cmd/registry" \ + --flags="-v" \ + --ldflags="-s -w -X '$PKG/version.Version={{.Version}}' -X '$PKG/version.Revision={{.Commit}}' -X '$PKG/version.Package=$PKG'" \ + --tags="$BUILDTAGS" \ + --files="LICENSE" \ + --files="README.md" -WORKDIR $DISTRIBUTION_DIR -COPY . $DISTRIBUTION_DIR -RUN CGO_ENABLED=0 make PREFIX=/go clean binaries && file ./bin/registry | grep "statically linked" +FROM scratch AS artifact +COPY --from=build /out/*.tar.gz / +COPY --from=build /out/*.zip / +COPY --from=build /out/*.sha256 / -FROM alpine +FROM scratch AS binary +COPY --from=build /usr/local/bin/registry* / + +FROM alpine:3.14 +RUN apk add --no-cache ca-certificates COPY cmd/registry/config-dev.yml /etc/docker/registry/config.yml -COPY --from=build /go/src/github.com/docker/distribution/bin/registry /bin/registry +COPY --from=build /usr/local/bin/registry /bin/registry VOLUME ["/var/lib/registry"] EXPOSE 5000 ENTRYPOINT ["registry"] diff --git a/vendor/github.com/docker/distribution/Makefile b/vendor/github.com/docker/distribution/Makefile index 4635c6eca8..331da27328 100644 --- a/vendor/github.com/docker/distribution/Makefile +++ b/vendor/github.com/docker/distribution/Makefile @@ -50,7 +50,7 @@ version/version.go: check: ## run all linters (TODO: enable "unused", "varcheck", "ineffassign", "unconvert", "staticheck", "goimports", "structcheck") @echo "$(WHALE) $@" - gometalinter --config .gometalinter.json ./... + golangci-lint run test: ## run tests, except integration test with test.short @echo "$(WHALE) $@" diff --git a/vendor/github.com/docker/distribution/README.md b/vendor/github.com/docker/distribution/README.md index 998878850c..e513c18e96 100644 --- a/vendor/github.com/docker/distribution/README.md +++ b/vendor/github.com/docker/distribution/README.md @@ -2,7 +2,7 @@ The Docker toolset to pack, ship, store, and deliver content. -This repository's main product is the Docker Registry 2.0 implementation +This repository provides the Docker Registry 2.0 implementation for storing and distributing Docker images. It supersedes the [docker/docker-registry](https://github.com/docker/docker-registry) project with a new API design, focused around security and performance. diff --git a/vendor/github.com/docker/distribution/blobs.go b/vendor/github.com/docker/distribution/blobs.go index c0e9261be9..2a659eaa36 100644 --- a/vendor/github.com/docker/distribution/blobs.go +++ b/vendor/github.com/docker/distribution/blobs.go @@ -10,7 +10,7 @@ import ( "github.com/docker/distribution/reference" "github.com/opencontainers/go-digest" - "github.com/opencontainers/image-spec/specs-go/v1" + v1 "github.com/opencontainers/image-spec/specs-go/v1" ) var ( diff --git a/vendor/github.com/docker/distribution/docker-bake.hcl b/vendor/github.com/docker/distribution/docker-bake.hcl new file mode 100644 index 0000000000..4dd5a100c1 --- /dev/null +++ b/vendor/github.com/docker/distribution/docker-bake.hcl @@ -0,0 +1,65 @@ +// GITHUB_REF is the actual ref that triggers the workflow +// https://docs.github.com/en/actions/learn-github-actions/environment-variables#default-environment-variables +variable "GITHUB_REF" { + default = "" +} + +target "_common" { + args = { + GIT_REF = GITHUB_REF + } +} + +group "default" { + targets = ["image-local"] +} + +// Special target: https://github.com/docker/metadata-action#bake-definition +target "docker-metadata-action" { + tags = ["registry:local"] +} + +target "binary" { + inherits = ["_common"] + target = "binary" + output = ["./bin"] +} + +target "artifact" { + inherits = ["_common"] + target = "artifact" + output = ["./bin"] +} + +target "artifact-all" { + inherits = ["artifact"] + platforms = [ + "linux/amd64", + "linux/arm/v6", + "linux/arm/v7", + "linux/arm64", + "linux/ppc64le", + "linux/s390x" + ] +} + +target "image" { + inherits = ["_common", "docker-metadata-action"] +} + +target "image-local" { + inherits = ["image"] + output = ["type=docker"] +} + +target "image-all" { + inherits = ["image"] + platforms = [ + "linux/amd64", + "linux/arm/v6", + "linux/arm/v7", + "linux/arm64", + "linux/ppc64le", + "linux/s390x" + ] +} diff --git a/vendor/github.com/docker/distribution/manifests.go b/vendor/github.com/docker/distribution/manifests.go index 1816baea1d..8f84a220a9 100644 --- a/vendor/github.com/docker/distribution/manifests.go +++ b/vendor/github.com/docker/distribution/manifests.go @@ -87,7 +87,7 @@ func ManifestMediaTypes() (mediaTypes []string) { // UnmarshalFunc implements manifest unmarshalling a given MediaType type UnmarshalFunc func([]byte) (Manifest, Descriptor, error) -var mappings = make(map[string]UnmarshalFunc, 0) +var mappings = make(map[string]UnmarshalFunc) // UnmarshalManifest looks up manifest unmarshal functions based on // MediaType diff --git a/vendor/github.com/docker/distribution/reference/normalize.go b/vendor/github.com/docker/distribution/reference/normalize.go index 2d71fc5e9f..b3dfb7a6d7 100644 --- a/vendor/github.com/docker/distribution/reference/normalize.go +++ b/vendor/github.com/docker/distribution/reference/normalize.go @@ -56,6 +56,35 @@ func ParseNormalizedNamed(s string) (Named, error) { return named, nil } +// ParseDockerRef normalizes the image reference following the docker convention. This is added +// mainly for backward compatibility. +// The reference returned can only be either tagged or digested. For reference contains both tag +// and digest, the function returns digested reference, e.g. docker.io/library/busybox:latest@ +// sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa will be returned as +// docker.io/library/busybox@sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa. +func ParseDockerRef(ref string) (Named, error) { + named, err := ParseNormalizedNamed(ref) + if err != nil { + return nil, err + } + if _, ok := named.(NamedTagged); ok { + if canonical, ok := named.(Canonical); ok { + // The reference is both tagged and digested, only + // return digested. + newNamed, err := WithName(canonical.Name()) + if err != nil { + return nil, err + } + newCanonical, err := WithDigest(newNamed, canonical.Digest()) + if err != nil { + return nil, err + } + return newCanonical, nil + } + } + return TagNameOnly(named), nil +} + // splitDockerDomain splits a repository name to domain and remotename string. // If no valid domain is found, the default domain is used. Repository name // needs to be already validated before. diff --git a/vendor/github.com/docker/distribution/reference/reference.go b/vendor/github.com/docker/distribution/reference/reference.go index 2f66cca87a..8c0c23b2fe 100644 --- a/vendor/github.com/docker/distribution/reference/reference.go +++ b/vendor/github.com/docker/distribution/reference/reference.go @@ -205,7 +205,7 @@ func Parse(s string) (Reference, error) { var repo repository nameMatch := anchoredNameRegexp.FindStringSubmatch(matches[1]) - if nameMatch != nil && len(nameMatch) == 3 { + if len(nameMatch) == 3 { repo.domain = nameMatch[1] repo.path = nameMatch[2] } else { diff --git a/vendor/github.com/docker/distribution/registry/api/errcode/errors.go b/vendor/github.com/docker/distribution/registry/api/errcode/errors.go index 6d9bb4b62a..4c35b879af 100644 --- a/vendor/github.com/docker/distribution/registry/api/errcode/errors.go +++ b/vendor/github.com/docker/distribution/registry/api/errcode/errors.go @@ -207,11 +207,11 @@ func (errs Errors) MarshalJSON() ([]byte, error) { for _, daErr := range errs { var err Error - switch daErr.(type) { + switch daErr := daErr.(type) { case ErrorCode: - err = daErr.(ErrorCode).WithDetail(nil) + err = daErr.WithDetail(nil) case Error: - err = daErr.(Error) + err = daErr default: err = ErrorCodeUnknown.WithDetail(daErr) diff --git a/vendor/github.com/docker/distribution/registry/api/v2/urls.go b/vendor/github.com/docker/distribution/registry/api/v2/urls.go index 1337bdb127..3c3ec98933 100644 --- a/vendor/github.com/docker/distribution/registry/api/v2/urls.go +++ b/vendor/github.com/docker/distribution/registry/api/v2/urls.go @@ -252,15 +252,3 @@ func appendValuesURL(u *url.URL, values ...url.Values) *url.URL { u.RawQuery = merged.Encode() return u } - -// appendValues appends the parameters to the url. Panics if the string is not -// a url. -func appendValues(u string, values ...url.Values) string { - up, err := url.Parse(u) - - if err != nil { - panic(err) // should never happen - } - - return appendValuesURL(up, values...).String() -} diff --git a/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go b/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go index 6e3f1ccc41..fe238210cd 100644 --- a/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go +++ b/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go @@ -117,8 +117,8 @@ func init() { var t octetType isCtl := c <= 31 || c == 127 isChar := 0 <= c && c <= 127 - isSeparator := strings.IndexRune(" \t\"(),/:;<=>?@[]\\{}", rune(c)) >= 0 - if strings.IndexRune(" \t\r\n", rune(c)) >= 0 { + isSeparator := strings.ContainsRune(" \t\"(),/:;<=>?@[]\\{}", rune(c)) + if strings.ContainsRune(" \t\r\n", rune(c)) { t |= isSpace } if isChar && !isCtl && !isSeparator { diff --git a/vendor/github.com/docker/distribution/registry/client/repository.go b/vendor/github.com/docker/distribution/registry/client/repository.go index aa442e6540..3e2ae66d3c 100644 --- a/vendor/github.com/docker/distribution/registry/client/repository.go +++ b/vendor/github.com/docker/distribution/registry/client/repository.go @@ -16,7 +16,7 @@ import ( "github.com/docker/distribution" "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/v2" + v2 "github.com/docker/distribution/registry/api/v2" "github.com/docker/distribution/registry/client/transport" "github.com/docker/distribution/registry/storage/cache" "github.com/docker/distribution/registry/storage/cache/memory" @@ -736,7 +736,12 @@ func (bs *blobs) Create(ctx context.Context, options ...distribution.BlobCreateO return nil, err } - resp, err := bs.client.Post(u, "", nil) + req, err := http.NewRequest("POST", u, nil) + if err != nil { + return nil, err + } + + resp, err := bs.client.Do(req) if err != nil { return nil, err } diff --git a/vendor/github.com/docker/distribution/vendor.conf b/vendor/github.com/docker/distribution/vendor.conf index a249caf269..bd1b4bff61 100644 --- a/vendor/github.com/docker/distribution/vendor.conf +++ b/vendor/github.com/docker/distribution/vendor.conf @@ -8,7 +8,7 @@ github.com/bugsnag/bugsnag-go b1d153021fcd90ca3f080db36bec96dc690fb274 github.com/bugsnag/osext 0dd3f918b21bec95ace9dc86c7e70266cfc5c702 github.com/bugsnag/panicwrap e2c28503fcd0675329da73bf48b33404db873782 github.com/denverdino/aliyungo afedced274aa9a7fcdd47ac97018f0f8db4e5de2 -github.com/dgrijalva/jwt-go a601269ab70c205d26370c16f7c81e9017c14e04 +github.com/dgrijalva/jwt-go 4bbdd8ac624fc7a9ef7aec841c43d99b5fe65a29 https://github.com/golang-jwt/jwt.git # v3.2.2 github.com/docker/go-metrics 399ea8c73916000c64c2c76e8da00ca82f8387ab github.com/docker/libtrust fa567046d9b14f6aa788882a950d69651d230b21 github.com/garyburd/redigo 535138d7bcd717d6531c701ef5933d98b1866257 @@ -48,4 +48,4 @@ gopkg.in/square/go-jose.v1 40d457b439244b546f023d056628e5184136899b gopkg.in/yaml.v2 v2.2.1 rsc.io/letsencrypt e770c10b0f1a64775ae91d240407ce00d1a5bdeb https://github.com/dmcgowan/letsencrypt.git github.com/opencontainers/go-digest a6d0ee40d4207ea02364bd3b9e8e77b9159ba1eb -github.com/opencontainers/image-spec ab7389ef9f50030c9b245bc16b981c7ddf192882 +github.com/opencontainers/image-spec 67d2d5658fe0476ab9bf414cec164077ebff3920 # v1.0.2 diff --git a/vendor/github.com/form3tech-oss/jwt-go/.travis.yml b/vendor/github.com/form3tech-oss/jwt-go/.travis.yml deleted file mode 100644 index 3c7fb7e1ae..0000000000 --- a/vendor/github.com/form3tech-oss/jwt-go/.travis.yml +++ /dev/null @@ -1,12 +0,0 @@ -language: go - -script: - - go vet ./... - - go test -v ./... - -go: - - 1.12 - - 1.13 - - 1.14 - - 1.15 - - tip diff --git a/vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md b/vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md deleted file mode 100644 index 7fc1f793cb..0000000000 --- a/vendor/github.com/form3tech-oss/jwt-go/MIGRATION_GUIDE.md +++ /dev/null @@ -1,97 +0,0 @@ -## Migration Guide from v2 -> v3 - -Version 3 adds several new, frequently requested features. To do so, it introduces a few breaking changes. We've worked to keep these as minimal as possible. This guide explains the breaking changes and how you can quickly update your code. - -### `Token.Claims` is now an interface type - -The most requested feature from the 2.0 verison of this library was the ability to provide a custom type to the JSON parser for claims. This was implemented by introducing a new interface, `Claims`, to replace `map[string]interface{}`. We also included two concrete implementations of `Claims`: `MapClaims` and `StandardClaims`. - -`MapClaims` is an alias for `map[string]interface{}` with built in validation behavior. It is the default claims type when using `Parse`. The usage is unchanged except you must type cast the claims property. - -The old example for parsing a token looked like this.. - -```go - if token, err := jwt.Parse(tokenString, keyLookupFunc); err == nil { - fmt.Printf("Token for user %v expires %v", token.Claims["user"], token.Claims["exp"]) - } -``` - -is now directly mapped to... - -```go - if token, err := jwt.Parse(tokenString, keyLookupFunc); err == nil { - claims := token.Claims.(jwt.MapClaims) - fmt.Printf("Token for user %v expires %v", claims["user"], claims["exp"]) - } -``` - -`StandardClaims` is designed to be embedded in your custom type. You can supply a custom claims type with the new `ParseWithClaims` function. Here's an example of using a custom claims type. - -```go - type MyCustomClaims struct { - User string - *StandardClaims - } - - if token, err := jwt.ParseWithClaims(tokenString, &MyCustomClaims{}, keyLookupFunc); err == nil { - claims := token.Claims.(*MyCustomClaims) - fmt.Printf("Token for user %v expires %v", claims.User, claims.StandardClaims.ExpiresAt) - } -``` - -### `ParseFromRequest` has been moved - -To keep this library focused on the tokens without becoming overburdened with complex request processing logic, `ParseFromRequest` and its new companion `ParseFromRequestWithClaims` have been moved to a subpackage, `request`. The method signatues have also been augmented to receive a new argument: `Extractor`. - -`Extractors` do the work of picking the token string out of a request. The interface is simple and composable. - -This simple parsing example: - -```go - if token, err := jwt.ParseFromRequest(tokenString, req, keyLookupFunc); err == nil { - fmt.Printf("Token for user %v expires %v", token.Claims["user"], token.Claims["exp"]) - } -``` - -is directly mapped to: - -```go - if token, err := request.ParseFromRequest(req, request.OAuth2Extractor, keyLookupFunc); err == nil { - claims := token.Claims.(jwt.MapClaims) - fmt.Printf("Token for user %v expires %v", claims["user"], claims["exp"]) - } -``` - -There are several concrete `Extractor` types provided for your convenience: - -* `HeaderExtractor` will search a list of headers until one contains content. -* `ArgumentExtractor` will search a list of keys in request query and form arguments until one contains content. -* `MultiExtractor` will try a list of `Extractors` in order until one returns content. -* `AuthorizationHeaderExtractor` will look in the `Authorization` header for a `Bearer` token. -* `OAuth2Extractor` searches the places an OAuth2 token would be specified (per the spec): `Authorization` header and `access_token` argument -* `PostExtractionFilter` wraps an `Extractor`, allowing you to process the content before it's parsed. A simple example is stripping the `Bearer ` text from a header - - -### RSA signing methods no longer accept `[]byte` keys - -Due to a [critical vulnerability](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/), we've decided the convenience of accepting `[]byte` instead of `rsa.PublicKey` or `rsa.PrivateKey` isn't worth the risk of misuse. - -To replace this behavior, we've added two helper methods: `ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error)` and `ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error)`. These are just simple helpers for unpacking PEM encoded PKCS1 and PKCS8 keys. If your keys are encoded any other way, all you need to do is convert them to the `crypto/rsa` package's types. - -```go - func keyLookupFunc(*Token) (interface{}, error) { - // Don't forget to validate the alg is what you expect: - if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok { - return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"]) - } - - // Look up key - key, err := lookupPublicKey(token.Header["kid"]) - if err != nil { - return nil, err - } - - // Unpack key from PEM encoded PKCS8 - return jwt.ParseRSAPublicKeyFromPEM(key) - } -``` diff --git a/vendor/github.com/form3tech-oss/jwt-go/.gitignore b/vendor/github.com/golang-jwt/jwt/v4/.gitignore similarity index 95% rename from vendor/github.com/form3tech-oss/jwt-go/.gitignore rename to vendor/github.com/golang-jwt/jwt/v4/.gitignore index c0e81a8d92..09573e0169 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/.gitignore +++ b/vendor/github.com/golang-jwt/jwt/v4/.gitignore @@ -2,4 +2,3 @@ bin .idea/ - diff --git a/vendor/github.com/form3tech-oss/jwt-go/BUILD.bazel b/vendor/github.com/golang-jwt/jwt/v4/BUILD.bazel similarity index 73% rename from vendor/github.com/form3tech-oss/jwt-go/BUILD.bazel rename to vendor/github.com/golang-jwt/jwt/v4/BUILD.bazel index 9e8a33e68d..83e80acdef 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/BUILD.bazel +++ b/vendor/github.com/golang-jwt/jwt/v4/BUILD.bazel @@ -7,6 +7,8 @@ go_library( "doc.go", "ecdsa.go", "ecdsa_utils.go", + "ed25519.go", + "ed25519_utils.go", "errors.go", "hmac.go", "map_claims.go", @@ -18,7 +20,7 @@ go_library( "signing_method.go", "token.go", ], - importmap = "k8s.io/kops/vendor/github.com/form3tech-oss/jwt-go", - importpath = "github.com/form3tech-oss/jwt-go", + importmap = "k8s.io/kops/vendor/github.com/golang-jwt/jwt/v4", + importpath = "github.com/golang-jwt/jwt/v4", visibility = ["//visibility:public"], ) diff --git a/vendor/github.com/form3tech-oss/jwt-go/LICENSE b/vendor/github.com/golang-jwt/jwt/v4/LICENSE similarity index 96% rename from vendor/github.com/form3tech-oss/jwt-go/LICENSE rename to vendor/github.com/golang-jwt/jwt/v4/LICENSE index df83a9c2f0..35dbc25204 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/LICENSE +++ b/vendor/github.com/golang-jwt/jwt/v4/LICENSE @@ -1,4 +1,5 @@ Copyright (c) 2012 Dave Grijalva +Copyright (c) 2021 golang-jwt maintainers Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: diff --git a/vendor/github.com/golang-jwt/jwt/v4/MIGRATION_GUIDE.md b/vendor/github.com/golang-jwt/jwt/v4/MIGRATION_GUIDE.md new file mode 100644 index 0000000000..0b62149300 --- /dev/null +++ b/vendor/github.com/golang-jwt/jwt/v4/MIGRATION_GUIDE.md @@ -0,0 +1,22 @@ +## Migration Guide (v4.0.0) + +Starting from [v4.0.0](https://github.com/golang-jwt/jwt/releases/tag/v4.0.0]), the import path will be: + + "github.com/golang-jwt/jwt/v4" + +The `/v4` version will be backwards compatible with existing `v3.x.y` tags in this repo, as well as +`github.com/dgrijalva/jwt-go`. For most users this should be a drop-in replacement, if you're having +troubles migrating, please open an issue. + +You can replace all occurrences of `github.com/dgrijalva/jwt-go` or `github.com/golang-jwt/jwt` with `github.com/golang-jwt/jwt/v4`, either manually or by using tools such as `sed` or `gofmt`. + +And then you'd typically run: + +``` +go get github.com/golang-jwt/jwt/v4 +go mod tidy +``` + +## Older releases (before v3.2.0) + +The original migration guide for older releases can be found at https://github.com/dgrijalva/jwt-go/blob/master/MIGRATION_GUIDE.md. \ No newline at end of file diff --git a/vendor/github.com/form3tech-oss/jwt-go/README.md b/vendor/github.com/golang-jwt/jwt/v4/README.md similarity index 62% rename from vendor/github.com/form3tech-oss/jwt-go/README.md rename to vendor/github.com/golang-jwt/jwt/v4/README.md index d7749077fd..96fe3b9780 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/README.md +++ b/vendor/github.com/golang-jwt/jwt/v4/README.md @@ -1,25 +1,36 @@ # jwt-go -[![Build Status](https://travis-ci.org/dgrijalva/jwt-go.svg?branch=master)](https://travis-ci.org/dgrijalva/jwt-go) -[![GoDoc](https://godoc.org/github.com/dgrijalva/jwt-go?status.svg)](https://godoc.org/github.com/dgrijalva/jwt-go) +[![build](https://github.com/golang-jwt/jwt/actions/workflows/build.yml/badge.svg)](https://github.com/golang-jwt/jwt/actions/workflows/build.yml) +[![Go Reference](https://pkg.go.dev/badge/github.com/golang-jwt/jwt.svg)](https://pkg.go.dev/github.com/golang-jwt/jwt) -A [go](http://www.golang.org) (or 'golang' for search engine friendliness) implementation of [JSON Web Tokens](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) +A [go](http://www.golang.org) (or 'golang' for search engine friendliness) implementation of [JSON Web Tokens](https://datatracker.ietf.org/doc/html/rfc7519). -**NEW VERSION COMING:** There have been a lot of improvements suggested since the version 3.0.0 released in 2016. I'm working now on cutting two different releases: 3.2.0 will contain any non-breaking changes or enhancements. 4.0.0 will follow shortly which will include breaking changes. See the 4.0.0 milestone to get an idea of what's coming. If you have other ideas, or would like to participate in 4.0.0, now's the time. If you depend on this library and don't want to be interrupted, I recommend you use your dependency mangement tool to pin to version 3. +Starting with [v4.0.0](https://github.com/golang-jwt/jwt/releases/tag/v4.0.0) this project adds Go module support, but maintains backwards compataibility with older `v3.x.y` tags and upstream `github.com/dgrijalva/jwt-go`. +See the `MIGRATION_GUIDE.md` for more information. -**SECURITY NOTICE:** Some older versions of Go have a security issue in the cryotp/elliptic. Recommendation is to upgrade to at least 1.8.3. See issue #216 for more detail. +> After the original author of the library suggested migrating the maintenance of `jwt-go`, a dedicated team of open source maintainers decided to clone the existing library into this repository. See [dgrijalva/jwt-go#462](https://github.com/dgrijalva/jwt-go/issues/462) for a detailed discussion on this topic. + + +**SECURITY NOTICE:** Some older versions of Go have a security issue in the crypto/elliptic. Recommendation is to upgrade to at least 1.15 See issue [dgrijalva/jwt-go#216](https://github.com/dgrijalva/jwt-go/issues/216) for more detail. **SECURITY NOTICE:** It's important that you [validate the `alg` presented is what you expect](https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/). This library attempts to make it easy to do the right thing by requiring key types match the expected alg, but you should take the extra step to verify it in your usage. See the examples provided. +### Supported Go versions + +Our support of Go versions is aligned with Go's [version release policy](https://golang.org/doc/devel/release#policy). +So we will support a major version of Go until there are two newer major releases. +We no longer support building jwt-go with unsupported Go versions, as these contain security vulnerabilities +which will not be fixed. + ## What the heck is a JWT? JWT.io has [a great introduction](https://jwt.io/introduction) to JSON Web Tokens. -In short, it's a signed JSON object that does something useful (for example, authentication). It's commonly used for `Bearer` tokens in Oauth 2. A token is made of three parts, separated by `.`'s. The first two parts are JSON objects, that have been [base64url](http://tools.ietf.org/html/rfc4648) encoded. The last part is the signature, encoded the same way. +In short, it's a signed JSON object that does something useful (for example, authentication). It's commonly used for `Bearer` tokens in Oauth 2. A token is made of three parts, separated by `.`'s. The first two parts are JSON objects, that have been [base64url](https://datatracker.ietf.org/doc/html/rfc4648) encoded. The last part is the signature, encoded the same way. The first part is called the header. It contains the necessary information for verifying the last part, the signature. For example, which encryption method was used for signing and what key was used. -The part in the middle is the interesting bit. It's called the Claims and contains the actual stuff you care about. Refer to [the RFC](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html) for information about reserved keys and the proper way to add your own. +The part in the middle is the interesting bit. It's called the Claims and contains the actual stuff you care about. Refer to [RFC 7519](https://datatracker.ietf.org/doc/html/rfc7519) for information about reserved keys and the proper way to add your own. ## What's in the box? @@ -27,11 +38,11 @@ This library supports the parsing and verification as well as the generation and ## Examples -See [the project documentation](https://godoc.org/github.com/dgrijalva/jwt-go) for examples of usage: +See [the project documentation](https://pkg.go.dev/github.com/golang-jwt/jwt) for examples of usage: -* [Simple example of parsing and validating a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-Parse--Hmac) -* [Simple example of building and signing a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-New--Hmac) -* [Directory of Examples](https://godoc.org/github.com/dgrijalva/jwt-go#pkg-examples) +* [Simple example of parsing and validating a token](https://pkg.go.dev/github.com/golang-jwt/jwt#example-Parse-Hmac) +* [Simple example of building and signing a token](https://pkg.go.dev/github.com/golang-jwt/jwt#example-New-Hmac) +* [Directory of Examples](https://pkg.go.dev/github.com/golang-jwt/jwt#pkg-examples) ## Extensions @@ -41,20 +52,18 @@ Here's an example of an extension that integrates with multiple Google Cloud Pla ## Compliance -This library was last reviewed to comply with [RTF 7519](http://www.rfc-editor.org/info/rfc7519) dated May 2015 with a few notable differences: +This library was last reviewed to comply with [RTF 7519](https://datatracker.ietf.org/doc/html/rfc7519) dated May 2015 with a few notable differences: -* In order to protect against accidental use of [Unsecured JWTs](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#UnsecuredJWT), tokens using `alg=none` will only be accepted if the constant `jwt.UnsafeAllowNoneSignatureType` is provided as the key. +* In order to protect against accidental use of [Unsecured JWTs](https://datatracker.ietf.org/doc/html/rfc7519#section-6), tokens using `alg=none` will only be accepted if the constant `jwt.UnsafeAllowNoneSignatureType` is provided as the key. ## Project Status & Versioning This library is considered production ready. Feedback and feature requests are appreciated. The API should be considered stable. There should be very few backwards-incompatible changes outside of major version updates (and only with good reason). -This project uses [Semantic Versioning 2.0.0](http://semver.org). Accepted pull requests will land on `master`. Periodically, versions will be tagged from `master`. You can find all the releases on [the project releases page](https://github.com/dgrijalva/jwt-go/releases). - -While we try to make it obvious when we make breaking changes, there isn't a great mechanism for pushing announcements out to users. You may want to use this alternative package include: `gopkg.in/dgrijalva/jwt-go.v3`. It will do the right thing WRT semantic versioning. +This project uses [Semantic Versioning 2.0.0](http://semver.org). Accepted pull requests will land on `main`. Periodically, versions will be tagged from `main`. You can find all the releases on [the project releases page](https://github.com/golang-jwt/jwt/releases). **BREAKING CHANGES:*** -* Version 3.0.0 includes _a lot_ of changes from the 2.x line, including a few that break the API. We've tried to break as few things as possible, so there should just be a few type signature changes. A full list of breaking changes is available in `VERSION_HISTORY.md`. See `MIGRATION_GUIDE.md` for more information on updating your code. +A full list of breaking changes is available in `VERSION_HISTORY.md`. See `MIGRATION_GUIDE.md` for more information on updating your code. ## Usage Tips @@ -79,9 +88,9 @@ Asymmetric signing methods, such as RSA, use different keys for signing and veri Each signing method expects a different object type for its signing keys. See the package documentation for details. Here are the most common ones: -* The [HMAC signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation -* The [RSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation -* The [ECDSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation +* The [HMAC signing method](https://pkg.go.dev/github.com/golang-jwt/jwt#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation +* The [RSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation +* The [ECDSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation ### JWT and OAuth @@ -99,6 +108,6 @@ This library uses descriptive error messages whenever possible. If you are not g ## More -Documentation can be found [on godoc.org](http://godoc.org/github.com/dgrijalva/jwt-go). +Documentation can be found [on pkg.go.dev](https://pkg.go.dev/github.com/golang-jwt/jwt). The command line utility included in this project (cmd/jwt) provides a straightforward example of token creation and parsing as well as a useful tool for debugging your own integration. You'll also find several implementation examples in the documentation. diff --git a/vendor/github.com/form3tech-oss/jwt-go/VERSION_HISTORY.md b/vendor/github.com/golang-jwt/jwt/v4/VERSION_HISTORY.md similarity index 84% rename from vendor/github.com/form3tech-oss/jwt-go/VERSION_HISTORY.md rename to vendor/github.com/golang-jwt/jwt/v4/VERSION_HISTORY.md index 6370298313..afbfc4e408 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/VERSION_HISTORY.md +++ b/vendor/github.com/golang-jwt/jwt/v4/VERSION_HISTORY.md @@ -1,5 +1,22 @@ ## `jwt-go` Version History +#### 4.0.0 + +* Introduces support for Go modules. The `v4` version will be backwards compatible with `v3.x.y`. + +#### 3.2.2 + +* Starting from this release, we are adopting the policy to support the most 2 recent versions of Go currently available. By the time of this release, this is Go 1.15 and 1.16 ([#28](https://github.com/golang-jwt/jwt/pull/28)). +* Fixed a potential issue that could occur when the verification of `exp`, `iat` or `nbf` was not required and contained invalid contents, i.e. non-numeric/date. Thanks for @thaJeztah for making us aware of that and @giorgos-f3 for originally reporting it to the formtech fork ([#40](https://github.com/golang-jwt/jwt/pull/40)). +* Added support for EdDSA / ED25519 ([#36](https://github.com/golang-jwt/jwt/pull/36)). +* Optimized allocations ([#33](https://github.com/golang-jwt/jwt/pull/33)). + +#### 3.2.1 + +* **Import Path Change**: See MIGRATION_GUIDE.md for tips on updating your code + * Changed the import path from `github.com/dgrijalva/jwt-go` to `github.com/golang-jwt/jwt` +* Fixed type confusing issue between `string` and `[]string` in `VerifyAudience` ([#12](https://github.com/golang-jwt/jwt/pull/12)). This fixes CVE-2020-26160 + #### 3.2.0 * Added method `ParseUnverified` to allow users to split up the tasks of parsing and validation @@ -115,4 +132,4 @@ It is likely the only integration change required here will be to change `func(t * First versioned release * API stabilized * Supports creating, signing, parsing, and validating JWT tokens -* Supports RS256 and HS256 signing methods \ No newline at end of file +* Supports RS256 and HS256 signing methods diff --git a/vendor/github.com/form3tech-oss/jwt-go/claims.go b/vendor/github.com/golang-jwt/jwt/v4/claims.go similarity index 75% rename from vendor/github.com/form3tech-oss/jwt-go/claims.go rename to vendor/github.com/golang-jwt/jwt/v4/claims.go index 624890666c..7c2f33bcbe 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/claims.go +++ b/vendor/github.com/golang-jwt/jwt/v4/claims.go @@ -6,17 +6,17 @@ import ( "time" ) -// For a type to be a Claims object, it must just have a Valid method that determines +// Claims must just have a Valid method that determines // if the token is invalid for any supported reason type Claims interface { Valid() error } -// Structured version of Claims Section, as referenced at +// StandardClaims are a structured version of the Claims Section, as referenced at // https://tools.ietf.org/html/rfc7519#section-4.1 // See examples for how to use this with your own claim types type StandardClaims struct { - Audience []string `json:"aud,omitempty"` + Audience string `json:"aud,omitempty"` ExpiresAt int64 `json:"exp,omitempty"` Id string `json:"jti,omitempty"` IssuedAt int64 `json:"iat,omitempty"` @@ -25,8 +25,7 @@ type StandardClaims struct { Subject string `json:"sub,omitempty"` } -// Validates time based claims "exp, iat, nbf". -// There is no accounting for clock skew. +// Valid validates time based claims "exp, iat, nbf". There is no accounting for clock skew. // As well, if any of the above claims are not in the token, it will still // be considered a valid claim. func (c StandardClaims) Valid() error { @@ -35,18 +34,18 @@ func (c StandardClaims) Valid() error { // The claims below are optional, by default, so if they are set to the // default value in Go, let's not fail the verification for them. - if c.VerifyExpiresAt(now, false) == false { + if !c.VerifyExpiresAt(now, false) { delta := time.Unix(now, 0).Sub(time.Unix(c.ExpiresAt, 0)) vErr.Inner = fmt.Errorf("token is expired by %v", delta) vErr.Errors |= ValidationErrorExpired } - if c.VerifyIssuedAt(now, false) == false { + if !c.VerifyIssuedAt(now, false) { vErr.Inner = fmt.Errorf("Token used before issued") vErr.Errors |= ValidationErrorIssuedAt } - if c.VerifyNotBefore(now, false) == false { + if !c.VerifyNotBefore(now, false) { vErr.Inner = fmt.Errorf("token is not valid yet") vErr.Errors |= ValidationErrorNotValidYet } @@ -58,31 +57,31 @@ func (c StandardClaims) Valid() error { return vErr } -// Compares the aud claim against cmp. +// VerifyAudience compares the aud claim against cmp. // If required is false, this method will return true if the value matches or is unset func (c *StandardClaims) VerifyAudience(cmp string, req bool) bool { - return verifyAud(c.Audience, cmp, req) + return verifyAud([]string{c.Audience}, cmp, req) } -// Compares the exp claim against cmp. +// VerifyExpiresAt compares the exp claim against cmp. // If required is false, this method will return true if the value matches or is unset func (c *StandardClaims) VerifyExpiresAt(cmp int64, req bool) bool { return verifyExp(c.ExpiresAt, cmp, req) } -// Compares the iat claim against cmp. +// VerifyIssuedAt compares the iat claim against cmp. // If required is false, this method will return true if the value matches or is unset func (c *StandardClaims) VerifyIssuedAt(cmp int64, req bool) bool { return verifyIat(c.IssuedAt, cmp, req) } -// Compares the iss claim against cmp. +// VerifyIssuer compares the iss claim against cmp. // If required is false, this method will return true if the value matches or is unset func (c *StandardClaims) VerifyIssuer(cmp string, req bool) bool { return verifyIss(c.Issuer, cmp, req) } -// Compares the nbf claim against cmp. +// VerifyNotBefore compares the nbf claim against cmp. // If required is false, this method will return true if the value matches or is unset func (c *StandardClaims) VerifyNotBefore(cmp int64, req bool) bool { return verifyNbf(c.NotBefore, cmp, req) @@ -94,13 +93,23 @@ func verifyAud(aud []string, cmp string, required bool) bool { if len(aud) == 0 { return !required } + // use a var here to keep constant time compare when looping over a number of claims + result := false + var stringClaims string for _, a := range aud { if subtle.ConstantTimeCompare([]byte(a), []byte(cmp)) != 0 { - return true + result = true } + stringClaims = stringClaims + a } - return false + + // case where "" is sent in one or many aud claims + if len(stringClaims) == 0 { + return !required + } + + return result } func verifyExp(exp int64, now int64, required bool) bool { diff --git a/vendor/github.com/form3tech-oss/jwt-go/doc.go b/vendor/github.com/golang-jwt/jwt/v4/doc.go similarity index 100% rename from vendor/github.com/form3tech-oss/jwt-go/doc.go rename to vendor/github.com/golang-jwt/jwt/v4/doc.go diff --git a/vendor/github.com/form3tech-oss/jwt-go/ecdsa.go b/vendor/github.com/golang-jwt/jwt/v4/ecdsa.go similarity index 79% rename from vendor/github.com/form3tech-oss/jwt-go/ecdsa.go rename to vendor/github.com/golang-jwt/jwt/v4/ecdsa.go index f977381240..eac023fc6c 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/ecdsa.go +++ b/vendor/github.com/golang-jwt/jwt/v4/ecdsa.go @@ -13,7 +13,7 @@ var ( ErrECDSAVerification = errors.New("crypto/ecdsa: verification error") ) -// Implements the ECDSA family of signing methods signing methods +// SigningMethodECDSA implements the ECDSA family of signing methods. // Expects *ecdsa.PrivateKey for signing and *ecdsa.PublicKey for verification type SigningMethodECDSA struct { Name string @@ -53,7 +53,7 @@ func (m *SigningMethodECDSA) Alg() string { return m.Name } -// Implements the Verify method from SigningMethod +// Verify implements token verification for the SigningMethod. // For this verify method, key must be an ecdsa.PublicKey struct func (m *SigningMethodECDSA) Verify(signingString, signature string, key interface{}) error { var err error @@ -88,14 +88,14 @@ func (m *SigningMethodECDSA) Verify(signingString, signature string, key interfa hasher.Write([]byte(signingString)) // Verify the signature - if verifystatus := ecdsa.Verify(ecdsaKey, hasher.Sum(nil), r, s); verifystatus == true { + if verifystatus := ecdsa.Verify(ecdsaKey, hasher.Sum(nil), r, s); verifystatus { return nil - } else { - return ErrECDSAVerification } + + return ErrECDSAVerification } -// Implements the Sign method from SigningMethod +// Sign implements token signing for the SigningMethod. // For this signing method, key must be an ecdsa.PrivateKey struct func (m *SigningMethodECDSA) Sign(signingString string, key interface{}) (string, error) { // Get the key @@ -128,18 +128,12 @@ func (m *SigningMethodECDSA) Sign(signingString string, key interface{}) (string keyBytes += 1 } - // We serialize the outpus (r and s) into big-endian byte arrays and pad - // them with zeros on the left to make sure the sizes work out. Both arrays - // must be keyBytes long, and the output must be 2*keyBytes long. - rBytes := r.Bytes() - rBytesPadded := make([]byte, keyBytes) - copy(rBytesPadded[keyBytes-len(rBytes):], rBytes) - - sBytes := s.Bytes() - sBytesPadded := make([]byte, keyBytes) - copy(sBytesPadded[keyBytes-len(sBytes):], sBytes) - - out := append(rBytesPadded, sBytesPadded...) + // We serialize the outputs (r and s) into big-endian byte arrays + // padded with zeros on the left to make sure the sizes work out. + // Output must be 2*keyBytes long. + out := make([]byte, 2*keyBytes) + r.FillBytes(out[0:keyBytes]) // r is assigned to the first half of output. + s.FillBytes(out[keyBytes:]) // s is assigned to the second half of output. return EncodeSegment(out), nil } else { diff --git a/vendor/github.com/form3tech-oss/jwt-go/ecdsa_utils.go b/vendor/github.com/golang-jwt/jwt/v4/ecdsa_utils.go similarity index 81% rename from vendor/github.com/form3tech-oss/jwt-go/ecdsa_utils.go rename to vendor/github.com/golang-jwt/jwt/v4/ecdsa_utils.go index db9f4be7d8..5700636d35 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/ecdsa_utils.go +++ b/vendor/github.com/golang-jwt/jwt/v4/ecdsa_utils.go @@ -8,11 +8,11 @@ import ( ) var ( - ErrNotECPublicKey = errors.New("Key is not a valid ECDSA public key") - ErrNotECPrivateKey = errors.New("Key is not a valid ECDSA private key") + ErrNotECPublicKey = errors.New("key is not a valid ECDSA public key") + ErrNotECPrivateKey = errors.New("key is not a valid ECDSA private key") ) -// Parse PEM encoded Elliptic Curve Private Key Structure +// ParseECPrivateKeyFromPEM parses a PEM encoded Elliptic Curve Private Key Structure func ParseECPrivateKeyFromPEM(key []byte) (*ecdsa.PrivateKey, error) { var err error @@ -39,7 +39,7 @@ func ParseECPrivateKeyFromPEM(key []byte) (*ecdsa.PrivateKey, error) { return pkey, nil } -// Parse PEM encoded PKCS1 or PKCS8 public key +// ParseECPublicKeyFromPEM parses a PEM encoded PKCS1 or PKCS8 public key func ParseECPublicKeyFromPEM(key []byte) (*ecdsa.PublicKey, error) { var err error diff --git a/vendor/github.com/golang-jwt/jwt/v4/ed25519.go b/vendor/github.com/golang-jwt/jwt/v4/ed25519.go new file mode 100644 index 0000000000..9f40dc0c73 --- /dev/null +++ b/vendor/github.com/golang-jwt/jwt/v4/ed25519.go @@ -0,0 +1,81 @@ +package jwt + +import ( + "errors" + + "crypto/ed25519" +) + +var ( + ErrEd25519Verification = errors.New("ed25519: verification error") +) + +// SigningMethodEd25519 implements the EdDSA family. +// Expects ed25519.PrivateKey for signing and ed25519.PublicKey for verification +type SigningMethodEd25519 struct{} + +// Specific instance for EdDSA +var ( + SigningMethodEdDSA *SigningMethodEd25519 +) + +func init() { + SigningMethodEdDSA = &SigningMethodEd25519{} + RegisterSigningMethod(SigningMethodEdDSA.Alg(), func() SigningMethod { + return SigningMethodEdDSA + }) +} + +func (m *SigningMethodEd25519) Alg() string { + return "EdDSA" +} + +// Verify implements token verification for the SigningMethod. +// For this verify method, key must be an ed25519.PublicKey +func (m *SigningMethodEd25519) Verify(signingString, signature string, key interface{}) error { + var err error + var ed25519Key ed25519.PublicKey + var ok bool + + if ed25519Key, ok = key.(ed25519.PublicKey); !ok { + return ErrInvalidKeyType + } + + if len(ed25519Key) != ed25519.PublicKeySize { + return ErrInvalidKey + } + + // Decode the signature + var sig []byte + if sig, err = DecodeSegment(signature); err != nil { + return err + } + + // Verify the signature + if !ed25519.Verify(ed25519Key, []byte(signingString), sig) { + return ErrEd25519Verification + } + + return nil +} + +// Sign implements token signing for the SigningMethod. +// For this signing method, key must be an ed25519.PrivateKey +func (m *SigningMethodEd25519) Sign(signingString string, key interface{}) (string, error) { + var ed25519Key ed25519.PrivateKey + var ok bool + + if ed25519Key, ok = key.(ed25519.PrivateKey); !ok { + return "", ErrInvalidKeyType + } + + // ed25519.Sign panics if private key not equal to ed25519.PrivateKeySize + // this allows to avoid recover usage + if len(ed25519Key) != ed25519.PrivateKeySize { + return "", ErrInvalidKey + } + + // Sign the string and return the encoded result + sig := ed25519.Sign(ed25519Key, []byte(signingString)) + return EncodeSegment(sig), nil +} diff --git a/vendor/github.com/golang-jwt/jwt/v4/ed25519_utils.go b/vendor/github.com/golang-jwt/jwt/v4/ed25519_utils.go new file mode 100644 index 0000000000..cdb5e68e87 --- /dev/null +++ b/vendor/github.com/golang-jwt/jwt/v4/ed25519_utils.go @@ -0,0 +1,64 @@ +package jwt + +import ( + "crypto" + "crypto/ed25519" + "crypto/x509" + "encoding/pem" + "errors" +) + +var ( + ErrNotEdPrivateKey = errors.New("key is not a valid Ed25519 private key") + ErrNotEdPublicKey = errors.New("key is not a valid Ed25519 public key") +) + +// ParseEdPrivateKeyFromPEM parses a PEM-encoded Edwards curve private key +func ParseEdPrivateKeyFromPEM(key []byte) (crypto.PrivateKey, error) { + var err error + + // Parse PEM block + var block *pem.Block + if block, _ = pem.Decode(key); block == nil { + return nil, ErrKeyMustBePEMEncoded + } + + // Parse the key + var parsedKey interface{} + if parsedKey, err = x509.ParsePKCS8PrivateKey(block.Bytes); err != nil { + return nil, err + } + + var pkey ed25519.PrivateKey + var ok bool + if pkey, ok = parsedKey.(ed25519.PrivateKey); !ok { + return nil, ErrNotEdPrivateKey + } + + return pkey, nil +} + +// ParseEdPublicKeyFromPEM parses a PEM-encoded Edwards curve public key +func ParseEdPublicKeyFromPEM(key []byte) (crypto.PublicKey, error) { + var err error + + // Parse PEM block + var block *pem.Block + if block, _ = pem.Decode(key); block == nil { + return nil, ErrKeyMustBePEMEncoded + } + + // Parse the key + var parsedKey interface{} + if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil { + return nil, err + } + + var pkey ed25519.PublicKey + var ok bool + if pkey, ok = parsedKey.(ed25519.PublicKey); !ok { + return nil, ErrNotEdPublicKey + } + + return pkey, nil +} diff --git a/vendor/github.com/form3tech-oss/jwt-go/errors.go b/vendor/github.com/golang-jwt/jwt/v4/errors.go similarity index 88% rename from vendor/github.com/form3tech-oss/jwt-go/errors.go rename to vendor/github.com/golang-jwt/jwt/v4/errors.go index 1c93024aad..f309878b30 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/errors.go +++ b/vendor/github.com/golang-jwt/jwt/v4/errors.go @@ -27,7 +27,7 @@ const ( ValidationErrorClaimsInvalid // Generic claims validation error ) -// Helper for constructing a ValidationError with a string error message +// NewValidationError is a helper for constructing a ValidationError with a string error message func NewValidationError(errorText string, errorFlags uint32) *ValidationError { return &ValidationError{ text: errorText, @@ -35,14 +35,14 @@ func NewValidationError(errorText string, errorFlags uint32) *ValidationError { } } -// The error from Parse if token is not valid +// ValidationError represents an error from Parse if token is not valid type ValidationError struct { Inner error // stores the error returned by external dependencies, i.e.: KeyFunc Errors uint32 // bitfield. see ValidationError... constants text string // errors that do not have a valid error just have text } -// Validation error is an error type +// Error is the implementation of the err interface. func (e ValidationError) Error() string { if e.Inner != nil { return e.Inner.Error() diff --git a/vendor/github.com/form3tech-oss/jwt-go/hmac.go b/vendor/github.com/golang-jwt/jwt/v4/hmac.go similarity index 90% rename from vendor/github.com/form3tech-oss/jwt-go/hmac.go rename to vendor/github.com/golang-jwt/jwt/v4/hmac.go index addbe5d401..011f68a274 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/hmac.go +++ b/vendor/github.com/golang-jwt/jwt/v4/hmac.go @@ -6,7 +6,7 @@ import ( "errors" ) -// Implements the HMAC-SHA family of signing methods signing methods +// SigningMethodHMAC implements the HMAC-SHA family of signing methods. // Expects key type of []byte for both signing and validation type SigningMethodHMAC struct { Name string @@ -45,7 +45,7 @@ func (m *SigningMethodHMAC) Alg() string { return m.Name } -// Verify the signature of HSXXX tokens. Returns nil if the signature is valid. +// Verify implements token verification for the SigningMethod. Returns nil if the signature is valid. func (m *SigningMethodHMAC) Verify(signingString, signature string, key interface{}) error { // Verify the key is the right type keyBytes, ok := key.([]byte) @@ -77,7 +77,7 @@ func (m *SigningMethodHMAC) Verify(signingString, signature string, key interfac return nil } -// Implements the Sign method from SigningMethod for this signing method. +// Sign implements token signing for the SigningMethod. // Key must be []byte func (m *SigningMethodHMAC) Sign(signingString string, key interface{}) (string, error) { if keyBytes, ok := key.([]byte); ok { diff --git a/vendor/github.com/form3tech-oss/jwt-go/map_claims.go b/vendor/github.com/golang-jwt/jwt/v4/map_claims.go similarity index 66% rename from vendor/github.com/form3tech-oss/jwt-go/map_claims.go rename to vendor/github.com/golang-jwt/jwt/v4/map_claims.go index bcc37b15bf..7e00e753dd 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/map_claims.go +++ b/vendor/github.com/golang-jwt/jwt/v4/map_claims.go @@ -6,15 +6,17 @@ import ( // "fmt" ) -// Claims type that uses the map[string]interface{} for JSON decoding +// MapClaims is a claims type that uses the map[string]interface{} for JSON decoding. // This is the default claims type if you don't supply one type MapClaims map[string]interface{} -// Compares the aud claim against cmp. +// VerifyAudience Compares the aud claim against cmp. // If required is false, this method will return true if the value matches or is unset func (m MapClaims) VerifyAudience(cmp string, req bool) bool { var aud []string switch v := m["aud"].(type) { + case string: + aud = append(aud, v) case []string: aud = v case []interface{}: @@ -25,61 +27,69 @@ func (m MapClaims) VerifyAudience(cmp string, req bool) bool { } aud = append(aud, vs) } - case string: - aud = append(aud, v) - default: - return false } return verifyAud(aud, cmp, req) } -// Compares the exp claim against cmp. +// VerifyExpiresAt compares the exp claim against cmp. // If required is false, this method will return true if the value matches or is unset func (m MapClaims) VerifyExpiresAt(cmp int64, req bool) bool { - switch exp := m["exp"].(type) { + exp, ok := m["exp"] + if !ok { + return !req + } + switch expType := exp.(type) { case float64: - return verifyExp(int64(exp), cmp, req) + return verifyExp(int64(expType), cmp, req) case json.Number: - v, _ := exp.Int64() + v, _ := expType.Int64() return verifyExp(v, cmp, req) } - return req == false + return false } -// Compares the iat claim against cmp. +// VerifyIssuedAt compares the iat claim against cmp. // If required is false, this method will return true if the value matches or is unset func (m MapClaims) VerifyIssuedAt(cmp int64, req bool) bool { - switch iat := m["iat"].(type) { + iat, ok := m["iat"] + if !ok { + return !req + } + switch iatType := iat.(type) { case float64: - return verifyIat(int64(iat), cmp, req) + return verifyIat(int64(iatType), cmp, req) case json.Number: - v, _ := iat.Int64() + v, _ := iatType.Int64() return verifyIat(v, cmp, req) } - return req == false + return false } -// Compares the iss claim against cmp. +// VerifyIssuer compares the iss claim against cmp. // If required is false, this method will return true if the value matches or is unset func (m MapClaims) VerifyIssuer(cmp string, req bool) bool { iss, _ := m["iss"].(string) return verifyIss(iss, cmp, req) } -// Compares the nbf claim against cmp. +// VerifyNotBefore compares the nbf claim against cmp. // If required is false, this method will return true if the value matches or is unset func (m MapClaims) VerifyNotBefore(cmp int64, req bool) bool { - switch nbf := m["nbf"].(type) { + nbf, ok := m["nbf"] + if !ok { + return !req + } + switch nbfType := nbf.(type) { case float64: - return verifyNbf(int64(nbf), cmp, req) + return verifyNbf(int64(nbfType), cmp, req) case json.Number: - v, _ := nbf.Int64() + v, _ := nbfType.Int64() return verifyNbf(v, cmp, req) } - return req == false + return false } -// Validates time based claims "exp, iat, nbf". +// Valid calidates time based claims "exp, iat, nbf". // There is no accounting for clock skew. // As well, if any of the above claims are not in the token, it will still // be considered a valid claim. @@ -87,17 +97,17 @@ func (m MapClaims) Valid() error { vErr := new(ValidationError) now := TimeFunc().Unix() - if m.VerifyExpiresAt(now, false) == false { + if !m.VerifyExpiresAt(now, false) { vErr.Inner = errors.New("Token is expired") vErr.Errors |= ValidationErrorExpired } - if m.VerifyIssuedAt(now, false) == false { + if !m.VerifyIssuedAt(now, false) { vErr.Inner = errors.New("Token used before issued") vErr.Errors |= ValidationErrorIssuedAt } - if m.VerifyNotBefore(now, false) == false { + if !m.VerifyNotBefore(now, false) { vErr.Inner = errors.New("Token is not valid yet") vErr.Errors |= ValidationErrorNotValidYet } diff --git a/vendor/github.com/form3tech-oss/jwt-go/none.go b/vendor/github.com/golang-jwt/jwt/v4/none.go similarity index 94% rename from vendor/github.com/form3tech-oss/jwt-go/none.go rename to vendor/github.com/golang-jwt/jwt/v4/none.go index f04d189d06..f19835d207 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/none.go +++ b/vendor/github.com/golang-jwt/jwt/v4/none.go @@ -1,6 +1,6 @@ package jwt -// Implements the none signing method. This is required by the spec +// SigningMethodNone implements the none signing method. This is required by the spec // but you probably should never use it. var SigningMethodNone *signingMethodNone diff --git a/vendor/github.com/form3tech-oss/jwt-go/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go similarity index 95% rename from vendor/github.com/form3tech-oss/jwt-go/parser.go rename to vendor/github.com/golang-jwt/jwt/v4/parser.go index d6901d9adb..0c811f311b 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/parser.go +++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go @@ -13,7 +13,7 @@ type Parser struct { SkipClaimsValidation bool // Skip claims validation during token parsing } -// Parse, validate, and return a token. +// Parse parses, validates, and returns a token. // keyFunc will receive the parsed token and should return the key for validating. // If everything is kosher, err will be nil func (p *Parser) Parse(tokenString string, keyFunc Keyfunc) (*Token, error) { @@ -87,12 +87,12 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf return token, vErr } -// WARNING: Don't use this method unless you know what you're doing +// ParseUnverified parses the token but doesn't validate the signature. // -// This method parses the token but doesn't validate the signature. It's only -// ever useful in cases where you know the signature is valid (because it has -// been checked previously in the stack) and you want to extract values from -// it. +// WARNING: Don't use this method unless you know what you're doing. +// +// It's only ever useful in cases where you know the signature is valid (because it has +// been checked previously in the stack) and you want to extract values from it. func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { parts = strings.Split(tokenString, ".") if len(parts) != 3 { diff --git a/vendor/github.com/form3tech-oss/jwt-go/rsa.go b/vendor/github.com/golang-jwt/jwt/v4/rsa.go similarity index 92% rename from vendor/github.com/form3tech-oss/jwt-go/rsa.go rename to vendor/github.com/golang-jwt/jwt/v4/rsa.go index e4caf1ca4a..b910b19c0b 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/rsa.go +++ b/vendor/github.com/golang-jwt/jwt/v4/rsa.go @@ -6,7 +6,7 @@ import ( "crypto/rsa" ) -// Implements the RSA family of signing methods signing methods +// SigningMethodRSA implements the RSA family of signing methods. // Expects *rsa.PrivateKey for signing and *rsa.PublicKey for validation type SigningMethodRSA struct { Name string @@ -44,7 +44,7 @@ func (m *SigningMethodRSA) Alg() string { return m.Name } -// Implements the Verify method from SigningMethod +// Verify implements token verification for the SigningMethod // For this signing method, must be an *rsa.PublicKey structure. func (m *SigningMethodRSA) Verify(signingString, signature string, key interface{}) error { var err error @@ -73,7 +73,7 @@ func (m *SigningMethodRSA) Verify(signingString, signature string, key interface return rsa.VerifyPKCS1v15(rsaKey, m.Hash, hasher.Sum(nil), sig) } -// Implements the Sign method from SigningMethod +// Sign implements token signing for the SigningMethod // For this signing method, must be an *rsa.PrivateKey structure. func (m *SigningMethodRSA) Sign(signingString string, key interface{}) (string, error) { var rsaKey *rsa.PrivateKey diff --git a/vendor/github.com/form3tech-oss/jwt-go/rsa_pss.go b/vendor/github.com/golang-jwt/jwt/v4/rsa_pss.go similarity index 94% rename from vendor/github.com/form3tech-oss/jwt-go/rsa_pss.go rename to vendor/github.com/golang-jwt/jwt/v4/rsa_pss.go index c014708648..5a8502feb3 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/rsa_pss.go +++ b/vendor/github.com/golang-jwt/jwt/v4/rsa_pss.go @@ -8,7 +8,7 @@ import ( "crypto/rsa" ) -// Implements the RSAPSS family of signing methods signing methods +// SigningMethodRSAPSS implements the RSAPSS family of signing methods signing methods type SigningMethodRSAPSS struct { *SigningMethodRSA Options *rsa.PSSOptions @@ -79,7 +79,7 @@ func init() { }) } -// Implements the Verify method from SigningMethod +// Verify implements token verification for the SigningMethod. // For this verify method, key must be an rsa.PublicKey struct func (m *SigningMethodRSAPSS) Verify(signingString, signature string, key interface{}) error { var err error @@ -113,7 +113,7 @@ func (m *SigningMethodRSAPSS) Verify(signingString, signature string, key interf return rsa.VerifyPSS(rsaKey, m.Hash, hasher.Sum(nil), sig, opts) } -// Implements the Sign method from SigningMethod +// Sign implements token signing for the SigningMethod. // For this signing method, key must be an rsa.PrivateKey struct func (m *SigningMethodRSAPSS) Sign(signingString string, key interface{}) (string, error) { var rsaKey *rsa.PrivateKey diff --git a/vendor/github.com/form3tech-oss/jwt-go/rsa_utils.go b/vendor/github.com/golang-jwt/jwt/v4/rsa_utils.go similarity index 72% rename from vendor/github.com/form3tech-oss/jwt-go/rsa_utils.go rename to vendor/github.com/golang-jwt/jwt/v4/rsa_utils.go index 14c78c292a..1966c450bf 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/rsa_utils.go +++ b/vendor/github.com/golang-jwt/jwt/v4/rsa_utils.go @@ -8,12 +8,12 @@ import ( ) var ( - ErrKeyMustBePEMEncoded = errors.New("Invalid Key: Key must be a PEM encoded PKCS1 or PKCS8 key") - ErrNotRSAPrivateKey = errors.New("Key is not a valid RSA private key") - ErrNotRSAPublicKey = errors.New("Key is not a valid RSA public key") + ErrKeyMustBePEMEncoded = errors.New("invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key") + ErrNotRSAPrivateKey = errors.New("key is not a valid RSA private key") + ErrNotRSAPublicKey = errors.New("key is not a valid RSA public key") ) -// Parse PEM encoded PKCS1 or PKCS8 private key +// ParseRSAPrivateKeyFromPEM parses a PEM encoded PKCS1 or PKCS8 private key func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error) { var err error @@ -39,7 +39,11 @@ func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error) { return pkey, nil } -// Parse PEM encoded PKCS1 or PKCS8 private key protected with password +// ParseRSAPrivateKeyFromPEMWithPassword parses a PEM encoded PKCS1 or PKCS8 private key protected with password +// +// Deprecated: This function is deprecated and should not be used anymore. It uses the deprecated x509.DecryptPEMBlock +// function, which was deprecated since RFC 1423 is regarded insecure by design. Unfortunately, there is no alternative +// in the Go standard library for now. See https://github.com/golang/go/issues/8860. func ParseRSAPrivateKeyFromPEMWithPassword(key []byte, password string) (*rsa.PrivateKey, error) { var err error @@ -71,7 +75,7 @@ func ParseRSAPrivateKeyFromPEMWithPassword(key []byte, password string) (*rsa.Pr return pkey, nil } -// Parse PEM encoded PKCS1 or PKCS8 public key +// ParseRSAPublicKeyFromPEM parses a PEM encoded PKCS1 or PKCS8 public key func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error) { var err error diff --git a/vendor/github.com/form3tech-oss/jwt-go/signing_method.go b/vendor/github.com/golang-jwt/jwt/v4/signing_method.go similarity index 79% rename from vendor/github.com/form3tech-oss/jwt-go/signing_method.go rename to vendor/github.com/golang-jwt/jwt/v4/signing_method.go index ed1f212b21..3269170f31 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/signing_method.go +++ b/vendor/github.com/golang-jwt/jwt/v4/signing_method.go @@ -7,14 +7,14 @@ import ( var signingMethods = map[string]func() SigningMethod{} var signingMethodLock = new(sync.RWMutex) -// Implement SigningMethod to add new methods for signing or verifying tokens. +// SigningMethod can be used add new methods for signing or verifying tokens. type SigningMethod interface { Verify(signingString, signature string, key interface{}) error // Returns nil if signature is valid Sign(signingString string, key interface{}) (string, error) // Returns encoded signature or error Alg() string // returns the alg identifier for this method (example: 'HS256') } -// Register the "alg" name and a factory function for signing method. +// RegisterSigningMethod registers the "alg" name and a factory function for signing method. // This is typically done during init() in the method's implementation func RegisterSigningMethod(alg string, f func() SigningMethod) { signingMethodLock.Lock() @@ -23,7 +23,7 @@ func RegisterSigningMethod(alg string, f func() SigningMethod) { signingMethods[alg] = f } -// Get a signing method from an "alg" string +// GetSigningMethod retrieves a signing method from an "alg" string func GetSigningMethod(alg string) (method SigningMethod) { signingMethodLock.RLock() defer signingMethodLock.RUnlock() diff --git a/vendor/github.com/golang-jwt/jwt/v4/staticcheck.conf b/vendor/github.com/golang-jwt/jwt/v4/staticcheck.conf new file mode 100644 index 0000000000..53745d51d7 --- /dev/null +++ b/vendor/github.com/golang-jwt/jwt/v4/staticcheck.conf @@ -0,0 +1 @@ +checks = ["all", "-ST1000", "-ST1003", "-ST1016", "-ST1023"] diff --git a/vendor/github.com/form3tech-oss/jwt-go/token.go b/vendor/github.com/golang-jwt/jwt/v4/token.go similarity index 74% rename from vendor/github.com/form3tech-oss/jwt-go/token.go rename to vendor/github.com/golang-jwt/jwt/v4/token.go index d637e0867c..b896acb0b4 100644 --- a/vendor/github.com/form3tech-oss/jwt-go/token.go +++ b/vendor/github.com/golang-jwt/jwt/v4/token.go @@ -12,13 +12,13 @@ import ( // server uses a different time zone than your tokens. var TimeFunc = time.Now -// Parse methods use this callback function to supply +// Keyfunc will be used by the Parse methods as a callback function to supply // the key for verification. The function receives the parsed, // but unverified Token. This allows you to use properties in the // Header of the token (such as `kid`) to identify which key to use. type Keyfunc func(*Token) (interface{}, error) -// A JWT Token. Different fields will be used depending on whether you're +// Token represents a JWT Token. Different fields will be used depending on whether you're // creating or parsing/verifying a token. type Token struct { Raw string // The raw token. Populated when you Parse a token @@ -29,7 +29,7 @@ type Token struct { Valid bool // Is the token valid? Populated when you Parse/Verify a token } -// Create a new Token. Takes a signing method +// New creates a new Token. Takes a signing method func New(method SigningMethod) *Token { return NewWithClaims(method, MapClaims{}) } @@ -45,7 +45,7 @@ func NewWithClaims(method SigningMethod, claims Claims) *Token { } } -// Get the complete, signed token +// SignedString retrieves the complete, signed token func (t *Token) SignedString(key interface{}) (string, error) { var sig, sstr string var err error @@ -58,14 +58,14 @@ func (t *Token) SignedString(key interface{}) (string, error) { return strings.Join([]string{sstr, sig}, "."), nil } -// Generate the signing string. This is the +// SigningString generates the signing string. This is the // most expensive part of the whole deal. Unless you // need this for something special, just go straight for // the SignedString. func (t *Token) SigningString() (string, error) { var err error parts := make([]string, 2) - for i, _ := range parts { + for i := range parts { var jsonValue []byte if i == 0 { if jsonValue, err = json.Marshal(t.Header); err != nil { @@ -82,7 +82,7 @@ func (t *Token) SigningString() (string, error) { return strings.Join(parts, "."), nil } -// Parse, validate, and return a token. +// Parse parses, validates, and returns a token. // keyFunc will receive the parsed token and should return the key for validating. // If everything is kosher, err will be nil func Parse(tokenString string, keyFunc Keyfunc) (*Token, error) { @@ -93,16 +93,18 @@ func ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token return new(Parser).ParseWithClaims(tokenString, claims, keyFunc) } -// Encode JWT specific base64url encoding with padding stripped +// EncodeSegment encodes a JWT specific base64url encoding with padding stripped +// +// Deprecated: In a future release, we will demote this function to a non-exported function, since it +// should only be used internally func EncodeSegment(seg []byte) string { - return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=") + return base64.RawURLEncoding.EncodeToString(seg) } -// Decode JWT specific base64url encoding with padding stripped +// DecodeSegment decodes a JWT specific base64url encoding with padding stripped +// +// Deprecated: In a future release, we will demote this function to a non-exported function, since it +// should only be used internally func DecodeSegment(seg string) ([]byte, error) { - if l := len(seg) % 4; l > 0 { - seg += strings.Repeat("=", 4-l) - } - - return base64.URLEncoding.DecodeString(seg) + return base64.RawURLEncoding.DecodeString(seg) } diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/BUILD.bazel deleted file mode 100644 index 8326badb11..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "const.go", - "doc.go", - "register.go", - "types.go", - "types_challenge.go", - "types_issuer.go", - "types_order.go", - "zz_generated.deepcopy.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1", - importpath = "github.com/jetstack/cert-manager/pkg/apis/acme/v1", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/api/core/v1:go_default_library", - "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/BUILD.bazel deleted file mode 100644 index a06477735b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "const.go", - "doc.go", - "register.go", - "types.go", - "types_challenge.go", - "types_issuer.go", - "types_order.go", - "zz_generated.deepcopy.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2", - importpath = "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/api/core/v1:go_default_library", - "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/const.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/const.go deleted file mode 100644 index d0704721e7..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/const.go +++ /dev/null @@ -1,21 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -const ( - ACMEFinalizer = "finalizer.acme.cert-manager.io" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/doc.go deleted file mode 100644 index bce34fec8b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/doc.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package v1alpha2 is the v1alpha2 version of the API. -// +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/acme -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta -// +groupName=acme.cert-manager.io -package v1alpha2 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/register.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/register.go deleted file mode 100644 index a6df8c2077..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/register.go +++ /dev/null @@ -1,58 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - "github.com/jetstack/cert-manager/pkg/apis/acme" -) - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: acme.GroupName, Version: "v1alpha2"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to api.Scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &Order{}, - &OrderList{}, - &Challenge{}, - &ChallengeList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types.go deleted file mode 100644 index d724a1ae5a..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types.go +++ /dev/null @@ -1,38 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -const ( - // If this annotation is specified on a Certificate or Order resource when - // using the HTTP01 solver type, the ingress.name field of the HTTP01 - // solver's configuration will be set to the value given here. - // This is especially useful for users of Ingress controllers that maintain - // a 1:1 mapping between endpoint IP and Ingress resource. - ACMECertificateHTTP01IngressNameOverride = "acme.cert-manager.io/http01-override-ingress-name" - - // If this annotation is specified on a Certificate or Order resource when - // using the HTTP01 solver type, the ingress.class field of the HTTP01 - // solver's configuration will be set to the value given here. - // This is especially useful for users deploying many different ingress - // classes into a single cluster that want to be able to re-use a single - // solver for each ingress class. - ACMECertificateHTTP01IngressClassOverride = "acme.cert-manager.io/http01-override-ingress-class" - - // IngressEditInPlaceAnnotation is used to toggle the use of ingressClass instead - // of ingress on the created Certificate resource - IngressEditInPlaceAnnotationKey = "acme.cert-manager.io/http01-edit-in-place" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_challenge.go deleted file mode 100644 index 98845820c3..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_challenge.go +++ /dev/null @@ -1,145 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Challenge is a type to represent a Challenge request with an ACME server -// +k8s:openapi-gen=true -// +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state" -// +kubebuilder:printcolumn:name="Domain",type="string",JSONPath=".spec.dnsName" -// +kubebuilder:printcolumn:name="Reason",type="string",JSONPath=".status.reason",description="",priority=1 -// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC." -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=challenges -type Challenge struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata"` - - Spec ChallengeSpec `json:"spec,omitempty"` - Status ChallengeStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ChallengeList is a list of Challenges -type ChallengeList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Challenge `json:"items"` -} - -type ChallengeSpec struct { - // URL is the URL of the ACME Challenge resource for this challenge. - // This can be used to lookup details about the status of this challenge. - URL string `json:"url"` - - // AuthzURL is the URL to the ACME Authorization resource that this - // challenge is a part of. - AuthzURL string `json:"authzURL"` - - // DNSName is the identifier that this challenge is for, e.g. example.com. - // If the requested DNSName is a 'wildcard', this field MUST be set to the - // non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. - DNSName string `json:"dnsName"` - - // Wildcard will be true if this challenge is for a wildcard identifier, - // for example '*.example.com'. - // +optional - Wildcard bool `json:"wildcard"` - - // Type is the type of ACME challenge this resource represents. - // One of "http-01" or "dns-01". - Type ACMEChallengeType `json:"type"` - - // Token is the ACME challenge token for this challenge. - // This is the raw value returned from the ACME server. - Token string `json:"token"` - - // Key is the ACME challenge key for this challenge - // For HTTP01 challenges, this is the value that must be responded with to - // complete the HTTP01 challenge in the format: - // `.`. - // For DNS01 challenges, this is the base64 encoded SHA256 sum of the - // `.` - // text that must be set as the TXT record content. - Key string `json:"key"` - - // Solver contains the domain solving configuration that should be used to - // solve this challenge resource. - Solver ACMEChallengeSolver `json:"solver"` - - // IssuerRef references a properly configured ACME-type Issuer which should - // be used to create this Challenge. - // If the Issuer does not exist, processing will be retried. - // If the Issuer is not an 'ACME' Issuer, an error will be returned and the - // Challenge will be marked as failed. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` -} - -// The type of ACME challenge. Only http-01 and dns-01 are supported. -// +kubebuilder:validation:Enum=http-01;dns-01 -type ACMEChallengeType string - -const ( - // ACMEChallengeTypeHTTP01 denotes a Challenge is of type http-01 - // More info: https://letsencrypt.org/docs/challenge-types/#http-01-challenge - ACMEChallengeTypeHTTP01 ACMEChallengeType = "http-01" - - // ACMEChallengeTypeDNS01 denotes a Challenge is of type dns-01 - // More info: https://letsencrypt.org/docs/challenge-types/#dns-01-challenge - ACMEChallengeTypeDNS01 ACMEChallengeType = "dns-01" -) - -type ChallengeStatus struct { - // Processing is used to denote whether this challenge should be processed - // or not. - // This field will only be set to true by the 'scheduling' component. - // It will only be set to false by the 'challenges' controller, after the - // challenge has reached a final state or timed out. - // If this field is set to false, the challenge controller will not take - // any more action. - // +optional - Processing bool `json:"processing"` - - // Presented will be set to true if the challenge values for this challenge - // are currently 'presented'. - // This *does not* imply the self check is passing. Only that the values - // have been 'submitted' for the appropriate challenge mechanism (i.e. the - // DNS01 TXT record has been presented, or the HTTP01 configuration has been - // configured). - // +optional - Presented bool `json:"presented"` - - // Reason contains human readable information on why the Challenge is in the - // current state. - // +optional - Reason string `json:"reason,omitempty"` - - // State contains the current 'state' of the challenge. - // If not set, the state of the challenge is unknown. - // +optional - State State `json:"state,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_issuer.go deleted file mode 100644 index 417f633b4f..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_issuer.go +++ /dev/null @@ -1,597 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - corev1 "k8s.io/api/core/v1" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// ACMEIssuer contains the specification for an ACME issuer. -// This uses the RFC8555 specification to obtain certificates by completing -// 'challenges' to prove ownership of domain identifiers. -// Earlier draft versions of the ACME specification are not supported. -type ACMEIssuer struct { - // Email is the email address to be associated with the ACME account. - // This field is optional, but it is strongly recommended to be set. - // It will be used to contact you in case of issues with your account or - // certificates, including expiry notification emails. - // This field may be updated after the account is initially registered. - // +optional - Email string `json:"email,omitempty"` - - // Server is the URL used to access the ACME server's 'directory' endpoint. - // For example, for Let's Encrypt's staging endpoint, you would use: - // "https://acme-staging-v02.api.letsencrypt.org/directory". - // Only ACME v2 endpoints (i.e. RFC 8555) are supported. - Server string `json:"server"` - - // PreferredChain is the chain to use if the ACME server outputs multiple. - // PreferredChain is no guarantee that this one gets delivered by the ACME - // endpoint. - // For example, for Let's Encrypt's DST crosssign you would use: - // "DST Root CA X3" or "ISRG Root X1" for the newer Let's Encrypt root CA. - // This value picks the first certificate bundle in the ACME alternative - // chains that has a certificate with this value as its issuer's CN - // +optional - // +kubebuilder:validation:MaxLength=64 - PreferredChain string `json:"preferredChain"` - - // Enables or disables validation of the ACME server TLS certificate. - // If true, requests to the ACME server will not have their TLS certificate - // validated (i.e. insecure connections will be allowed). - // Only enable this option in development environments. - // The cert-manager system installed roots will be used to verify connections - // to the ACME server if this is false. - // Defaults to false. - // +optional - SkipTLSVerify bool `json:"skipTLSVerify,omitempty"` - - // ExternalAccountBinding is a reference to a CA external account of the ACME - // server. - // If set, upon registration cert-manager will attempt to associate the given - // external account credentials with the registered ACME account. - // +optional - ExternalAccountBinding *ACMEExternalAccountBinding `json:"externalAccountBinding,omitempty"` - - // PrivateKey is the name of a Kubernetes Secret resource that will be used to - // store the automatically generated ACME account private key. - // Optionally, a `key` may be specified to select a specific entry within - // the named Secret resource. - // If `key` is not specified, a default of `tls.key` will be used. - PrivateKey cmmeta.SecretKeySelector `json:"privateKeySecretRef"` - - // Solvers is a list of challenge solvers that will be used to solve - // ACME challenges for the matching domains. - // Solver configurations must be provided in order to obtain certificates - // from an ACME server. - // For more information, see: https://cert-manager.io/docs/configuration/acme/ - // +optional - Solvers []ACMEChallengeSolver `json:"solvers,omitempty"` - - // Enables or disables generating a new ACME account key. - // If true, the Issuer resource will *not* request a new account but will expect - // the account key to be supplied via an existing secret. - // If false, the cert-manager system will generate a new ACME account key - // for the Issuer. - // Defaults to false. - // +optional - DisableAccountKeyGeneration bool `json:"disableAccountKeyGeneration,omitempty"` - - // Enables requesting a Not After date on certificates that matches the - // duration of the certificate. This is not supported by all ACME servers - // like Let's Encrypt. If set to true when the ACME server does not support - // it it will create an error on the Order. - // Defaults to false. - // +optional - EnableDurationFeature bool `json:"enableDurationFeature,omitempty"` -} - -// ACMEExternalAccountBinding is a reference to a CA external account of the ACME -// server. -type ACMEExternalAccountBinding struct { - // keyID is the ID of the CA key that the External Account is bound to. - KeyID string `json:"keyID"` - - // keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes - // Secret which holds the symmetric MAC key of the External Account Binding. - // The `key` is the index string that is paired with the key data in the - // Secret and should not be confused with the key data itself, or indeed with - // the External Account Binding keyID above. - // The secret key stored in the Secret **must** be un-padded, base64 URL - // encoded data. - Key cmmeta.SecretKeySelector `json:"keySecretRef"` - - // Deprecated: keyAlgorithm field exists for historical compatibility - // reasons and should not be used. The algorithm is now hardcoded to HS256 - // in golang/x/crypto/acme. - // +optional - KeyAlgorithm HMACKeyAlgorithm `json:"keyAlgorithm,omitempty"` -} - -// HMACKeyAlgorithm is the name of a key algorithm used for HMAC encryption -// +kubebuilder:validation:Enum=HS256;HS384;HS512 -type HMACKeyAlgorithm string - -const ( - HS256 HMACKeyAlgorithm = "HS256" - HS384 HMACKeyAlgorithm = "HS384" - HS512 HMACKeyAlgorithm = "HS512" -) - -// Configures an issuer to solve challenges using the specified options. -// Only one of HTTP01 or DNS01 may be provided. -type ACMEChallengeSolver struct { - // Selector selects a set of DNSNames on the Certificate resource that - // should be solved using this challenge solver. - // If not specified, the solver will be treated as the 'default' solver - // with the lowest priority, i.e. if any other solver has a more specific - // match, it will be used instead. - // +optional - Selector *CertificateDNSNameSelector `json:"selector,omitempty"` - - // Configures cert-manager to attempt to complete authorizations by - // performing the HTTP01 challenge flow. - // It is not possible to obtain certificates for wildcard domain names - // (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - // +optional - HTTP01 *ACMEChallengeSolverHTTP01 `json:"http01,omitempty"` - - // Configures cert-manager to attempt to complete authorizations by - // performing the DNS01 challenge flow. - // +optional - DNS01 *ACMEChallengeSolverDNS01 `json:"dns01,omitempty"` -} - -// CertificateDomainSelector selects certificates using a label selector, and -// can optionally select individual DNS names within those certificates. -// If both MatchLabels and DNSNames are empty, this selector will match all -// certificates and DNS names within them. -type CertificateDNSNameSelector struct { - // A label selector that is used to refine the set of certificate's that - // this challenge solver will apply to. - // +optional - MatchLabels map[string]string `json:"matchLabels,omitempty"` - - // List of DNSNames that this solver will be used to solve. - // If specified and a match is found, a dnsNames selector will take - // precedence over a dnsZones selector. - // If multiple solvers match with the same dnsNames value, the solver - // with the most matching labels in matchLabels will be selected. - // If neither has more matches, the solver defined earlier in the list - // will be selected. - // +optional - DNSNames []string `json:"dnsNames,omitempty"` - - // List of DNSZones that this solver will be used to solve. - // The most specific DNS zone match specified here will take precedence - // over other DNS zone matches, so a solver specifying sys.example.com - // will be selected over one specifying example.com for the domain - // www.sys.example.com. - // If multiple solvers match with the same dnsZones value, the solver - // with the most matching labels in matchLabels will be selected. - // If neither has more matches, the solver defined earlier in the list - // will be selected. - // +optional - DNSZones []string `json:"dnsZones,omitempty"` -} - -// ACMEChallengeSolverHTTP01 contains configuration detailing how to solve -// HTTP01 challenges within a Kubernetes cluster. -// Typically this is accomplished through creating 'routes' of some description -// that configure ingress controllers to direct traffic to 'solver pods', which -// are responsible for responding to the ACME server's HTTP requests. -// Only one of Ingress / Gateway can be specified. -type ACMEChallengeSolverHTTP01 struct { - // The ingress based HTTP01 challenge solver will solve challenges by - // creating or modifying Ingress resources in order to route requests for - // '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are - // provisioned by cert-manager for each Challenge to be completed. - // +optional - Ingress *ACMEChallengeSolverHTTP01Ingress `json:"ingress,omitempty"` - - // The Gateway API is a sig-network community API that models service networking - // in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will - // create HTTPRoutes with the specified labels in the same namespace as the challenge. - // This solver is experimental, and fields / behaviour may change in the future. - // +optional - GatewayHTTPRoute *ACMEChallengeSolverHTTP01GatewayHTTPRoute `json:"gatewayHTTPRoute,omitempty"` -} - -type ACMEChallengeSolverHTTP01Ingress struct { - // Optional service type for Kubernetes solver service. Supported values - // are NodePort or ClusterIP. If unset, defaults to NodePort. - // +optional - ServiceType corev1.ServiceType `json:"serviceType,omitempty"` - - // The ingress class to use when creating Ingress resources to solve ACME - // challenges that use this challenge solver. - // Only one of 'class' or 'name' may be specified. - // +optional - Class *string `json:"class,omitempty"` - - // The name of the ingress resource that should have ACME challenge solving - // routes inserted into it in order to solve HTTP01 challenges. - // This is typically used in conjunction with ingress controllers like - // ingress-gce, which maintains a 1:1 mapping between external IPs and - // ingress resources. - // +optional - Name string `json:"name,omitempty"` - - // Optional pod template used to configure the ACME challenge solver pods - // used for HTTP01 challenges. - // +optional - PodTemplate *ACMEChallengeSolverHTTP01IngressPodTemplate `json:"podTemplate,omitempty"` - - // Optional ingress template used to configure the ACME challenge solver - // ingress used for HTTP01 challenges - // +optional - IngressTemplate *ACMEChallengeSolverHTTP01IngressTemplate `json:"ingressTemplate,omitempty"` -} - -type ACMEChallengeSolverHTTP01GatewayHTTPRoute struct { - // Optional service type for Kubernetes solver service. Supported values - // are NodePort or ClusterIP. If unset, defaults to NodePort. - // +optional - ServiceType corev1.ServiceType `json:"serviceType,omitempty"` - - // The labels that cert-manager will use when creating the temporary - // HTTPRoute needed for solving the HTTP-01 challenge. These labels - // must match the label selector of at least one Gateway. - Labels map[string]string `json:"labels,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressPodTemplate struct { - // ObjectMeta overrides for the pod used to solve HTTP01 challenges. - // Only the 'labels' and 'annotations' fields may be set. - // If labels or annotations overlap with in-built values, the values here - // will override the in-built values. - // +optional - ACMEChallengeSolverHTTP01IngressPodObjectMeta `json:"metadata"` - - // PodSpec defines overrides for the HTTP01 challenge solver pod. - // Only the 'priorityClassName', 'nodeSelector', 'affinity', - // 'serviceAccountName' and 'tolerations' fields are supported currently. - // All other fields will be ignored. - // +optional - Spec ACMEChallengeSolverHTTP01IngressPodSpec `json:"spec"` -} - -type ACMEChallengeSolverHTTP01IngressPodObjectMeta struct { - // Annotations that should be added to the create ACME HTTP01 solver pods. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels that should be added to the created ACME HTTP01 solver pods. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressPodSpec struct { - // NodeSelector is a selector which must be true for the pod to fit on a node. - // Selector which must match a node's labels for the pod to be scheduled on that node. - // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - // +optional - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - - // If specified, the pod's scheduling constraints - // +optional - Affinity *corev1.Affinity `json:"affinity,omitempty"` - - // If specified, the pod's tolerations. - // +optional - Tolerations []corev1.Toleration `json:"tolerations,omitempty"` - - // If specified, the pod's priorityClassName. - // +optional - PriorityClassName string `json:"priorityClassName,omitempty"` - - // If specified, the pod's service account - // +optional - ServiceAccountName string `json:"serviceAccountName,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressTemplate struct { - // ObjectMeta overrides for the ingress used to solve HTTP01 challenges. - // Only the 'labels' and 'annotations' fields may be set. - // If labels or annotations overlap with in-built values, the values here - // will override the in-built values. - // +optional - ACMEChallengeSolverHTTP01IngressObjectMeta `json:"metadata"` -} - -type ACMEChallengeSolverHTTP01IngressObjectMeta struct { - // Annotations that should be added to the created ACME HTTP01 solver ingress. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels that should be added to the created ACME HTTP01 solver ingress. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} - -// Used to configure a DNS01 challenge provider to be used when solving DNS01 -// challenges. -// Only one DNS provider may be configured per solver. -type ACMEChallengeSolverDNS01 struct { - // CNAMEStrategy configures how the DNS01 provider should handle CNAME - // records when found in DNS zones. - // +optional - CNAMEStrategy CNAMEStrategy `json:"cnameStrategy,omitempty"` - - // Use the Akamai DNS zone management API to manage DNS01 challenge records. - // +optional - Akamai *ACMEIssuerDNS01ProviderAkamai `json:"akamai,omitempty"` - - // Use the Google Cloud DNS API to manage DNS01 challenge records. - // +optional - CloudDNS *ACMEIssuerDNS01ProviderCloudDNS `json:"clouddns,omitempty"` - - // Use the Cloudflare API to manage DNS01 challenge records. - // +optional - Cloudflare *ACMEIssuerDNS01ProviderCloudflare `json:"cloudflare,omitempty"` - - // Use the AWS Route53 API to manage DNS01 challenge records. - // +optional - Route53 *ACMEIssuerDNS01ProviderRoute53 `json:"route53,omitempty"` - - // Use the Microsoft Azure DNS API to manage DNS01 challenge records. - // +optional - AzureDNS *ACMEIssuerDNS01ProviderAzureDNS `json:"azuredns,omitempty"` - - // Use the DigitalOcean DNS API to manage DNS01 challenge records. - // +optional - DigitalOcean *ACMEIssuerDNS01ProviderDigitalOcean `json:"digitalocean,omitempty"` - - // Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage - // DNS01 challenge records. - // +optional - AcmeDNS *ACMEIssuerDNS01ProviderAcmeDNS `json:"acmedns,omitempty"` - - // Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) - // to manage DNS01 challenge records. - // +optional - RFC2136 *ACMEIssuerDNS01ProviderRFC2136 `json:"rfc2136,omitempty"` - - // Configure an external webhook based DNS01 challenge solver to manage - // DNS01 challenge records. - // +optional - Webhook *ACMEIssuerDNS01ProviderWebhook `json:"webhook,omitempty"` -} - -// CNAMEStrategy configures how the DNS01 provider should handle CNAME records -// when found in DNS zones. -// By default, the None strategy will be applied (i.e. do not follow CNAMEs). -// +kubebuilder:validation:Enum=None;Follow -type CNAMEStrategy string - -const ( - // NoneStrategy indicates that no CNAME resolution strategy should be used - // when determining which DNS zone to update during DNS01 challenges. - NoneStrategy = "None" - - // FollowStrategy will cause cert-manager to recurse through CNAMEs in - // order to determine which DNS zone to update during DNS01 challenges. - // This is useful if you do not want to grant cert-manager access to your - // root DNS zone, and instead delegate the _acme-challenge.example.com - // subdomain to some other, less privileged domain. - FollowStrategy = "Follow" -) - -// ACMEIssuerDNS01ProviderAkamai is a structure containing the DNS -// configuration for Akamai DNS—Zone Record Management API -type ACMEIssuerDNS01ProviderAkamai struct { - ServiceConsumerDomain string `json:"serviceConsumerDomain"` - ClientToken cmmeta.SecretKeySelector `json:"clientTokenSecretRef"` - ClientSecret cmmeta.SecretKeySelector `json:"clientSecretSecretRef"` - AccessToken cmmeta.SecretKeySelector `json:"accessTokenSecretRef"` -} - -// ACMEIssuerDNS01ProviderCloudDNS is a structure containing the DNS -// configuration for Google Cloud DNS -type ACMEIssuerDNS01ProviderCloudDNS struct { - // +optional - ServiceAccount *cmmeta.SecretKeySelector `json:"serviceAccountSecretRef,omitempty"` - Project string `json:"project"` - - // HostedZoneName is an optional field that tells cert-manager in which - // Cloud DNS zone the challenge record has to be created. - // If left empty cert-manager will automatically choose a zone. - // +optional - HostedZoneName string `json:"hostedZoneName,omitempty"` -} - -// ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS -// configuration for Cloudflare. -// One of `apiKeySecretRef` or `apiTokenSecretRef` must be provided. -type ACMEIssuerDNS01ProviderCloudflare struct { - // Email of the account, only required when using API key based authentication. - // +optional - Email string `json:"email,omitempty"` - - // API key to use to authenticate with Cloudflare. - // Note: using an API token to authenticate is now the recommended method - // as it allows greater control of permissions. - // +optional - APIKey *cmmeta.SecretKeySelector `json:"apiKeySecretRef,omitempty"` - - // API token used to authenticate with Cloudflare. - // +optional - APIToken *cmmeta.SecretKeySelector `json:"apiTokenSecretRef,omitempty"` -} - -// ACMEIssuerDNS01ProviderDigitalOcean is a structure containing the DNS -// configuration for DigitalOcean Domains -type ACMEIssuerDNS01ProviderDigitalOcean struct { - Token cmmeta.SecretKeySelector `json:"tokenSecretRef"` -} - -// ACMEIssuerDNS01ProviderRoute53 is a structure containing the Route 53 -// configuration for AWS -type ACMEIssuerDNS01ProviderRoute53 struct { - // The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata - // see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - // +optional - AccessKeyID string `json:"accessKeyID,omitempty"` - - // The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata - // https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - // +optional - SecretAccessKey cmmeta.SecretKeySelector `json:"secretAccessKeySecretRef"` - - // Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey - // or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - // +optional - Role string `json:"role,omitempty"` - - // If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - // +optional - HostedZoneID string `json:"hostedZoneID,omitempty"` - - // Always set the region when using AccessKeyID and SecretAccessKey - Region string `json:"region"` -} - -// ACMEIssuerDNS01ProviderAzureDNS is a structure containing the -// configuration for Azure DNS -type ACMEIssuerDNS01ProviderAzureDNS struct { - // if both this and ClientSecret are left unset MSI will be used - // +optional - ClientID string `json:"clientID,omitempty"` - - // if both this and ClientID are left unset MSI will be used - // +optional - ClientSecret *cmmeta.SecretKeySelector `json:"clientSecretSecretRef,omitempty"` - - // ID of the Azure subscription - SubscriptionID string `json:"subscriptionID"` - - // when specifying ClientID and ClientSecret then this field is also needed - // +optional - TenantID string `json:"tenantID,omitempty"` - - // resource group the DNS zone is located in - ResourceGroupName string `json:"resourceGroupName"` - - // name of the DNS zone that should be used - // +optional - HostedZoneName string `json:"hostedZoneName,omitempty"` - - // name of the Azure environment (default AzurePublicCloud) - // +optional - Environment AzureDNSEnvironment `json:"environment,omitempty"` - - // managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID - // +optional - ManagedIdentity *AzureManagedIdentity `json:"managedIdentity,omitempty"` -} - -type AzureManagedIdentity struct { - // client ID of the managed identity, can not be used at the same time as resourceID - // +optional - ClientID string `json:"clientID,omitempty"` - - // resource ID of the managed identity, can not be used at the same time as clientID - // +optional - ResourceID string `json:"resourceID,omitempty"` -} - -// +kubebuilder:validation:Enum=AzurePublicCloud;AzureChinaCloud;AzureGermanCloud;AzureUSGovernmentCloud -type AzureDNSEnvironment string - -const ( - AzurePublicCloud AzureDNSEnvironment = "AzurePublicCloud" - AzureChinaCloud AzureDNSEnvironment = "AzureChinaCloud" - AzureGermanCloud AzureDNSEnvironment = "AzureGermanCloud" - AzureUSGovernmentCloud AzureDNSEnvironment = "AzureUSGovernmentCloud" -) - -// ACMEIssuerDNS01ProviderAcmeDNS is a structure containing the -// configuration for ACME-DNS servers -type ACMEIssuerDNS01ProviderAcmeDNS struct { - Host string `json:"host"` - - AccountSecret cmmeta.SecretKeySelector `json:"accountSecretRef"` -} - -// ACMEIssuerDNS01ProviderRFC2136 is a structure containing the -// configuration for RFC2136 DNS -type ACMEIssuerDNS01ProviderRFC2136 struct { - // The IP address or hostname of an authoritative DNS server supporting - // RFC2136 in the form host:port. If the host is an IPv6 address it must be - // enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. - // This field is required. - Nameserver string `json:"nameserver"` - - // The name of the secret containing the TSIG value. - // If ``tsigKeyName`` is defined, this field is required. - // +optional - TSIGSecret cmmeta.SecretKeySelector `json:"tsigSecretSecretRef,omitempty"` - - // The TSIG Key name configured in the DNS. - // If ``tsigSecretSecretRef`` is defined, this field is required. - // +optional - TSIGKeyName string `json:"tsigKeyName,omitempty"` - - // The TSIG Algorithm configured in the DNS supporting RFC2136. Used only - // when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. - // Supported values are (case-insensitive): ``HMACMD5`` (default), - // ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``. - // +optional - TSIGAlgorithm string `json:"tsigAlgorithm,omitempty"` -} - -// ACMEIssuerDNS01ProviderWebhook specifies configuration for a webhook DNS01 -// provider, including where to POST ChallengePayload resources. -type ACMEIssuerDNS01ProviderWebhook struct { - // The API group name that should be used when POSTing ChallengePayload - // resources to the webhook apiserver. - // This should be the same as the GroupName specified in the webhook - // provider implementation. - GroupName string `json:"groupName"` - - // The name of the solver to use, as defined in the webhook provider - // implementation. - // This will typically be the name of the provider, e.g. 'cloudflare'. - SolverName string `json:"solverName"` - - // Additional configuration that should be passed to the webhook apiserver - // when challenges are processed. - // This can contain arbitrary JSON data. - // Secret values should not be specified in this stanza. - // If secret values are needed (e.g. credentials for a DNS service), you - // should use a SecretKeySelector to reference a Secret resource. - // For details on the schema of this field, consult the webhook provider - // implementation's documentation. - // +optional - Config *apiextensionsv1.JSON `json:"config,omitempty"` -} - -type ACMEIssuerStatus struct { - // URI is the unique account identifier, which can also be used to retrieve - // account details from the CA - // +optional - URI string `json:"uri,omitempty"` - - // LastRegisteredEmail is the email associated with the latest registered - // ACME account, in order to track changes made to registered account - // associated with the Issuer - // +optional - LastRegisteredEmail string `json:"lastRegisteredEmail,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_order.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_order.go deleted file mode 100644 index d306ce6d07..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/types_order.go +++ /dev/null @@ -1,238 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Order is a type to represent an Order with an ACME server -// +k8s:openapi-gen=true -type Order struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata"` - - Spec OrderSpec `json:"spec,omitempty"` - Status OrderStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// OrderList is a list of Orders -type OrderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Order `json:"items"` -} - -type OrderSpec struct { - // Certificate signing request bytes in DER encoding. - // This will be used when finalizing the order. - // This field must be set on the order. - CSR []byte `json:"csr"` - - // IssuerRef references a properly configured ACME-type Issuer which should - // be used to create this Order. - // If the Issuer does not exist, processing will be retried. - // If the Issuer is not an 'ACME' Issuer, an error will be returned and the - // Order will be marked as failed. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // CommonName is the common name as specified on the DER encoded CSR. - // If specified, this value must also be present in `dnsNames` or `ipAddresses`. - // This field must match the corresponding field on the DER encoded CSR. - // +optional - CommonName string `json:"commonName,omitempty"` - - // DNSNames is a list of DNS names that should be included as part of the Order - // validation process. - // This field must match the corresponding field on the DER encoded CSR. - //+optional - DNSNames []string `json:"dnsNames,omitempty"` - - // IPAddresses is a list of IP addresses that should be included as part of the Order - // validation process. - // This field must match the corresponding field on the DER encoded CSR. - // +optional - IPAddresses []string `json:"ipAddresses,omitempty"` - - // Duration is the duration for the not after date for the requested certificate. - // this is set on order creation as pe the ACME spec. - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` -} - -type OrderStatus struct { - // URL of the Order. - // This will initially be empty when the resource is first created. - // The Order controller will populate this field when the Order is first processed. - // This field will be immutable after it is initially set. - // +optional - URL string `json:"url,omitempty"` - - // FinalizeURL of the Order. - // This is used to obtain certificates for this order once it has been completed. - // +optional - FinalizeURL string `json:"finalizeURL,omitempty"` - - // Authorizations contains data returned from the ACME server on what - // authorizations must be completed in order to validate the DNS names - // specified on the Order. - // +optional - Authorizations []ACMEAuthorization `json:"authorizations,omitempty"` - - // Certificate is a copy of the PEM encoded certificate for this Order. - // This field will be populated after the order has been successfully - // finalized with the ACME server, and the order has transitioned to the - // 'valid' state. - // +optional - Certificate []byte `json:"certificate,omitempty"` - - // State contains the current state of this Order resource. - // States 'success' and 'expired' are 'final' - // +optional - State State `json:"state,omitempty"` - - // Reason optionally provides more information about a why the order is in - // the current state. - // +optional - Reason string `json:"reason,omitempty"` - - // FailureTime stores the time that this order failed. - // This is used to influence garbage collection and back-off. - // +optional - FailureTime *metav1.Time `json:"failureTime,omitempty"` -} - -// ACMEAuthorization contains data returned from the ACME server on an -// authorization that must be completed in order validate a DNS name on an ACME -// Order resource. -type ACMEAuthorization struct { - // URL is the URL of the Authorization that must be completed - URL string `json:"url"` - - // Identifier is the DNS name to be validated as part of this authorization - // +optional - Identifier string `json:"identifier,omitempty"` - - // Wildcard will be true if this authorization is for a wildcard DNS name. - // If this is true, the identifier will be the *non-wildcard* version of - // the DNS name. - // For example, if '*.example.com' is the DNS name being validated, this - // field will be 'true' and the 'identifier' field will be 'example.com'. - // +optional - Wildcard *bool `json:"wildcard,omitempty"` - - // InitialState is the initial state of the ACME authorization when first - // fetched from the ACME server. - // If an Authorization is already 'valid', the Order controller will not - // create a Challenge resource for the authorization. This will occur when - // working with an ACME server that enables 'authz reuse' (such as Let's - // Encrypt's production endpoint). - // If not set and 'identifier' is set, the state is assumed to be pending - // and a Challenge will be created. - // +optional - InitialState State `json:"initialState,omitempty"` - - // Challenges specifies the challenge types offered by the ACME server. - // One of these challenge types will be selected when validating the DNS - // name and an appropriate Challenge resource will be created to perform - // the ACME challenge process. - // +optional - Challenges []ACMEChallenge `json:"challenges,omitempty"` -} - -// Challenge specifies a challenge offered by the ACME server for an Order. -// An appropriate Challenge resource can be created to perform the ACME -// challenge process. -type ACMEChallenge struct { - // URL is the URL of this challenge. It can be used to retrieve additional - // metadata about the Challenge from the ACME server. - URL string `json:"url"` - - // Token is the token that must be presented for this challenge. - // This is used to compute the 'key' that must also be presented. - Token string `json:"token"` - - // Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', - // 'tls-sni-01', etc. - // This is the raw value retrieved from the ACME server. - // Only 'http-01' and 'dns-01' are supported by cert-manager, other values - // will be ignored. - Type string `json:"type"` -} - -// State represents the state of an ACME resource, such as an Order. -// The possible options here map to the corresponding values in the -// ACME specification. -// Full details of these values can be found here: https://tools.ietf.org/html/draft-ietf-acme-acme-15#section-7.1.6 -// Clients utilising this type must also gracefully handle unknown -// values, as the contents of this enumeration may be added to over time. -// +kubebuilder:validation:Enum=valid;ready;pending;processing;invalid;expired;errored -type State string - -const ( - // Unknown is not a real state as part of the ACME spec. - // It is used to represent an unrecognised value. - Unknown State = "" - - // Valid signifies that an ACME resource is in a valid state. - // If an order is 'valid', it has been finalized with the ACME server and - // the certificate can be retrieved from the ACME server using the - // certificate URL stored in the Order's status subresource. - // This is a final state. - Valid State = "valid" - - // Ready signifies that an ACME resource is in a ready state. - // If an order is 'ready', all of its challenges have been completed - // successfully and the order is ready to be finalized. - // Once finalized, it will transition to the Valid state. - // This is a transient state. - Ready State = "ready" - - // Pending signifies that an ACME resource is still pending and is not yet ready. - // If an Order is marked 'Pending', the validations for that Order are still in progress. - // This is a transient state. - Pending State = "pending" - - // Processing signifies that an ACME resource is being processed by the server. - // If an Order is marked 'Processing', the validations for that Order are currently being processed. - // This is a transient state. - Processing State = "processing" - - // Invalid signifies that an ACME resource is invalid for some reason. - // If an Order is marked 'invalid', one of its validations be have invalid for some reason. - // This is a final state. - Invalid State = "invalid" - - // Expired signifies that an ACME resource has expired. - // If an Order is marked 'Expired', one of its validations may have expired or the Order itself. - // This is a final state. - Expired State = "expired" - - // Errored signifies that the ACME resource has errored for some reason. - // This is a catch-all state, and is used for marking internal cert-manager - // errors such as validation failures. - // This is a final state. - Errored State = "errored" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/zz_generated.deepcopy.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/zz_generated.deepcopy.go deleted file mode 100644 index 4590a7530d..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2/zz_generated.deepcopy.go +++ /dev/null @@ -1,891 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" - v1 "k8s.io/api/core/v1" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEAuthorization) DeepCopyInto(out *ACMEAuthorization) { - *out = *in - if in.Wildcard != nil { - in, out := &in.Wildcard, &out.Wildcard - *out = new(bool) - **out = **in - } - if in.Challenges != nil { - in, out := &in.Challenges, &out.Challenges - *out = make([]ACMEChallenge, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEAuthorization. -func (in *ACMEAuthorization) DeepCopy() *ACMEAuthorization { - if in == nil { - return nil - } - out := new(ACMEAuthorization) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallenge) DeepCopyInto(out *ACMEChallenge) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallenge. -func (in *ACMEChallenge) DeepCopy() *ACMEChallenge { - if in == nil { - return nil - } - out := new(ACMEChallenge) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolver) DeepCopyInto(out *ACMEChallengeSolver) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(CertificateDNSNameSelector) - (*in).DeepCopyInto(*out) - } - if in.HTTP01 != nil { - in, out := &in.HTTP01, &out.HTTP01 - *out = new(ACMEChallengeSolverHTTP01) - (*in).DeepCopyInto(*out) - } - if in.DNS01 != nil { - in, out := &in.DNS01, &out.DNS01 - *out = new(ACMEChallengeSolverDNS01) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolver. -func (in *ACMEChallengeSolver) DeepCopy() *ACMEChallengeSolver { - if in == nil { - return nil - } - out := new(ACMEChallengeSolver) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverDNS01) DeepCopyInto(out *ACMEChallengeSolverDNS01) { - *out = *in - if in.Akamai != nil { - in, out := &in.Akamai, &out.Akamai - *out = new(ACMEIssuerDNS01ProviderAkamai) - **out = **in - } - if in.CloudDNS != nil { - in, out := &in.CloudDNS, &out.CloudDNS - *out = new(ACMEIssuerDNS01ProviderCloudDNS) - (*in).DeepCopyInto(*out) - } - if in.Cloudflare != nil { - in, out := &in.Cloudflare, &out.Cloudflare - *out = new(ACMEIssuerDNS01ProviderCloudflare) - (*in).DeepCopyInto(*out) - } - if in.Route53 != nil { - in, out := &in.Route53, &out.Route53 - *out = new(ACMEIssuerDNS01ProviderRoute53) - **out = **in - } - if in.AzureDNS != nil { - in, out := &in.AzureDNS, &out.AzureDNS - *out = new(ACMEIssuerDNS01ProviderAzureDNS) - (*in).DeepCopyInto(*out) - } - if in.DigitalOcean != nil { - in, out := &in.DigitalOcean, &out.DigitalOcean - *out = new(ACMEIssuerDNS01ProviderDigitalOcean) - **out = **in - } - if in.AcmeDNS != nil { - in, out := &in.AcmeDNS, &out.AcmeDNS - *out = new(ACMEIssuerDNS01ProviderAcmeDNS) - **out = **in - } - if in.RFC2136 != nil { - in, out := &in.RFC2136, &out.RFC2136 - *out = new(ACMEIssuerDNS01ProviderRFC2136) - **out = **in - } - if in.Webhook != nil { - in, out := &in.Webhook, &out.Webhook - *out = new(ACMEIssuerDNS01ProviderWebhook) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverDNS01. -func (in *ACMEChallengeSolverDNS01) DeepCopy() *ACMEChallengeSolverDNS01 { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverDNS01) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01) DeepCopyInto(out *ACMEChallengeSolverHTTP01) { - *out = *in - if in.Ingress != nil { - in, out := &in.Ingress, &out.Ingress - *out = new(ACMEChallengeSolverHTTP01Ingress) - (*in).DeepCopyInto(*out) - } - if in.GatewayHTTPRoute != nil { - in, out := &in.GatewayHTTPRoute, &out.GatewayHTTPRoute - *out = new(ACMEChallengeSolverHTTP01GatewayHTTPRoute) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01. -func (in *ACMEChallengeSolverHTTP01) DeepCopy() *ACMEChallengeSolverHTTP01 { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01GatewayHTTPRoute) DeepCopyInto(out *ACMEChallengeSolverHTTP01GatewayHTTPRoute) { - *out = *in - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01GatewayHTTPRoute. -func (in *ACMEChallengeSolverHTTP01GatewayHTTPRoute) DeepCopy() *ACMEChallengeSolverHTTP01GatewayHTTPRoute { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01GatewayHTTPRoute) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01Ingress) DeepCopyInto(out *ACMEChallengeSolverHTTP01Ingress) { - *out = *in - if in.Class != nil { - in, out := &in.Class, &out.Class - *out = new(string) - **out = **in - } - if in.PodTemplate != nil { - in, out := &in.PodTemplate, &out.PodTemplate - *out = new(ACMEChallengeSolverHTTP01IngressPodTemplate) - (*in).DeepCopyInto(*out) - } - if in.IngressTemplate != nil { - in, out := &in.IngressTemplate, &out.IngressTemplate - *out = new(ACMEChallengeSolverHTTP01IngressTemplate) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01Ingress. -func (in *ACMEChallengeSolverHTTP01Ingress) DeepCopy() *ACMEChallengeSolverHTTP01Ingress { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01Ingress) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressObjectMeta) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressObjectMeta) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressObjectMeta. -func (in *ACMEChallengeSolverHTTP01IngressObjectMeta) DeepCopy() *ACMEChallengeSolverHTTP01IngressObjectMeta { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressObjectMeta) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodObjectMeta) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodObjectMeta) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodObjectMeta. -func (in *ACMEChallengeSolverHTTP01IngressPodObjectMeta) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodObjectMeta { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodObjectMeta) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodSpec) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodSpec) { - *out = *in - if in.NodeSelector != nil { - in, out := &in.NodeSelector, &out.NodeSelector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Affinity != nil { - in, out := &in.Affinity, &out.Affinity - *out = new(v1.Affinity) - (*in).DeepCopyInto(*out) - } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations - *out = make([]v1.Toleration, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodSpec. -func (in *ACMEChallengeSolverHTTP01IngressPodSpec) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodSpec { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodTemplate) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodTemplate) { - *out = *in - in.ACMEChallengeSolverHTTP01IngressPodObjectMeta.DeepCopyInto(&out.ACMEChallengeSolverHTTP01IngressPodObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodTemplate. -func (in *ACMEChallengeSolverHTTP01IngressPodTemplate) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodTemplate { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressTemplate) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressTemplate) { - *out = *in - in.ACMEChallengeSolverHTTP01IngressObjectMeta.DeepCopyInto(&out.ACMEChallengeSolverHTTP01IngressObjectMeta) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressTemplate. -func (in *ACMEChallengeSolverHTTP01IngressTemplate) DeepCopy() *ACMEChallengeSolverHTTP01IngressTemplate { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEExternalAccountBinding) DeepCopyInto(out *ACMEExternalAccountBinding) { - *out = *in - out.Key = in.Key - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEExternalAccountBinding. -func (in *ACMEExternalAccountBinding) DeepCopy() *ACMEExternalAccountBinding { - if in == nil { - return nil - } - out := new(ACMEExternalAccountBinding) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuer) DeepCopyInto(out *ACMEIssuer) { - *out = *in - if in.ExternalAccountBinding != nil { - in, out := &in.ExternalAccountBinding, &out.ExternalAccountBinding - *out = new(ACMEExternalAccountBinding) - **out = **in - } - out.PrivateKey = in.PrivateKey - if in.Solvers != nil { - in, out := &in.Solvers, &out.Solvers - *out = make([]ACMEChallengeSolver, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuer. -func (in *ACMEIssuer) DeepCopy() *ACMEIssuer { - if in == nil { - return nil - } - out := new(ACMEIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAcmeDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderAcmeDNS) { - *out = *in - out.AccountSecret = in.AccountSecret - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAcmeDNS. -func (in *ACMEIssuerDNS01ProviderAcmeDNS) DeepCopy() *ACMEIssuerDNS01ProviderAcmeDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAcmeDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAkamai) DeepCopyInto(out *ACMEIssuerDNS01ProviderAkamai) { - *out = *in - out.ClientToken = in.ClientToken - out.ClientSecret = in.ClientSecret - out.AccessToken = in.AccessToken - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAkamai. -func (in *ACMEIssuerDNS01ProviderAkamai) DeepCopy() *ACMEIssuerDNS01ProviderAkamai { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAkamai) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAzureDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderAzureDNS) { - *out = *in - if in.ClientSecret != nil { - in, out := &in.ClientSecret, &out.ClientSecret - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.ManagedIdentity != nil { - in, out := &in.ManagedIdentity, &out.ManagedIdentity - *out = new(AzureManagedIdentity) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAzureDNS. -func (in *ACMEIssuerDNS01ProviderAzureDNS) DeepCopy() *ACMEIssuerDNS01ProviderAzureDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAzureDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderCloudDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderCloudDNS) { - *out = *in - if in.ServiceAccount != nil { - in, out := &in.ServiceAccount, &out.ServiceAccount - *out = new(metav1.SecretKeySelector) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderCloudDNS. -func (in *ACMEIssuerDNS01ProviderCloudDNS) DeepCopy() *ACMEIssuerDNS01ProviderCloudDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderCloudDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderCloudflare) DeepCopyInto(out *ACMEIssuerDNS01ProviderCloudflare) { - *out = *in - if in.APIKey != nil { - in, out := &in.APIKey, &out.APIKey - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.APIToken != nil { - in, out := &in.APIToken, &out.APIToken - *out = new(metav1.SecretKeySelector) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderCloudflare. -func (in *ACMEIssuerDNS01ProviderCloudflare) DeepCopy() *ACMEIssuerDNS01ProviderCloudflare { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderCloudflare) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderDigitalOcean) DeepCopyInto(out *ACMEIssuerDNS01ProviderDigitalOcean) { - *out = *in - out.Token = in.Token - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderDigitalOcean. -func (in *ACMEIssuerDNS01ProviderDigitalOcean) DeepCopy() *ACMEIssuerDNS01ProviderDigitalOcean { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderDigitalOcean) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderRFC2136) DeepCopyInto(out *ACMEIssuerDNS01ProviderRFC2136) { - *out = *in - out.TSIGSecret = in.TSIGSecret - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderRFC2136. -func (in *ACMEIssuerDNS01ProviderRFC2136) DeepCopy() *ACMEIssuerDNS01ProviderRFC2136 { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderRFC2136) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderRoute53) DeepCopyInto(out *ACMEIssuerDNS01ProviderRoute53) { - *out = *in - out.SecretAccessKey = in.SecretAccessKey - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderRoute53. -func (in *ACMEIssuerDNS01ProviderRoute53) DeepCopy() *ACMEIssuerDNS01ProviderRoute53 { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderRoute53) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderWebhook) DeepCopyInto(out *ACMEIssuerDNS01ProviderWebhook) { - *out = *in - if in.Config != nil { - in, out := &in.Config, &out.Config - *out = new(apiextensionsv1.JSON) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderWebhook. -func (in *ACMEIssuerDNS01ProviderWebhook) DeepCopy() *ACMEIssuerDNS01ProviderWebhook { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderWebhook) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerStatus) DeepCopyInto(out *ACMEIssuerStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerStatus. -func (in *ACMEIssuerStatus) DeepCopy() *ACMEIssuerStatus { - if in == nil { - return nil - } - out := new(ACMEIssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AzureManagedIdentity) DeepCopyInto(out *AzureManagedIdentity) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureManagedIdentity. -func (in *AzureManagedIdentity) DeepCopy() *AzureManagedIdentity { - if in == nil { - return nil - } - out := new(AzureManagedIdentity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateDNSNameSelector) DeepCopyInto(out *CertificateDNSNameSelector) { - *out = *in - if in.MatchLabels != nil { - in, out := &in.MatchLabels, &out.MatchLabels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.DNSZones != nil { - in, out := &in.DNSZones, &out.DNSZones - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateDNSNameSelector. -func (in *CertificateDNSNameSelector) DeepCopy() *CertificateDNSNameSelector { - if in == nil { - return nil - } - out := new(CertificateDNSNameSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Challenge) DeepCopyInto(out *Challenge) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Challenge. -func (in *Challenge) DeepCopy() *Challenge { - if in == nil { - return nil - } - out := new(Challenge) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Challenge) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeList) DeepCopyInto(out *ChallengeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Challenge, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeList. -func (in *ChallengeList) DeepCopy() *ChallengeList { - if in == nil { - return nil - } - out := new(ChallengeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ChallengeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeSpec) DeepCopyInto(out *ChallengeSpec) { - *out = *in - in.Solver.DeepCopyInto(&out.Solver) - out.IssuerRef = in.IssuerRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeSpec. -func (in *ChallengeSpec) DeepCopy() *ChallengeSpec { - if in == nil { - return nil - } - out := new(ChallengeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeStatus) DeepCopyInto(out *ChallengeStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeStatus. -func (in *ChallengeStatus) DeepCopy() *ChallengeStatus { - if in == nil { - return nil - } - out := new(ChallengeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Order) DeepCopyInto(out *Order) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Order. -func (in *Order) DeepCopy() *Order { - if in == nil { - return nil - } - out := new(Order) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Order) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderList) DeepCopyInto(out *OrderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Order, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderList. -func (in *OrderList) DeepCopy() *OrderList { - if in == nil { - return nil - } - out := new(OrderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OrderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderSpec) DeepCopyInto(out *OrderSpec) { - *out = *in - if in.CSR != nil { - in, out := &in.CSR, &out.CSR - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.IssuerRef = in.IssuerRef - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.IPAddresses != nil { - in, out := &in.IPAddresses, &out.IPAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(apismetav1.Duration) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderSpec. -func (in *OrderSpec) DeepCopy() *OrderSpec { - if in == nil { - return nil - } - out := new(OrderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderStatus) DeepCopyInto(out *OrderStatus) { - *out = *in - if in.Authorizations != nil { - in, out := &in.Authorizations, &out.Authorizations - *out = make([]ACMEAuthorization, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.FailureTime != nil { - in, out := &in.FailureTime, &out.FailureTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderStatus. -func (in *OrderStatus) DeepCopy() *OrderStatus { - if in == nil { - return nil - } - out := new(OrderStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/const.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/const.go deleted file mode 100644 index 6998e44345..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/const.go +++ /dev/null @@ -1,21 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -const ( - ACMEFinalizer = "finalizer.acme.cert-manager.io" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/doc.go deleted file mode 100644 index c13ece79ef..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/doc.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package v1alpha3 is the v1alpha3 version of the API. -// +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/acme -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta -// +groupName=acme.cert-manager.io -package v1alpha3 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/register.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/register.go deleted file mode 100644 index 9cfc49c648..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/register.go +++ /dev/null @@ -1,58 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - "github.com/jetstack/cert-manager/pkg/apis/acme" -) - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: acme.GroupName, Version: "v1alpha3"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to api.Scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &Order{}, - &OrderList{}, - &Challenge{}, - &ChallengeList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types.go deleted file mode 100644 index 11a671c735..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types.go +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -const ( - // If this annotation is specified on a Certificate or Order resource when - // using the HTTP01 solver type, the ingress.name field of the HTTP01 - // solver's configuration will be set to the value given here. - // This is especially useful for users of Ingress controllers that maintain - // a 1:1 mapping between endpoint IP and Ingress resource. - ACMECertificateHTTP01IngressNameOverride = "acme.cert-manager.io/http01-override-ingress-name" - - // If this annotation is specified on a Certificate or Order resource when - // using the HTTP01 solver type, the ingress.class field of the HTTP01 - // solver's configuration will be set to the value given here. - // This is especially useful for users deploying many different ingress - // classes into a single cluster that want to be able to re-use a single - // solver for each ingress class. - ACMECertificateHTTP01IngressClassOverride = "acme.cert-manager.io/http01-override-ingress-class" - - // IngressEditInPlaceAnnotation is used to toggle the use of ingressClass instead - // of ingress on the created Certificate resource - IngressEditInPlaceAnnotationKey = "acme.cert-manager.io/http01-edit-in-place" -) - -const ( - OrderKind = "Order" - ChallengeKind = "Challenge" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_challenge.go deleted file mode 100644 index 293210c099..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_challenge.go +++ /dev/null @@ -1,145 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Challenge is a type to represent a Challenge request with an ACME server -// +k8s:openapi-gen=true -// +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state" -// +kubebuilder:printcolumn:name="Domain",type="string",JSONPath=".spec.dnsName" -// +kubebuilder:printcolumn:name="Reason",type="string",JSONPath=".status.reason",description="",priority=1 -// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC." -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=challenges -type Challenge struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata"` - - Spec ChallengeSpec `json:"spec,omitempty"` - Status ChallengeStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ChallengeList is a list of Challenges -type ChallengeList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Challenge `json:"items"` -} - -type ChallengeSpec struct { - // URL is the URL of the ACME Challenge resource for this challenge. - // This can be used to lookup details about the status of this challenge. - URL string `json:"url"` - - // AuthzURL is the URL to the ACME Authorization resource that this - // challenge is a part of. - AuthzURL string `json:"authzURL"` - - // DNSName is the identifier that this challenge is for, e.g. example.com. - // If the requested DNSName is a 'wildcard', this field MUST be set to the - // non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. - DNSName string `json:"dnsName"` - - // Wildcard will be true if this challenge is for a wildcard identifier, - // for example '*.example.com'. - // +optional - Wildcard bool `json:"wildcard"` - - // Type is the type of ACME challenge this resource represents. - // One of "http-01" or "dns-01". - Type ACMEChallengeType `json:"type"` - - // Token is the ACME challenge token for this challenge. - // This is the raw value returned from the ACME server. - Token string `json:"token"` - - // Key is the ACME challenge key for this challenge - // For HTTP01 challenges, this is the value that must be responded with to - // complete the HTTP01 challenge in the format: - // `.`. - // For DNS01 challenges, this is the base64 encoded SHA256 sum of the - // `.` - // text that must be set as the TXT record content. - Key string `json:"key"` - - // Solver contains the domain solving configuration that should be used to - // solve this challenge resource. - Solver ACMEChallengeSolver `json:"solver"` - - // IssuerRef references a properly configured ACME-type Issuer which should - // be used to create this Challenge. - // If the Issuer does not exist, processing will be retried. - // If the Issuer is not an 'ACME' Issuer, an error will be returned and the - // Challenge will be marked as failed. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` -} - -// The type of ACME challenge. Only http-01 and dns-01 are supported. -// +kubebuilder:validation:Enum=http-01;dns-01 -type ACMEChallengeType string - -const ( - // ACMEChallengeTypeHTTP01 denotes a Challenge is of type http-01 - // More info: https://letsencrypt.org/docs/challenge-types/#http-01-challenge - ACMEChallengeTypeHTTP01 ACMEChallengeType = "http-01" - - // ACMEChallengeTypeDNS01 denotes a Challenge is of type dns-01 - // More info: https://letsencrypt.org/docs/challenge-types/#dns-01-challenge - ACMEChallengeTypeDNS01 ACMEChallengeType = "dns-01" -) - -type ChallengeStatus struct { - // Processing is used to denote whether this challenge should be processed - // or not. - // This field will only be set to true by the 'scheduling' component. - // It will only be set to false by the 'challenges' controller, after the - // challenge has reached a final state or timed out. - // If this field is set to false, the challenge controller will not take - // any more action. - // +optional - Processing bool `json:"processing"` - - // Presented will be set to true if the challenge values for this challenge - // are currently 'presented'. - // This *does not* imply the self check is passing. Only that the values - // have been 'submitted' for the appropriate challenge mechanism (i.e. the - // DNS01 TXT record has been presented, or the HTTP01 configuration has been - // configured). - // +optional - Presented bool `json:"presented"` - - // Reason contains human readable information on why the Challenge is in the - // current state. - // +optional - Reason string `json:"reason,omitempty"` - - // State contains the current 'state' of the challenge. - // If not set, the state of the challenge is unknown. - // +optional - State State `json:"state,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_issuer.go deleted file mode 100644 index 40f4efc4da..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_issuer.go +++ /dev/null @@ -1,597 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - corev1 "k8s.io/api/core/v1" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// ACMEIssuer contains the specification for an ACME issuer. -// This uses the RFC8555 specification to obtain certificates by completing -// 'challenges' to prove ownership of domain identifiers. -// Earlier draft versions of the ACME specification are not supported. -type ACMEIssuer struct { - // Email is the email address to be associated with the ACME account. - // This field is optional, but it is strongly recommended to be set. - // It will be used to contact you in case of issues with your account or - // certificates, including expiry notification emails. - // This field may be updated after the account is initially registered. - // +optional - Email string `json:"email,omitempty"` - - // Server is the URL used to access the ACME server's 'directory' endpoint. - // For example, for Let's Encrypt's staging endpoint, you would use: - // "https://acme-staging-v02.api.letsencrypt.org/directory". - // Only ACME v2 endpoints (i.e. RFC 8555) are supported. - Server string `json:"server"` - - // PreferredChain is the chain to use if the ACME server outputs multiple. - // PreferredChain is no guarantee that this one gets delivered by the ACME - // endpoint. - // For example, for Let's Encrypt's DST crosssign you would use: - // "DST Root CA X3" or "ISRG Root X1" for the newer Let's Encrypt root CA. - // This value picks the first certificate bundle in the ACME alternative - // chains that has a certificate with this value as its issuer's CN - // +optional - // +kubebuilder:validation:MaxLength=64 - PreferredChain string `json:"preferredChain"` - - // Enables or disables validation of the ACME server TLS certificate. - // If true, requests to the ACME server will not have their TLS certificate - // validated (i.e. insecure connections will be allowed). - // Only enable this option in development environments. - // The cert-manager system installed roots will be used to verify connections - // to the ACME server if this is false. - // Defaults to false. - // +optional - SkipTLSVerify bool `json:"skipTLSVerify,omitempty"` - - // ExternalAccountBinding is a reference to a CA external account of the ACME - // server. - // If set, upon registration cert-manager will attempt to associate the given - // external account credentials with the registered ACME account. - // +optional - ExternalAccountBinding *ACMEExternalAccountBinding `json:"externalAccountBinding,omitempty"` - - // PrivateKey is the name of a Kubernetes Secret resource that will be used to - // store the automatically generated ACME account private key. - // Optionally, a `key` may be specified to select a specific entry within - // the named Secret resource. - // If `key` is not specified, a default of `tls.key` will be used. - PrivateKey cmmeta.SecretKeySelector `json:"privateKeySecretRef"` - - // Solvers is a list of challenge solvers that will be used to solve - // ACME challenges for the matching domains. - // Solver configurations must be provided in order to obtain certificates - // from an ACME server. - // For more information, see: https://cert-manager.io/docs/configuration/acme/ - // +optional - Solvers []ACMEChallengeSolver `json:"solvers,omitempty"` - - // Enables or disables generating a new ACME account key. - // If true, the Issuer resource will *not* request a new account but will expect - // the account key to be supplied via an existing secret. - // If false, the cert-manager system will generate a new ACME account key - // for the Issuer. - // Defaults to false. - // +optional - DisableAccountKeyGeneration bool `json:"disableAccountKeyGeneration,omitempty"` - - // Enables requesting a Not After date on certificates that matches the - // duration of the certificate. This is not supported by all ACME servers - // like Let's Encrypt. If set to true when the ACME server does not support - // it it will create an error on the Order. - // Defaults to false. - // +optional - EnableDurationFeature bool `json:"enableDurationFeature,omitempty"` -} - -// ACMEExternalAccountBinding is a reference to a CA external account of the ACME -// server. -type ACMEExternalAccountBinding struct { - // keyID is the ID of the CA key that the External Account is bound to. - KeyID string `json:"keyID"` - - // keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes - // Secret which holds the symmetric MAC key of the External Account Binding. - // The `key` is the index string that is paired with the key data in the - // Secret and should not be confused with the key data itself, or indeed with - // the External Account Binding keyID above. - // The secret key stored in the Secret **must** be un-padded, base64 URL - // encoded data. - Key cmmeta.SecretKeySelector `json:"keySecretRef"` - - // Deprecated: keyAlgorithm field exists for historical compatibility - // reasons and should not be used. The algorithm is now hardcoded to HS256 - // in golang/x/crypto/acme. - // +optional - KeyAlgorithm HMACKeyAlgorithm `json:"keyAlgorithm,omitempty"` -} - -// HMACKeyAlgorithm is the name of a key algorithm used for HMAC encryption -// +kubebuilder:validation:Enum=HS256;HS384;HS512 -type HMACKeyAlgorithm string - -const ( - HS256 HMACKeyAlgorithm = "HS256" - HS384 HMACKeyAlgorithm = "HS384" - HS512 HMACKeyAlgorithm = "HS512" -) - -// Configures an issuer to solve challenges using the specified options. -// Only one of HTTP01 or DNS01 may be provided. -type ACMEChallengeSolver struct { - // Selector selects a set of DNSNames on the Certificate resource that - // should be solved using this challenge solver. - // If not specified, the solver will be treated as the 'default' solver - // with the lowest priority, i.e. if any other solver has a more specific - // match, it will be used instead. - // +optional - Selector *CertificateDNSNameSelector `json:"selector,omitempty"` - - // Configures cert-manager to attempt to complete authorizations by - // performing the HTTP01 challenge flow. - // It is not possible to obtain certificates for wildcard domain names - // (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - // +optional - HTTP01 *ACMEChallengeSolverHTTP01 `json:"http01,omitempty"` - - // Configures cert-manager to attempt to complete authorizations by - // performing the DNS01 challenge flow. - // +optional - DNS01 *ACMEChallengeSolverDNS01 `json:"dns01,omitempty"` -} - -// CertificateDomainSelector selects certificates using a label selector, and -// can optionally select individual DNS names within those certificates. -// If both MatchLabels and DNSNames are empty, this selector will match all -// certificates and DNS names within them. -type CertificateDNSNameSelector struct { - // A label selector that is used to refine the set of certificate's that - // this challenge solver will apply to. - // +optional - MatchLabels map[string]string `json:"matchLabels,omitempty"` - - // List of DNSNames that this solver will be used to solve. - // If specified and a match is found, a dnsNames selector will take - // precedence over a dnsZones selector. - // If multiple solvers match with the same dnsNames value, the solver - // with the most matching labels in matchLabels will be selected. - // If neither has more matches, the solver defined earlier in the list - // will be selected. - // +optional - DNSNames []string `json:"dnsNames,omitempty"` - - // List of DNSZones that this solver will be used to solve. - // The most specific DNS zone match specified here will take precedence - // over other DNS zone matches, so a solver specifying sys.example.com - // will be selected over one specifying example.com for the domain - // www.sys.example.com. - // If multiple solvers match with the same dnsZones value, the solver - // with the most matching labels in matchLabels will be selected. - // If neither has more matches, the solver defined earlier in the list - // will be selected. - // +optional - DNSZones []string `json:"dnsZones,omitempty"` -} - -// ACMEChallengeSolverHTTP01 contains configuration detailing how to solve -// HTTP01 challenges within a Kubernetes cluster. -// Typically this is accomplished through creating 'routes' of some description -// that configure ingress controllers to direct traffic to 'solver pods', which -// are responsible for responding to the ACME server's HTTP requests. -// Only one of Ingress / Gateway can be specified. -type ACMEChallengeSolverHTTP01 struct { - // The ingress based HTTP01 challenge solver will solve challenges by - // creating or modifying Ingress resources in order to route requests for - // '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are - // provisioned by cert-manager for each Challenge to be completed. - // +optional - Ingress *ACMEChallengeSolverHTTP01Ingress `json:"ingress,omitempty"` - - // The Gateway API is a sig-network community API that models service networking - // in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will - // create HTTPRoutes with the specified labels in the same namespace as the challenge. - // This solver is experimental, and fields / behaviour may change in the future. - // +optional - GatewayHTTPRoute *ACMEChallengeSolverHTTP01GatewayHTTPRoute `json:"gatewayHTTPRoute,omitempty"` -} - -type ACMEChallengeSolverHTTP01Ingress struct { - // Optional service type for Kubernetes solver service. Supported values - // are NodePort or ClusterIP. If unset, defaults to NodePort. - // +optional - ServiceType corev1.ServiceType `json:"serviceType,omitempty"` - - // The ingress class to use when creating Ingress resources to solve ACME - // challenges that use this challenge solver. - // Only one of 'class' or 'name' may be specified. - // +optional - Class *string `json:"class,omitempty"` - - // The name of the ingress resource that should have ACME challenge solving - // routes inserted into it in order to solve HTTP01 challenges. - // This is typically used in conjunction with ingress controllers like - // ingress-gce, which maintains a 1:1 mapping between external IPs and - // ingress resources. - // +optional - Name string `json:"name,omitempty"` - - // Optional pod template used to configure the ACME challenge solver pods - // used for HTTP01 challenges. - // +optional - PodTemplate *ACMEChallengeSolverHTTP01IngressPodTemplate `json:"podTemplate,omitempty"` - - // Optional ingress template used to configure the ACME challenge solver - // ingress used for HTTP01 challenges - // +optional - IngressTemplate *ACMEChallengeSolverHTTP01IngressTemplate `json:"ingressTemplate,omitempty"` -} - -type ACMEChallengeSolverHTTP01GatewayHTTPRoute struct { - // Optional service type for Kubernetes solver service. Supported values - // are NodePort or ClusterIP. If unset, defaults to NodePort. - // +optional - ServiceType corev1.ServiceType `json:"serviceType,omitempty"` - - // The labels that cert-manager will use when creating the temporary - // HTTPRoute needed for solving the HTTP-01 challenge. These labels - // must match the label selector of at least one Gateway. - Labels map[string]string `json:"labels,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressPodTemplate struct { - // ObjectMeta overrides for the pod used to solve HTTP01 challenges. - // Only the 'labels' and 'annotations' fields may be set. - // If labels or annotations overlap with in-built values, the values here - // will override the in-built values. - // +optional - ACMEChallengeSolverHTTP01IngressPodObjectMeta `json:"metadata"` - - // PodSpec defines overrides for the HTTP01 challenge solver pod. - // Only the 'priorityClassName', 'nodeSelector', 'affinity', - // 'serviceAccountName' and 'tolerations' fields are supported currently. - // All other fields will be ignored. - // +optional - Spec ACMEChallengeSolverHTTP01IngressPodSpec `json:"spec"` -} - -type ACMEChallengeSolverHTTP01IngressPodObjectMeta struct { - // Annotations that should be added to the create ACME HTTP01 solver pods. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels that should be added to the created ACME HTTP01 solver pods. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressPodSpec struct { - // NodeSelector is a selector which must be true for the pod to fit on a node. - // Selector which must match a node's labels for the pod to be scheduled on that node. - // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - // +optional - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - - // If specified, the pod's scheduling constraints - // +optional - Affinity *corev1.Affinity `json:"affinity,omitempty"` - - // If specified, the pod's tolerations. - // +optional - Tolerations []corev1.Toleration `json:"tolerations,omitempty"` - - // If specified, the pod's priorityClassName. - // +optional - PriorityClassName string `json:"priorityClassName,omitempty"` - - // If specified, the pod's service account - // +optional - ServiceAccountName string `json:"serviceAccountName,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressTemplate struct { - // ObjectMeta overrides for the ingress used to solve HTTP01 challenges. - // Only the 'labels' and 'annotations' fields may be set. - // If labels or annotations overlap with in-built values, the values here - // will override the in-built values. - // +optional - ACMEChallengeSolverHTTP01IngressObjectMeta `json:"metadata"` -} - -type ACMEChallengeSolverHTTP01IngressObjectMeta struct { - // Annotations that should be added to the created ACME HTTP01 solver ingress. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels that should be added to the created ACME HTTP01 solver ingress. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} - -// Used to configure a DNS01 challenge provider to be used when solving DNS01 -// challenges. -// Only one DNS provider may be configured per solver. -type ACMEChallengeSolverDNS01 struct { - // CNAMEStrategy configures how the DNS01 provider should handle CNAME - // records when found in DNS zones. - // +optional - CNAMEStrategy CNAMEStrategy `json:"cnameStrategy,omitempty"` - - // Use the Akamai DNS zone management API to manage DNS01 challenge records. - // +optional - Akamai *ACMEIssuerDNS01ProviderAkamai `json:"akamai,omitempty"` - - // Use the Google Cloud DNS API to manage DNS01 challenge records. - // +optional - CloudDNS *ACMEIssuerDNS01ProviderCloudDNS `json:"clouddns,omitempty"` - - // Use the Cloudflare API to manage DNS01 challenge records. - // +optional - Cloudflare *ACMEIssuerDNS01ProviderCloudflare `json:"cloudflare,omitempty"` - - // Use the AWS Route53 API to manage DNS01 challenge records. - // +optional - Route53 *ACMEIssuerDNS01ProviderRoute53 `json:"route53,omitempty"` - - // Use the Microsoft Azure DNS API to manage DNS01 challenge records. - // +optional - AzureDNS *ACMEIssuerDNS01ProviderAzureDNS `json:"azuredns,omitempty"` - - // Use the DigitalOcean DNS API to manage DNS01 challenge records. - // +optional - DigitalOcean *ACMEIssuerDNS01ProviderDigitalOcean `json:"digitalocean,omitempty"` - - // Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage - // DNS01 challenge records. - // +optional - AcmeDNS *ACMEIssuerDNS01ProviderAcmeDNS `json:"acmedns,omitempty"` - - // Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) - // to manage DNS01 challenge records. - // +optional - RFC2136 *ACMEIssuerDNS01ProviderRFC2136 `json:"rfc2136,omitempty"` - - // Configure an external webhook based DNS01 challenge solver to manage - // DNS01 challenge records. - // +optional - Webhook *ACMEIssuerDNS01ProviderWebhook `json:"webhook,omitempty"` -} - -// CNAMEStrategy configures how the DNS01 provider should handle CNAME records -// when found in DNS zones. -// By default, the None strategy will be applied (i.e. do not follow CNAMEs). -// +kubebuilder:validation:Enum=None;Follow -type CNAMEStrategy string - -const ( - // NoneStrategy indicates that no CNAME resolution strategy should be used - // when determining which DNS zone to update during DNS01 challenges. - NoneStrategy = "None" - - // FollowStrategy will cause cert-manager to recurse through CNAMEs in - // order to determine which DNS zone to update during DNS01 challenges. - // This is useful if you do not want to grant cert-manager access to your - // root DNS zone, and instead delegate the _acme-challenge.example.com - // subdomain to some other, less privileged domain. - FollowStrategy = "Follow" -) - -// ACMEIssuerDNS01ProviderAkamai is a structure containing the DNS -// configuration for Akamai DNS—Zone Record Management API -type ACMEIssuerDNS01ProviderAkamai struct { - ServiceConsumerDomain string `json:"serviceConsumerDomain"` - ClientToken cmmeta.SecretKeySelector `json:"clientTokenSecretRef"` - ClientSecret cmmeta.SecretKeySelector `json:"clientSecretSecretRef"` - AccessToken cmmeta.SecretKeySelector `json:"accessTokenSecretRef"` -} - -// ACMEIssuerDNS01ProviderCloudDNS is a structure containing the DNS -// configuration for Google Cloud DNS -type ACMEIssuerDNS01ProviderCloudDNS struct { - // +optional - ServiceAccount *cmmeta.SecretKeySelector `json:"serviceAccountSecretRef,omitempty"` - Project string `json:"project"` - - // HostedZoneName is an optional field that tells cert-manager in which - // Cloud DNS zone the challenge record has to be created. - // If left empty cert-manager will automatically choose a zone. - // +optional - HostedZoneName string `json:"hostedZoneName,omitempty"` -} - -// ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS -// configuration for Cloudflare. -// One of `apiKeySecretRef` or `apiTokenSecretRef` must be provided. -type ACMEIssuerDNS01ProviderCloudflare struct { - // Email of the account, only required when using API key based authentication. - // +optional - Email string `json:"email,omitempty"` - - // API key to use to authenticate with Cloudflare. - // Note: using an API token to authenticate is now the recommended method - // as it allows greater control of permissions. - // +optional - APIKey *cmmeta.SecretKeySelector `json:"apiKeySecretRef,omitempty"` - - // API token used to authenticate with Cloudflare. - // +optional - APIToken *cmmeta.SecretKeySelector `json:"apiTokenSecretRef,omitempty"` -} - -// ACMEIssuerDNS01ProviderDigitalOcean is a structure containing the DNS -// configuration for DigitalOcean Domains -type ACMEIssuerDNS01ProviderDigitalOcean struct { - Token cmmeta.SecretKeySelector `json:"tokenSecretRef"` -} - -// ACMEIssuerDNS01ProviderRoute53 is a structure containing the Route 53 -// configuration for AWS -type ACMEIssuerDNS01ProviderRoute53 struct { - // The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata - // see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - // +optional - AccessKeyID string `json:"accessKeyID,omitempty"` - - // The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata - // https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - // +optional - SecretAccessKey cmmeta.SecretKeySelector `json:"secretAccessKeySecretRef"` - - // Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey - // or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - // +optional - Role string `json:"role,omitempty"` - - // If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - // +optional - HostedZoneID string `json:"hostedZoneID,omitempty"` - - // Always set the region when using AccessKeyID and SecretAccessKey - Region string `json:"region"` -} - -// ACMEIssuerDNS01ProviderAzureDNS is a structure containing the -// configuration for Azure DNS -type ACMEIssuerDNS01ProviderAzureDNS struct { - // if both this and ClientSecret are left unset MSI will be used - // +optional - ClientID string `json:"clientID,omitempty"` - - // if both this and ClientID are left unset MSI will be used - // +optional - ClientSecret *cmmeta.SecretKeySelector `json:"clientSecretSecretRef,omitempty"` - - // ID of the Azure subscription - SubscriptionID string `json:"subscriptionID"` - - // when specifying ClientID and ClientSecret then this field is also needed - // +optional - TenantID string `json:"tenantID,omitempty"` - - // resource group the DNS zone is located in - ResourceGroupName string `json:"resourceGroupName"` - - // name of the DNS zone that should be used - // +optional - HostedZoneName string `json:"hostedZoneName,omitempty"` - - // name of the Azure environment (default AzurePublicCloud) - // +optional - Environment AzureDNSEnvironment `json:"environment,omitempty"` - - // managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID - // +optional - ManagedIdentity *AzureManagedIdentity `json:"managedIdentity,omitempty"` -} - -type AzureManagedIdentity struct { - // client ID of the managed identity, can not be used at the same time as resourceID - // +optional - ClientID string `json:"clientID,omitempty"` - - // resource ID of the managed identity, can not be used at the same time as clientID - // +optional - ResourceID string `json:"resourceID,omitempty"` -} - -// +kubebuilder:validation:Enum=AzurePublicCloud;AzureChinaCloud;AzureGermanCloud;AzureUSGovernmentCloud -type AzureDNSEnvironment string - -const ( - AzurePublicCloud AzureDNSEnvironment = "AzurePublicCloud" - AzureChinaCloud AzureDNSEnvironment = "AzureChinaCloud" - AzureGermanCloud AzureDNSEnvironment = "AzureGermanCloud" - AzureUSGovernmentCloud AzureDNSEnvironment = "AzureUSGovernmentCloud" -) - -// ACMEIssuerDNS01ProviderAcmeDNS is a structure containing the -// configuration for ACME-DNS servers -type ACMEIssuerDNS01ProviderAcmeDNS struct { - Host string `json:"host"` - - AccountSecret cmmeta.SecretKeySelector `json:"accountSecretRef"` -} - -// ACMEIssuerDNS01ProviderRFC2136 is a structure containing the -// configuration for RFC2136 DNS -type ACMEIssuerDNS01ProviderRFC2136 struct { - // The IP address or hostname of an authoritative DNS server supporting - // RFC2136 in the form host:port. If the host is an IPv6 address it must be - // enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. - // This field is required. - Nameserver string `json:"nameserver"` - - // The name of the secret containing the TSIG value. - // If ``tsigKeyName`` is defined, this field is required. - // +optional - TSIGSecret cmmeta.SecretKeySelector `json:"tsigSecretSecretRef,omitempty"` - - // The TSIG Key name configured in the DNS. - // If ``tsigSecretSecretRef`` is defined, this field is required. - // +optional - TSIGKeyName string `json:"tsigKeyName,omitempty"` - - // The TSIG Algorithm configured in the DNS supporting RFC2136. Used only - // when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. - // Supported values are (case-insensitive): ``HMACMD5`` (default), - // ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``. - // +optional - TSIGAlgorithm string `json:"tsigAlgorithm,omitempty"` -} - -// ACMEIssuerDNS01ProviderWebhook specifies configuration for a webhook DNS01 -// provider, including where to POST ChallengePayload resources. -type ACMEIssuerDNS01ProviderWebhook struct { - // The API group name that should be used when POSTing ChallengePayload - // resources to the webhook apiserver. - // This should be the same as the GroupName specified in the webhook - // provider implementation. - GroupName string `json:"groupName"` - - // The name of the solver to use, as defined in the webhook provider - // implementation. - // This will typically be the name of the provider, e.g. 'cloudflare'. - SolverName string `json:"solverName"` - - // Additional configuration that should be passed to the webhook apiserver - // when challenges are processed. - // This can contain arbitrary JSON data. - // Secret values should not be specified in this stanza. - // If secret values are needed (e.g. credentials for a DNS service), you - // should use a SecretKeySelector to reference a Secret resource. - // For details on the schema of this field, consult the webhook provider - // implementation's documentation. - // +optional - Config *apiextensionsv1.JSON `json:"config,omitempty"` -} - -type ACMEIssuerStatus struct { - // URI is the unique account identifier, which can also be used to retrieve - // account details from the CA - // +optional - URI string `json:"uri,omitempty"` - - // LastRegisteredEmail is the email associated with the latest registered - // ACME account, in order to track changes made to registered account - // associated with the Issuer - // +optional - LastRegisteredEmail string `json:"lastRegisteredEmail,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_order.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_order.go deleted file mode 100644 index 26893831a7..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/types_order.go +++ /dev/null @@ -1,238 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Order is a type to represent an Order with an ACME server -// +k8s:openapi-gen=true -type Order struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata"` - - Spec OrderSpec `json:"spec,omitempty"` - Status OrderStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// OrderList is a list of Orders -type OrderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Order `json:"items"` -} - -type OrderSpec struct { - // Certificate signing request bytes in DER encoding. - // This will be used when finalizing the order. - // This field must be set on the order. - CSR []byte `json:"csr"` - - // IssuerRef references a properly configured ACME-type Issuer which should - // be used to create this Order. - // If the Issuer does not exist, processing will be retried. - // If the Issuer is not an 'ACME' Issuer, an error will be returned and the - // Order will be marked as failed. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // CommonName is the common name as specified on the DER encoded CSR. - // If specified, this value must also be present in `dnsNames` or `ipAddresses`. - // This field must match the corresponding field on the DER encoded CSR. - // +optional - CommonName string `json:"commonName,omitempty"` - - // DNSNames is a list of DNS names that should be included as part of the Order - // validation process. - // This field must match the corresponding field on the DER encoded CSR. - //+optional - DNSNames []string `json:"dnsNames,omitempty"` - - // IPAddresses is a list of IP addresses that should be included as part of the Order - // validation process. - // This field must match the corresponding field on the DER encoded CSR. - // +optional - IPAddresses []string `json:"ipAddresses,omitempty"` - - // Duration is the duration for the not after date for the requested certificate. - // this is set on order creation as pe the ACME spec. - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` -} - -type OrderStatus struct { - // URL of the Order. - // This will initially be empty when the resource is first created. - // The Order controller will populate this field when the Order is first processed. - // This field will be immutable after it is initially set. - // +optional - URL string `json:"url,omitempty"` - - // FinalizeURL of the Order. - // This is used to obtain certificates for this order once it has been completed. - // +optional - FinalizeURL string `json:"finalizeURL,omitempty"` - - // Authorizations contains data returned from the ACME server on what - // authorizations must be completed in order to validate the DNS names - // specified on the Order. - // +optional - Authorizations []ACMEAuthorization `json:"authorizations,omitempty"` - - // Certificate is a copy of the PEM encoded certificate for this Order. - // This field will be populated after the order has been successfully - // finalized with the ACME server, and the order has transitioned to the - // 'valid' state. - // +optional - Certificate []byte `json:"certificate,omitempty"` - - // State contains the current state of this Order resource. - // States 'success' and 'expired' are 'final' - // +optional - State State `json:"state,omitempty"` - - // Reason optionally provides more information about a why the order is in - // the current state. - // +optional - Reason string `json:"reason,omitempty"` - - // FailureTime stores the time that this order failed. - // This is used to influence garbage collection and back-off. - // +optional - FailureTime *metav1.Time `json:"failureTime,omitempty"` -} - -// ACMEAuthorization contains data returned from the ACME server on an -// authorization that must be completed in order validate a DNS name on an ACME -// Order resource. -type ACMEAuthorization struct { - // URL is the URL of the Authorization that must be completed - URL string `json:"url"` - - // Identifier is the DNS name to be validated as part of this authorization - // +optional - Identifier string `json:"identifier,omitempty"` - - // Wildcard will be true if this authorization is for a wildcard DNS name. - // If this is true, the identifier will be the *non-wildcard* version of - // the DNS name. - // For example, if '*.example.com' is the DNS name being validated, this - // field will be 'true' and the 'identifier' field will be 'example.com'. - // +optional - Wildcard *bool `json:"wildcard,omitempty"` - - // InitialState is the initial state of the ACME authorization when first - // fetched from the ACME server. - // If an Authorization is already 'valid', the Order controller will not - // create a Challenge resource for the authorization. This will occur when - // working with an ACME server that enables 'authz reuse' (such as Let's - // Encrypt's production endpoint). - // If not set and 'identifier' is set, the state is assumed to be pending - // and a Challenge will be created. - // +optional - InitialState State `json:"initialState,omitempty"` - - // Challenges specifies the challenge types offered by the ACME server. - // One of these challenge types will be selected when validating the DNS - // name and an appropriate Challenge resource will be created to perform - // the ACME challenge process. - // +optional - Challenges []ACMEChallenge `json:"challenges,omitempty"` -} - -// Challenge specifies a challenge offered by the ACME server for an Order. -// An appropriate Challenge resource can be created to perform the ACME -// challenge process. -type ACMEChallenge struct { - // URL is the URL of this challenge. It can be used to retrieve additional - // metadata about the Challenge from the ACME server. - URL string `json:"url"` - - // Token is the token that must be presented for this challenge. - // This is used to compute the 'key' that must also be presented. - Token string `json:"token"` - - // Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', - // 'tls-sni-01', etc. - // This is the raw value retrieved from the ACME server. - // Only 'http-01' and 'dns-01' are supported by cert-manager, other values - // will be ignored. - Type string `json:"type"` -} - -// State represents the state of an ACME resource, such as an Order. -// The possible options here map to the corresponding values in the -// ACME specification. -// Full details of these values can be found here: https://tools.ietf.org/html/draft-ietf-acme-acme-15#section-7.1.6 -// Clients utilising this type must also gracefully handle unknown -// values, as the contents of this enumeration may be added to over time. -// +kubebuilder:validation:Enum=valid;ready;pending;processing;invalid;expired;errored -type State string - -const ( - // Unknown is not a real state as part of the ACME spec. - // It is used to represent an unrecognised value. - Unknown State = "" - - // Valid signifies that an ACME resource is in a valid state. - // If an order is 'valid', it has been finalized with the ACME server and - // the certificate can be retrieved from the ACME server using the - // certificate URL stored in the Order's status subresource. - // This is a final state. - Valid State = "valid" - - // Ready signifies that an ACME resource is in a ready state. - // If an order is 'ready', all of its challenges have been completed - // successfully and the order is ready to be finalized. - // Once finalized, it will transition to the Valid state. - // This is a transient state. - Ready State = "ready" - - // Pending signifies that an ACME resource is still pending and is not yet ready. - // If an Order is marked 'Pending', the validations for that Order are still in progress. - // This is a transient state. - Pending State = "pending" - - // Processing signifies that an ACME resource is being processed by the server. - // If an Order is marked 'Processing', the validations for that Order are currently being processed. - // This is a transient state. - Processing State = "processing" - - // Invalid signifies that an ACME resource is invalid for some reason. - // If an Order is marked 'invalid', one of its validations be have invalid for some reason. - // This is a final state. - Invalid State = "invalid" - - // Expired signifies that an ACME resource has expired. - // If an Order is marked 'Expired', one of its validations may have expired or the Order itself. - // This is a final state. - Expired State = "expired" - - // Errored signifies that the ACME resource has errored for some reason. - // This is a catch-all state, and is used for marking internal cert-manager - // errors such as validation failures. - // This is a final state. - Errored State = "errored" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/zz_generated.deepcopy.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/zz_generated.deepcopy.go deleted file mode 100644 index 64f729c0dc..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3/zz_generated.deepcopy.go +++ /dev/null @@ -1,891 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" - v1 "k8s.io/api/core/v1" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEAuthorization) DeepCopyInto(out *ACMEAuthorization) { - *out = *in - if in.Wildcard != nil { - in, out := &in.Wildcard, &out.Wildcard - *out = new(bool) - **out = **in - } - if in.Challenges != nil { - in, out := &in.Challenges, &out.Challenges - *out = make([]ACMEChallenge, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEAuthorization. -func (in *ACMEAuthorization) DeepCopy() *ACMEAuthorization { - if in == nil { - return nil - } - out := new(ACMEAuthorization) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallenge) DeepCopyInto(out *ACMEChallenge) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallenge. -func (in *ACMEChallenge) DeepCopy() *ACMEChallenge { - if in == nil { - return nil - } - out := new(ACMEChallenge) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolver) DeepCopyInto(out *ACMEChallengeSolver) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(CertificateDNSNameSelector) - (*in).DeepCopyInto(*out) - } - if in.HTTP01 != nil { - in, out := &in.HTTP01, &out.HTTP01 - *out = new(ACMEChallengeSolverHTTP01) - (*in).DeepCopyInto(*out) - } - if in.DNS01 != nil { - in, out := &in.DNS01, &out.DNS01 - *out = new(ACMEChallengeSolverDNS01) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolver. -func (in *ACMEChallengeSolver) DeepCopy() *ACMEChallengeSolver { - if in == nil { - return nil - } - out := new(ACMEChallengeSolver) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverDNS01) DeepCopyInto(out *ACMEChallengeSolverDNS01) { - *out = *in - if in.Akamai != nil { - in, out := &in.Akamai, &out.Akamai - *out = new(ACMEIssuerDNS01ProviderAkamai) - **out = **in - } - if in.CloudDNS != nil { - in, out := &in.CloudDNS, &out.CloudDNS - *out = new(ACMEIssuerDNS01ProviderCloudDNS) - (*in).DeepCopyInto(*out) - } - if in.Cloudflare != nil { - in, out := &in.Cloudflare, &out.Cloudflare - *out = new(ACMEIssuerDNS01ProviderCloudflare) - (*in).DeepCopyInto(*out) - } - if in.Route53 != nil { - in, out := &in.Route53, &out.Route53 - *out = new(ACMEIssuerDNS01ProviderRoute53) - **out = **in - } - if in.AzureDNS != nil { - in, out := &in.AzureDNS, &out.AzureDNS - *out = new(ACMEIssuerDNS01ProviderAzureDNS) - (*in).DeepCopyInto(*out) - } - if in.DigitalOcean != nil { - in, out := &in.DigitalOcean, &out.DigitalOcean - *out = new(ACMEIssuerDNS01ProviderDigitalOcean) - **out = **in - } - if in.AcmeDNS != nil { - in, out := &in.AcmeDNS, &out.AcmeDNS - *out = new(ACMEIssuerDNS01ProviderAcmeDNS) - **out = **in - } - if in.RFC2136 != nil { - in, out := &in.RFC2136, &out.RFC2136 - *out = new(ACMEIssuerDNS01ProviderRFC2136) - **out = **in - } - if in.Webhook != nil { - in, out := &in.Webhook, &out.Webhook - *out = new(ACMEIssuerDNS01ProviderWebhook) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverDNS01. -func (in *ACMEChallengeSolverDNS01) DeepCopy() *ACMEChallengeSolverDNS01 { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverDNS01) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01) DeepCopyInto(out *ACMEChallengeSolverHTTP01) { - *out = *in - if in.Ingress != nil { - in, out := &in.Ingress, &out.Ingress - *out = new(ACMEChallengeSolverHTTP01Ingress) - (*in).DeepCopyInto(*out) - } - if in.GatewayHTTPRoute != nil { - in, out := &in.GatewayHTTPRoute, &out.GatewayHTTPRoute - *out = new(ACMEChallengeSolverHTTP01GatewayHTTPRoute) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01. -func (in *ACMEChallengeSolverHTTP01) DeepCopy() *ACMEChallengeSolverHTTP01 { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01GatewayHTTPRoute) DeepCopyInto(out *ACMEChallengeSolverHTTP01GatewayHTTPRoute) { - *out = *in - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01GatewayHTTPRoute. -func (in *ACMEChallengeSolverHTTP01GatewayHTTPRoute) DeepCopy() *ACMEChallengeSolverHTTP01GatewayHTTPRoute { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01GatewayHTTPRoute) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01Ingress) DeepCopyInto(out *ACMEChallengeSolverHTTP01Ingress) { - *out = *in - if in.Class != nil { - in, out := &in.Class, &out.Class - *out = new(string) - **out = **in - } - if in.PodTemplate != nil { - in, out := &in.PodTemplate, &out.PodTemplate - *out = new(ACMEChallengeSolverHTTP01IngressPodTemplate) - (*in).DeepCopyInto(*out) - } - if in.IngressTemplate != nil { - in, out := &in.IngressTemplate, &out.IngressTemplate - *out = new(ACMEChallengeSolverHTTP01IngressTemplate) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01Ingress. -func (in *ACMEChallengeSolverHTTP01Ingress) DeepCopy() *ACMEChallengeSolverHTTP01Ingress { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01Ingress) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressObjectMeta) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressObjectMeta) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressObjectMeta. -func (in *ACMEChallengeSolverHTTP01IngressObjectMeta) DeepCopy() *ACMEChallengeSolverHTTP01IngressObjectMeta { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressObjectMeta) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodObjectMeta) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodObjectMeta) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodObjectMeta. -func (in *ACMEChallengeSolverHTTP01IngressPodObjectMeta) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodObjectMeta { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodObjectMeta) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodSpec) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodSpec) { - *out = *in - if in.NodeSelector != nil { - in, out := &in.NodeSelector, &out.NodeSelector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Affinity != nil { - in, out := &in.Affinity, &out.Affinity - *out = new(v1.Affinity) - (*in).DeepCopyInto(*out) - } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations - *out = make([]v1.Toleration, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodSpec. -func (in *ACMEChallengeSolverHTTP01IngressPodSpec) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodSpec { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodTemplate) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodTemplate) { - *out = *in - in.ACMEChallengeSolverHTTP01IngressPodObjectMeta.DeepCopyInto(&out.ACMEChallengeSolverHTTP01IngressPodObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodTemplate. -func (in *ACMEChallengeSolverHTTP01IngressPodTemplate) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodTemplate { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressTemplate) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressTemplate) { - *out = *in - in.ACMEChallengeSolverHTTP01IngressObjectMeta.DeepCopyInto(&out.ACMEChallengeSolverHTTP01IngressObjectMeta) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressTemplate. -func (in *ACMEChallengeSolverHTTP01IngressTemplate) DeepCopy() *ACMEChallengeSolverHTTP01IngressTemplate { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEExternalAccountBinding) DeepCopyInto(out *ACMEExternalAccountBinding) { - *out = *in - out.Key = in.Key - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEExternalAccountBinding. -func (in *ACMEExternalAccountBinding) DeepCopy() *ACMEExternalAccountBinding { - if in == nil { - return nil - } - out := new(ACMEExternalAccountBinding) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuer) DeepCopyInto(out *ACMEIssuer) { - *out = *in - if in.ExternalAccountBinding != nil { - in, out := &in.ExternalAccountBinding, &out.ExternalAccountBinding - *out = new(ACMEExternalAccountBinding) - **out = **in - } - out.PrivateKey = in.PrivateKey - if in.Solvers != nil { - in, out := &in.Solvers, &out.Solvers - *out = make([]ACMEChallengeSolver, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuer. -func (in *ACMEIssuer) DeepCopy() *ACMEIssuer { - if in == nil { - return nil - } - out := new(ACMEIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAcmeDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderAcmeDNS) { - *out = *in - out.AccountSecret = in.AccountSecret - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAcmeDNS. -func (in *ACMEIssuerDNS01ProviderAcmeDNS) DeepCopy() *ACMEIssuerDNS01ProviderAcmeDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAcmeDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAkamai) DeepCopyInto(out *ACMEIssuerDNS01ProviderAkamai) { - *out = *in - out.ClientToken = in.ClientToken - out.ClientSecret = in.ClientSecret - out.AccessToken = in.AccessToken - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAkamai. -func (in *ACMEIssuerDNS01ProviderAkamai) DeepCopy() *ACMEIssuerDNS01ProviderAkamai { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAkamai) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAzureDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderAzureDNS) { - *out = *in - if in.ClientSecret != nil { - in, out := &in.ClientSecret, &out.ClientSecret - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.ManagedIdentity != nil { - in, out := &in.ManagedIdentity, &out.ManagedIdentity - *out = new(AzureManagedIdentity) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAzureDNS. -func (in *ACMEIssuerDNS01ProviderAzureDNS) DeepCopy() *ACMEIssuerDNS01ProviderAzureDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAzureDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderCloudDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderCloudDNS) { - *out = *in - if in.ServiceAccount != nil { - in, out := &in.ServiceAccount, &out.ServiceAccount - *out = new(metav1.SecretKeySelector) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderCloudDNS. -func (in *ACMEIssuerDNS01ProviderCloudDNS) DeepCopy() *ACMEIssuerDNS01ProviderCloudDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderCloudDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderCloudflare) DeepCopyInto(out *ACMEIssuerDNS01ProviderCloudflare) { - *out = *in - if in.APIKey != nil { - in, out := &in.APIKey, &out.APIKey - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.APIToken != nil { - in, out := &in.APIToken, &out.APIToken - *out = new(metav1.SecretKeySelector) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderCloudflare. -func (in *ACMEIssuerDNS01ProviderCloudflare) DeepCopy() *ACMEIssuerDNS01ProviderCloudflare { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderCloudflare) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderDigitalOcean) DeepCopyInto(out *ACMEIssuerDNS01ProviderDigitalOcean) { - *out = *in - out.Token = in.Token - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderDigitalOcean. -func (in *ACMEIssuerDNS01ProviderDigitalOcean) DeepCopy() *ACMEIssuerDNS01ProviderDigitalOcean { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderDigitalOcean) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderRFC2136) DeepCopyInto(out *ACMEIssuerDNS01ProviderRFC2136) { - *out = *in - out.TSIGSecret = in.TSIGSecret - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderRFC2136. -func (in *ACMEIssuerDNS01ProviderRFC2136) DeepCopy() *ACMEIssuerDNS01ProviderRFC2136 { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderRFC2136) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderRoute53) DeepCopyInto(out *ACMEIssuerDNS01ProviderRoute53) { - *out = *in - out.SecretAccessKey = in.SecretAccessKey - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderRoute53. -func (in *ACMEIssuerDNS01ProviderRoute53) DeepCopy() *ACMEIssuerDNS01ProviderRoute53 { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderRoute53) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderWebhook) DeepCopyInto(out *ACMEIssuerDNS01ProviderWebhook) { - *out = *in - if in.Config != nil { - in, out := &in.Config, &out.Config - *out = new(apiextensionsv1.JSON) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderWebhook. -func (in *ACMEIssuerDNS01ProviderWebhook) DeepCopy() *ACMEIssuerDNS01ProviderWebhook { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderWebhook) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerStatus) DeepCopyInto(out *ACMEIssuerStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerStatus. -func (in *ACMEIssuerStatus) DeepCopy() *ACMEIssuerStatus { - if in == nil { - return nil - } - out := new(ACMEIssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AzureManagedIdentity) DeepCopyInto(out *AzureManagedIdentity) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureManagedIdentity. -func (in *AzureManagedIdentity) DeepCopy() *AzureManagedIdentity { - if in == nil { - return nil - } - out := new(AzureManagedIdentity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateDNSNameSelector) DeepCopyInto(out *CertificateDNSNameSelector) { - *out = *in - if in.MatchLabels != nil { - in, out := &in.MatchLabels, &out.MatchLabels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.DNSZones != nil { - in, out := &in.DNSZones, &out.DNSZones - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateDNSNameSelector. -func (in *CertificateDNSNameSelector) DeepCopy() *CertificateDNSNameSelector { - if in == nil { - return nil - } - out := new(CertificateDNSNameSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Challenge) DeepCopyInto(out *Challenge) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Challenge. -func (in *Challenge) DeepCopy() *Challenge { - if in == nil { - return nil - } - out := new(Challenge) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Challenge) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeList) DeepCopyInto(out *ChallengeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Challenge, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeList. -func (in *ChallengeList) DeepCopy() *ChallengeList { - if in == nil { - return nil - } - out := new(ChallengeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ChallengeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeSpec) DeepCopyInto(out *ChallengeSpec) { - *out = *in - in.Solver.DeepCopyInto(&out.Solver) - out.IssuerRef = in.IssuerRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeSpec. -func (in *ChallengeSpec) DeepCopy() *ChallengeSpec { - if in == nil { - return nil - } - out := new(ChallengeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeStatus) DeepCopyInto(out *ChallengeStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeStatus. -func (in *ChallengeStatus) DeepCopy() *ChallengeStatus { - if in == nil { - return nil - } - out := new(ChallengeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Order) DeepCopyInto(out *Order) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Order. -func (in *Order) DeepCopy() *Order { - if in == nil { - return nil - } - out := new(Order) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Order) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderList) DeepCopyInto(out *OrderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Order, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderList. -func (in *OrderList) DeepCopy() *OrderList { - if in == nil { - return nil - } - out := new(OrderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OrderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderSpec) DeepCopyInto(out *OrderSpec) { - *out = *in - if in.CSR != nil { - in, out := &in.CSR, &out.CSR - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.IssuerRef = in.IssuerRef - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.IPAddresses != nil { - in, out := &in.IPAddresses, &out.IPAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(apismetav1.Duration) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderSpec. -func (in *OrderSpec) DeepCopy() *OrderSpec { - if in == nil { - return nil - } - out := new(OrderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderStatus) DeepCopyInto(out *OrderStatus) { - *out = *in - if in.Authorizations != nil { - in, out := &in.Authorizations, &out.Authorizations - *out = make([]ACMEAuthorization, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.FailureTime != nil { - in, out := &in.FailureTime, &out.FailureTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderStatus. -func (in *OrderStatus) DeepCopy() *OrderStatus { - if in == nil { - return nil - } - out := new(OrderStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/BUILD.bazel deleted file mode 100644 index 0dd33f7856..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "const.go", - "doc.go", - "register.go", - "types.go", - "types_challenge.go", - "types_issuer.go", - "types_order.go", - "zz_generated.deepcopy.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1", - importpath = "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/api/core/v1:go_default_library", - "//vendor/k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/doc.go deleted file mode 100644 index ac94fa404d..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/doc.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package v1beta1 is the v1beta1 version of the API. -// +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/acme -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta -// +groupName=acme.cert-manager.io -package v1beta1 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/register.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/register.go deleted file mode 100644 index 56131ba3c1..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/register.go +++ /dev/null @@ -1,58 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - "github.com/jetstack/cert-manager/pkg/apis/acme" -) - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: acme.GroupName, Version: "v1beta1"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to api.Scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &Order{}, - &OrderList{}, - &Challenge{}, - &ChallengeList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types.go deleted file mode 100644 index c02e8f82ec..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types.go +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -const ( - // If this annotation is specified on a Certificate or Order resource when - // using the HTTP01 solver type, the ingress.name field of the HTTP01 - // solver's configuration will be set to the value given here. - // This is especially useful for users of Ingress controllers that maintain - // a 1:1 mapping between endpoint IP and Ingress resource. - ACMECertificateHTTP01IngressNameOverride = "acme.cert-manager.io/http01-override-ingress-name" - - // If this annotation is specified on a Certificate or Order resource when - // using the HTTP01 solver type, the ingress.class field of the HTTP01 - // solver's configuration will be set to the value given here. - // This is especially useful for users deploying many different ingress - // classes into a single cluster that want to be able to re-use a single - // solver for each ingress class. - ACMECertificateHTTP01IngressClassOverride = "acme.cert-manager.io/http01-override-ingress-class" - - // IngressEditInPlaceAnnotation is used to toggle the use of ingressClass instead - // of ingress on the created Certificate resource - IngressEditInPlaceAnnotationKey = "acme.cert-manager.io/http01-edit-in-place" -) - -const ( - OrderKind = "Order" - ChallengeKind = "Challenge" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_challenge.go deleted file mode 100644 index 0507e92483..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_challenge.go +++ /dev/null @@ -1,145 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Challenge is a type to represent a Challenge request with an ACME server -// +k8s:openapi-gen=true -// +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state" -// +kubebuilder:printcolumn:name="Domain",type="string",JSONPath=".spec.dnsName" -// +kubebuilder:printcolumn:name="Reason",type="string",JSONPath=".status.reason",description="",priority=1 -// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC." -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=challenges -type Challenge struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata"` - - Spec ChallengeSpec `json:"spec"` - // +optional - Status ChallengeStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ChallengeList is a list of Challenges -type ChallengeList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Challenge `json:"items"` -} - -type ChallengeSpec struct { - // The URL of the ACME Challenge resource for this challenge. - // This can be used to lookup details about the status of this challenge. - URL string `json:"url"` - - // The URL to the ACME Authorization resource that this - // challenge is a part of. - AuthorizationURL string `json:"authorizationURL"` - - // dnsName is the identifier that this challenge is for, e.g. example.com. - // If the requested DNSName is a 'wildcard', this field MUST be set to the - // non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. - DNSName string `json:"dnsName"` - - // wildcard will be true if this challenge is for a wildcard identifier, - // for example '*.example.com'. - // +optional - Wildcard bool `json:"wildcard"` - - // The type of ACME challenge this resource represents. - // One of "HTTP-01" or "DNS-01". - Type ACMEChallengeType `json:"type"` - - // The ACME challenge token for this challenge. - // This is the raw value returned from the ACME server. - Token string `json:"token"` - - // The ACME challenge key for this challenge - // For HTTP01 challenges, this is the value that must be responded with to - // complete the HTTP01 challenge in the format: - // `.`. - // For DNS01 challenges, this is the base64 encoded SHA256 sum of the - // `.` - // text that must be set as the TXT record content. - Key string `json:"key"` - - // Contains the domain solving configuration that should be used to - // solve this challenge resource. - Solver ACMEChallengeSolver `json:"solver"` - - // References a properly configured ACME-type Issuer which should - // be used to create this Challenge. - // If the Issuer does not exist, processing will be retried. - // If the Issuer is not an 'ACME' Issuer, an error will be returned and the - // Challenge will be marked as failed. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` -} - -// The type of ACME challenge. Only HTTP-01 and DNS-01 are supported. -// +kubebuilder:validation:Enum=HTTP-01;DNS-01 -type ACMEChallengeType string - -const ( - // ACMEChallengeTypeHTTP01 denotes a Challenge is of type http-01 - // More info: https://letsencrypt.org/docs/challenge-types/#http-01-challenge - ACMEChallengeTypeHTTP01 ACMEChallengeType = "HTTP-01" - - // ACMEChallengeTypeDNS01 denotes a Challenge is of type dns-01 - // More info: https://letsencrypt.org/docs/challenge-types/#dns-01-challenge - ACMEChallengeTypeDNS01 ACMEChallengeType = "DNS-01" -) - -type ChallengeStatus struct { - // Used to denote whether this challenge should be processed or not. - // This field will only be set to true by the 'scheduling' component. - // It will only be set to false by the 'challenges' controller, after the - // challenge has reached a final state or timed out. - // If this field is set to false, the challenge controller will not take - // any more action. - // +optional - Processing bool `json:"processing"` - - // presented will be set to true if the challenge values for this challenge - // are currently 'presented'. - // This *does not* imply the self check is passing. Only that the values - // have been 'submitted' for the appropriate challenge mechanism (i.e. the - // DNS01 TXT record has been presented, or the HTTP01 configuration has been - // configured). - // +optional - Presented bool `json:"presented"` - - // Contains human readable information on why the Challenge is in the - // current state. - // +optional - Reason string `json:"reason,omitempty"` - - // Contains the current 'state' of the challenge. - // If not set, the state of the challenge is unknown. - // +optional - State State `json:"state,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_issuer.go deleted file mode 100644 index a2d42905e3..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_issuer.go +++ /dev/null @@ -1,596 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - corev1 "k8s.io/api/core/v1" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// ACMEIssuer contains the specification for an ACME issuer. -// This uses the RFC8555 specification to obtain certificates by completing -// 'challenges' to prove ownership of domain identifiers. -// Earlier draft versions of the ACME specification are not supported. -type ACMEIssuer struct { - // Email is the email address to be associated with the ACME account. - // This field is optional, but it is strongly recommended to be set. - // It will be used to contact you in case of issues with your account or - // certificates, including expiry notification emails. - // This field may be updated after the account is initially registered. - // +optional - Email string `json:"email,omitempty"` - - // Server is the URL used to access the ACME server's 'directory' endpoint. - // For example, for Let's Encrypt's staging endpoint, you would use: - // "https://acme-staging-v02.api.letsencrypt.org/directory". - // Only ACME v2 endpoints (i.e. RFC 8555) are supported. - Server string `json:"server"` - - // PreferredChain is the chain to use if the ACME server outputs multiple. - // PreferredChain is no guarantee that this one gets delivered by the ACME - // endpoint. - // For example, for Let's Encrypt's DST crosssign you would use: - // "DST Root CA X3" or "ISRG Root X1" for the newer Let's Encrypt root CA. - // This value picks the first certificate bundle in the ACME alternative - // chains that has a certificate with this value as its issuer's CN - // +optional - // +kubebuilder:validation:MaxLength=64 - PreferredChain string `json:"preferredChain"` - - // Enables or disables validation of the ACME server TLS certificate. - // If true, requests to the ACME server will not have their TLS certificate - // validated (i.e. insecure connections will be allowed). - // Only enable this option in development environments. - // The cert-manager system installed roots will be used to verify connections - // to the ACME server if this is false. - // Defaults to false. - // +optional - SkipTLSVerify bool `json:"skipTLSVerify,omitempty"` - - // ExternalAccountBinding is a reference to a CA external account of the ACME - // server. - // If set, upon registration cert-manager will attempt to associate the given - // external account credentials with the registered ACME account. - // +optional - ExternalAccountBinding *ACMEExternalAccountBinding `json:"externalAccountBinding,omitempty"` - - // PrivateKey is the name of a Kubernetes Secret resource that will be used to - // store the automatically generated ACME account private key. - // Optionally, a `key` may be specified to select a specific entry within - // the named Secret resource. - // If `key` is not specified, a default of `tls.key` will be used. - PrivateKey cmmeta.SecretKeySelector `json:"privateKeySecretRef"` - - // Solvers is a list of challenge solvers that will be used to solve - // ACME challenges for the matching domains. - // Solver configurations must be provided in order to obtain certificates - // from an ACME server. - // For more information, see: https://cert-manager.io/docs/configuration/acme/ - // +optional - Solvers []ACMEChallengeSolver `json:"solvers,omitempty"` - - // Enables or disables generating a new ACME account key. - // If true, the Issuer resource will *not* request a new account but will expect - // the account key to be supplied via an existing secret. - // If false, the cert-manager system will generate a new ACME account key - // for the Issuer. - // Defaults to false. - // +optional - DisableAccountKeyGeneration bool `json:"disableAccountKeyGeneration,omitempty"` - - // Enables requesting a Not After date on certificates that matches the - // duration of the certificate. This is not supported by all ACME servers - // like Let's Encrypt. If set to true when the ACME server does not support - // it it will create an error on the Order. - // Defaults to false. - // +optional - EnableDurationFeature bool `json:"enableDurationFeature,omitempty"` -} - -// ACMEExternalAccountBinding is a reference to a CA external account of the ACME -// server. -type ACMEExternalAccountBinding struct { - // keyID is the ID of the CA key that the External Account is bound to. - KeyID string `json:"keyID"` - - // keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes - // Secret which holds the symmetric MAC key of the External Account Binding. - // The `key` is the index string that is paired with the key data in the - // Secret and should not be confused with the key data itself, or indeed with - // the External Account Binding keyID above. - // The secret key stored in the Secret **must** be un-padded, base64 URL - // encoded data. - Key cmmeta.SecretKeySelector `json:"keySecretRef"` - - // Deprecated: keyAlgorithm field exists for historical compatibility - // reasons and should not be used. The algorithm is now hardcoded to HS256 - // in golang/x/crypto/acme. - // +optional - KeyAlgorithm HMACKeyAlgorithm `json:"keyAlgorithm,omitempty"` -} - -// HMACKeyAlgorithm is the name of a key algorithm used for HMAC encryption -// +kubebuilder:validation:Enum=HS256;HS384;HS512 -type HMACKeyAlgorithm string - -const ( - HS256 HMACKeyAlgorithm = "HS256" - HS384 HMACKeyAlgorithm = "HS384" - HS512 HMACKeyAlgorithm = "HS512" -) - -// Configures an issuer to solve challenges using the specified options. -// Only one of HTTP01 or DNS01 may be provided. -type ACMEChallengeSolver struct { - // Selector selects a set of DNSNames on the Certificate resource that - // should be solved using this challenge solver. - // If not specified, the solver will be treated as the 'default' solver - // with the lowest priority, i.e. if any other solver has a more specific - // match, it will be used instead. - // +optional - Selector *CertificateDNSNameSelector `json:"selector,omitempty"` - - // Configures cert-manager to attempt to complete authorizations by - // performing the HTTP01 challenge flow. - // It is not possible to obtain certificates for wildcard domain names - // (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - // +optional - HTTP01 *ACMEChallengeSolverHTTP01 `json:"http01,omitempty"` - - // Configures cert-manager to attempt to complete authorizations by - // performing the DNS01 challenge flow. - // +optional - DNS01 *ACMEChallengeSolverDNS01 `json:"dns01,omitempty"` -} - -// CertificateDomainSelector selects certificates using a label selector, and -// can optionally select individual DNS names within those certificates. -// If both MatchLabels and DNSNames are empty, this selector will match all -// certificates and DNS names within them. -type CertificateDNSNameSelector struct { - // A label selector that is used to refine the set of certificate's that - // this challenge solver will apply to. - // +optional - MatchLabels map[string]string `json:"matchLabels,omitempty"` - - // List of DNSNames that this solver will be used to solve. - // If specified and a match is found, a dnsNames selector will take - // precedence over a dnsZones selector. - // If multiple solvers match with the same dnsNames value, the solver - // with the most matching labels in matchLabels will be selected. - // If neither has more matches, the solver defined earlier in the list - // will be selected. - // +optional - DNSNames []string `json:"dnsNames,omitempty"` - - // List of DNSZones that this solver will be used to solve. - // The most specific DNS zone match specified here will take precedence - // over other DNS zone matches, so a solver specifying sys.example.com - // will be selected over one specifying example.com for the domain - // www.sys.example.com. - // If multiple solvers match with the same dnsZones value, the solver - // with the most matching labels in matchLabels will be selected. - // If neither has more matches, the solver defined earlier in the list - // will be selected. - // +optional - DNSZones []string `json:"dnsZones,omitempty"` -} - -// ACMEChallengeSolverHTTP01 contains configuration detailing how to solve -// HTTP01 challenges within a Kubernetes cluster. -// Typically this is accomplished through creating 'routes' of some description -// that configure ingress controllers to direct traffic to 'solver pods', which -// are responsible for responding to the ACME server's HTTP requests. -type ACMEChallengeSolverHTTP01 struct { - // The ingress based HTTP01 challenge solver will solve challenges by - // creating or modifying Ingress resources in order to route requests for - // '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are - // provisioned by cert-manager for each Challenge to be completed. - // +optional - Ingress *ACMEChallengeSolverHTTP01Ingress `json:"ingress,omitempty"` - - // The Gateway API is a sig-network community API that models service networking - // in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will - // create HTTPRoutes with the specified labels in the same namespace as the challenge. - // This solver is experimental, and fields / behaviour may change in the future. - // +optional - GatewayHTTPRoute *ACMEChallengeSolverHTTP01GatewayHTTPRoute `json:"gatewayHTTPRoute,omitempty"` -} - -type ACMEChallengeSolverHTTP01Ingress struct { - // Optional service type for Kubernetes solver service. Supported values - // are NodePort or ClusterIP. If unset, defaults to NodePort. - // +optional - ServiceType corev1.ServiceType `json:"serviceType,omitempty"` - - // The ingress class to use when creating Ingress resources to solve ACME - // challenges that use this challenge solver. - // Only one of 'class' or 'name' may be specified. - // +optional - Class *string `json:"class,omitempty"` - - // The name of the ingress resource that should have ACME challenge solving - // routes inserted into it in order to solve HTTP01 challenges. - // This is typically used in conjunction with ingress controllers like - // ingress-gce, which maintains a 1:1 mapping between external IPs and - // ingress resources. - // +optional - Name string `json:"name,omitempty"` - - // Optional pod template used to configure the ACME challenge solver pods - // used for HTTP01 challenges - // +optional - PodTemplate *ACMEChallengeSolverHTTP01IngressPodTemplate `json:"podTemplate,omitempty"` - - // Optional ingress template used to configure the ACME challenge solver - // ingress used for HTTP01 challenges. - // +optional - IngressTemplate *ACMEChallengeSolverHTTP01IngressTemplate `json:"ingressTemplate,omitempty"` -} - -type ACMEChallengeSolverHTTP01GatewayHTTPRoute struct { - // Optional service type for Kubernetes solver service. Supported values - // are NodePort or ClusterIP. If unset, defaults to NodePort. - // +optional - ServiceType corev1.ServiceType `json:"serviceType,omitempty"` - - // The labels that cert-manager will use when creating the temporary - // HTTPRoute needed for solving the HTTP-01 challenge. These labels - // must match the label selector of at least one Gateway. - Labels map[string]string `json:"labels,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressPodTemplate struct { - // ObjectMeta overrides for the pod used to solve HTTP01 challenges. - // Only the 'labels' and 'annotations' fields may be set. - // If labels or annotations overlap with in-built values, the values here - // will override the in-built values. - // +optional - ACMEChallengeSolverHTTP01IngressPodObjectMeta `json:"metadata"` - - // PodSpec defines overrides for the HTTP01 challenge solver pod. - // Only the 'priorityClassName', 'nodeSelector', 'affinity', - // 'serviceAccountName' and 'tolerations' fields are supported currently. - // All other fields will be ignored. - // +optional - Spec ACMEChallengeSolverHTTP01IngressPodSpec `json:"spec"` -} - -type ACMEChallengeSolverHTTP01IngressPodObjectMeta struct { - // Annotations that should be added to the create ACME HTTP01 solver pods. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels that should be added to the created ACME HTTP01 solver pods. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressPodSpec struct { - // NodeSelector is a selector which must be true for the pod to fit on a node. - // Selector which must match a node's labels for the pod to be scheduled on that node. - // More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - // +optional - NodeSelector map[string]string `json:"nodeSelector,omitempty"` - - // If specified, the pod's scheduling constraints - // +optional - Affinity *corev1.Affinity `json:"affinity,omitempty"` - - // If specified, the pod's tolerations. - // +optional - Tolerations []corev1.Toleration `json:"tolerations,omitempty"` - - // If specified, the pod's priorityClassName. - // +optional - PriorityClassName string `json:"priorityClassName,omitempty"` - - // If specified, the pod's service account - // +optional - ServiceAccountName string `json:"serviceAccountName,omitempty"` -} - -type ACMEChallengeSolverHTTP01IngressTemplate struct { - // ObjectMeta overrides for the ingress used to solve HTTP01 challenges. - // Only the 'labels' and 'annotations' fields may be set. - // If labels or annotations overlap with in-built values, the values here - // will override the in-built values. - // +optional - ACMEChallengeSolverHTTP01IngressObjectMeta `json:"metadata"` -} - -type ACMEChallengeSolverHTTP01IngressObjectMeta struct { - // Annotations that should be added to the created ACME HTTP01 solver ingress. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels that should be added to the created ACME HTTP01 solver ingress. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} - -// Used to configure a DNS01 challenge provider to be used when solving DNS01 -// challenges. -// Only one DNS provider may be configured per solver. -type ACMEChallengeSolverDNS01 struct { - // CNAMEStrategy configures how the DNS01 provider should handle CNAME - // records when found in DNS zones. - // +optional - CNAMEStrategy CNAMEStrategy `json:"cnameStrategy,omitempty"` - - // Use the Akamai DNS zone management API to manage DNS01 challenge records. - // +optional - Akamai *ACMEIssuerDNS01ProviderAkamai `json:"akamai,omitempty"` - - // Use the Google Cloud DNS API to manage DNS01 challenge records. - // +optional - CloudDNS *ACMEIssuerDNS01ProviderCloudDNS `json:"cloudDNS,omitempty"` - - // Use the Cloudflare API to manage DNS01 challenge records. - // +optional - Cloudflare *ACMEIssuerDNS01ProviderCloudflare `json:"cloudflare,omitempty"` - - // Use the AWS Route53 API to manage DNS01 challenge records. - // +optional - Route53 *ACMEIssuerDNS01ProviderRoute53 `json:"route53,omitempty"` - - // Use the Microsoft Azure DNS API to manage DNS01 challenge records. - // +optional - AzureDNS *ACMEIssuerDNS01ProviderAzureDNS `json:"azureDNS,omitempty"` - - // Use the DigitalOcean DNS API to manage DNS01 challenge records. - // +optional - DigitalOcean *ACMEIssuerDNS01ProviderDigitalOcean `json:"digitalocean,omitempty"` - - // Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage - // DNS01 challenge records. - // +optional - AcmeDNS *ACMEIssuerDNS01ProviderAcmeDNS `json:"acmeDNS,omitempty"` - - // Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) - // to manage DNS01 challenge records. - // +optional - RFC2136 *ACMEIssuerDNS01ProviderRFC2136 `json:"rfc2136,omitempty"` - - // Configure an external webhook based DNS01 challenge solver to manage - // DNS01 challenge records. - // +optional - Webhook *ACMEIssuerDNS01ProviderWebhook `json:"webhook,omitempty"` -} - -// CNAMEStrategy configures how the DNS01 provider should handle CNAME records -// when found in DNS zones. -// By default, the None strategy will be applied (i.e. do not follow CNAMEs). -// +kubebuilder:validation:Enum=None;Follow -type CNAMEStrategy string - -const ( - // NoneStrategy indicates that no CNAME resolution strategy should be used - // when determining which DNS zone to update during DNS01 challenges. - NoneStrategy = "None" - - // FollowStrategy will cause cert-manager to recurse through CNAMEs in - // order to determine which DNS zone to update during DNS01 challenges. - // This is useful if you do not want to grant cert-manager access to your - // root DNS zone, and instead delegate the _acme-challenge.example.com - // subdomain to some other, less privileged domain. - FollowStrategy = "Follow" -) - -// ACMEIssuerDNS01ProviderAkamai is a structure containing the DNS -// configuration for Akamai DNS—Zone Record Management API -type ACMEIssuerDNS01ProviderAkamai struct { - ServiceConsumerDomain string `json:"serviceConsumerDomain"` - ClientToken cmmeta.SecretKeySelector `json:"clientTokenSecretRef"` - ClientSecret cmmeta.SecretKeySelector `json:"clientSecretSecretRef"` - AccessToken cmmeta.SecretKeySelector `json:"accessTokenSecretRef"` -} - -// ACMEIssuerDNS01ProviderCloudDNS is a structure containing the DNS -// configuration for Google Cloud DNS -type ACMEIssuerDNS01ProviderCloudDNS struct { - // +optional - ServiceAccount *cmmeta.SecretKeySelector `json:"serviceAccountSecretRef,omitempty"` - Project string `json:"project"` - - // HostedZoneName is an optional field that tells cert-manager in which - // Cloud DNS zone the challenge record has to be created. - // If left empty cert-manager will automatically choose a zone. - // +optional - HostedZoneName string `json:"hostedZoneName,omitempty"` -} - -// ACMEIssuerDNS01ProviderCloudflare is a structure containing the DNS -// configuration for Cloudflare. -// One of `apiKeySecretRef` or `apiTokenSecretRef` must be provided. -type ACMEIssuerDNS01ProviderCloudflare struct { - // Email of the account, only required when using API key based authentication. - // +optional - Email string `json:"email,omitempty"` - - // API key to use to authenticate with Cloudflare. - // Note: using an API token to authenticate is now the recommended method - // as it allows greater control of permissions. - // +optional - APIKey *cmmeta.SecretKeySelector `json:"apiKeySecretRef,omitempty"` - - // API token used to authenticate with Cloudflare. - // +optional - APIToken *cmmeta.SecretKeySelector `json:"apiTokenSecretRef,omitempty"` -} - -// ACMEIssuerDNS01ProviderDigitalOcean is a structure containing the DNS -// configuration for DigitalOcean Domains -type ACMEIssuerDNS01ProviderDigitalOcean struct { - Token cmmeta.SecretKeySelector `json:"tokenSecretRef"` -} - -// ACMEIssuerDNS01ProviderRoute53 is a structure containing the Route 53 -// configuration for AWS -type ACMEIssuerDNS01ProviderRoute53 struct { - // The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata - // see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - // +optional - AccessKeyID string `json:"accessKeyID,omitempty"` - - // The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata - // https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - // +optional - SecretAccessKey cmmeta.SecretKeySelector `json:"secretAccessKeySecretRef"` - - // Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey - // or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - // +optional - Role string `json:"role,omitempty"` - - // If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - // +optional - HostedZoneID string `json:"hostedZoneID,omitempty"` - - // Always set the region when using AccessKeyID and SecretAccessKey - Region string `json:"region"` -} - -// ACMEIssuerDNS01ProviderAzureDNS is a structure containing the -// configuration for Azure DNS -type ACMEIssuerDNS01ProviderAzureDNS struct { - // if both this and ClientSecret are left unset MSI will be used - // +optional - ClientID string `json:"clientID,omitempty"` - - // if both this and ClientID are left unset MSI will be used - // +optional - ClientSecret *cmmeta.SecretKeySelector `json:"clientSecretSecretRef,omitempty"` - - // ID of the Azure subscription - SubscriptionID string `json:"subscriptionID"` - - // when specifying ClientID and ClientSecret then this field is also needed - // +optional - TenantID string `json:"tenantID,omitempty"` - - // resource group the DNS zone is located in - ResourceGroupName string `json:"resourceGroupName"` - - // name of the DNS zone that should be used - // +optional - HostedZoneName string `json:"hostedZoneName,omitempty"` - - // name of the Azure environment (default AzurePublicCloud) - // +optional - Environment AzureDNSEnvironment `json:"environment,omitempty"` - - // managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID - // +optional - ManagedIdentity *AzureManagedIdentity `json:"managedIdentity,omitempty"` -} - -type AzureManagedIdentity struct { - // client ID of the managed identity, can not be used at the same time as resourceID - // +optional - ClientID string `json:"clientID,omitempty"` - - // resource ID of the managed identity, can not be used at the same time as clientID - // +optional - ResourceID string `json:"resourceID,omitempty"` -} - -// +kubebuilder:validation:Enum=AzurePublicCloud;AzureChinaCloud;AzureGermanCloud;AzureUSGovernmentCloud -type AzureDNSEnvironment string - -const ( - AzurePublicCloud AzureDNSEnvironment = "AzurePublicCloud" - AzureChinaCloud AzureDNSEnvironment = "AzureChinaCloud" - AzureGermanCloud AzureDNSEnvironment = "AzureGermanCloud" - AzureUSGovernmentCloud AzureDNSEnvironment = "AzureUSGovernmentCloud" -) - -// ACMEIssuerDNS01ProviderAcmeDNS is a structure containing the -// configuration for ACME-DNS servers -type ACMEIssuerDNS01ProviderAcmeDNS struct { - Host string `json:"host"` - - AccountSecret cmmeta.SecretKeySelector `json:"accountSecretRef"` -} - -// ACMEIssuerDNS01ProviderRFC2136 is a structure containing the -// configuration for RFC2136 DNS -type ACMEIssuerDNS01ProviderRFC2136 struct { - // The IP address or hostname of an authoritative DNS server supporting - // RFC2136 in the form host:port. If the host is an IPv6 address it must be - // enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. - // This field is required. - Nameserver string `json:"nameserver"` - - // The name of the secret containing the TSIG value. - // If ``tsigKeyName`` is defined, this field is required. - // +optional - TSIGSecret cmmeta.SecretKeySelector `json:"tsigSecretSecretRef,omitempty"` - - // The TSIG Key name configured in the DNS. - // If ``tsigSecretSecretRef`` is defined, this field is required. - // +optional - TSIGKeyName string `json:"tsigKeyName,omitempty"` - - // The TSIG Algorithm configured in the DNS supporting RFC2136. Used only - // when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. - // Supported values are (case-insensitive): ``HMACMD5`` (default), - // ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``. - // +optional - TSIGAlgorithm string `json:"tsigAlgorithm,omitempty"` -} - -// ACMEIssuerDNS01ProviderWebhook specifies configuration for a webhook DNS01 -// provider, including where to POST ChallengePayload resources. -type ACMEIssuerDNS01ProviderWebhook struct { - // The API group name that should be used when POSTing ChallengePayload - // resources to the webhook apiserver. - // This should be the same as the GroupName specified in the webhook - // provider implementation. - GroupName string `json:"groupName"` - - // The name of the solver to use, as defined in the webhook provider - // implementation. - // This will typically be the name of the provider, e.g. 'cloudflare'. - SolverName string `json:"solverName"` - - // Additional configuration that should be passed to the webhook apiserver - // when challenges are processed. - // This can contain arbitrary JSON data. - // Secret values should not be specified in this stanza. - // If secret values are needed (e.g. credentials for a DNS service), you - // should use a SecretKeySelector to reference a Secret resource. - // For details on the schema of this field, consult the webhook provider - // implementation's documentation. - // +optional - Config *apiextensionsv1.JSON `json:"config,omitempty"` -} - -type ACMEIssuerStatus struct { - // URI is the unique account identifier, which can also be used to retrieve - // account details from the CA - // +optional - URI string `json:"uri,omitempty"` - - // LastRegisteredEmail is the email associated with the latest registered - // ACME account, in order to track changes made to registered account - // associated with the Issuer - // +optional - LastRegisteredEmail string `json:"lastRegisteredEmail,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_order.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_order.go deleted file mode 100644 index 0686ca251d..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/types_order.go +++ /dev/null @@ -1,239 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// Order is a type to represent an Order with an ACME server -// +k8s:openapi-gen=true -type Order struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata"` - - Spec OrderSpec `json:"spec"` - // +optional - Status OrderStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// OrderList is a list of Orders -type OrderList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Order `json:"items"` -} - -type OrderSpec struct { - // Certificate signing request bytes in DER encoding. - // This will be used when finalizing the order. - // This field must be set on the order. - Request []byte `json:"request"` - - // IssuerRef references a properly configured ACME-type Issuer which should - // be used to create this Order. - // If the Issuer does not exist, processing will be retried. - // If the Issuer is not an 'ACME' Issuer, an error will be returned and the - // Order will be marked as failed. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // CommonName is the common name as specified on the DER encoded CSR. - // If specified, this value must also be present in `dnsNames` or `ipAddresses`. - // This field must match the corresponding field on the DER encoded CSR. - // +optional - CommonName string `json:"commonName,omitempty"` - - // DNSNames is a list of DNS names that should be included as part of the Order - // validation process. - // This field must match the corresponding field on the DER encoded CSR. - //+optional - DNSNames []string `json:"dnsNames,omitempty"` - - // IPAddresses is a list of IP addresses that should be included as part of the Order - // validation process. - // This field must match the corresponding field on the DER encoded CSR. - // +optional - IPAddresses []string `json:"ipAddresses,omitempty"` - - // Duration is the duration for the not after date for the requested certificate. - // this is set on order creation as pe the ACME spec. - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` -} - -type OrderStatus struct { - // URL of the Order. - // This will initially be empty when the resource is first created. - // The Order controller will populate this field when the Order is first processed. - // This field will be immutable after it is initially set. - // +optional - URL string `json:"url,omitempty"` - - // FinalizeURL of the Order. - // This is used to obtain certificates for this order once it has been completed. - // +optional - FinalizeURL string `json:"finalizeURL,omitempty"` - - // Authorizations contains data returned from the ACME server on what - // authorizations must be completed in order to validate the DNS names - // specified on the Order. - // +optional - Authorizations []ACMEAuthorization `json:"authorizations,omitempty"` - - // Certificate is a copy of the PEM encoded certificate for this Order. - // This field will be populated after the order has been successfully - // finalized with the ACME server, and the order has transitioned to the - // 'valid' state. - // +optional - Certificate []byte `json:"certificate,omitempty"` - - // State contains the current state of this Order resource. - // States 'success' and 'expired' are 'final' - // +optional - State State `json:"state,omitempty"` - - // Reason optionally provides more information about a why the order is in - // the current state. - // +optional - Reason string `json:"reason,omitempty"` - - // FailureTime stores the time that this order failed. - // This is used to influence garbage collection and back-off. - // +optional - FailureTime *metav1.Time `json:"failureTime,omitempty"` -} - -// ACMEAuthorization contains data returned from the ACME server on an -// authorization that must be completed in order validate a DNS name on an ACME -// Order resource. -type ACMEAuthorization struct { - // URL is the URL of the Authorization that must be completed - URL string `json:"url"` - - // Identifier is the DNS name to be validated as part of this authorization - // +optional - Identifier string `json:"identifier,omitempty"` - - // Wildcard will be true if this authorization is for a wildcard DNS name. - // If this is true, the identifier will be the *non-wildcard* version of - // the DNS name. - // For example, if '*.example.com' is the DNS name being validated, this - // field will be 'true' and the 'identifier' field will be 'example.com'. - // +optional - Wildcard *bool `json:"wildcard,omitempty"` - - // InitialState is the initial state of the ACME authorization when first - // fetched from the ACME server. - // If an Authorization is already 'valid', the Order controller will not - // create a Challenge resource for the authorization. This will occur when - // working with an ACME server that enables 'authz reuse' (such as Let's - // Encrypt's production endpoint). - // If not set and 'identifier' is set, the state is assumed to be pending - // and a Challenge will be created. - // +optional - InitialState State `json:"initialState,omitempty"` - - // Challenges specifies the challenge types offered by the ACME server. - // One of these challenge types will be selected when validating the DNS - // name and an appropriate Challenge resource will be created to perform - // the ACME challenge process. - // +optional - Challenges []ACMEChallenge `json:"challenges,omitempty"` -} - -// Challenge specifies a challenge offered by the ACME server for an Order. -// An appropriate Challenge resource can be created to perform the ACME -// challenge process. -type ACMEChallenge struct { - // URL is the URL of this challenge. It can be used to retrieve additional - // metadata about the Challenge from the ACME server. - URL string `json:"url"` - - // Token is the token that must be presented for this challenge. - // This is used to compute the 'key' that must also be presented. - Token string `json:"token"` - - // Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', - // 'tls-sni-01', etc. - // This is the raw value retrieved from the ACME server. - // Only 'http-01' and 'dns-01' are supported by cert-manager, other values - // will be ignored. - Type string `json:"type"` -} - -// State represents the state of an ACME resource, such as an Order. -// The possible options here map to the corresponding values in the -// ACME specification. -// Full details of these values can be found here: https://tools.ietf.org/html/draft-ietf-acme-acme-15#section-7.1.6 -// Clients utilising this type must also gracefully handle unknown -// values, as the contents of this enumeration may be added to over time. -// +kubebuilder:validation:Enum=valid;ready;pending;processing;invalid;expired;errored -type State string - -const ( - // Unknown is not a real state as part of the ACME spec. - // It is used to represent an unrecognised value. - Unknown State = "" - - // Valid signifies that an ACME resource is in a valid state. - // If an order is 'valid', it has been finalized with the ACME server and - // the certificate can be retrieved from the ACME server using the - // certificate URL stored in the Order's status subresource. - // This is a final state. - Valid State = "valid" - - // Ready signifies that an ACME resource is in a ready state. - // If an order is 'ready', all of its challenges have been completed - // successfully and the order is ready to be finalized. - // Once finalized, it will transition to the Valid state. - // This is a transient state. - Ready State = "ready" - - // Pending signifies that an ACME resource is still pending and is not yet ready. - // If an Order is marked 'Pending', the validations for that Order are still in progress. - // This is a transient state. - Pending State = "pending" - - // Processing signifies that an ACME resource is being processed by the server. - // If an Order is marked 'Processing', the validations for that Order are currently being processed. - // This is a transient state. - Processing State = "processing" - - // Invalid signifies that an ACME resource is invalid for some reason. - // If an Order is marked 'invalid', one of its validations be have invalid for some reason. - // This is a final state. - Invalid State = "invalid" - - // Expired signifies that an ACME resource has expired. - // If an Order is marked 'Expired', one of its validations may have expired or the Order itself. - // This is a final state. - Expired State = "expired" - - // Errored signifies that the ACME resource has errored for some reason. - // This is a catch-all state, and is used for marking internal cert-manager - // errors such as validation failures. - // This is a final state. - Errored State = "errored" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/zz_generated.deepcopy.go deleted file mode 100644 index 50800c86d6..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/zz_generated.deepcopy.go +++ /dev/null @@ -1,891 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1beta1 - -import ( - metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" - v1 "k8s.io/api/core/v1" - apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" - apismetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEAuthorization) DeepCopyInto(out *ACMEAuthorization) { - *out = *in - if in.Wildcard != nil { - in, out := &in.Wildcard, &out.Wildcard - *out = new(bool) - **out = **in - } - if in.Challenges != nil { - in, out := &in.Challenges, &out.Challenges - *out = make([]ACMEChallenge, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEAuthorization. -func (in *ACMEAuthorization) DeepCopy() *ACMEAuthorization { - if in == nil { - return nil - } - out := new(ACMEAuthorization) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallenge) DeepCopyInto(out *ACMEChallenge) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallenge. -func (in *ACMEChallenge) DeepCopy() *ACMEChallenge { - if in == nil { - return nil - } - out := new(ACMEChallenge) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolver) DeepCopyInto(out *ACMEChallengeSolver) { - *out = *in - if in.Selector != nil { - in, out := &in.Selector, &out.Selector - *out = new(CertificateDNSNameSelector) - (*in).DeepCopyInto(*out) - } - if in.HTTP01 != nil { - in, out := &in.HTTP01, &out.HTTP01 - *out = new(ACMEChallengeSolverHTTP01) - (*in).DeepCopyInto(*out) - } - if in.DNS01 != nil { - in, out := &in.DNS01, &out.DNS01 - *out = new(ACMEChallengeSolverDNS01) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolver. -func (in *ACMEChallengeSolver) DeepCopy() *ACMEChallengeSolver { - if in == nil { - return nil - } - out := new(ACMEChallengeSolver) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverDNS01) DeepCopyInto(out *ACMEChallengeSolverDNS01) { - *out = *in - if in.Akamai != nil { - in, out := &in.Akamai, &out.Akamai - *out = new(ACMEIssuerDNS01ProviderAkamai) - **out = **in - } - if in.CloudDNS != nil { - in, out := &in.CloudDNS, &out.CloudDNS - *out = new(ACMEIssuerDNS01ProviderCloudDNS) - (*in).DeepCopyInto(*out) - } - if in.Cloudflare != nil { - in, out := &in.Cloudflare, &out.Cloudflare - *out = new(ACMEIssuerDNS01ProviderCloudflare) - (*in).DeepCopyInto(*out) - } - if in.Route53 != nil { - in, out := &in.Route53, &out.Route53 - *out = new(ACMEIssuerDNS01ProviderRoute53) - **out = **in - } - if in.AzureDNS != nil { - in, out := &in.AzureDNS, &out.AzureDNS - *out = new(ACMEIssuerDNS01ProviderAzureDNS) - (*in).DeepCopyInto(*out) - } - if in.DigitalOcean != nil { - in, out := &in.DigitalOcean, &out.DigitalOcean - *out = new(ACMEIssuerDNS01ProviderDigitalOcean) - **out = **in - } - if in.AcmeDNS != nil { - in, out := &in.AcmeDNS, &out.AcmeDNS - *out = new(ACMEIssuerDNS01ProviderAcmeDNS) - **out = **in - } - if in.RFC2136 != nil { - in, out := &in.RFC2136, &out.RFC2136 - *out = new(ACMEIssuerDNS01ProviderRFC2136) - **out = **in - } - if in.Webhook != nil { - in, out := &in.Webhook, &out.Webhook - *out = new(ACMEIssuerDNS01ProviderWebhook) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverDNS01. -func (in *ACMEChallengeSolverDNS01) DeepCopy() *ACMEChallengeSolverDNS01 { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverDNS01) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01) DeepCopyInto(out *ACMEChallengeSolverHTTP01) { - *out = *in - if in.Ingress != nil { - in, out := &in.Ingress, &out.Ingress - *out = new(ACMEChallengeSolverHTTP01Ingress) - (*in).DeepCopyInto(*out) - } - if in.GatewayHTTPRoute != nil { - in, out := &in.GatewayHTTPRoute, &out.GatewayHTTPRoute - *out = new(ACMEChallengeSolverHTTP01GatewayHTTPRoute) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01. -func (in *ACMEChallengeSolverHTTP01) DeepCopy() *ACMEChallengeSolverHTTP01 { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01GatewayHTTPRoute) DeepCopyInto(out *ACMEChallengeSolverHTTP01GatewayHTTPRoute) { - *out = *in - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01GatewayHTTPRoute. -func (in *ACMEChallengeSolverHTTP01GatewayHTTPRoute) DeepCopy() *ACMEChallengeSolverHTTP01GatewayHTTPRoute { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01GatewayHTTPRoute) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01Ingress) DeepCopyInto(out *ACMEChallengeSolverHTTP01Ingress) { - *out = *in - if in.Class != nil { - in, out := &in.Class, &out.Class - *out = new(string) - **out = **in - } - if in.PodTemplate != nil { - in, out := &in.PodTemplate, &out.PodTemplate - *out = new(ACMEChallengeSolverHTTP01IngressPodTemplate) - (*in).DeepCopyInto(*out) - } - if in.IngressTemplate != nil { - in, out := &in.IngressTemplate, &out.IngressTemplate - *out = new(ACMEChallengeSolverHTTP01IngressTemplate) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01Ingress. -func (in *ACMEChallengeSolverHTTP01Ingress) DeepCopy() *ACMEChallengeSolverHTTP01Ingress { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01Ingress) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressObjectMeta) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressObjectMeta) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressObjectMeta. -func (in *ACMEChallengeSolverHTTP01IngressObjectMeta) DeepCopy() *ACMEChallengeSolverHTTP01IngressObjectMeta { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressObjectMeta) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodObjectMeta) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodObjectMeta) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodObjectMeta. -func (in *ACMEChallengeSolverHTTP01IngressPodObjectMeta) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodObjectMeta { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodObjectMeta) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodSpec) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodSpec) { - *out = *in - if in.NodeSelector != nil { - in, out := &in.NodeSelector, &out.NodeSelector - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Affinity != nil { - in, out := &in.Affinity, &out.Affinity - *out = new(v1.Affinity) - (*in).DeepCopyInto(*out) - } - if in.Tolerations != nil { - in, out := &in.Tolerations, &out.Tolerations - *out = make([]v1.Toleration, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodSpec. -func (in *ACMEChallengeSolverHTTP01IngressPodSpec) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodSpec { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressPodTemplate) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressPodTemplate) { - *out = *in - in.ACMEChallengeSolverHTTP01IngressPodObjectMeta.DeepCopyInto(&out.ACMEChallengeSolverHTTP01IngressPodObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressPodTemplate. -func (in *ACMEChallengeSolverHTTP01IngressPodTemplate) DeepCopy() *ACMEChallengeSolverHTTP01IngressPodTemplate { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressPodTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEChallengeSolverHTTP01IngressTemplate) DeepCopyInto(out *ACMEChallengeSolverHTTP01IngressTemplate) { - *out = *in - in.ACMEChallengeSolverHTTP01IngressObjectMeta.DeepCopyInto(&out.ACMEChallengeSolverHTTP01IngressObjectMeta) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEChallengeSolverHTTP01IngressTemplate. -func (in *ACMEChallengeSolverHTTP01IngressTemplate) DeepCopy() *ACMEChallengeSolverHTTP01IngressTemplate { - if in == nil { - return nil - } - out := new(ACMEChallengeSolverHTTP01IngressTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEExternalAccountBinding) DeepCopyInto(out *ACMEExternalAccountBinding) { - *out = *in - out.Key = in.Key - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEExternalAccountBinding. -func (in *ACMEExternalAccountBinding) DeepCopy() *ACMEExternalAccountBinding { - if in == nil { - return nil - } - out := new(ACMEExternalAccountBinding) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuer) DeepCopyInto(out *ACMEIssuer) { - *out = *in - if in.ExternalAccountBinding != nil { - in, out := &in.ExternalAccountBinding, &out.ExternalAccountBinding - *out = new(ACMEExternalAccountBinding) - **out = **in - } - out.PrivateKey = in.PrivateKey - if in.Solvers != nil { - in, out := &in.Solvers, &out.Solvers - *out = make([]ACMEChallengeSolver, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuer. -func (in *ACMEIssuer) DeepCopy() *ACMEIssuer { - if in == nil { - return nil - } - out := new(ACMEIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAcmeDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderAcmeDNS) { - *out = *in - out.AccountSecret = in.AccountSecret - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAcmeDNS. -func (in *ACMEIssuerDNS01ProviderAcmeDNS) DeepCopy() *ACMEIssuerDNS01ProviderAcmeDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAcmeDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAkamai) DeepCopyInto(out *ACMEIssuerDNS01ProviderAkamai) { - *out = *in - out.ClientToken = in.ClientToken - out.ClientSecret = in.ClientSecret - out.AccessToken = in.AccessToken - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAkamai. -func (in *ACMEIssuerDNS01ProviderAkamai) DeepCopy() *ACMEIssuerDNS01ProviderAkamai { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAkamai) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderAzureDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderAzureDNS) { - *out = *in - if in.ClientSecret != nil { - in, out := &in.ClientSecret, &out.ClientSecret - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.ManagedIdentity != nil { - in, out := &in.ManagedIdentity, &out.ManagedIdentity - *out = new(AzureManagedIdentity) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderAzureDNS. -func (in *ACMEIssuerDNS01ProviderAzureDNS) DeepCopy() *ACMEIssuerDNS01ProviderAzureDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderAzureDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderCloudDNS) DeepCopyInto(out *ACMEIssuerDNS01ProviderCloudDNS) { - *out = *in - if in.ServiceAccount != nil { - in, out := &in.ServiceAccount, &out.ServiceAccount - *out = new(metav1.SecretKeySelector) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderCloudDNS. -func (in *ACMEIssuerDNS01ProviderCloudDNS) DeepCopy() *ACMEIssuerDNS01ProviderCloudDNS { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderCloudDNS) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderCloudflare) DeepCopyInto(out *ACMEIssuerDNS01ProviderCloudflare) { - *out = *in - if in.APIKey != nil { - in, out := &in.APIKey, &out.APIKey - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.APIToken != nil { - in, out := &in.APIToken, &out.APIToken - *out = new(metav1.SecretKeySelector) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderCloudflare. -func (in *ACMEIssuerDNS01ProviderCloudflare) DeepCopy() *ACMEIssuerDNS01ProviderCloudflare { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderCloudflare) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderDigitalOcean) DeepCopyInto(out *ACMEIssuerDNS01ProviderDigitalOcean) { - *out = *in - out.Token = in.Token - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderDigitalOcean. -func (in *ACMEIssuerDNS01ProviderDigitalOcean) DeepCopy() *ACMEIssuerDNS01ProviderDigitalOcean { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderDigitalOcean) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderRFC2136) DeepCopyInto(out *ACMEIssuerDNS01ProviderRFC2136) { - *out = *in - out.TSIGSecret = in.TSIGSecret - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderRFC2136. -func (in *ACMEIssuerDNS01ProviderRFC2136) DeepCopy() *ACMEIssuerDNS01ProviderRFC2136 { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderRFC2136) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderRoute53) DeepCopyInto(out *ACMEIssuerDNS01ProviderRoute53) { - *out = *in - out.SecretAccessKey = in.SecretAccessKey - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderRoute53. -func (in *ACMEIssuerDNS01ProviderRoute53) DeepCopy() *ACMEIssuerDNS01ProviderRoute53 { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderRoute53) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerDNS01ProviderWebhook) DeepCopyInto(out *ACMEIssuerDNS01ProviderWebhook) { - *out = *in - if in.Config != nil { - in, out := &in.Config, &out.Config - *out = new(apiextensionsv1.JSON) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerDNS01ProviderWebhook. -func (in *ACMEIssuerDNS01ProviderWebhook) DeepCopy() *ACMEIssuerDNS01ProviderWebhook { - if in == nil { - return nil - } - out := new(ACMEIssuerDNS01ProviderWebhook) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ACMEIssuerStatus) DeepCopyInto(out *ACMEIssuerStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ACMEIssuerStatus. -func (in *ACMEIssuerStatus) DeepCopy() *ACMEIssuerStatus { - if in == nil { - return nil - } - out := new(ACMEIssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AzureManagedIdentity) DeepCopyInto(out *AzureManagedIdentity) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureManagedIdentity. -func (in *AzureManagedIdentity) DeepCopy() *AzureManagedIdentity { - if in == nil { - return nil - } - out := new(AzureManagedIdentity) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateDNSNameSelector) DeepCopyInto(out *CertificateDNSNameSelector) { - *out = *in - if in.MatchLabels != nil { - in, out := &in.MatchLabels, &out.MatchLabels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.DNSZones != nil { - in, out := &in.DNSZones, &out.DNSZones - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateDNSNameSelector. -func (in *CertificateDNSNameSelector) DeepCopy() *CertificateDNSNameSelector { - if in == nil { - return nil - } - out := new(CertificateDNSNameSelector) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Challenge) DeepCopyInto(out *Challenge) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - out.Status = in.Status - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Challenge. -func (in *Challenge) DeepCopy() *Challenge { - if in == nil { - return nil - } - out := new(Challenge) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Challenge) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeList) DeepCopyInto(out *ChallengeList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Challenge, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeList. -func (in *ChallengeList) DeepCopy() *ChallengeList { - if in == nil { - return nil - } - out := new(ChallengeList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ChallengeList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeSpec) DeepCopyInto(out *ChallengeSpec) { - *out = *in - in.Solver.DeepCopyInto(&out.Solver) - out.IssuerRef = in.IssuerRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeSpec. -func (in *ChallengeSpec) DeepCopy() *ChallengeSpec { - if in == nil { - return nil - } - out := new(ChallengeSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ChallengeStatus) DeepCopyInto(out *ChallengeStatus) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChallengeStatus. -func (in *ChallengeStatus) DeepCopy() *ChallengeStatus { - if in == nil { - return nil - } - out := new(ChallengeStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Order) DeepCopyInto(out *Order) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Order. -func (in *Order) DeepCopy() *Order { - if in == nil { - return nil - } - out := new(Order) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Order) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderList) DeepCopyInto(out *OrderList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Order, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderList. -func (in *OrderList) DeepCopy() *OrderList { - if in == nil { - return nil - } - out := new(OrderList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *OrderList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderSpec) DeepCopyInto(out *OrderSpec) { - *out = *in - if in.Request != nil { - in, out := &in.Request, &out.Request - *out = make([]byte, len(*in)) - copy(*out, *in) - } - out.IssuerRef = in.IssuerRef - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.IPAddresses != nil { - in, out := &in.IPAddresses, &out.IPAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(apismetav1.Duration) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderSpec. -func (in *OrderSpec) DeepCopy() *OrderSpec { - if in == nil { - return nil - } - out := new(OrderSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *OrderStatus) DeepCopyInto(out *OrderStatus) { - *out = *in - if in.Authorizations != nil { - in, out := &in.Authorizations, &out.Authorizations - *out = make([]ACMEAuthorization, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.FailureTime != nil { - in, out := &in.FailureTime, &out.FailureTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrderStatus. -func (in *OrderStatus) DeepCopy() *OrderStatus { - if in == nil { - return nil - } - out := new(OrderStatus) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/BUILD.bazel deleted file mode 100644 index 8ca712cd6a..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/BUILD.bazel +++ /dev/null @@ -1,9 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["doc.go"], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager", - importpath = "github.com/jetstack/cert-manager/pkg/apis/certmanager", - visibility = ["//visibility:public"], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/BUILD.bazel deleted file mode 100644 index 91fa9d94fe..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "const.go", - "doc.go", - "generic_issuer.go", - "register.go", - "types.go", - "types_certificate.go", - "types_certificaterequest.go", - "types_issuer.go", - "zz_generated.deepcopy.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2", - importpath = "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/const.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/const.go deleted file mode 100644 index 2a26fcf47b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/const.go +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import "time" - -const ( - // minimum permitted certificate duration by cert-manager - MinimumCertificateDuration = time.Hour - - // default certificate duration if Issuer.spec.duration is not set - DefaultCertificateDuration = time.Hour * 24 * 90 - - // minimum certificate duration before certificate expiration - MinimumRenewBefore = time.Minute * 5 - - // Deprecated: the default is now 2/3 of Certificate's duration - DefaultRenewBefore = time.Hour * 24 * 30 -) - -const ( - // Default index key for the Secret reference for Token authentication - DefaultVaultTokenAuthSecretKey = "token" - - // Default mount path location for Kubernetes ServiceAccount authentication - // (/v1/auth/kubernetes). The endpoint will then be called at `/login`, so - // left as the default, `/v1/auth/kubernetes/login` will be called. - DefaultVaultKubernetesAuthMountPath = "/v1/auth/kubernetes" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/doc.go deleted file mode 100644 index 8e6893ae5b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/doc.go +++ /dev/null @@ -1,24 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package v1alpha2 is the v1alpha2 version of the API. -// +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/certmanager -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta -// +groupName=cert-manager.io -// +groupGoName=Certmanager -package v1alpha2 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/generic_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/generic_issuer.go deleted file mode 100644 index 3067f9cf18..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/generic_issuer.go +++ /dev/null @@ -1,85 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - - cmacme "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" -) - -type GenericIssuer interface { - runtime.Object - metav1.Object - - GetObjectMeta() *metav1.ObjectMeta - GetSpec() *IssuerSpec - GetStatus() *IssuerStatus -} - -var _ GenericIssuer = &Issuer{} -var _ GenericIssuer = &ClusterIssuer{} - -func (c *ClusterIssuer) GetObjectMeta() *metav1.ObjectMeta { - return &c.ObjectMeta -} -func (c *ClusterIssuer) GetSpec() *IssuerSpec { - return &c.Spec -} -func (c *ClusterIssuer) GetStatus() *IssuerStatus { - return &c.Status -} -func (c *ClusterIssuer) SetSpec(spec IssuerSpec) { - c.Spec = spec -} -func (c *ClusterIssuer) SetStatus(status IssuerStatus) { - c.Status = status -} -func (c *ClusterIssuer) Copy() GenericIssuer { - return c.DeepCopy() -} -func (c *Issuer) GetObjectMeta() *metav1.ObjectMeta { - return &c.ObjectMeta -} -func (c *Issuer) GetSpec() *IssuerSpec { - return &c.Spec -} -func (c *Issuer) GetStatus() *IssuerStatus { - return &c.Status -} -func (c *Issuer) SetSpec(spec IssuerSpec) { - c.Spec = spec -} -func (c *Issuer) SetStatus(status IssuerStatus) { - c.Status = status -} -func (c *Issuer) Copy() GenericIssuer { - return c.DeepCopy() -} - -// TODO: refactor these functions away -func (i *IssuerStatus) ACMEStatus() *cmacme.ACMEIssuerStatus { - // this is an edge case, but this will prevent panics - if i == nil { - return &cmacme.ACMEIssuerStatus{} - } - if i.ACME == nil { - i.ACME = &cmacme.ACMEIssuerStatus{} - } - return i.ACME -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types.go deleted file mode 100644 index 86786aef7b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types.go +++ /dev/null @@ -1,203 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -// Common annotation keys added to resources. -const ( - // Annotation key for DNS subjectAltNames. - AltNamesAnnotationKey = "cert-manager.io/alt-names" - - // Annotation key for IP subjectAltNames. - IPSANAnnotationKey = "cert-manager.io/ip-sans" - - // Annotation key for URI subjectAltNames. - URISANAnnotationKey = "cert-manager.io/uri-sans" - - // Annotation key for certificate common name. - CommonNameAnnotationKey = "cert-manager.io/common-name" - - // Annotation key the 'name' of the Issuer resource. - IssuerNameAnnotationKey = "cert-manager.io/issuer-name" - - // Annotation key for the 'kind' of the Issuer resource. - IssuerKindAnnotationKey = "cert-manager.io/issuer-kind" - - // Annotation key for the 'group' of the Issuer resource. - IssuerGroupAnnotationKey = "cert-manager.io/issuer-group" - - // Annotation key for the name of the certificate that a resource is related to. - CertificateNameKey = "cert-manager.io/certificate-name" - - // Annotation key used to denote whether a Secret is named on a Certificate - // as a 'next private key' Secret resource. - IsNextPrivateKeySecretLabelKey = "cert-manager.io/next-private-key" -) - -// Deprecated annotation names for Secrets -// These will be removed in a future release. -const ( - DeprecatedIssuerNameAnnotationKey = "certmanager.k8s.io/issuer-name" - DeprecatedIssuerKindAnnotationKey = "certmanager.k8s.io/issuer-kind" -) - -const ( - // issuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. - IngressIssuerNameAnnotationKey = "cert-manager.io/issuer" - // clusterIssuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. The Certificate will reference the - // specified *ClusterIssuer* instead of normal issuer. - IngressClusterIssuerNameAnnotationKey = "cert-manager.io/cluster-issuer" - // acmeIssuerHTTP01IngressClassAnnotation can be used to override the http01 ingressClass - // if the challenge type is set to http01 - IngressACMEIssuerHTTP01IngressClassAnnotationKey = "acme.cert-manager.io/http01-ingress-class" - - // IngressClassAnnotationKey picks a specific "class" for the Ingress. The - // controller only processes Ingresses with this annotation either unset, or - // set to either the configured value or the empty string. - IngressClassAnnotationKey = "kubernetes.io/ingress.class" -) - -// Annotation names for CertificateRequests -const ( - // Annotation added to CertificateRequest resources to denote the name of - // a Secret resource containing the private key used to sign the CSR stored - // on the resource. - // This annotation *may* not be present, and is used by the 'self signing' - // issuer type to self-sign certificates. - CertificateRequestPrivateKeyAnnotationKey = "cert-manager.io/private-key-secret-name" - - // Annotation to declare the CertificateRequest "revision", belonging to a Certificate Resource - CertificateRequestRevisionAnnotationKey = "cert-manager.io/certificate-revision" -) - -const ( - // IssueTemporaryCertificateAnnotation is an annotation that can be added to - // Certificate resources. - // If it is present, a temporary internally signed certificate will be - // stored in the target Secret resource whilst the real Issuer is processing - // the certificate request. - IssueTemporaryCertificateAnnotation = "cert-manager.io/issue-temporary-certificate" -) - -// Common/known resource kinds. -const ( - ClusterIssuerKind = "ClusterIssuer" - IssuerKind = "Issuer" - CertificateKind = "Certificate" - CertificateRequestKind = "CertificateRequest" -) - -const ( - // WantInjectAnnotation is the annotation that specifies that a particular - // object wants injection of CAs. It takes the form of a reference to a certificate - // as namespace/name. - WantInjectAnnotation = "cert-manager.io/inject-ca-from" - - // WantInjectAPIServerCAAnnotation, if set to "true", will make the cainjector - // inject the CA certificate for the Kubernetes apiserver into the resource. - // It discovers the apiserver's CA by inspecting the service account credentials - // mounted into the cainjector pod. - WantInjectAPIServerCAAnnotation = "cert-manager.io/inject-apiserver-ca" - - // WantInjectFromSecretAnnotation is the annotation that specifies that a particular - // object wants injection of CAs. It takes the form of a reference to a Secret - // as namespace/name. - WantInjectFromSecretAnnotation = "cert-manager.io/inject-ca-from-secret" - - // AllowsInjectionFromSecretAnnotation is an annotation that must be added - // to Secret resource that want to denote that they can be directly - // injected into injectables that have a `inject-ca-from-secret` annotation. - // If an injectable references a Secret that does NOT have this annotation, - // the cainjector will refuse to inject the secret. - AllowsInjectionFromSecretAnnotation = "cert-manager.io/allow-direct-injection" -) - -// Issuer specific Annotations -const ( - // VenafiCustomFieldsAnnotationKey is the annotation that passes on JSON encoded custom fields to the Venafi issuer - // This will only work with Venafi TPP v19.3 and higher - // The value is an array with objects containing the name and value keys - // for example: `[{"name": "custom-field", "value": "custom-value"}]` - VenafiCustomFieldsAnnotationKey = "venafi.cert-manager.io/custom-fields" -) - -// KeyUsage specifies valid usage contexts for keys. -// See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 -// https://tools.ietf.org/html/rfc5280#section-4.2.1.12 -// Valid KeyUsage values are as follows: -// "signing", -// "digital signature", -// "content commitment", -// "key encipherment", -// "key agreement", -// "data encipherment", -// "cert sign", -// "crl sign", -// "encipher only", -// "decipher only", -// "any", -// "server auth", -// "client auth", -// "code signing", -// "email protection", -// "s/mime", -// "ipsec end system", -// "ipsec tunnel", -// "ipsec user", -// "timestamping", -// "ocsp signing", -// "microsoft sgc", -// "netscape sgc" -// +kubebuilder:validation:Enum="signing";"digital signature";"content commitment";"key encipherment";"key agreement";"data encipherment";"cert sign";"crl sign";"encipher only";"decipher only";"any";"server auth";"client auth";"code signing";"email protection";"s/mime";"ipsec end system";"ipsec tunnel";"ipsec user";"timestamping";"ocsp signing";"microsoft sgc";"netscape sgc" -type KeyUsage string - -const ( - UsageSigning KeyUsage = "signing" - UsageDigitalSignature KeyUsage = "digital signature" - UsageContentCommitment KeyUsage = "content commitment" - UsageKeyEncipherment KeyUsage = "key encipherment" - UsageKeyAgreement KeyUsage = "key agreement" - UsageDataEncipherment KeyUsage = "data encipherment" - UsageCertSign KeyUsage = "cert sign" - UsageCRLSign KeyUsage = "crl sign" - UsageEncipherOnly KeyUsage = "encipher only" - UsageDecipherOnly KeyUsage = "decipher only" - UsageAny KeyUsage = "any" - UsageServerAuth KeyUsage = "server auth" - UsageClientAuth KeyUsage = "client auth" - UsageCodeSigning KeyUsage = "code signing" - UsageEmailProtection KeyUsage = "email protection" - UsageSMIME KeyUsage = "s/mime" - UsageIPsecEndSystem KeyUsage = "ipsec end system" - UsageIPsecTunnel KeyUsage = "ipsec tunnel" - UsageIPsecUser KeyUsage = "ipsec user" - UsageTimestamping KeyUsage = "timestamping" - UsageOCSPSigning KeyUsage = "ocsp signing" - UsageMicrosoftSGC KeyUsage = "microsoft sgc" - UsageNetscapeSGC KeyUsage = "netscape sgc" -) - -// DefaultKeyUsages contains the default list of key usages -func DefaultKeyUsages() []KeyUsage { - // The serverAuth EKU is required as of Mac OS Catalina: https://support.apple.com/en-us/HT210176 - // Without this usage, certificates will _always_ flag a warning in newer Mac OS browsers. - // We don't explicitly add it here as it leads to strange behaviour when a user sets isCA: true - // (in which case, 'serverAuth' on the CA can break a lot of clients). - // CAs can (and often do) opt to automatically add usages. - return []KeyUsage{UsageDigitalSignature, UsageKeyEncipherment} -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificate.go deleted file mode 100644 index 5b3f7eafa0..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificate.go +++ /dev/null @@ -1,444 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A Certificate resource should be created to ensure an up to date and signed -// x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. -// -// The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`). -// +k8s:openapi-gen=true -type Certificate struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the Certificate resource. - Spec CertificateSpec `json:"spec,omitempty"` - - // Status of the Certificate. This is set and managed automatically. - Status CertificateStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CertificateList is a list of Certificates -type CertificateList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Certificate `json:"items"` -} - -// +kubebuilder:validation:Enum=rsa;ecdsa -type KeyAlgorithm string - -const ( - // Denotes the RSA private key type. - RSAKeyAlgorithm KeyAlgorithm = "rsa" - - // Denotes the ECDSA private key type. - ECDSAKeyAlgorithm KeyAlgorithm = "ecdsa" -) - -// +kubebuilder:validation:Enum=pkcs1;pkcs8 -type KeyEncoding string - -const ( - // PKCS1 key encoding will produce PEM files that include the type of - // private key as part of the PEM header, e.g. `BEGIN RSA PRIVATE KEY`. - // If the keyAlgorithm is set to 'ECDSA', this will produce private keys - // that use the `BEGIN EC PRIVATE KEY` header. - PKCS1 KeyEncoding = "pkcs1" - - // PKCS8 key encoding will produce PEM files with the `BEGIN PRIVATE KEY` - // header. It encodes the keyAlgorithm of the private key as part of the - // DER encoded PEM block. - PKCS8 KeyEncoding = "pkcs8" -) - -// CertificateSpec defines the desired state of Certificate. -type CertificateSpec struct { - // Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). - // +optional - Subject *X509Subject `json:"subject,omitempty"` - - // CommonName is a common name to be used on the Certificate. - // The CommonName should have a length of 64 characters or fewer to avoid - // generating invalid CSRs. - // This value is ignored by TLS clients when any subject alt name is set. - // This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4 - // +optional - CommonName string `json:"commonName,omitempty"` - - // Organization is a list of organizations to be used on the Certificate. - // +optional - Organization []string `json:"organization,omitempty"` - - // The requested 'duration' (i.e. lifetime) of the Certificate. This option - // may be ignored/overridden by some issuer types. If unset this defaults to - // 90 days. Certificate will be renewed either 2/3 through its duration or - // `renewBefore` period before its expiry, whichever is later. Minimum - // accepted duration is 1 hour. Value must be in units accepted by Go - // time.ParseDuration https://golang.org/pkg/time/#ParseDuration - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` - - // How long before the currently issued certificate's expiry - // cert-manager should renew the certificate. The default is 2/3 of the - // issued certificate's duration. Minimum accepted value is 5 minutes. - // Value must be in units accepted by Go time.ParseDuration - // https://golang.org/pkg/time/#ParseDuration - // +optional - RenewBefore *metav1.Duration `json:"renewBefore,omitempty"` - - // DNSNames is a list of DNS subjectAltNames to be set on the Certificate. - // +optional - DNSNames []string `json:"dnsNames,omitempty"` - - // IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. - // +optional - IPAddresses []string `json:"ipAddresses,omitempty"` - - // URISANs is a list of URI subjectAltNames to be set on the Certificate. - // +optional - URISANs []string `json:"uriSANs,omitempty"` - - // EmailSANs is a list of email subjectAltNames to be set on the Certificate. - // +optional - EmailSANs []string `json:"emailSANs,omitempty"` - - // SecretName is the name of the secret resource that will be automatically - // created and managed by this Certificate resource. - // It will be populated with a private key and certificate, signed by the - // denoted issuer. - SecretName string `json:"secretName"` - - // SecretTemplate defines annotations and labels to be propagated - // to the Kubernetes Secret when it is created or updated. Once created, - // labels and annotations are not yet removed from the Secret when they are - // removed from the template. See https://github.com/jetstack/cert-manager/issues/4292 - // +optional - SecretTemplate *CertificateSecretTemplate `json:"secretTemplate,omitempty"` - - // Keystores configures additional keystore output formats stored in the - // `secretName` Secret resource. - // +optional - Keystores *CertificateKeystores `json:"keystores,omitempty"` - - // IssuerRef is a reference to the issuer for this certificate. - // If the `kind` field is not set, or set to `Issuer`, an Issuer resource - // with the given name in the same namespace as the Certificate will be used. - // If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the - // provided name will be used. - // The `name` field in this stanza is required at all times. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // IsCA will mark this Certificate as valid for certificate signing. - // This will automatically add the `cert sign` usage to the list of `usages`. - // +optional - IsCA bool `json:"isCA,omitempty"` - - // Usages is the set of x509 usages that are requested for the certificate. - // Defaults to `digital signature` and `key encipherment` if not specified. - // +optional - Usages []KeyUsage `json:"usages,omitempty"` - - // KeySize is the key bit size of the corresponding private key for this certificate. - // If `keyAlgorithm` is set to `rsa`, valid values are `2048`, `4096` or `8192`, - // and will default to `2048` if not specified. - // If `keyAlgorithm` is set to `ecdsa`, valid values are `256`, `384` or `521`, - // and will default to `256` if not specified. - // No other values are allowed. - // +optional - KeySize int `json:"keySize,omitempty"` // Validated by webhook. Be mindful of adding OpenAPI validation- see https://github.com/jetstack/cert-manager/issues/3644 . - - // KeyAlgorithm is the private key algorithm of the corresponding private key - // for this certificate. If provided, allowed values are either `rsa` or `ecdsa` - // If `keyAlgorithm` is specified and `keySize` is not provided, - // key size of 256 will be used for `ecdsa` key algorithm and - // key size of 2048 will be used for `rsa` key algorithm. - // +optional - KeyAlgorithm KeyAlgorithm `json:"keyAlgorithm,omitempty"` - - // KeyEncoding is the private key cryptography standards (PKCS) - // for this certificate's private key to be encoded in. If provided, allowed - // values are `pkcs1` and `pkcs8` standing for PKCS#1 and PKCS#8, respectively. - // If KeyEncoding is not specified, then `pkcs1` will be used by default. - // +optional - KeyEncoding KeyEncoding `json:"keyEncoding,omitempty"` - - // Options to control private keys used for the Certificate. - // +optional - PrivateKey *CertificatePrivateKey `json:"privateKey,omitempty"` - - // EncodeUsagesInRequest controls whether key usages should be present - // in the CertificateRequest - // +optional - EncodeUsagesInRequest *bool `json:"encodeUsagesInRequest,omitempty"` - - // revisionHistoryLimit is the maximum number of CertificateRequest revisions - // that are maintained in the Certificate's history. Each revision represents - // a single `CertificateRequest` created by this Certificate, either when it - // was created, renewed, or Spec was changed. Revisions will be removed by - // oldest first if the number of revisions exceeds this number. If set, - // revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), - // revisions will not be garbage collected. Default value is `nil`. - // +kubebuilder:validation:ExclusiveMaximum=false - // +optional - RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty"` // Validated by the validating webhook. -} - -// CertificatePrivateKey contains configuration options for private keys -// used by the Certificate controller. -// This allows control of how private keys are rotated. -type CertificatePrivateKey struct { - // RotationPolicy controls how private keys should be regenerated when a - // re-issuance is being processed. - // If set to Never, a private key will only be generated if one does not - // already exist in the target `spec.secretName`. If one does exists but it - // does not have the correct algorithm or size, a warning will be raised - // to await user intervention. - // If set to Always, a private key matching the specified requirements - // will be generated whenever a re-issuance occurs. - // Default is 'Never' for backward compatibility. - // +optional - RotationPolicy PrivateKeyRotationPolicy `json:"rotationPolicy,omitempty"` -} - -// Denotes how private keys should be generated or sourced when a Certificate -// is being issued. -type PrivateKeyRotationPolicy string - -var ( - // RotationPolicyNever means a private key will only be generated if one - // does not already exist in the target `spec.secretName`. - // If one does exists but it does not have the correct algorithm or size, - // a warning will be raised to await user intervention. - RotationPolicyNever PrivateKeyRotationPolicy = "Never" - - // RotationPolicyAlways means a private key matching the specified - // requirements will be generated whenever a re-issuance occurs. - RotationPolicyAlways PrivateKeyRotationPolicy = "Always" -) - -// X509Subject Full X509 name specification -type X509Subject struct { - // Countries to be used on the Certificate. - // +optional - Countries []string `json:"countries,omitempty"` - // Organizational Units to be used on the Certificate. - // +optional - OrganizationalUnits []string `json:"organizationalUnits,omitempty"` - // Cities to be used on the Certificate. - // +optional - Localities []string `json:"localities,omitempty"` - // State/Provinces to be used on the Certificate. - // +optional - Provinces []string `json:"provinces,omitempty"` - // Street addresses to be used on the Certificate. - // +optional - StreetAddresses []string `json:"streetAddresses,omitempty"` - // Postal codes to be used on the Certificate. - // +optional - PostalCodes []string `json:"postalCodes,omitempty"` - // Serial number to be used on the Certificate. - // +optional - SerialNumber string `json:"serialNumber,omitempty"` -} - -// CertificateKeystores configures additional keystore output formats to be -// created in the Certificate's output Secret. -type CertificateKeystores struct { - // JKS configures options for storing a JKS keystore in the - // `spec.secretName` Secret resource. - JKS *JKSKeystore `json:"jks,omitempty"` - - // PKCS12 configures options for storing a PKCS12 keystore in the - // `spec.secretName` Secret resource. - PKCS12 *PKCS12Keystore `json:"pkcs12,omitempty"` -} - -// JKS configures options for storing a JKS keystore in the `spec.secretName` -// Secret resource. -type JKSKeystore struct { - // Create enables JKS keystore creation for the Certificate. - // If true, a file named `keystore.jks` will be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef`. - // The keystore file will only be updated upon re-issuance. - Create bool `json:"create"` - - // PasswordSecretRef is a reference to a key in a Secret resource - // containing the password used to encrypt the JKS keystore. - PasswordSecretRef cmmeta.SecretKeySelector `json:"passwordSecretRef"` -} - -// PKCS12 configures options for storing a PKCS12 keystore in the -// `spec.secretName` Secret resource. -type PKCS12Keystore struct { - // Create enables PKCS12 keystore creation for the Certificate. - // If true, a file named `keystore.p12` will be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef`. - // The keystore file will only be updated upon re-issuance. - Create bool `json:"create"` - - // PasswordSecretRef is a reference to a key in a Secret resource - // containing the password used to encrypt the PKCS12 keystore. - PasswordSecretRef cmmeta.SecretKeySelector `json:"passwordSecretRef"` -} - -// CertificateStatus defines the observed state of Certificate -type CertificateStatus struct { - // List of status conditions to indicate the status of certificates. - // Known condition types are `Ready` and `Issuing`. - // +optional - Conditions []CertificateCondition `json:"conditions,omitempty"` - - // LastFailureTime is the time as recorded by the Certificate controller - // of the most recent failure to complete a CertificateRequest for this - // Certificate resource. - // If set, cert-manager will not re-request another Certificate until - // 1 hour has elapsed from this time. - // +optional - LastFailureTime *metav1.Time `json:"lastFailureTime,omitempty"` - - // The time after which the certificate stored in the secret named - // by this resource in spec.secretName is valid. - // +optional - NotBefore *metav1.Time `json:"notBefore,omitempty"` - - // The expiration time of the certificate stored in the secret named - // by this resource in `spec.secretName`. - // +optional - NotAfter *metav1.Time `json:"notAfter,omitempty"` - - // RenewalTime is the time at which the certificate will be next - // renewed. - // If not set, no upcoming renewal is scheduled. - // +optional - RenewalTime *metav1.Time `json:"renewalTime,omitempty"` - - // The current 'revision' of the certificate as issued. - // - // When a CertificateRequest resource is created, it will have the - // `cert-manager.io/certificate-revision` set to one greater than the - // current value of this field. - // - // Upon issuance, this field will be set to the value of the annotation - // on the CertificateRequest resource used to issue the certificate. - // - // Persisting the value on the CertificateRequest resource allows the - // certificates controller to know whether a request is part of an old - // issuance or if it is part of the ongoing revision's issuance by - // checking if the revision value in the annotation is greater than this - // field. - // +optional - Revision *int `json:"revision,omitempty"` - - // The name of the Secret resource containing the private key to be used - // for the next certificate iteration. - // The keymanager controller will automatically set this field if the - // `Issuing` condition is set to `True`. - // It will automatically unset this field when the Issuing condition is - // not set or False. - // +optional - NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` -} - -// CertificateCondition contains condition information for an Certificate. -type CertificateCondition struct { - // Type of the condition, known values are (`Ready`, `Issuing`). - Type CertificateConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` - - // If set, this represents the .metadata.generation that the condition was - // set based upon. - // For instance, if .metadata.generation is currently 12, but the - // .status.condition[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the Certificate. - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` -} - -// CertificateConditionType represents an Certificate condition value. -type CertificateConditionType string - -const ( - // CertificateConditionReady indicates that a certificate is ready for use. - // This is defined as: - // - The target secret exists - // - The target secret contains a certificate that has not expired - // - The target secret contains a private key valid for the certificate - // - The commonName and dnsNames attributes match those specified on the Certificate - CertificateConditionReady CertificateConditionType = "Ready" - - // A condition added to Certificate resources when an issuance is required. - // This condition will be automatically added and set to true if: - // * No keypair data exists in the target Secret - // * The data stored in the Secret cannot be decoded - // * The private key and certificate do not have matching public keys - // * If a CertificateRequest for the current revision exists and the - // certificate data stored in the Secret does not match the - // `status.certificate` on the CertificateRequest. - // * If no CertificateRequest resource exists for the current revision, - // the options on the Certificate resource are compared against the - // x509 data in the Secret, similar to what's done in earlier versions. - // If there is a mismatch, an issuance is triggered. - // This condition may also be added by external API consumers to trigger - // a re-issuance manually for any other reason. - // - // It will be removed by the 'issuing' controller upon completing issuance. - CertificateConditionIssuing CertificateConditionType = "Issuing" -) - -// CertificateSecretTemplate defines the default labels and annotations -// to be copied to the Kubernetes Secret resource named in `CertificateSpec.secretName`. -type CertificateSecretTemplate struct { - // Annotations is a key value map to be copied to the target Kubernetes Secret. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels is a key value map to be copied to the target Kubernetes Secret. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificaterequest.go deleted file mode 100644 index 60563de745..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_certificaterequest.go +++ /dev/null @@ -1,207 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -const ( - // Pending indicates that a CertificateRequest is still in progress. - CertificateRequestReasonPending = "Pending" - - // Failed indicates that a CertificateRequest has failed, either due to - // timing out or some other critical failure. - CertificateRequestReasonFailed = "Failed" - - // Issued indicates that a CertificateRequest has been completed, and that - // the `status.certificate` field is set. - CertificateRequestReasonIssued = "Issued" - - // Denied is a Ready condition reason that indicates that a - // CertificateRequest has been denied, and the CertificateRequest will never - // be issued. - CertificateRequestReasonDenied = "Denied" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A CertificateRequest is used to request a signed certificate from one of the -// configured issuers. -// -// All fields within the CertificateRequest's `spec` are immutable after creation. -// A CertificateRequest will either succeed or fail, as denoted by its `status.state` -// field. -// -// A CertificateRequest is a one-shot resource, meaning it represents a single -// point in time request for a certificate and cannot be re-used. -// +k8s:openapi-gen=true -type CertificateRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the CertificateRequest resource. - Spec CertificateRequestSpec `json:"spec,omitempty"` - - // Status of the CertificateRequest. This is set and managed automatically. - Status CertificateRequestStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CertificateRequestList is a list of Certificates -type CertificateRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []CertificateRequest `json:"items"` -} - -// CertificateRequestSpec defines the desired state of CertificateRequest -type CertificateRequestSpec struct { - // The requested 'duration' (i.e. lifetime) of the Certificate. - // This option may be ignored/overridden by some issuer types. - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` - - // IssuerRef is a reference to the issuer for this CertificateRequest. If - // the `kind` field is not set, or set to `Issuer`, an Issuer resource with - // the given name in the same namespace as the CertificateRequest will be - // used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with - // the provided name will be used. The `name` field in this stanza is - // required at all times. The group field refers to the API group of the - // issuer which defaults to `cert-manager.io` if empty. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // The PEM-encoded x509 certificate signing request to be submitted to the - // CA for signing. - CSRPEM []byte `json:"csr"` - - // IsCA will request to mark the certificate as valid for certificate signing - // when submitting to the issuer. - // This will automatically add the `cert sign` usage to the list of `usages`. - // +optional - IsCA bool `json:"isCA,omitempty"` - - // Usages is the set of x509 usages that are requested for the certificate. - // Defaults to `digital signature` and `key encipherment` if not specified. - // +optional - Usages []KeyUsage `json:"usages,omitempty"` - - // Username contains the name of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - Username string `json:"username,omitempty"` - // UID contains the uid of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - UID string `json:"uid,omitempty"` - // Groups contains group membership of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +listType=atomic - // +optional - Groups []string `json:"groups,omitempty"` - // Extra contains extra attributes of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - Extra map[string][]string `json:"extra,omitempty"` -} - -// CertificateRequestStatus defines the observed state of CertificateRequest and -// resulting signed certificate. -type CertificateRequestStatus struct { - // List of status conditions to indicate the status of a CertificateRequest. - // Known condition types are `Ready` and `InvalidRequest`. - // +optional - Conditions []CertificateRequestCondition `json:"conditions,omitempty"` - - // The PEM encoded x509 certificate resulting from the certificate - // signing request. - // If not set, the CertificateRequest has either not been completed or has - // failed. More information on failure can be found by checking the - // `conditions` field. - // +optional - Certificate []byte `json:"certificate,omitempty"` - - // The PEM encoded x509 certificate of the signer, also known as the CA - // (Certificate Authority). - // This is set on a best-effort basis by different issuers. - // If not set, the CA is assumed to be unknown/not available. - // +optional - CA []byte `json:"ca,omitempty"` - - // FailureTime stores the time that this CertificateRequest failed. This is - // used to influence garbage collection and back-off. - // +optional - FailureTime *metav1.Time `json:"failureTime,omitempty"` -} - -// CertificateRequestCondition contains condition information for a CertificateRequest. -type CertificateRequestCondition struct { - // Type of the condition, known values are (`Ready`, - // `InvalidRequest`, `Approved`, `Denied`). - Type CertificateRequestConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` -} - -// CertificateRequestConditionType represents an Certificate condition value. -type CertificateRequestConditionType string - -const ( - // CertificateRequestConditionReady indicates that a certificate is ready for use. - // This is defined as: - // - The target certificate exists in CertificateRequest.Status - CertificateRequestConditionReady CertificateRequestConditionType = "Ready" - - // CertificateRequestConditionInvalidRequest indicates that a certificate - // signer has refused to sign the request due to at least one of the input - // parameters being invalid. Additional information about why the request - // was rejected can be found in the `reason` and `message` fields. - CertificateRequestConditionInvalidRequest CertificateRequestConditionType = "InvalidRequest" - - // CertificateRequestConditionApproved indicates that a certificate request - // is approved and ready for signing. Condition must never have a status of - // `False`, and cannot be modified once set. Cannot be set alongside - // `Denied`. - CertificateRequestConditionApproved CertificateRequestConditionType = "Approved" - - // CertificateRequestConditionDenied indicates that a certificate request is - // denied, and must never be signed. Condition must never have a status of - // `False`, and cannot be modified once set. Cannot be set alongside - // `Approved`. - CertificateRequestConditionDenied CertificateRequestConditionType = "Denied" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_issuer.go deleted file mode 100644 index d307f993b7..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/types_issuer.go +++ /dev/null @@ -1,341 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha2 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmacme "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A ClusterIssuer represents a certificate issuing authority which can be -// referenced as part of `issuerRef` fields. -// It is similar to an Issuer, however it is cluster-scoped and therefore can -// be referenced by resources that exist in *any* namespace, not just the same -// namespace as the referent. -type ClusterIssuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the ClusterIssuer resource. - Spec IssuerSpec `json:"spec,omitempty"` - - // Status of the ClusterIssuer. This is set and managed automatically. - Status IssuerStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterIssuerList is a list of Issuers -type ClusterIssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []ClusterIssuer `json:"items"` -} - -// +genclient -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// An Issuer represents a certificate issuing authority which can be -// referenced as part of `issuerRef` fields. -// It is scoped to a single namespace and can therefore only be referenced by -// resources within the same namespace. -type Issuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the Issuer resource. - Spec IssuerSpec `json:"spec,omitempty"` - - // Status of the Issuer. This is set and managed automatically. - Status IssuerStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// IssuerList is a list of Issuers -type IssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Issuer `json:"items"` -} - -// IssuerSpec is the specification of an Issuer. This includes any -// configuration required for the issuer. -type IssuerSpec struct { - IssuerConfig `json:",inline"` -} - -// The configuration for the issuer. -// Only one of these can be set. -type IssuerConfig struct { - // ACME configures this issuer to communicate with a RFC8555 (ACME) server - // to obtain signed x509 certificates. - // +optional - ACME *cmacme.ACMEIssuer `json:"acme,omitempty"` - - // CA configures this issuer to sign certificates using a signing CA keypair - // stored in a Secret resource. - // This is used to build internal PKIs that are managed by cert-manager. - // +optional - CA *CAIssuer `json:"ca,omitempty"` - - // Vault configures this issuer to sign certificates using a HashiCorp Vault - // PKI backend. - // +optional - Vault *VaultIssuer `json:"vault,omitempty"` - - // SelfSigned configures this issuer to 'self sign' certificates using the - // private key used to create the CertificateRequest object. - // +optional - SelfSigned *SelfSignedIssuer `json:"selfSigned,omitempty"` - - // Venafi configures this issuer to sign certificates using a Venafi TPP - // or Venafi Cloud policy zone. - // +optional - Venafi *VenafiIssuer `json:"venafi,omitempty"` -} - -// Configures an issuer to sign certificates using a Venafi TPP -// or Cloud policy zone. -type VenafiIssuer struct { - // Zone is the Venafi Policy Zone to use for this issuer. - // All requests made to the Venafi platform will be restricted by the named - // zone policy. - // This field is required. - Zone string `json:"zone"` - - // TPP specifies Trust Protection Platform configuration settings. - // Only one of TPP or Cloud may be specified. - // +optional - TPP *VenafiTPP `json:"tpp,omitempty"` - - // Cloud specifies the Venafi cloud configuration settings. - // Only one of TPP or Cloud may be specified. - // +optional - Cloud *VenafiCloud `json:"cloud,omitempty"` -} - -// VenafiTPP defines connection configuration details for a Venafi TPP instance -type VenafiTPP struct { - // URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, - // for example: "https://tpp.example.com/vedsdk". - URL string `json:"url"` - - // CredentialsRef is a reference to a Secret containing the username and - // password for the TPP server. - // The secret must contain two keys, 'username' and 'password'. - CredentialsRef cmmeta.LocalObjectReference `json:"credentialsRef"` - - // CABundle is a PEM encoded TLS certificate to use to verify connections to - // the TPP instance. - // If specified, system roots will not be used and the issuing CA for the - // TPP instance must be verifiable using the provided root. - // If not specified, the connection will be verified using the cert-manager - // system root certificates. - // +optional - CABundle []byte `json:"caBundle,omitempty"` -} - -// VenafiCloud defines connection configuration details for Venafi Cloud -type VenafiCloud struct { - // URL is the base URL for Venafi Cloud. - // Defaults to "https://api.venafi.cloud/v1". - // +optional - URL string `json:"url,omitempty"` - - // APITokenSecretRef is a secret key selector for the Venafi Cloud API token. - APITokenSecretRef cmmeta.SecretKeySelector `json:"apiTokenSecretRef"` -} - -// Configures an issuer to 'self sign' certificates using the -// private key used to create the CertificateRequest object. -type SelfSignedIssuer struct { - // The CRL distribution points is an X.509 v3 certificate extension which identifies - // the location of the CRL from which the revocation of this certificate can be checked. - // If not set certificate will be issued without CDP. Values are strings. - // +optional - CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` -} - -// Configures an issuer to sign certificates using a HashiCorp Vault -// PKI backend. -type VaultIssuer struct { - // Auth configures how cert-manager authenticates with the Vault server. - Auth VaultAuth `json:"auth"` - - // Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200". - Server string `json:"server"` - - // Path is the mount path of the Vault PKI backend's `sign` endpoint, e.g: - // "my_pki_mount/sign/my-role-name". - Path string `json:"path"` - - // Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" - // More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - // +optional - Namespace string `json:"namespace,omitempty"` - - // PEM-encoded CA bundle (base64-encoded) used to validate Vault server - // certificate. Only used if the Server URL is using HTTPS protocol. This - // parameter is ignored for plain HTTP protocol connection. If not set the - // system root certificates are used to validate the TLS connection. - // +optional - CABundle []byte `json:"caBundle,omitempty"` -} - -// Configuration used to authenticate with a Vault server. -// Only one of `tokenSecretRef`, `appRole` or `kubernetes` may be specified. -type VaultAuth struct { - // TokenSecretRef authenticates with Vault by presenting a token. - // +optional - TokenSecretRef *cmmeta.SecretKeySelector `json:"tokenSecretRef,omitempty"` - - // AppRole authenticates with Vault using the App Role auth mechanism, - // with the role and secret stored in a Kubernetes Secret resource. - // +optional - AppRole *VaultAppRole `json:"appRole,omitempty"` - - // Kubernetes authenticates with Vault by passing the ServiceAccount - // token stored in the named Secret resource to the Vault server. - // +optional - Kubernetes *VaultKubernetesAuth `json:"kubernetes,omitempty"` -} - -// VaultAppRole authenticates with Vault using the App Role auth mechanism, -// with the role and secret stored in a Kubernetes Secret resource. -type VaultAppRole struct { - // Path where the App Role authentication backend is mounted in Vault, e.g: - // "approle" - Path string `json:"path"` - - // RoleID configured in the App Role authentication backend when setting - // up the authentication backend in Vault. - RoleId string `json:"roleId"` - - // Reference to a key in a Secret that contains the App Role secret used - // to authenticate with Vault. - // The `key` field must be specified and denotes which entry within the Secret - // resource is used as the app role secret. - SecretRef cmmeta.SecretKeySelector `json:"secretRef"` -} - -// Authenticate against Vault using a Kubernetes ServiceAccount token stored in -// a Secret. -type VaultKubernetesAuth struct { - // The Vault mountPath here is the mount path to use when authenticating with - // Vault. For example, setting a value to `/v1/auth/foo`, will use the path - // `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the - // default value "/v1/auth/kubernetes" will be used. - // +optional - Path string `json:"mountPath,omitempty"` - - // The required Secret field containing a Kubernetes ServiceAccount JWT used - // for authenticating with Vault. Use of 'ambient credentials' is not - // supported. - SecretRef cmmeta.SecretKeySelector `json:"secretRef"` - - // A required field containing the Vault Role to assume. A Role binds a - // Kubernetes ServiceAccount with a set of Vault policies. - Role string `json:"role"` -} - -type CAIssuer struct { - // SecretName is the name of the secret used to sign Certificates issued - // by this Issuer. - SecretName string `json:"secretName"` - - // The CRL distribution points is an X.509 v3 certificate extension which identifies - // the location of the CRL from which the revocation of this certificate can be checked. - // If not set, certificates will be issued without distribution points set. - // +optional - CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` - - // The OCSP server list is an X.509 v3 extension that defines a list of - // URLs of OCSP responders. The OCSP responders can be queried for the - // revocation status of an issued certificate. If not set, the - // certificate will be issued with no OCSP servers set. For example, an - // OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - // +optional - OCSPServers []string `json:"ocspServers,omitempty"` -} - -// IssuerStatus contains status information about an Issuer -type IssuerStatus struct { - // List of status conditions to indicate the status of a CertificateRequest. - // Known condition types are `Ready`. - // +optional - Conditions []IssuerCondition `json:"conditions,omitempty"` - - // ACME specific status options. - // This field should only be set if the Issuer is configured to use an ACME - // server to issue certificates. - // +optional - ACME *cmacme.ACMEIssuerStatus `json:"acme,omitempty"` -} - -// IssuerCondition contains condition information for an Issuer. -type IssuerCondition struct { - // Type of the condition, known values are (`Ready`). - Type IssuerConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` - - // If set, this represents the .metadata.generation that the condition was - // set based upon. - // For instance, if .metadata.generation is currently 12, but the - // .status.condition[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the Issuer. - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` -} - -// IssuerConditionType represents an Issuer condition value. -type IssuerConditionType string - -const ( - // IssuerConditionReady represents the fact that a given Issuer condition - // is in ready state and able to issue certificates. - // If the `status` of this condition is `False`, CertificateRequest controllers - // should prevent attempts to sign certificates. - IssuerConditionReady IssuerConditionType = "Ready" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go deleted file mode 100644 index 711e8a4869..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/zz_generated.deepcopy.go +++ /dev/null @@ -1,995 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - acmev1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CAIssuer) DeepCopyInto(out *CAIssuer) { - *out = *in - if in.CRLDistributionPoints != nil { - in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.OCSPServers != nil { - in, out := &in.OCSPServers, &out.OCSPServers - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CAIssuer. -func (in *CAIssuer) DeepCopy() *CAIssuer { - if in == nil { - return nil - } - out := new(CAIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Certificate) DeepCopyInto(out *Certificate) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Certificate. -func (in *Certificate) DeepCopy() *Certificate { - if in == nil { - return nil - } - out := new(Certificate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Certificate) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateCondition) DeepCopyInto(out *CertificateCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateCondition. -func (in *CertificateCondition) DeepCopy() *CertificateCondition { - if in == nil { - return nil - } - out := new(CertificateCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateKeystores) DeepCopyInto(out *CertificateKeystores) { - *out = *in - if in.JKS != nil { - in, out := &in.JKS, &out.JKS - *out = new(JKSKeystore) - **out = **in - } - if in.PKCS12 != nil { - in, out := &in.PKCS12, &out.PKCS12 - *out = new(PKCS12Keystore) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateKeystores. -func (in *CertificateKeystores) DeepCopy() *CertificateKeystores { - if in == nil { - return nil - } - out := new(CertificateKeystores) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateList) DeepCopyInto(out *CertificateList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Certificate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateList. -func (in *CertificateList) DeepCopy() *CertificateList { - if in == nil { - return nil - } - out := new(CertificateList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificatePrivateKey) DeepCopyInto(out *CertificatePrivateKey) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificatePrivateKey. -func (in *CertificatePrivateKey) DeepCopy() *CertificatePrivateKey { - if in == nil { - return nil - } - out := new(CertificatePrivateKey) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequest) DeepCopyInto(out *CertificateRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequest. -func (in *CertificateRequest) DeepCopy() *CertificateRequest { - if in == nil { - return nil - } - out := new(CertificateRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestCondition) DeepCopyInto(out *CertificateRequestCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestCondition. -func (in *CertificateRequestCondition) DeepCopy() *CertificateRequestCondition { - if in == nil { - return nil - } - out := new(CertificateRequestCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestList) DeepCopyInto(out *CertificateRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CertificateRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestList. -func (in *CertificateRequestList) DeepCopy() *CertificateRequestList { - if in == nil { - return nil - } - out := new(CertificateRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestSpec) DeepCopyInto(out *CertificateRequestSpec) { - *out = *in - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(v1.Duration) - **out = **in - } - out.IssuerRef = in.IssuerRef - if in.CSRPEM != nil { - in, out := &in.CSRPEM, &out.CSRPEM - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.Usages != nil { - in, out := &in.Usages, &out.Usages - *out = make([]KeyUsage, len(*in)) - copy(*out, *in) - } - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string][]string, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make([]string, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestSpec. -func (in *CertificateRequestSpec) DeepCopy() *CertificateRequestSpec { - if in == nil { - return nil - } - out := new(CertificateRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestStatus) DeepCopyInto(out *CertificateRequestStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]CertificateRequestCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.CA != nil { - in, out := &in.CA, &out.CA - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.FailureTime != nil { - in, out := &in.FailureTime, &out.FailureTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestStatus. -func (in *CertificateRequestStatus) DeepCopy() *CertificateRequestStatus { - if in == nil { - return nil - } - out := new(CertificateRequestStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSecretTemplate) DeepCopyInto(out *CertificateSecretTemplate) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSecretTemplate. -func (in *CertificateSecretTemplate) DeepCopy() *CertificateSecretTemplate { - if in == nil { - return nil - } - out := new(CertificateSecretTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { - *out = *in - if in.Subject != nil { - in, out := &in.Subject, &out.Subject - *out = new(X509Subject) - (*in).DeepCopyInto(*out) - } - if in.Organization != nil { - in, out := &in.Organization, &out.Organization - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(v1.Duration) - **out = **in - } - if in.RenewBefore != nil { - in, out := &in.RenewBefore, &out.RenewBefore - *out = new(v1.Duration) - **out = **in - } - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.IPAddresses != nil { - in, out := &in.IPAddresses, &out.IPAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.URISANs != nil { - in, out := &in.URISANs, &out.URISANs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.EmailSANs != nil { - in, out := &in.EmailSANs, &out.EmailSANs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretTemplate != nil { - in, out := &in.SecretTemplate, &out.SecretTemplate - *out = new(CertificateSecretTemplate) - (*in).DeepCopyInto(*out) - } - if in.Keystores != nil { - in, out := &in.Keystores, &out.Keystores - *out = new(CertificateKeystores) - (*in).DeepCopyInto(*out) - } - out.IssuerRef = in.IssuerRef - if in.Usages != nil { - in, out := &in.Usages, &out.Usages - *out = make([]KeyUsage, len(*in)) - copy(*out, *in) - } - if in.PrivateKey != nil { - in, out := &in.PrivateKey, &out.PrivateKey - *out = new(CertificatePrivateKey) - **out = **in - } - if in.EncodeUsagesInRequest != nil { - in, out := &in.EncodeUsagesInRequest, &out.EncodeUsagesInRequest - *out = new(bool) - **out = **in - } - if in.RevisionHistoryLimit != nil { - in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec. -func (in *CertificateSpec) DeepCopy() *CertificateSpec { - if in == nil { - return nil - } - out := new(CertificateSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]CertificateCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.LastFailureTime != nil { - in, out := &in.LastFailureTime, &out.LastFailureTime - *out = (*in).DeepCopy() - } - if in.NotBefore != nil { - in, out := &in.NotBefore, &out.NotBefore - *out = (*in).DeepCopy() - } - if in.NotAfter != nil { - in, out := &in.NotAfter, &out.NotAfter - *out = (*in).DeepCopy() - } - if in.RenewalTime != nil { - in, out := &in.RenewalTime, &out.RenewalTime - *out = (*in).DeepCopy() - } - if in.Revision != nil { - in, out := &in.Revision, &out.Revision - *out = new(int) - **out = **in - } - if in.NextPrivateKeySecretName != nil { - in, out := &in.NextPrivateKeySecretName, &out.NextPrivateKeySecretName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateStatus. -func (in *CertificateStatus) DeepCopy() *CertificateStatus { - if in == nil { - return nil - } - out := new(CertificateStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterIssuer) DeepCopyInto(out *ClusterIssuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuer. -func (in *ClusterIssuer) DeepCopy() *ClusterIssuer { - if in == nil { - return nil - } - out := new(ClusterIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterIssuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterIssuerList) DeepCopyInto(out *ClusterIssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterIssuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuerList. -func (in *ClusterIssuerList) DeepCopy() *ClusterIssuerList { - if in == nil { - return nil - } - out := new(ClusterIssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterIssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Issuer) DeepCopyInto(out *Issuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer. -func (in *Issuer) DeepCopy() *Issuer { - if in == nil { - return nil - } - out := new(Issuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Issuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerCondition) DeepCopyInto(out *IssuerCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerCondition. -func (in *IssuerCondition) DeepCopy() *IssuerCondition { - if in == nil { - return nil - } - out := new(IssuerCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) { - *out = *in - if in.ACME != nil { - in, out := &in.ACME, &out.ACME - *out = new(acmev1alpha2.ACMEIssuer) - (*in).DeepCopyInto(*out) - } - if in.CA != nil { - in, out := &in.CA, &out.CA - *out = new(CAIssuer) - (*in).DeepCopyInto(*out) - } - if in.Vault != nil { - in, out := &in.Vault, &out.Vault - *out = new(VaultIssuer) - (*in).DeepCopyInto(*out) - } - if in.SelfSigned != nil { - in, out := &in.SelfSigned, &out.SelfSigned - *out = new(SelfSignedIssuer) - (*in).DeepCopyInto(*out) - } - if in.Venafi != nil { - in, out := &in.Venafi, &out.Venafi - *out = new(VenafiIssuer) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerConfig. -func (in *IssuerConfig) DeepCopy() *IssuerConfig { - if in == nil { - return nil - } - out := new(IssuerConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerList) DeepCopyInto(out *IssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Issuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerList. -func (in *IssuerList) DeepCopy() *IssuerList { - if in == nil { - return nil - } - out := new(IssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerSpec) DeepCopyInto(out *IssuerSpec) { - *out = *in - in.IssuerConfig.DeepCopyInto(&out.IssuerConfig) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerSpec. -func (in *IssuerSpec) DeepCopy() *IssuerSpec { - if in == nil { - return nil - } - out := new(IssuerSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerStatus) DeepCopyInto(out *IssuerStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]IssuerCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ACME != nil { - in, out := &in.ACME, &out.ACME - *out = new(acmev1alpha2.ACMEIssuerStatus) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerStatus. -func (in *IssuerStatus) DeepCopy() *IssuerStatus { - if in == nil { - return nil - } - out := new(IssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JKSKeystore) DeepCopyInto(out *JKSKeystore) { - *out = *in - out.PasswordSecretRef = in.PasswordSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JKSKeystore. -func (in *JKSKeystore) DeepCopy() *JKSKeystore { - if in == nil { - return nil - } - out := new(JKSKeystore) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKCS12Keystore) DeepCopyInto(out *PKCS12Keystore) { - *out = *in - out.PasswordSecretRef = in.PasswordSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKCS12Keystore. -func (in *PKCS12Keystore) DeepCopy() *PKCS12Keystore { - if in == nil { - return nil - } - out := new(PKCS12Keystore) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) { - *out = *in - if in.CRLDistributionPoints != nil { - in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelfSignedIssuer. -func (in *SelfSignedIssuer) DeepCopy() *SelfSignedIssuer { - if in == nil { - return nil - } - out := new(SelfSignedIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultAppRole) DeepCopyInto(out *VaultAppRole) { - *out = *in - out.SecretRef = in.SecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAppRole. -func (in *VaultAppRole) DeepCopy() *VaultAppRole { - if in == nil { - return nil - } - out := new(VaultAppRole) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultAuth) DeepCopyInto(out *VaultAuth) { - *out = *in - if in.TokenSecretRef != nil { - in, out := &in.TokenSecretRef, &out.TokenSecretRef - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.AppRole != nil { - in, out := &in.AppRole, &out.AppRole - *out = new(VaultAppRole) - **out = **in - } - if in.Kubernetes != nil { - in, out := &in.Kubernetes, &out.Kubernetes - *out = new(VaultKubernetesAuth) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAuth. -func (in *VaultAuth) DeepCopy() *VaultAuth { - if in == nil { - return nil - } - out := new(VaultAuth) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultIssuer) DeepCopyInto(out *VaultIssuer) { - *out = *in - in.Auth.DeepCopyInto(&out.Auth) - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultIssuer. -func (in *VaultIssuer) DeepCopy() *VaultIssuer { - if in == nil { - return nil - } - out := new(VaultIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultKubernetesAuth) DeepCopyInto(out *VaultKubernetesAuth) { - *out = *in - out.SecretRef = in.SecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultKubernetesAuth. -func (in *VaultKubernetesAuth) DeepCopy() *VaultKubernetesAuth { - if in == nil { - return nil - } - out := new(VaultKubernetesAuth) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiCloud) DeepCopyInto(out *VenafiCloud) { - *out = *in - out.APITokenSecretRef = in.APITokenSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiCloud. -func (in *VenafiCloud) DeepCopy() *VenafiCloud { - if in == nil { - return nil - } - out := new(VenafiCloud) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiIssuer) DeepCopyInto(out *VenafiIssuer) { - *out = *in - if in.TPP != nil { - in, out := &in.TPP, &out.TPP - *out = new(VenafiTPP) - (*in).DeepCopyInto(*out) - } - if in.Cloud != nil { - in, out := &in.Cloud, &out.Cloud - *out = new(VenafiCloud) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiIssuer. -func (in *VenafiIssuer) DeepCopy() *VenafiIssuer { - if in == nil { - return nil - } - out := new(VenafiIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiTPP) DeepCopyInto(out *VenafiTPP) { - *out = *in - out.CredentialsRef = in.CredentialsRef - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiTPP. -func (in *VenafiTPP) DeepCopy() *VenafiTPP { - if in == nil { - return nil - } - out := new(VenafiTPP) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *X509Subject) DeepCopyInto(out *X509Subject) { - *out = *in - if in.Countries != nil { - in, out := &in.Countries, &out.Countries - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.OrganizationalUnits != nil { - in, out := &in.OrganizationalUnits, &out.OrganizationalUnits - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Localities != nil { - in, out := &in.Localities, &out.Localities - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Provinces != nil { - in, out := &in.Provinces, &out.Provinces - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.StreetAddresses != nil { - in, out := &in.StreetAddresses, &out.StreetAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.PostalCodes != nil { - in, out := &in.PostalCodes, &out.PostalCodes - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new X509Subject. -func (in *X509Subject) DeepCopy() *X509Subject { - if in == nil { - return nil - } - out := new(X509Subject) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/BUILD.bazel deleted file mode 100644 index f1feaa5703..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "const.go", - "doc.go", - "generic_issuer.go", - "register.go", - "types.go", - "types_certificate.go", - "types_certificaterequest.go", - "types_issuer.go", - "zz_generated.deepcopy.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3", - importpath = "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/const.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/const.go deleted file mode 100644 index 7cfa28c772..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/const.go +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import "time" - -const ( - // minimum permitted certificate duration by cert-manager - MinimumCertificateDuration = time.Hour - - // default certificate duration if Issuer.spec.duration is not set - DefaultCertificateDuration = time.Hour * 24 * 90 - - // minimum certificate duration before certificate expiration - MinimumRenewBefore = time.Minute * 5 - - // Deprecated: the default is now 2/3 of Certificate's duration - DefaultRenewBefore = time.Hour * 24 * 30 -) - -const ( - // Default index key for the Secret reference for Token authentication - DefaultVaultTokenAuthSecretKey = "token" - - // Default mount path location for Kubernetes ServiceAccount authentication - // (/v1/auth/kubernetes). The endpoint will then be called at `/login`, so - // left as the default, `/v1/auth/kubernetes/login` will be called. - DefaultVaultKubernetesAuthMountPath = "/v1/auth/kubernetes" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/doc.go deleted file mode 100644 index cfc9668e25..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/doc.go +++ /dev/null @@ -1,24 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package v1alpha3 is the v1alpha3 version of the API. -// +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/certmanager -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta -// +groupName=cert-manager.io -// +groupGoName=Certmanager -package v1alpha3 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/generic_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/generic_issuer.go deleted file mode 100644 index 9097da3432..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/generic_issuer.go +++ /dev/null @@ -1,85 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - - cmacme "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" -) - -type GenericIssuer interface { - runtime.Object - metav1.Object - - GetObjectMeta() *metav1.ObjectMeta - GetSpec() *IssuerSpec - GetStatus() *IssuerStatus -} - -var _ GenericIssuer = &Issuer{} -var _ GenericIssuer = &ClusterIssuer{} - -func (c *ClusterIssuer) GetObjectMeta() *metav1.ObjectMeta { - return &c.ObjectMeta -} -func (c *ClusterIssuer) GetSpec() *IssuerSpec { - return &c.Spec -} -func (c *ClusterIssuer) GetStatus() *IssuerStatus { - return &c.Status -} -func (c *ClusterIssuer) SetSpec(spec IssuerSpec) { - c.Spec = spec -} -func (c *ClusterIssuer) SetStatus(status IssuerStatus) { - c.Status = status -} -func (c *ClusterIssuer) Copy() GenericIssuer { - return c.DeepCopy() -} -func (c *Issuer) GetObjectMeta() *metav1.ObjectMeta { - return &c.ObjectMeta -} -func (c *Issuer) GetSpec() *IssuerSpec { - return &c.Spec -} -func (c *Issuer) GetStatus() *IssuerStatus { - return &c.Status -} -func (c *Issuer) SetSpec(spec IssuerSpec) { - c.Spec = spec -} -func (c *Issuer) SetStatus(status IssuerStatus) { - c.Status = status -} -func (c *Issuer) Copy() GenericIssuer { - return c.DeepCopy() -} - -// TODO: refactor these functions away -func (i *IssuerStatus) ACMEStatus() *cmacme.ACMEIssuerStatus { - // this is an edge case, but this will prevent panics - if i == nil { - return &cmacme.ACMEIssuerStatus{} - } - if i.ACME == nil { - i.ACME = &cmacme.ACMEIssuerStatus{} - } - return i.ACME -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/register.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/register.go deleted file mode 100644 index 25ddaf8063..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/register.go +++ /dev/null @@ -1,62 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - "github.com/jetstack/cert-manager/pkg/apis/certmanager" -) - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: certmanager.GroupName, Version: "v1alpha3"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to api.Scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &Certificate{}, - &CertificateList{}, - &Issuer{}, - &IssuerList{}, - &ClusterIssuer{}, - &ClusterIssuerList{}, - &CertificateRequest{}, - &CertificateRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types.go deleted file mode 100644 index 5eeacb1a70..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types.go +++ /dev/null @@ -1,193 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -// Common annotation keys added to resources. -const ( - // Annotation key for DNS subjectAltNames. - AltNamesAnnotationKey = "cert-manager.io/alt-names" - - // Annotation key for IP subjectAltNames. - IPSANAnnotationKey = "cert-manager.io/ip-sans" - - // Annotation key for URI subjectAltNames. - URISANAnnotationKey = "cert-manager.io/uri-sans" - - // Annotation key for certificate common name. - CommonNameAnnotationKey = "cert-manager.io/common-name" - - // Annotation key the 'name' of the Issuer resource. - IssuerNameAnnotationKey = "cert-manager.io/issuer-name" - - // Annotation key for the 'kind' of the Issuer resource. - IssuerKindAnnotationKey = "cert-manager.io/issuer-kind" - - // Annotation key for the 'group' of the Issuer resource. - IssuerGroupAnnotationKey = "cert-manager.io/issuer-group" - - // Annotation key for the name of the certificate that a resource is related to. - CertificateNameKey = "cert-manager.io/certificate-name" - - // Annotation key used to denote whether a Secret is named on a Certificate - // as a 'next private key' Secret resource. - IsNextPrivateKeySecretLabelKey = "cert-manager.io/next-private-key" -) - -// Deprecated annotation names for Secrets -// These will be removed in a future release. -const ( - DeprecatedIssuerNameAnnotationKey = "certmanager.k8s.io/issuer-name" - DeprecatedIssuerKindAnnotationKey = "certmanager.k8s.io/issuer-kind" -) - -const ( - // issuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. - IngressIssuerNameAnnotationKey = "cert-manager.io/issuer" - // clusterIssuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. The Certificate will reference the - // specified *ClusterIssuer* instead of normal issuer. - IngressClusterIssuerNameAnnotationKey = "cert-manager.io/cluster-issuer" - // acmeIssuerHTTP01IngressClassAnnotation can be used to override the http01 ingressClass - // if the challenge type is set to http01 - IngressACMEIssuerHTTP01IngressClassAnnotationKey = "acme.cert-manager.io/http01-ingress-class" - - // IngressClassAnnotationKey picks a specific "class" for the Ingress. The - // controller only processes Ingresses with this annotation either unset, or - // set to either the configured value or the empty string. - IngressClassAnnotationKey = "kubernetes.io/ingress.class" -) - -// Annotation names for CertificateRequests -const ( - // Annotation added to CertificateRequest resources to denote the name of - // a Secret resource containing the private key used to sign the CSR stored - // on the resource. - // This annotation *may* not be present, and is used by the 'self signing' - // issuer type to self-sign certificates. - CertificateRequestPrivateKeyAnnotationKey = "cert-manager.io/private-key-secret-name" - - // Annotation to declare the CertificateRequest "revision", belonging to a Certificate Resource - CertificateRequestRevisionAnnotationKey = "cert-manager.io/certificate-revision" -) - -const ( - // IssueTemporaryCertificateAnnotation is an annotation that can be added to - // Certificate resources. - // If it is present, a temporary internally signed certificate will be - // stored in the target Secret resource whilst the real Issuer is processing - // the certificate request. - IssueTemporaryCertificateAnnotation = "cert-manager.io/issue-temporary-certificate" -) - -// Common/known resource kinds. -const ( - ClusterIssuerKind = "ClusterIssuer" - IssuerKind = "Issuer" - CertificateKind = "Certificate" - CertificateRequestKind = "CertificateRequest" -) - -const ( - // WantInjectAnnotation is the annotation that specifies that a particular - // object wants injection of CAs. It takes the form of a reference to a certificate - // as namespace/name. The certificate is expected to have the is-serving-for annotations. - WantInjectAnnotation = "cert-manager.io/inject-ca-from" - - // WantInjectAPIServerCAAnnotation, if set to "true", will make the cainjector - // inject the CA certificate for the Kubernetes apiserver into the resource. - // It discovers the apiserver's CA by inspecting the service account credentials - // mounted into the cainjector pod. - WantInjectAPIServerCAAnnotation = "cert-manager.io/inject-apiserver-ca" - - // WantInjectFromSecretAnnotation is the annotation that specifies that a particular - // object wants injection of CAs. It takes the form of a reference to a Secret - // as namespace/name. - WantInjectFromSecretAnnotation = "cert-manager.io/inject-ca-from-secret" - - // AllowsInjectionFromSecretAnnotation is an annotation that must be added - // to Secret resource that want to denote that they can be directly - // injected into injectables that have a `inject-ca-from-secret` annotation. - // If an injectable references a Secret that does NOT have this annotation, - // the cainjector will refuse to inject the secret. - AllowsInjectionFromSecretAnnotation = "cert-manager.io/allow-direct-injection" -) - -// Issuer specific Annotations -const ( - // VenafiCustomFieldsAnnotationKey is the annotation that passes on JSON encoded custom fields to the Venafi issuer - // This will only work with Venafi TPP v19.3 and higher - // The value is an array with objects containing the name and value keys - // for example: `[{"name": "custom-field", "value": "custom-value"}]` - VenafiCustomFieldsAnnotationKey = "venafi.cert-manager.io/custom-fields" -) - -// KeyUsage specifies valid usage contexts for keys. -// See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 -// https://tools.ietf.org/html/rfc5280#section-4.2.1.12 -// Valid KeyUsage values are as follows: -// "signing", -// "digital signature", -// "content commitment", -// "key encipherment", -// "key agreement", -// "data encipherment", -// "cert sign", -// "crl sign", -// "encipher only", -// "decipher only", -// "any", -// "server auth", -// "client auth", -// "code signing", -// "email protection", -// "s/mime", -// "ipsec end system", -// "ipsec tunnel", -// "ipsec user", -// "timestamping", -// "ocsp signing", -// "microsoft sgc", -// "netscape sgc" -// +kubebuilder:validation:Enum="signing";"digital signature";"content commitment";"key encipherment";"key agreement";"data encipherment";"cert sign";"crl sign";"encipher only";"decipher only";"any";"server auth";"client auth";"code signing";"email protection";"s/mime";"ipsec end system";"ipsec tunnel";"ipsec user";"timestamping";"ocsp signing";"microsoft sgc";"netscape sgc" -type KeyUsage string - -const ( - UsageSigning KeyUsage = "signing" - UsageDigitalSignature KeyUsage = "digital signature" - UsageContentCommitment KeyUsage = "content commitment" - UsageKeyEncipherment KeyUsage = "key encipherment" - UsageKeyAgreement KeyUsage = "key agreement" - UsageDataEncipherment KeyUsage = "data encipherment" - UsageCertSign KeyUsage = "cert sign" - UsageCRLSign KeyUsage = "crl sign" - UsageEncipherOnly KeyUsage = "encipher only" - UsageDecipherOnly KeyUsage = "decipher only" - UsageAny KeyUsage = "any" - UsageServerAuth KeyUsage = "server auth" - UsageClientAuth KeyUsage = "client auth" - UsageCodeSigning KeyUsage = "code signing" - UsageEmailProtection KeyUsage = "email protection" - UsageSMIME KeyUsage = "s/mime" - UsageIPsecEndSystem KeyUsage = "ipsec end system" - UsageIPsecTunnel KeyUsage = "ipsec tunnel" - UsageIPsecUser KeyUsage = "ipsec user" - UsageTimestamping KeyUsage = "timestamping" - UsageOCSPSigning KeyUsage = "ocsp signing" - UsageMicrosoftSGC KeyUsage = "microsoft sgc" - UsageNetscapeSGC KeyUsage = "netscape sgc" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificate.go deleted file mode 100644 index 7ae1ea420e..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificate.go +++ /dev/null @@ -1,451 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A Certificate resource should be created to ensure an up to date and signed -// x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. -// -// The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`). -// +k8s:openapi-gen=true -type Certificate struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the Certificate resource. - Spec CertificateSpec `json:"spec,omitempty"` - - // Status of the Certificate. This is set and managed automatically. - Status CertificateStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CertificateList is a list of Certificates -type CertificateList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Certificate `json:"items"` -} - -// +kubebuilder:validation:Enum=rsa;ecdsa -type KeyAlgorithm string - -const ( - // Denotes the RSA private key type. - RSAKeyAlgorithm KeyAlgorithm = "rsa" - - // Denotes the ECDSA private key type. - ECDSAKeyAlgorithm KeyAlgorithm = "ecdsa" -) - -// +kubebuilder:validation:Enum=pkcs1;pkcs8 -type KeyEncoding string - -const ( - // PKCS1 key encoding will produce PEM files that include the type of - // private key as part of the PEM header, e.g. `BEGIN RSA PRIVATE KEY`. - // If the keyAlgorithm is set to `ecdsa`, this will produce private keys - // that use the `BEGIN EC PRIVATE KEY` header. - PKCS1 KeyEncoding = "pkcs1" - - // PKCS8 key encoding will produce PEM files with the `BEGIN PRIVATE KEY` - // header. It encodes the keyAlgorithm of the private key as part of the - // DER encoded PEM block. - PKCS8 KeyEncoding = "pkcs8" -) - -// CertificateSpec defines the desired state of Certificate. -// A valid Certificate requires at least one of a CommonName, DNSName, or -// URISAN to be valid. -type CertificateSpec struct { - // Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). - // +optional - Subject *X509Subject `json:"subject,omitempty"` - - // CommonName is a common name to be used on the Certificate. - // The CommonName should have a length of 64 characters or fewer to avoid - // generating invalid CSRs. - // This value is ignored by TLS clients when any subject alt name is set. - // This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4 - // +optional - CommonName string `json:"commonName,omitempty"` - - // The requested 'duration' (i.e. lifetime) of the Certificate. This option - // may be ignored/overridden by some issuer types. If unset this defaults to - // 90 days. Certificate will be renewed either 2/3 through its duration or - // `renewBefore` period before its expiry, whichever is later. Minimum - // accepted duration is 1 hour. Value must be in units accepted by Go - // time.ParseDuration https://golang.org/pkg/time/#ParseDuration - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` - - // How long before the currently issued certificate's expiry - // cert-manager should renew the certificate. The default is 2/3 of the - // issued certificate's duration. Minimum accepted value is 5 minutes. - // Value must be in units accepted by Go time.ParseDuration - // https://golang.org/pkg/time/#ParseDuration - // +optional - RenewBefore *metav1.Duration `json:"renewBefore,omitempty"` - - // DNSNames is a list of DNS subjectAltNames to be set on the Certificate. - // +optional - DNSNames []string `json:"dnsNames,omitempty"` - - // IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. - // +optional - IPAddresses []string `json:"ipAddresses,omitempty"` - - // URISANs is a list of URI subjectAltNames to be set on the Certificate. - // +optional - URISANs []string `json:"uriSANs,omitempty"` - - // EmailSANs is a list of email subjectAltNames to be set on the Certificate. - // +optional - EmailSANs []string `json:"emailSANs,omitempty"` - - // SecretName is the name of the secret resource that will be automatically - // created and managed by this Certificate resource. - // It will be populated with a private key and certificate, signed by the - // denoted issuer. - SecretName string `json:"secretName"` - - // SecretTemplate defines annotations and labels to be propagated - // to the Kubernetes Secret when it is created or updated. Once created, - // labels and annotations are not yet removed from the Secret when they are - // removed from the template. See https://github.com/jetstack/cert-manager/issues/4292 - // +optional - SecretTemplate *CertificateSecretTemplate `json:"secretTemplate,omitempty"` - - // Keystores configures additional keystore output formats stored in the - // `secretName` Secret resource. - // +optional - Keystores *CertificateKeystores `json:"keystores,omitempty"` - - // IssuerRef is a reference to the issuer for this certificate. - // If the `kind` field is not set, or set to `Issuer`, an Issuer resource - // with the given name in the same namespace as the Certificate will be used. - // If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the - // provided name will be used. - // The `name` field in this stanza is required at all times. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // IsCA will mark this Certificate as valid for certificate signing. - // This will automatically add the `cert sign` usage to the list of `usages`. - // +optional - IsCA bool `json:"isCA,omitempty"` - - // Usages is the set of x509 usages that are requested for the certificate. - // Defaults to `digital signature` and `key encipherment` if not specified. - // +optional - Usages []KeyUsage `json:"usages,omitempty"` - - // KeySize is the key bit size of the corresponding private key for this certificate. - // If `keyAlgorithm` is set to `rsa`, valid values are `2048`, `4096` or `8192`, - // and will default to `2048` if not specified. - // If `keyAlgorithm` is set to `ecdsa`, valid values are `256`, `384` or `521`, - // and will default to `256` if not specified. - // No other values are allowed. - // +optional - KeySize int `json:"keySize,omitempty"` // Validated by webhook. Be mindful of adding OpenAPI validation- see https://github.com/jetstack/cert-manager/issues/3644 . - - // KeyAlgorithm is the private key algorithm of the corresponding private key - // for this certificate. If provided, allowed values are either `rsa` or `ecdsa` - // If `keyAlgorithm` is specified and `keySize` is not provided, - // key size of 256 will be used for `ecdsa` key algorithm and - // key size of 2048 will be used for `rsa` key algorithm. - // +optional - KeyAlgorithm KeyAlgorithm `json:"keyAlgorithm,omitempty"` - - // KeyEncoding is the private key cryptography standards (PKCS) - // for this certificate's private key to be encoded in. If provided, allowed - // values are `pkcs1` and `pkcs8` standing for PKCS#1 and PKCS#8, respectively. - // If KeyEncoding is not specified, then `pkcs1` will be used by default. - // +optional - KeyEncoding KeyEncoding `json:"keyEncoding,omitempty"` - - // Options to control private keys used for the Certificate. - // +optional - PrivateKey *CertificatePrivateKey `json:"privateKey,omitempty"` - - // EncodeUsagesInRequest controls whether key usages should be present - // in the CertificateRequest - // +optional - EncodeUsagesInRequest *bool `json:"encodeUsagesInRequest,omitempty"` - - // revisionHistoryLimit is the maximum number of CertificateRequest revisions - // that are maintained in the Certificate's history. Each revision represents - // a single `CertificateRequest` created by this Certificate, either when it - // was created, renewed, or Spec was changed. Revisions will be removed by - // oldest first if the number of revisions exceeds this number. If set, - // revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), - // revisions will not be garbage collected. Default value is `nil`. - // +kubebuilder:validation:ExclusiveMaximum=false - // +optional - RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty"` // Validated by the validating webhook. -} - -// CertificatePrivateKey contains configuration options for private keys -// used by the Certificate controller. -// This allows control of how private keys are rotated. -type CertificatePrivateKey struct { - // RotationPolicy controls how private keys should be regenerated when a - // re-issuance is being processed. - // If set to Never, a private key will only be generated if one does not - // already exist in the target `spec.secretName`. If one does exists but it - // does not have the correct algorithm or size, a warning will be raised - // to await user intervention. - // If set to Always, a private key matching the specified requirements - // will be generated whenever a re-issuance occurs. - // Default is 'Never' for backward compatibility. - // +optional - RotationPolicy PrivateKeyRotationPolicy `json:"rotationPolicy,omitempty"` -} - -// Denotes how private keys should be generated or sourced when a Certificate -// is being issued. -type PrivateKeyRotationPolicy string - -var ( - // RotationPolicyNever means a private key will only be generated if one - // does not already exist in the target `spec.secretName`. - // If one does exists but it does not have the correct algorithm or size, - // a warning will be raised to await user intervention. - RotationPolicyNever PrivateKeyRotationPolicy = "Never" - - // RotationPolicyAlways means a private key matching the specified - // requirements will be generated whenever a re-issuance occurs. - RotationPolicyAlways PrivateKeyRotationPolicy = "Always" -) - -// X509Subject Full X509 name specification -type X509Subject struct { - // Organizations to be used on the Certificate. - // +optional - Organizations []string `json:"organizations,omitempty"` - // Countries to be used on the Certificate. - // +optional - Countries []string `json:"countries,omitempty"` - // Organizational Units to be used on the Certificate. - // +optional - OrganizationalUnits []string `json:"organizationalUnits,omitempty"` - // Cities to be used on the Certificate. - // +optional - Localities []string `json:"localities,omitempty"` - // State/Provinces to be used on the Certificate. - // +optional - Provinces []string `json:"provinces,omitempty"` - // Street addresses to be used on the Certificate. - // +optional - StreetAddresses []string `json:"streetAddresses,omitempty"` - // Postal codes to be used on the Certificate. - // +optional - PostalCodes []string `json:"postalCodes,omitempty"` - // Serial number to be used on the Certificate. - // +optional - SerialNumber string `json:"serialNumber,omitempty"` -} - -// CertificateKeystores configures additional keystore output formats to be -// created in the Certificate's output Secret. -type CertificateKeystores struct { - // JKS configures options for storing a JKS keystore in the - // `spec.secretName` Secret resource. - JKS *JKSKeystore `json:"jks,omitempty"` - - // PKCS12 configures options for storing a PKCS12 keystore in the - // `spec.secretName` Secret resource. - PKCS12 *PKCS12Keystore `json:"pkcs12,omitempty"` -} - -// JKS configures options for storing a JKS keystore in the `spec.secretName` -// Secret resource. -type JKSKeystore struct { - // Create enables JKS keystore creation for the Certificate. - // If true, a file named `keystore.jks` will be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef`. - // The keystore file will only be updated upon re-issuance. - // A file named `truststore.jks` will also be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef` containing the issuing Certificate Authority. - Create bool `json:"create"` - - // PasswordSecretRef is a reference to a key in a Secret resource - // containing the password used to encrypt the JKS keystore. - PasswordSecretRef cmmeta.SecretKeySelector `json:"passwordSecretRef"` -} - -// PKCS12 configures options for storing a PKCS12 keystore in the -// `spec.secretName` Secret resource. -type PKCS12Keystore struct { - // Create enables PKCS12 keystore creation for the Certificate. - // If true, a file named `keystore.p12` will be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef`. - // The keystore file will only be updated upon re-issuance. - // A file named `truststore.p12` will also be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef` containing the issuing Certificate Authority. - Create bool `json:"create"` - - // PasswordSecretRef is a reference to a key in a Secret resource - // containing the password used to encrypt the PKCS12 keystore. - PasswordSecretRef cmmeta.SecretKeySelector `json:"passwordSecretRef"` -} - -// CertificateStatus defines the observed state of Certificate -type CertificateStatus struct { - // List of status conditions to indicate the status of certificates. - // Known condition types are `Ready` and `Issuing`. - // +optional - Conditions []CertificateCondition `json:"conditions,omitempty"` - - // LastFailureTime is the time as recorded by the Certificate controller - // of the most recent failure to complete a CertificateRequest for this - // Certificate resource. - // If set, cert-manager will not re-request another Certificate until - // 1 hour has elapsed from this time. - // +optional - LastFailureTime *metav1.Time `json:"lastFailureTime,omitempty"` - - // The time after which the certificate stored in the secret named - // by this resource in spec.secretName is valid. - // +optional - NotBefore *metav1.Time `json:"notBefore,omitempty"` - - // The expiration time of the certificate stored in the secret named - // by this resource in `spec.secretName`. - // +optional - NotAfter *metav1.Time `json:"notAfter,omitempty"` - - // RenewalTime is the time at which the certificate will be next - // renewed. - // If not set, no upcoming renewal is scheduled. - // +optional - RenewalTime *metav1.Time `json:"renewalTime,omitempty"` - - // The current 'revision' of the certificate as issued. - // - // When a CertificateRequest resource is created, it will have the - // `cert-manager.io/certificate-revision` set to one greater than the - // current value of this field. - // - // Upon issuance, this field will be set to the value of the annotation - // on the CertificateRequest resource used to issue the certificate. - // - // Persisting the value on the CertificateRequest resource allows the - // certificates controller to know whether a request is part of an old - // issuance or if it is part of the ongoing revision's issuance by - // checking if the revision value in the annotation is greater than this - // field. - // +optional - Revision *int `json:"revision,omitempty"` - - // The name of the Secret resource containing the private key to be used - // for the next certificate iteration. - // The keymanager controller will automatically set this field if the - // `Issuing` condition is set to `True`. - // It will automatically unset this field when the Issuing condition is - // not set or False. - // +optional - NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` -} - -// CertificateCondition contains condition information for an Certificate. -type CertificateCondition struct { - // Type of the condition, known values are (`Ready`, `Issuing`). - Type CertificateConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` - - // If set, this represents the .metadata.generation that the condition was - // set based upon. - // For instance, if .metadata.generation is currently 12, but the - // .status.condition[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the Certificate. - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` -} - -// CertificateConditionType represents an Certificate condition value. -type CertificateConditionType string - -const ( - // CertificateConditionReady indicates that a certificate is ready for use. - // This is defined as: - // - The target secret exists - // - The target secret contains a certificate that has not expired - // - The target secret contains a private key valid for the certificate - // - The commonName and dnsNames attributes match those specified on the Certificate - CertificateConditionReady CertificateConditionType = "Ready" - - // A condition added to Certificate resources when an issuance is required. - // This condition will be automatically added and set to true if: - // * No keypair data exists in the target Secret - // * The data stored in the Secret cannot be decoded - // * The private key and certificate do not have matching public keys - // * If a CertificateRequest for the current revision exists and the - // certificate data stored in the Secret does not match the - // `status.certificate` on the CertificateRequest. - // * If no CertificateRequest resource exists for the current revision, - // the options on the Certificate resource are compared against the - // x509 data in the Secret, similar to what's done in earlier versions. - // If there is a mismatch, an issuance is triggered. - // This condition may also be added by external API consumers to trigger - // a re-issuance manually for any other reason. - // - // It will be removed by the 'issuing' controller upon completing issuance. - CertificateConditionIssuing CertificateConditionType = "Issuing" -) - -// CertificateSecretTemplate defines the default labels and annotations -// to be copied to the Kubernetes Secret resource named in `CertificateSpec.secretName`. -type CertificateSecretTemplate struct { - // Annotations is a key value map to be copied to the target Kubernetes Secret. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels is a key value map to be copied to the target Kubernetes Secret. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificaterequest.go deleted file mode 100644 index 0ac2ff866b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_certificaterequest.go +++ /dev/null @@ -1,205 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -const ( - // Pending indicates that a CertificateRequest is still in progress. - CertificateRequestReasonPending = "Pending" - - // Failed indicates that a CertificateRequest has failed, either due to - // timing out or some other critical failure. - CertificateRequestReasonFailed = "Failed" - - // Issued indicates that a CertificateRequest has been completed, and that - // the `status.certificate` field is set. - CertificateRequestReasonIssued = "Issued" - - // Denied is a Ready condition reason that indicates that a - // CertificateRequest has been denied, and the CertificateRequest will never - // be issued. - CertificateRequestReasonDenied = "Denied" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A CertificateRequest is used to request a signed certificate from one of the -// configured issuers. -// -// All fields within the CertificateRequest's `spec` are immutable after creation. -// A CertificateRequest will either succeed or fail, as denoted by its `status.state` -// field. -// -// A CertificateRequest is a one-shot resource, meaning it represents a single -// point in time request for a certificate and cannot be re-used. -// +k8s:openapi-gen=true -type CertificateRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the CertificateRequest resource. - Spec CertificateRequestSpec `json:"spec,omitempty"` - - // Status of the CertificateRequest. This is set and managed automatically. - Status CertificateRequestStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CertificateRequestList is a list of Certificates -type CertificateRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []CertificateRequest `json:"items"` -} - -// CertificateRequestSpec defines the desired state of CertificateRequest -type CertificateRequestSpec struct { - // The requested 'duration' (i.e. lifetime) of the Certificate. - // This option may be ignored/overridden by some issuer types. - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` - - // IssuerRef is a reference to the issuer for this CertificateRequest. If - // the `kind` field is not set, or set to `Issuer`, an Issuer resource with - // the given name in the same namespace as the CertificateRequest will be - // used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with - // the provided name will be used. The `name` field in this stanza is - // required at all times. The group field refers to the API group of the - // issuer which defaults to `cert-manager.io` if empty. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // The PEM-encoded x509 certificate signing request to be submitted to the - // CA for signing. - CSRPEM []byte `json:"csr"` - - // IsCA will request to mark the certificate as valid for certificate signing - // when submitting to the issuer. - // This will automatically add the `cert sign` usage to the list of `usages`. - // +optional - IsCA bool `json:"isCA,omitempty"` - - // Usages is the set of x509 usages that are requested for the certificate. - // Defaults to `digital signature` and `key encipherment` if not specified. - // +optional - Usages []KeyUsage `json:"usages,omitempty"` - - // Username contains the name of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - Username string `json:"username,omitempty"` - // UID contains the uid of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - UID string `json:"uid,omitempty"` - // Groups contains group membership of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +listType=atomic - // +optional - Groups []string `json:"groups,omitempty"` - // Extra contains extra attributes of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - Extra map[string][]string `json:"extra,omitempty"` -} - -// CertificateRequestStatus defines the observed state of CertificateRequest and -// resulting signed certificate. -type CertificateRequestStatus struct { - // List of status conditions to indicate the status of a CertificateRequest. - // Known condition types are `Ready` and `InvalidRequest`. - // +optional - Conditions []CertificateRequestCondition `json:"conditions,omitempty"` - - // The PEM encoded x509 certificate resulting from the certificate - // signing request. - // If not set, the CertificateRequest has either not been completed or has - // failed. More information on failure can be found by checking the - // `conditions` field. - // +optional - Certificate []byte `json:"certificate,omitempty"` - - // The PEM encoded x509 certificate of the signer, also known as the CA - // (Certificate Authority). - // This is set on a best-effort basis by different issuers. - // If not set, the CA is assumed to be unknown/not available. - // +optional - CA []byte `json:"ca,omitempty"` - - // FailureTime stores the time that this CertificateRequest failed. This is - // used to influence garbage collection and back-off. - // +optional - FailureTime *metav1.Time `json:"failureTime,omitempty"` -} - -// CertificateRequestCondition contains condition information for a CertificateRequest. -type CertificateRequestCondition struct { - // Type of the condition, known values are (`Ready`, - // `InvalidRequest`, `Approved`, `Denied`). - Type CertificateRequestConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` -} - -// CertificateRequestConditionType represents an Certificate condition value. -type CertificateRequestConditionType string - -const ( - // CertificateRequestConditionReady indicates that a certificate is ready for use. - // This is defined as: - // - The target certificate exists in CertificateRequest.Status - CertificateRequestConditionReady CertificateRequestConditionType = "Ready" - - // CertificateRequestConditionInvalidRequest indicates that a certificate - // signer has refused to sign the request due to at least one of the input - // parameters being invalid. Additional information about why the request - // was rejected can be found in the `reason` and `message` fields. - CertificateRequestConditionInvalidRequest CertificateRequestConditionType = "InvalidRequest" - - // CertificateRequestConditionApproved indicates that a certificate request - // is approved and ready for signing. Condition must never have a status of - // `False`, and cannot be modified once set. - CertificateRequestConditionApproved CertificateRequestConditionType = "Approved" - - // CertificateRequestConditionDenied indicates that a certificate request is - // denied, and must never be signed. Condition must never have a status of - // `False`, and cannot be modified once set. - CertificateRequestConditionDenied CertificateRequestConditionType = "Denied" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_issuer.go deleted file mode 100644 index f0a9c1dc8d..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/types_issuer.go +++ /dev/null @@ -1,341 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1alpha3 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmacme "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A ClusterIssuer represents a certificate issuing authority which can be -// referenced as part of `issuerRef` fields. -// It is similar to an Issuer, however it is cluster-scoped and therefore can -// be referenced by resources that exist in *any* namespace, not just the same -// namespace as the referent. -type ClusterIssuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the ClusterIssuer resource. - Spec IssuerSpec `json:"spec,omitempty"` - - // Status of the ClusterIssuer. This is set and managed automatically. - Status IssuerStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterIssuerList is a list of Issuers -type ClusterIssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []ClusterIssuer `json:"items"` -} - -// +genclient -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// An Issuer represents a certificate issuing authority which can be -// referenced as part of `issuerRef` fields. -// It is scoped to a single namespace and can therefore only be referenced by -// resources within the same namespace. -type Issuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the Issuer resource. - Spec IssuerSpec `json:"spec,omitempty"` - - // Status of the Issuer. This is set and managed automatically. - Status IssuerStatus `json:"status,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// IssuerList is a list of Issuers -type IssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Issuer `json:"items"` -} - -// IssuerSpec is the specification of an Issuer. This includes any -// configuration required for the issuer. -type IssuerSpec struct { - IssuerConfig `json:",inline"` -} - -// The configuration for the issuer. -// Only one of these can be set. -type IssuerConfig struct { - // ACME configures this issuer to communicate with a RFC8555 (ACME) server - // to obtain signed x509 certificates. - // +optional - ACME *cmacme.ACMEIssuer `json:"acme,omitempty"` - - // CA configures this issuer to sign certificates using a signing CA keypair - // stored in a Secret resource. - // This is used to build internal PKIs that are managed by cert-manager. - // +optional - CA *CAIssuer `json:"ca,omitempty"` - - // Vault configures this issuer to sign certificates using a HashiCorp Vault - // PKI backend. - // +optional - Vault *VaultIssuer `json:"vault,omitempty"` - - // SelfSigned configures this issuer to 'self sign' certificates using the - // private key used to create the CertificateRequest object. - // +optional - SelfSigned *SelfSignedIssuer `json:"selfSigned,omitempty"` - - // Venafi configures this issuer to sign certificates using a Venafi TPP - // or Venafi Cloud policy zone. - // +optional - Venafi *VenafiIssuer `json:"venafi,omitempty"` -} - -// Configures an issuer to sign certificates using a Venafi TPP -// or Cloud policy zone. -type VenafiIssuer struct { - // Zone is the Venafi Policy Zone to use for this issuer. - // All requests made to the Venafi platform will be restricted by the named - // zone policy. - // This field is required. - Zone string `json:"zone"` - - // TPP specifies Trust Protection Platform configuration settings. - // Only one of TPP or Cloud may be specified. - // +optional - TPP *VenafiTPP `json:"tpp,omitempty"` - - // Cloud specifies the Venafi cloud configuration settings. - // Only one of TPP or Cloud may be specified. - // +optional - Cloud *VenafiCloud `json:"cloud,omitempty"` -} - -// VenafiTPP defines connection configuration details for a Venafi TPP instance -type VenafiTPP struct { - // URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, - // for example: "https://tpp.example.com/vedsdk". - URL string `json:"url"` - - // CredentialsRef is a reference to a Secret containing the username and - // password for the TPP server. - // The secret must contain two keys, 'username' and 'password'. - CredentialsRef cmmeta.LocalObjectReference `json:"credentialsRef"` - - // CABundle is a PEM encoded TLS certificate to use to verify connections to - // the TPP instance. - // If specified, system roots will not be used and the issuing CA for the - // TPP instance must be verifiable using the provided root. - // If not specified, the connection will be verified using the cert-manager - // system root certificates. - // +optional - CABundle []byte `json:"caBundle,omitempty"` -} - -// VenafiCloud defines connection configuration details for Venafi Cloud -type VenafiCloud struct { - // URL is the base URL for Venafi Cloud. - // Defaults to "https://api.venafi.cloud/v1". - // +optional - URL string `json:"url,omitempty"` - - // APITokenSecretRef is a secret key selector for the Venafi Cloud API token. - APITokenSecretRef cmmeta.SecretKeySelector `json:"apiTokenSecretRef"` -} - -// Configures an issuer to 'self sign' certificates using the -// private key used to create the CertificateRequest object. -type SelfSignedIssuer struct { - // The CRL distribution points is an X.509 v3 certificate extension which identifies - // the location of the CRL from which the revocation of this certificate can be checked. - // If not set certificate will be issued without CDP. Values are strings. - // +optional - CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` -} - -// Configures an issuer to sign certificates using a HashiCorp Vault -// PKI backend. -type VaultIssuer struct { - // Auth configures how cert-manager authenticates with the Vault server. - Auth VaultAuth `json:"auth"` - - // Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200". - Server string `json:"server"` - - // Path is the mount path of the Vault PKI backend's `sign` endpoint, e.g: - // "my_pki_mount/sign/my-role-name". - Path string `json:"path"` - - // Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" - // More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - // +optional - Namespace string `json:"namespace,omitempty"` - - // PEM-encoded CA bundle (base64-encoded) used to validate Vault server - // certificate. Only used if the Server URL is using HTTPS protocol. This - // parameter is ignored for plain HTTP protocol connection. If not set the - // system root certificates are used to validate the TLS connection. - // +optional - CABundle []byte `json:"caBundle,omitempty"` -} - -// Configuration used to authenticate with a Vault server. -// Only one of `tokenSecretRef`, `appRole` or `kubernetes` may be specified. -type VaultAuth struct { - // TokenSecretRef authenticates with Vault by presenting a token. - // +optional - TokenSecretRef *cmmeta.SecretKeySelector `json:"tokenSecretRef,omitempty"` - - // AppRole authenticates with Vault using the App Role auth mechanism, - // with the role and secret stored in a Kubernetes Secret resource. - // +optional - AppRole *VaultAppRole `json:"appRole,omitempty"` - - // Kubernetes authenticates with Vault by passing the ServiceAccount - // token stored in the named Secret resource to the Vault server. - // +optional - Kubernetes *VaultKubernetesAuth `json:"kubernetes,omitempty"` -} - -// VaultAppRole authenticates with Vault using the App Role auth mechanism, -// with the role and secret stored in a Kubernetes Secret resource. -type VaultAppRole struct { - // Path where the App Role authentication backend is mounted in Vault, e.g: - // "approle" - Path string `json:"path"` - - // RoleID configured in the App Role authentication backend when setting - // up the authentication backend in Vault. - RoleId string `json:"roleId"` - - // Reference to a key in a Secret that contains the App Role secret used - // to authenticate with Vault. - // The `key` field must be specified and denotes which entry within the Secret - // resource is used as the app role secret. - SecretRef cmmeta.SecretKeySelector `json:"secretRef"` -} - -// Authenticate against Vault using a Kubernetes ServiceAccount token stored in -// a Secret. -type VaultKubernetesAuth struct { - // The Vault mountPath here is the mount path to use when authenticating with - // Vault. For example, setting a value to `/v1/auth/foo`, will use the path - // `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the - // default value "/v1/auth/kubernetes" will be used. - // +optional - Path string `json:"mountPath,omitempty"` - - // The required Secret field containing a Kubernetes ServiceAccount JWT used - // for authenticating with Vault. Use of 'ambient credentials' is not - // supported. - SecretRef cmmeta.SecretKeySelector `json:"secretRef"` - - // A required field containing the Vault Role to assume. A Role binds a - // Kubernetes ServiceAccount with a set of Vault policies. - Role string `json:"role"` -} - -type CAIssuer struct { - // SecretName is the name of the secret used to sign Certificates issued - // by this Issuer. - SecretName string `json:"secretName"` - - // The CRL distribution points is an X.509 v3 certificate extension which identifies - // the location of the CRL from which the revocation of this certificate can be checked. - // If not set, certificates will be issued without distribution points set. - // +optional - CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` - - // The OCSP server list is an X.509 v3 extension that defines a list of - // URLs of OCSP responders. The OCSP responders can be queried for the - // revocation status of an issued certificate. If not set, the - // certificate will be issued with no OCSP servers set. For example, an - // OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - // +optional - OCSPServers []string `json:"ocspServers,omitempty"` -} - -// IssuerStatus contains status information about an Issuer -type IssuerStatus struct { - // List of status conditions to indicate the status of a CertificateRequest. - // Known condition types are `Ready`. - // +optional - Conditions []IssuerCondition `json:"conditions,omitempty"` - - // ACME specific status options. - // This field should only be set if the Issuer is configured to use an ACME - // server to issue certificates. - // +optional - ACME *cmacme.ACMEIssuerStatus `json:"acme,omitempty"` -} - -// IssuerCondition contains condition information for an Issuer. -type IssuerCondition struct { - // Type of the condition, known values are (`Ready`). - Type IssuerConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` - - // If set, this represents the .metadata.generation that the condition was - // set based upon. - // For instance, if .metadata.generation is currently 12, but the - // .status.condition[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the Issuer. - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` -} - -// IssuerConditionType represents an Issuer condition value. -type IssuerConditionType string - -const ( - // IssuerConditionReady represents the fact that a given Issuer condition - // is in ready state and able to issue certificates. - // If the `status` of this condition is `False`, CertificateRequest controllers - // should prevent attempts to sign certificates. - IssuerConditionReady IssuerConditionType = "Ready" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go deleted file mode 100644 index 18e5f50b76..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3/zz_generated.deepcopy.go +++ /dev/null @@ -1,995 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - acmev1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CAIssuer) DeepCopyInto(out *CAIssuer) { - *out = *in - if in.CRLDistributionPoints != nil { - in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.OCSPServers != nil { - in, out := &in.OCSPServers, &out.OCSPServers - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CAIssuer. -func (in *CAIssuer) DeepCopy() *CAIssuer { - if in == nil { - return nil - } - out := new(CAIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Certificate) DeepCopyInto(out *Certificate) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Certificate. -func (in *Certificate) DeepCopy() *Certificate { - if in == nil { - return nil - } - out := new(Certificate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Certificate) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateCondition) DeepCopyInto(out *CertificateCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateCondition. -func (in *CertificateCondition) DeepCopy() *CertificateCondition { - if in == nil { - return nil - } - out := new(CertificateCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateKeystores) DeepCopyInto(out *CertificateKeystores) { - *out = *in - if in.JKS != nil { - in, out := &in.JKS, &out.JKS - *out = new(JKSKeystore) - **out = **in - } - if in.PKCS12 != nil { - in, out := &in.PKCS12, &out.PKCS12 - *out = new(PKCS12Keystore) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateKeystores. -func (in *CertificateKeystores) DeepCopy() *CertificateKeystores { - if in == nil { - return nil - } - out := new(CertificateKeystores) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateList) DeepCopyInto(out *CertificateList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Certificate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateList. -func (in *CertificateList) DeepCopy() *CertificateList { - if in == nil { - return nil - } - out := new(CertificateList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificatePrivateKey) DeepCopyInto(out *CertificatePrivateKey) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificatePrivateKey. -func (in *CertificatePrivateKey) DeepCopy() *CertificatePrivateKey { - if in == nil { - return nil - } - out := new(CertificatePrivateKey) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequest) DeepCopyInto(out *CertificateRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequest. -func (in *CertificateRequest) DeepCopy() *CertificateRequest { - if in == nil { - return nil - } - out := new(CertificateRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestCondition) DeepCopyInto(out *CertificateRequestCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestCondition. -func (in *CertificateRequestCondition) DeepCopy() *CertificateRequestCondition { - if in == nil { - return nil - } - out := new(CertificateRequestCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestList) DeepCopyInto(out *CertificateRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CertificateRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestList. -func (in *CertificateRequestList) DeepCopy() *CertificateRequestList { - if in == nil { - return nil - } - out := new(CertificateRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestSpec) DeepCopyInto(out *CertificateRequestSpec) { - *out = *in - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(v1.Duration) - **out = **in - } - out.IssuerRef = in.IssuerRef - if in.CSRPEM != nil { - in, out := &in.CSRPEM, &out.CSRPEM - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.Usages != nil { - in, out := &in.Usages, &out.Usages - *out = make([]KeyUsage, len(*in)) - copy(*out, *in) - } - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string][]string, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make([]string, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestSpec. -func (in *CertificateRequestSpec) DeepCopy() *CertificateRequestSpec { - if in == nil { - return nil - } - out := new(CertificateRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestStatus) DeepCopyInto(out *CertificateRequestStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]CertificateRequestCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.CA != nil { - in, out := &in.CA, &out.CA - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.FailureTime != nil { - in, out := &in.FailureTime, &out.FailureTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestStatus. -func (in *CertificateRequestStatus) DeepCopy() *CertificateRequestStatus { - if in == nil { - return nil - } - out := new(CertificateRequestStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSecretTemplate) DeepCopyInto(out *CertificateSecretTemplate) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSecretTemplate. -func (in *CertificateSecretTemplate) DeepCopy() *CertificateSecretTemplate { - if in == nil { - return nil - } - out := new(CertificateSecretTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { - *out = *in - if in.Subject != nil { - in, out := &in.Subject, &out.Subject - *out = new(X509Subject) - (*in).DeepCopyInto(*out) - } - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(v1.Duration) - **out = **in - } - if in.RenewBefore != nil { - in, out := &in.RenewBefore, &out.RenewBefore - *out = new(v1.Duration) - **out = **in - } - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.IPAddresses != nil { - in, out := &in.IPAddresses, &out.IPAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.URISANs != nil { - in, out := &in.URISANs, &out.URISANs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.EmailSANs != nil { - in, out := &in.EmailSANs, &out.EmailSANs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretTemplate != nil { - in, out := &in.SecretTemplate, &out.SecretTemplate - *out = new(CertificateSecretTemplate) - (*in).DeepCopyInto(*out) - } - if in.Keystores != nil { - in, out := &in.Keystores, &out.Keystores - *out = new(CertificateKeystores) - (*in).DeepCopyInto(*out) - } - out.IssuerRef = in.IssuerRef - if in.Usages != nil { - in, out := &in.Usages, &out.Usages - *out = make([]KeyUsage, len(*in)) - copy(*out, *in) - } - if in.PrivateKey != nil { - in, out := &in.PrivateKey, &out.PrivateKey - *out = new(CertificatePrivateKey) - **out = **in - } - if in.EncodeUsagesInRequest != nil { - in, out := &in.EncodeUsagesInRequest, &out.EncodeUsagesInRequest - *out = new(bool) - **out = **in - } - if in.RevisionHistoryLimit != nil { - in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec. -func (in *CertificateSpec) DeepCopy() *CertificateSpec { - if in == nil { - return nil - } - out := new(CertificateSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]CertificateCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.LastFailureTime != nil { - in, out := &in.LastFailureTime, &out.LastFailureTime - *out = (*in).DeepCopy() - } - if in.NotBefore != nil { - in, out := &in.NotBefore, &out.NotBefore - *out = (*in).DeepCopy() - } - if in.NotAfter != nil { - in, out := &in.NotAfter, &out.NotAfter - *out = (*in).DeepCopy() - } - if in.RenewalTime != nil { - in, out := &in.RenewalTime, &out.RenewalTime - *out = (*in).DeepCopy() - } - if in.Revision != nil { - in, out := &in.Revision, &out.Revision - *out = new(int) - **out = **in - } - if in.NextPrivateKeySecretName != nil { - in, out := &in.NextPrivateKeySecretName, &out.NextPrivateKeySecretName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateStatus. -func (in *CertificateStatus) DeepCopy() *CertificateStatus { - if in == nil { - return nil - } - out := new(CertificateStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterIssuer) DeepCopyInto(out *ClusterIssuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuer. -func (in *ClusterIssuer) DeepCopy() *ClusterIssuer { - if in == nil { - return nil - } - out := new(ClusterIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterIssuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterIssuerList) DeepCopyInto(out *ClusterIssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterIssuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuerList. -func (in *ClusterIssuerList) DeepCopy() *ClusterIssuerList { - if in == nil { - return nil - } - out := new(ClusterIssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterIssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Issuer) DeepCopyInto(out *Issuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer. -func (in *Issuer) DeepCopy() *Issuer { - if in == nil { - return nil - } - out := new(Issuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Issuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerCondition) DeepCopyInto(out *IssuerCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerCondition. -func (in *IssuerCondition) DeepCopy() *IssuerCondition { - if in == nil { - return nil - } - out := new(IssuerCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) { - *out = *in - if in.ACME != nil { - in, out := &in.ACME, &out.ACME - *out = new(acmev1alpha3.ACMEIssuer) - (*in).DeepCopyInto(*out) - } - if in.CA != nil { - in, out := &in.CA, &out.CA - *out = new(CAIssuer) - (*in).DeepCopyInto(*out) - } - if in.Vault != nil { - in, out := &in.Vault, &out.Vault - *out = new(VaultIssuer) - (*in).DeepCopyInto(*out) - } - if in.SelfSigned != nil { - in, out := &in.SelfSigned, &out.SelfSigned - *out = new(SelfSignedIssuer) - (*in).DeepCopyInto(*out) - } - if in.Venafi != nil { - in, out := &in.Venafi, &out.Venafi - *out = new(VenafiIssuer) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerConfig. -func (in *IssuerConfig) DeepCopy() *IssuerConfig { - if in == nil { - return nil - } - out := new(IssuerConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerList) DeepCopyInto(out *IssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Issuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerList. -func (in *IssuerList) DeepCopy() *IssuerList { - if in == nil { - return nil - } - out := new(IssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerSpec) DeepCopyInto(out *IssuerSpec) { - *out = *in - in.IssuerConfig.DeepCopyInto(&out.IssuerConfig) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerSpec. -func (in *IssuerSpec) DeepCopy() *IssuerSpec { - if in == nil { - return nil - } - out := new(IssuerSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerStatus) DeepCopyInto(out *IssuerStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]IssuerCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ACME != nil { - in, out := &in.ACME, &out.ACME - *out = new(acmev1alpha3.ACMEIssuerStatus) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerStatus. -func (in *IssuerStatus) DeepCopy() *IssuerStatus { - if in == nil { - return nil - } - out := new(IssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JKSKeystore) DeepCopyInto(out *JKSKeystore) { - *out = *in - out.PasswordSecretRef = in.PasswordSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JKSKeystore. -func (in *JKSKeystore) DeepCopy() *JKSKeystore { - if in == nil { - return nil - } - out := new(JKSKeystore) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKCS12Keystore) DeepCopyInto(out *PKCS12Keystore) { - *out = *in - out.PasswordSecretRef = in.PasswordSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKCS12Keystore. -func (in *PKCS12Keystore) DeepCopy() *PKCS12Keystore { - if in == nil { - return nil - } - out := new(PKCS12Keystore) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) { - *out = *in - if in.CRLDistributionPoints != nil { - in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelfSignedIssuer. -func (in *SelfSignedIssuer) DeepCopy() *SelfSignedIssuer { - if in == nil { - return nil - } - out := new(SelfSignedIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultAppRole) DeepCopyInto(out *VaultAppRole) { - *out = *in - out.SecretRef = in.SecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAppRole. -func (in *VaultAppRole) DeepCopy() *VaultAppRole { - if in == nil { - return nil - } - out := new(VaultAppRole) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultAuth) DeepCopyInto(out *VaultAuth) { - *out = *in - if in.TokenSecretRef != nil { - in, out := &in.TokenSecretRef, &out.TokenSecretRef - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.AppRole != nil { - in, out := &in.AppRole, &out.AppRole - *out = new(VaultAppRole) - **out = **in - } - if in.Kubernetes != nil { - in, out := &in.Kubernetes, &out.Kubernetes - *out = new(VaultKubernetesAuth) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAuth. -func (in *VaultAuth) DeepCopy() *VaultAuth { - if in == nil { - return nil - } - out := new(VaultAuth) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultIssuer) DeepCopyInto(out *VaultIssuer) { - *out = *in - in.Auth.DeepCopyInto(&out.Auth) - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultIssuer. -func (in *VaultIssuer) DeepCopy() *VaultIssuer { - if in == nil { - return nil - } - out := new(VaultIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultKubernetesAuth) DeepCopyInto(out *VaultKubernetesAuth) { - *out = *in - out.SecretRef = in.SecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultKubernetesAuth. -func (in *VaultKubernetesAuth) DeepCopy() *VaultKubernetesAuth { - if in == nil { - return nil - } - out := new(VaultKubernetesAuth) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiCloud) DeepCopyInto(out *VenafiCloud) { - *out = *in - out.APITokenSecretRef = in.APITokenSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiCloud. -func (in *VenafiCloud) DeepCopy() *VenafiCloud { - if in == nil { - return nil - } - out := new(VenafiCloud) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiIssuer) DeepCopyInto(out *VenafiIssuer) { - *out = *in - if in.TPP != nil { - in, out := &in.TPP, &out.TPP - *out = new(VenafiTPP) - (*in).DeepCopyInto(*out) - } - if in.Cloud != nil { - in, out := &in.Cloud, &out.Cloud - *out = new(VenafiCloud) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiIssuer. -func (in *VenafiIssuer) DeepCopy() *VenafiIssuer { - if in == nil { - return nil - } - out := new(VenafiIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiTPP) DeepCopyInto(out *VenafiTPP) { - *out = *in - out.CredentialsRef = in.CredentialsRef - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiTPP. -func (in *VenafiTPP) DeepCopy() *VenafiTPP { - if in == nil { - return nil - } - out := new(VenafiTPP) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *X509Subject) DeepCopyInto(out *X509Subject) { - *out = *in - if in.Organizations != nil { - in, out := &in.Organizations, &out.Organizations - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Countries != nil { - in, out := &in.Countries, &out.Countries - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.OrganizationalUnits != nil { - in, out := &in.OrganizationalUnits, &out.OrganizationalUnits - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Localities != nil { - in, out := &in.Localities, &out.Localities - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Provinces != nil { - in, out := &in.Provinces, &out.Provinces - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.StreetAddresses != nil { - in, out := &in.StreetAddresses, &out.StreetAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.PostalCodes != nil { - in, out := &in.PostalCodes, &out.PostalCodes - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new X509Subject. -func (in *X509Subject) DeepCopy() *X509Subject { - if in == nil { - return nil - } - out := new(X509Subject) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/BUILD.bazel deleted file mode 100644 index 622747684e..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/BUILD.bazel +++ /dev/null @@ -1,26 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "const.go", - "doc.go", - "register.go", - "types.go", - "types_certificate.go", - "types_certificaterequest.go", - "types_issuer.go", - "zz_generated.deepcopy.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1", - importpath = "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/const.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/const.go deleted file mode 100644 index 7901c21ad0..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/const.go +++ /dev/null @@ -1,43 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import "time" - -const ( - // minimum permitted certificate duration by cert-manager - MinimumCertificateDuration = time.Hour - - // default certificate duration if Issuer.spec.duration is not set - DefaultCertificateDuration = time.Hour * 24 * 90 - - // minimum certificate duration before certificate expiration - MinimumRenewBefore = time.Minute * 5 - - // Deprecated: the default is now 2/3 of Certificate's duration - DefaultRenewBefore = time.Hour * 24 * 30 -) - -const ( - // Default index key for the Secret reference for Token authentication - DefaultVaultTokenAuthSecretKey = "token" - - // Default mount path location for Kubernetes ServiceAccount authentication - // (/v1/auth/kubernetes). The endpoint will then be called at `/login`, so - // left as the default, `/v1/auth/kubernetes/login` will be called. - DefaultVaultKubernetesAuthMountPath = "/v1/auth/kubernetes" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/doc.go deleted file mode 100644 index d23ca0bde6..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/doc.go +++ /dev/null @@ -1,24 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Package v1beta1 is the v1beta1 version of the API. -// +k8s:deepcopy-gen=package,register -// +k8s:conversion-gen=github.com/jetstack/cert-manager/pkg/apis/certmanager -// +k8s:openapi-gen=true -// +k8s:defaulter-gen=TypeMeta -// +groupName=cert-manager.io -// +groupGoName=Certmanager -package v1beta1 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/register.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/register.go deleted file mode 100644 index 5010168375..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/register.go +++ /dev/null @@ -1,62 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - - "github.com/jetstack/cert-manager/pkg/apis/certmanager" -) - -// SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: certmanager.GroupName, Version: "v1beta1"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to api.Scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &Certificate{}, - &CertificateList{}, - &Issuer{}, - &IssuerList{}, - &ClusterIssuer{}, - &ClusterIssuerList{}, - &CertificateRequest{}, - &CertificateRequestList{}, - ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types.go deleted file mode 100644 index c16be1a747..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types.go +++ /dev/null @@ -1,193 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -// Common annotation keys added to resources. -const ( - // Annotation key for DNS subjectAltNames. - AltNamesAnnotationKey = "cert-manager.io/alt-names" - - // Annotation key for IP subjectAltNames. - IPSANAnnotationKey = "cert-manager.io/ip-sans" - - // Annotation key for URI subjectAltNames. - URISANAnnotationKey = "cert-manager.io/uri-sans" - - // Annotation key for certificate common name. - CommonNameAnnotationKey = "cert-manager.io/common-name" - - // Annotation key the 'name' of the Issuer resource. - IssuerNameAnnotationKey = "cert-manager.io/issuer-name" - - // Annotation key for the 'kind' of the Issuer resource. - IssuerKindAnnotationKey = "cert-manager.io/issuer-kind" - - // Annotation key for the 'group' of the Issuer resource. - IssuerGroupAnnotationKey = "cert-manager.io/issuer-group" - - // Annotation key for the name of the certificate that a resource is related to. - CertificateNameKey = "cert-manager.io/certificate-name" - - // Annotation key used to denote whether a Secret is named on a Certificate - // as a 'next private key' Secret resource. - IsNextPrivateKeySecretLabelKey = "cert-manager.io/next-private-key" -) - -// Deprecated annotation names for Secrets -// These will be removed in a future release. -const ( - DeprecatedIssuerNameAnnotationKey = "certmanager.k8s.io/issuer-name" - DeprecatedIssuerKindAnnotationKey = "certmanager.k8s.io/issuer-kind" -) - -const ( - // issuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. - IngressIssuerNameAnnotationKey = "cert-manager.io/issuer" - // clusterIssuerNameAnnotation can be used to override the issuer specified on the - // created Certificate resource. The Certificate will reference the - // specified *ClusterIssuer* instead of normal issuer. - IngressClusterIssuerNameAnnotationKey = "cert-manager.io/cluster-issuer" - // acmeIssuerHTTP01IngressClassAnnotation can be used to override the http01 ingressClass - // if the challenge type is set to http01 - IngressACMEIssuerHTTP01IngressClassAnnotationKey = "acme.cert-manager.io/http01-ingress-class" - - // IngressClassAnnotationKey picks a specific "class" for the Ingress. The - // controller only processes Ingresses with this annotation either unset, or - // set to either the configured value or the empty string. - IngressClassAnnotationKey = "kubernetes.io/ingress.class" -) - -// Annotation names for CertificateRequests -const ( - // Annotation added to CertificateRequest resources to denote the name of - // a Secret resource containing the private key used to sign the CSR stored - // on the resource. - // This annotation *may* not be present, and is used by the 'self signing' - // issuer type to self-sign certificates. - CertificateRequestPrivateKeyAnnotationKey = "cert-manager.io/private-key-secret-name" - - // Annotation to declare the CertificateRequest "revision", belonging to a Certificate Resource - CertificateRequestRevisionAnnotationKey = "cert-manager.io/certificate-revision" -) - -const ( - // IssueTemporaryCertificateAnnotation is an annotation that can be added to - // Certificate resources. - // If it is present, a temporary internally signed certificate will be - // stored in the target Secret resource whilst the real Issuer is processing - // the certificate request. - IssueTemporaryCertificateAnnotation = "cert-manager.io/issue-temporary-certificate" -) - -// Common/known resource kinds. -const ( - ClusterIssuerKind = "ClusterIssuer" - IssuerKind = "Issuer" - CertificateKind = "Certificate" - CertificateRequestKind = "CertificateRequest" -) - -const ( - // WantInjectAnnotation is the annotation that specifies that a particular - // object wants injection of CAs. It takes the form of a reference to a certificate - // as namespace/name. The certificate is expected to have the is-serving-for annotations. - WantInjectAnnotation = "cert-manager.io/inject-ca-from" - - // WantInjectAPIServerCAAnnotation, if set to "true", will make the cainjector - // inject the CA certificate for the Kubernetes apiserver into the resource. - // It discovers the apiserver's CA by inspecting the service account credentials - // mounted into the cainjector pod. - WantInjectAPIServerCAAnnotation = "cert-manager.io/inject-apiserver-ca" - - // WantInjectFromSecretAnnotation is the annotation that specifies that a particular - // object wants injection of CAs. It takes the form of a reference to a Secret - // as namespace/name. - WantInjectFromSecretAnnotation = "cert-manager.io/inject-ca-from-secret" - - // AllowsInjectionFromSecretAnnotation is an annotation that must be added - // to Secret resource that want to denote that they can be directly - // injected into injectables that have a `inject-ca-from-secret` annotation. - // If an injectable references a Secret that does NOT have this annotation, - // the cainjector will refuse to inject the secret. - AllowsInjectionFromSecretAnnotation = "cert-manager.io/allow-direct-injection" -) - -// Issuer specific Annotations -const ( - // VenafiCustomFieldsAnnotationKey is the annotation that passes on JSON encoded custom fields to the Venafi issuer - // This will only work with Venafi TPP v19.3 and higher - // The value is an array with objects containing the name and value keys - // for example: `[{"name": "custom-field", "value": "custom-value"}]` - VenafiCustomFieldsAnnotationKey = "venafi.cert-manager.io/custom-fields" -) - -// KeyUsage specifies valid usage contexts for keys. -// See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 -// https://tools.ietf.org/html/rfc5280#section-4.2.1.12 -// Valid KeyUsage values are as follows: -// "signing", -// "digital signature", -// "content commitment", -// "key encipherment", -// "key agreement", -// "data encipherment", -// "cert sign", -// "crl sign", -// "encipher only", -// "decipher only", -// "any", -// "server auth", -// "client auth", -// "code signing", -// "email protection", -// "s/mime", -// "ipsec end system", -// "ipsec tunnel", -// "ipsec user", -// "timestamping", -// "ocsp signing", -// "microsoft sgc", -// "netscape sgc" -// +kubebuilder:validation:Enum="signing";"digital signature";"content commitment";"key encipherment";"key agreement";"data encipherment";"cert sign";"crl sign";"encipher only";"decipher only";"any";"server auth";"client auth";"code signing";"email protection";"s/mime";"ipsec end system";"ipsec tunnel";"ipsec user";"timestamping";"ocsp signing";"microsoft sgc";"netscape sgc" -type KeyUsage string - -const ( - UsageSigning KeyUsage = "signing" - UsageDigitalSignature KeyUsage = "digital signature" - UsageContentCommitment KeyUsage = "content commitment" - UsageKeyEncipherment KeyUsage = "key encipherment" - UsageKeyAgreement KeyUsage = "key agreement" - UsageDataEncipherment KeyUsage = "data encipherment" - UsageCertSign KeyUsage = "cert sign" - UsageCRLSign KeyUsage = "crl sign" - UsageEncipherOnly KeyUsage = "encipher only" - UsageDecipherOnly KeyUsage = "decipher only" - UsageAny KeyUsage = "any" - UsageServerAuth KeyUsage = "server auth" - UsageClientAuth KeyUsage = "client auth" - UsageCodeSigning KeyUsage = "code signing" - UsageEmailProtection KeyUsage = "email protection" - UsageSMIME KeyUsage = "s/mime" - UsageIPsecEndSystem KeyUsage = "ipsec end system" - UsageIPsecTunnel KeyUsage = "ipsec tunnel" - UsageIPsecUser KeyUsage = "ipsec user" - UsageTimestamping KeyUsage = "timestamping" - UsageOCSPSigning KeyUsage = "ocsp signing" - UsageMicrosoftSGC KeyUsage = "microsoft sgc" - UsageNetscapeSGC KeyUsage = "netscape sgc" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificate.go deleted file mode 100644 index 50a6d2f8f1..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificate.go +++ /dev/null @@ -1,449 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A Certificate resource should be created to ensure an up to date and signed -// x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. -// -// The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`). -// +k8s:openapi-gen=true -type Certificate struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the Certificate resource. - Spec CertificateSpec `json:"spec"` - - // Status of the Certificate. This is set and managed automatically. - // +optional - Status CertificateStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CertificateList is a list of Certificates -type CertificateList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Certificate `json:"items"` -} - -// +kubebuilder:validation:Enum=RSA;ECDSA -type PrivateKeyAlgorithm string - -const ( - // Denotes the RSA private key type. - RSAKeyAlgorithm PrivateKeyAlgorithm = "RSA" - - // Denotes the ECDSA private key type. - ECDSAKeyAlgorithm PrivateKeyAlgorithm = "ECDSA" -) - -// +kubebuilder:validation:Enum=PKCS1;PKCS8 -type PrivateKeyEncoding string - -const ( - // PKCS1 key encoding will produce PEM files that include the type of - // private key as part of the PEM header, e.g. `BEGIN RSA PRIVATE KEY`. - // If the keyAlgorithm is set to 'ECDSA', this will produce private keys - // that use the `BEGIN EC PRIVATE KEY` header. - PKCS1 PrivateKeyEncoding = "PKCS1" - - // PKCS8 key encoding will produce PEM files with the `BEGIN PRIVATE KEY` - // header. It encodes the keyAlgorithm of the private key as part of the - // DER encoded PEM block. - PKCS8 PrivateKeyEncoding = "PKCS8" -) - -// CertificateSpec defines the desired state of Certificate. -// A valid Certificate requires at least one of a CommonName, DNSName, or -// URISAN to be valid. -type CertificateSpec struct { - // Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). - // +optional - Subject *X509Subject `json:"subject,omitempty"` - - // CommonName is a common name to be used on the Certificate. - // The CommonName should have a length of 64 characters or fewer to avoid - // generating invalid CSRs. - // This value is ignored by TLS clients when any subject alt name is set. - // This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4 - // +optional - CommonName string `json:"commonName,omitempty"` - - // The requested 'duration' (i.e. lifetime) of the Certificate. This option - // may be ignored/overridden by some issuer types. If unset this defaults to - // 90 days. Certificate will be renewed either 2/3 through its duration or - // `renewBefore` period before its expiry, whichever is later. Minimum - // accepted duration is 1 hour. Value must be in units accepted by Go - // time.ParseDuration https://golang.org/pkg/time/#ParseDuration - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` - - // How long before the currently issued certificate's expiry - // cert-manager should renew the certificate. The default is 2/3 of the - // issued certificate's duration. Minimum accepted value is 5 minutes. - // Value must be in units accepted by Go time.ParseDuration - // https://golang.org/pkg/time/#ParseDuration - // +optional - RenewBefore *metav1.Duration `json:"renewBefore,omitempty"` - - // DNSNames is a list of DNS subjectAltNames to be set on the Certificate. - // +optional - DNSNames []string `json:"dnsNames,omitempty"` - - // IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. - // +optional - IPAddresses []string `json:"ipAddresses,omitempty"` - - // URISANs is a list of URI subjectAltNames to be set on the Certificate. - // +optional - URISANs []string `json:"uriSANs,omitempty"` - - // EmailSANs is a list of email subjectAltNames to be set on the Certificate. - // +optional - EmailSANs []string `json:"emailSANs,omitempty"` - - // SecretName is the name of the secret resource that will be automatically - // created and managed by this Certificate resource. - // It will be populated with a private key and certificate, signed by the - // denoted issuer. - SecretName string `json:"secretName"` - - // SecretTemplate defines annotations and labels to be propagated - // to the Kubernetes Secret when it is created or updated. Once created, - // labels and annotations are not yet removed from the Secret when they are - // removed from the template. See https://github.com/jetstack/cert-manager/issues/4292 - // +optional - SecretTemplate *CertificateSecretTemplate `json:"secretTemplate,omitempty"` - - // Keystores configures additional keystore output formats stored in the - // `secretName` Secret resource. - // +optional - Keystores *CertificateKeystores `json:"keystores,omitempty"` - - // IssuerRef is a reference to the issuer for this certificate. - // If the `kind` field is not set, or set to `Issuer`, an Issuer resource - // with the given name in the same namespace as the Certificate will be used. - // If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the - // provided name will be used. - // The `name` field in this stanza is required at all times. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // IsCA will mark this Certificate as valid for certificate signing. - // This will automatically add the `cert sign` usage to the list of `usages`. - // +optional - IsCA bool `json:"isCA,omitempty"` - - // Usages is the set of x509 usages that are requested for the certificate. - // Defaults to `digital signature` and `key encipherment` if not specified. - // +optional - Usages []KeyUsage `json:"usages,omitempty"` - - // Options to control private keys used for the Certificate. - // +optional - PrivateKey *CertificatePrivateKey `json:"privateKey,omitempty"` - - // EncodeUsagesInRequest controls whether key usages should be present - // in the CertificateRequest - // +optional - EncodeUsagesInRequest *bool `json:"encodeUsagesInRequest,omitempty"` - - // revisionHistoryLimit is the maximum number of CertificateRequest revisions - // that are maintained in the Certificate's history. Each revision represents - // a single `CertificateRequest` created by this Certificate, either when it - // was created, renewed, or Spec was changed. Revisions will be removed by - // oldest first if the number of revisions exceeds this number. If set, - // revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), - // revisions will not be garbage collected. Default value is `nil`. - // +kubebuilder:validation:ExclusiveMaximum=false - // +optional - RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty"` // Validated by the validating webhook. -} - -// CertificatePrivateKey contains configuration options for private keys -// used by the Certificate controller. -// This allows control of how private keys are rotated. -type CertificatePrivateKey struct { - // RotationPolicy controls how private keys should be regenerated when a - // re-issuance is being processed. - // If set to Never, a private key will only be generated if one does not - // already exist in the target `spec.secretName`. If one does exists but it - // does not have the correct algorithm or size, a warning will be raised - // to await user intervention. - // If set to Always, a private key matching the specified requirements - // will be generated whenever a re-issuance occurs. - // Default is 'Never' for backward compatibility. - // +optional - RotationPolicy PrivateKeyRotationPolicy `json:"rotationPolicy,omitempty"` - - // The private key cryptography standards (PKCS) encoding for this - // certificate's private key to be encoded in. - // If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 - // and PKCS#8, respectively. - // Defaults to `PKCS1` if not specified. - // +optional - Encoding PrivateKeyEncoding `json:"encoding,omitempty"` - - // Algorithm is the private key algorithm of the corresponding private key - // for this certificate. If provided, allowed values are either `RSA` or `ECDSA` - // If `algorithm` is specified and `size` is not provided, - // key size of 256 will be used for `ECDSA` key algorithm and - // key size of 2048 will be used for `RSA` key algorithm. - // +optional - Algorithm PrivateKeyAlgorithm `json:"algorithm,omitempty"` - - // Size is the key bit size of the corresponding private key for this certificate. - // If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, - // and will default to `2048` if not specified. - // If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, - // and will default to `256` if not specified. - // No other values are allowed. - // +optional - Size int `json:"size,omitempty"` // Validated by webhook. Be mindful of adding OpenAPI validation- see https://github.com/jetstack/cert-manager/issues/3644 . -} - -// Denotes how private keys should be generated or sourced when a Certificate -// is being issued. -type PrivateKeyRotationPolicy string - -var ( - // RotationPolicyNever means a private key will only be generated if one - // does not already exist in the target `spec.secretName`. - // If one does exists but it does not have the correct algorithm or size, - // a warning will be raised to await user intervention. - RotationPolicyNever PrivateKeyRotationPolicy = "Never" - - // RotationPolicyAlways means a private key matching the specified - // requirements will be generated whenever a re-issuance occurs. - RotationPolicyAlways PrivateKeyRotationPolicy = "Always" -) - -// X509Subject Full X509 name specification -type X509Subject struct { - // Organizations to be used on the Certificate. - // +optional - Organizations []string `json:"organizations,omitempty"` - // Countries to be used on the Certificate. - // +optional - Countries []string `json:"countries,omitempty"` - // Organizational Units to be used on the Certificate. - // +optional - OrganizationalUnits []string `json:"organizationalUnits,omitempty"` - // Cities to be used on the Certificate. - // +optional - Localities []string `json:"localities,omitempty"` - // State/Provinces to be used on the Certificate. - // +optional - Provinces []string `json:"provinces,omitempty"` - // Street addresses to be used on the Certificate. - // +optional - StreetAddresses []string `json:"streetAddresses,omitempty"` - // Postal codes to be used on the Certificate. - // +optional - PostalCodes []string `json:"postalCodes,omitempty"` - // Serial number to be used on the Certificate. - // +optional - SerialNumber string `json:"serialNumber,omitempty"` -} - -// CertificateKeystores configures additional keystore output formats to be -// created in the Certificate's output Secret. -type CertificateKeystores struct { - // JKS configures options for storing a JKS keystore in the - // `spec.secretName` Secret resource. - // +optional - JKS *JKSKeystore `json:"jks,omitempty"` - - // PKCS12 configures options for storing a PKCS12 keystore in the - // `spec.secretName` Secret resource. - // +optional - PKCS12 *PKCS12Keystore `json:"pkcs12,omitempty"` -} - -// JKS configures options for storing a JKS keystore in the `spec.secretName` -// Secret resource. -type JKSKeystore struct { - // Create enables JKS keystore creation for the Certificate. - // If true, a file named `keystore.jks` will be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef`. - // The keystore file will only be updated upon re-issuance. - Create bool `json:"create"` - - // PasswordSecretRef is a reference to a key in a Secret resource - // containing the password used to encrypt the JKS keystore. - PasswordSecretRef cmmeta.SecretKeySelector `json:"passwordSecretRef"` -} - -// PKCS12 configures options for storing a PKCS12 keystore in the -// `spec.secretName` Secret resource. -type PKCS12Keystore struct { - // Create enables PKCS12 keystore creation for the Certificate. - // If true, a file named `keystore.p12` will be created in the target - // Secret resource, encrypted using the password stored in - // `passwordSecretRef`. - // The keystore file will only be updated upon re-issuance. - Create bool `json:"create"` - - // PasswordSecretRef is a reference to a key in a Secret resource - // containing the password used to encrypt the PKCS12 keystore. - PasswordSecretRef cmmeta.SecretKeySelector `json:"passwordSecretRef"` -} - -// CertificateStatus defines the observed state of Certificate -type CertificateStatus struct { - // List of status conditions to indicate the status of certificates. - // Known condition types are `Ready` and `Issuing`. - // +optional - Conditions []CertificateCondition `json:"conditions,omitempty"` - - // LastFailureTime is the time as recorded by the Certificate controller - // of the most recent failure to complete a CertificateRequest for this - // Certificate resource. - // If set, cert-manager will not re-request another Certificate until - // 1 hour has elapsed from this time. - // +optional - LastFailureTime *metav1.Time `json:"lastFailureTime,omitempty"` - - // The time after which the certificate stored in the secret named - // by this resource in spec.secretName is valid. - // +optional - NotBefore *metav1.Time `json:"notBefore,omitempty"` - - // The expiration time of the certificate stored in the secret named - // by this resource in `spec.secretName`. - // +optional - NotAfter *metav1.Time `json:"notAfter,omitempty"` - - // RenewalTime is the time at which the certificate will be next - // renewed. - // If not set, no upcoming renewal is scheduled. - // +optional - RenewalTime *metav1.Time `json:"renewalTime,omitempty"` - - // The current 'revision' of the certificate as issued. - // - // When a CertificateRequest resource is created, it will have the - // `cert-manager.io/certificate-revision` set to one greater than the - // current value of this field. - // - // Upon issuance, this field will be set to the value of the annotation - // on the CertificateRequest resource used to issue the certificate. - // - // Persisting the value on the CertificateRequest resource allows the - // certificates controller to know whether a request is part of an old - // issuance or if it is part of the ongoing revision's issuance by - // checking if the revision value in the annotation is greater than this - // field. - // +optional - Revision *int `json:"revision,omitempty"` - - // The name of the Secret resource containing the private key to be used - // for the next certificate iteration. - // The keymanager controller will automatically set this field if the - // `Issuing` condition is set to `True`. - // It will automatically unset this field when the Issuing condition is - // not set or False. - // +optional - NextPrivateKeySecretName *string `json:"nextPrivateKeySecretName,omitempty"` -} - -// CertificateCondition contains condition information for an Certificate. -type CertificateCondition struct { - // Type of the condition, known values are (`Ready`, `Issuing`). - Type CertificateConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` - - // If set, this represents the .metadata.generation that the condition was - // set based upon. - // For instance, if .metadata.generation is currently 12, but the - // .status.condition[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the Certificate. - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` -} - -// CertificateConditionType represents an Certificate condition value. -type CertificateConditionType string - -const ( - // CertificateConditionReady indicates that a certificate is ready for use. - // This is defined as: - // - The target secret exists - // - The target secret contains a certificate that has not expired - // - The target secret contains a private key valid for the certificate - // - The commonName and dnsNames attributes match those specified on the Certificate - CertificateConditionReady CertificateConditionType = "Ready" - - // A condition added to Certificate resources when an issuance is required. - // This condition will be automatically added and set to true if: - // * No keypair data exists in the target Secret - // * The data stored in the Secret cannot be decoded - // * The private key and certificate do not have matching public keys - // * If a CertificateRequest for the current revision exists and the - // certificate data stored in the Secret does not match the - // `status.certificate` on the CertificateRequest. - // * If no CertificateRequest resource exists for the current revision, - // the options on the Certificate resource are compared against the - // x509 data in the Secret, similar to what's done in earlier versions. - // If there is a mismatch, an issuance is triggered. - // This condition may also be added by external API consumers to trigger - // a re-issuance manually for any other reason. - // - // It will be removed by the 'issuing' controller upon completing issuance. - CertificateConditionIssuing CertificateConditionType = "Issuing" -) - -// CertificateSecretTemplate defines the default labels and annotations -// to be copied to the Kubernetes Secret resource named in `CertificateSpec.secretName`. -type CertificateSecretTemplate struct { - // Annotations is a key value map to be copied to the target Kubernetes Secret. - // +optional - Annotations map[string]string `json:"annotations,omitempty"` - - // Labels is a key value map to be copied to the target Kubernetes Secret. - // +optional - Labels map[string]string `json:"labels,omitempty"` -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificaterequest.go deleted file mode 100644 index f46a64c951..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_certificaterequest.go +++ /dev/null @@ -1,208 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -const ( - // Pending indicates that a CertificateRequest is still in progress. - CertificateRequestReasonPending = "Pending" - - // Failed indicates that a CertificateRequest has failed, either due to - // timing out or some other critical failure. - CertificateRequestReasonFailed = "Failed" - - // Issued indicates that a CertificateRequest has been completed, and that - // the `status.certificate` field is set. - CertificateRequestReasonIssued = "Issued" - - // Denied is a Ready condition reason that indicates that a - // CertificateRequest has been denied, and the CertificateRequest will never - // be issued. - CertificateRequestReasonDenied = "Denied" -) - -// +genclient -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A CertificateRequest is used to request a signed certificate from one of the -// configured issuers. -// -// All fields within the CertificateRequest's `spec` are immutable after creation. -// A CertificateRequest will either succeed or fail, as denoted by its `status.state` -// field. -// -// A CertificateRequest is a one-shot resource, meaning it represents a single -// point in time request for a certificate and cannot be re-used. -// +k8s:openapi-gen=true -type CertificateRequest struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the CertificateRequest resource. - Spec CertificateRequestSpec `json:"spec"` - - // Status of the CertificateRequest. This is set and managed automatically. - // +optional - Status CertificateRequestStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// CertificateRequestList is a list of Certificates -type CertificateRequestList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []CertificateRequest `json:"items"` -} - -// CertificateRequestSpec defines the desired state of CertificateRequest -type CertificateRequestSpec struct { - // The requested 'duration' (i.e. lifetime) of the Certificate. - // This option may be ignored/overridden by some issuer types. - // +optional - Duration *metav1.Duration `json:"duration,omitempty"` - - // IssuerRef is a reference to the issuer for this CertificateRequest. If - // the `kind` field is not set, or set to `Issuer`, an Issuer resource with - // the given name in the same namespace as the CertificateRequest will be - // used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with - // the provided name will be used. The `name` field in this stanza is - // required at all times. The group field refers to the API group of the - // issuer which defaults to `cert-manager.io` if empty. - IssuerRef cmmeta.ObjectReference `json:"issuerRef"` - - // The PEM-encoded x509 certificate signing request to be submitted to the - // CA for signing. - Request []byte `json:"request"` - - // IsCA will request to mark the certificate as valid for certificate signing - // when submitting to the issuer. - // This will automatically add the `cert sign` usage to the list of `usages`. - // +optional - IsCA bool `json:"isCA,omitempty"` - - // Usages is the set of x509 usages that are requested for the certificate. - // Defaults to `digital signature` and `key encipherment` if not specified. - // +optional - Usages []KeyUsage `json:"usages,omitempty"` - - // Username contains the name of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - Username string `json:"username,omitempty"` - // UID contains the uid of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - UID string `json:"uid,omitempty"` - // Groups contains group membership of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +listType=atomic - // +optional - Groups []string `json:"groups,omitempty"` - // Extra contains extra attributes of the user that created the CertificateRequest. - // Populated by the cert-manager webhook on creation and immutable. - // +optional - Extra map[string][]string `json:"extra,omitempty"` -} - -// CertificateRequestStatus defines the observed state of CertificateRequest and -// resulting signed certificate. -type CertificateRequestStatus struct { - // List of status conditions to indicate the status of a CertificateRequest. - // Known condition types are `Ready` and `InvalidRequest`. - // +optional - Conditions []CertificateRequestCondition `json:"conditions,omitempty"` - - // The PEM encoded x509 certificate resulting from the certificate - // signing request. - // If not set, the CertificateRequest has either not been completed or has - // failed. More information on failure can be found by checking the - // `conditions` field. - // +optional - Certificate []byte `json:"certificate,omitempty"` - - // The PEM encoded x509 certificate of the signer, also known as the CA - // (Certificate Authority). - // This is set on a best-effort basis by different issuers. - // If not set, the CA is assumed to be unknown/not available. - // +optional - CA []byte `json:"ca,omitempty"` - - // FailureTime stores the time that this CertificateRequest failed. This is - // used to influence garbage collection and back-off. - // +optional - FailureTime *metav1.Time `json:"failureTime,omitempty"` -} - -// CertificateRequestCondition contains condition information for a CertificateRequest. -type CertificateRequestCondition struct { - // Type of the condition, known values are (`Ready`, - // `InvalidRequest`, `Approved`, `Denied`). - Type CertificateRequestConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` -} - -// CertificateRequestConditionType represents an Certificate condition value. -type CertificateRequestConditionType string - -const ( - // CertificateRequestConditionReady indicates that a certificate is ready for use. - // This is defined as: - // - The target certificate exists in CertificateRequest.Status - CertificateRequestConditionReady CertificateRequestConditionType = "Ready" - - // CertificateRequestConditionInvalidRequest indicates that a certificate - // signer has refused to sign the request due to at least one of the input - // parameters being invalid. Additional information about why the request - // was rejected can be found in the `reason` and `message` fields. - CertificateRequestConditionInvalidRequest CertificateRequestConditionType = "InvalidRequest" - - // CertificateRequestConditionApproved indicates that a certificate request - // is approved and ready for signing. Condition must never have a status of - // `False`, and cannot be modified once set. Cannot be set alongside - // `Denied`. - CertificateRequestConditionApproved CertificateRequestConditionType = "Approved" - - // CertificateRequestConditionDenied indicates that a certificate request is - // denied, and must never be signed. Condition must never have a status of - // `False`, and cannot be modified once set. Cannot be set alongside - // `Approved`. - CertificateRequestConditionDenied CertificateRequestConditionType = "Denied" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_issuer.go deleted file mode 100644 index da1f8a824c..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/types_issuer.go +++ /dev/null @@ -1,343 +0,0 @@ -/* -Copyright 2020 The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package v1beta1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - cmacme "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// A ClusterIssuer represents a certificate issuing authority which can be -// referenced as part of `issuerRef` fields. -// It is similar to an Issuer, however it is cluster-scoped and therefore can -// be referenced by resources that exist in *any* namespace, not just the same -// namespace as the referent. -type ClusterIssuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the ClusterIssuer resource. - Spec IssuerSpec `json:"spec"` - - // Status of the ClusterIssuer. This is set and managed automatically. - // +optional - Status IssuerStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// ClusterIssuerList is a list of Issuers -type ClusterIssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []ClusterIssuer `json:"items"` -} - -// +genclient -// +k8s:openapi-gen=true -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// An Issuer represents a certificate issuing authority which can be -// referenced as part of `issuerRef` fields. -// It is scoped to a single namespace and can therefore only be referenced by -// resources within the same namespace. -type Issuer struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - // Desired state of the Issuer resource. - Spec IssuerSpec `json:"spec"` - - // Status of the Issuer. This is set and managed automatically. - // +optional - Status IssuerStatus `json:"status"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// IssuerList is a list of Issuers -type IssuerList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata"` - - Items []Issuer `json:"items"` -} - -// IssuerSpec is the specification of an Issuer. This includes any -// configuration required for the issuer. -type IssuerSpec struct { - IssuerConfig `json:",inline"` -} - -// The configuration for the issuer. -// Only one of these can be set. -type IssuerConfig struct { - // ACME configures this issuer to communicate with a RFC8555 (ACME) server - // to obtain signed x509 certificates. - // +optional - ACME *cmacme.ACMEIssuer `json:"acme,omitempty"` - - // CA configures this issuer to sign certificates using a signing CA keypair - // stored in a Secret resource. - // This is used to build internal PKIs that are managed by cert-manager. - // +optional - CA *CAIssuer `json:"ca,omitempty"` - - // Vault configures this issuer to sign certificates using a HashiCorp Vault - // PKI backend. - // +optional - Vault *VaultIssuer `json:"vault,omitempty"` - - // SelfSigned configures this issuer to 'self sign' certificates using the - // private key used to create the CertificateRequest object. - // +optional - SelfSigned *SelfSignedIssuer `json:"selfSigned,omitempty"` - - // Venafi configures this issuer to sign certificates using a Venafi TPP - // or Venafi Cloud policy zone. - // +optional - Venafi *VenafiIssuer `json:"venafi,omitempty"` -} - -// Configures an issuer to sign certificates using a Venafi TPP -// or Cloud policy zone. -type VenafiIssuer struct { - // Zone is the Venafi Policy Zone to use for this issuer. - // All requests made to the Venafi platform will be restricted by the named - // zone policy. - // This field is required. - Zone string `json:"zone"` - - // TPP specifies Trust Protection Platform configuration settings. - // Only one of TPP or Cloud may be specified. - // +optional - TPP *VenafiTPP `json:"tpp,omitempty"` - - // Cloud specifies the Venafi cloud configuration settings. - // Only one of TPP or Cloud may be specified. - // +optional - Cloud *VenafiCloud `json:"cloud,omitempty"` -} - -// VenafiTPP defines connection configuration details for a Venafi TPP instance -type VenafiTPP struct { - // URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, - // for example: "https://tpp.example.com/vedsdk". - URL string `json:"url"` - - // CredentialsRef is a reference to a Secret containing the username and - // password for the TPP server. - // The secret must contain two keys, 'username' and 'password'. - CredentialsRef cmmeta.LocalObjectReference `json:"credentialsRef"` - - // CABundle is a PEM encoded TLS certificate to use to verify connections to - // the TPP instance. - // If specified, system roots will not be used and the issuing CA for the - // TPP instance must be verifiable using the provided root. - // If not specified, the connection will be verified using the cert-manager - // system root certificates. - // +optional - CABundle []byte `json:"caBundle,omitempty"` -} - -// VenafiCloud defines connection configuration details for Venafi Cloud -type VenafiCloud struct { - // URL is the base URL for Venafi Cloud. - // Defaults to "https://api.venafi.cloud/v1". - // +optional - URL string `json:"url,omitempty"` - - // APITokenSecretRef is a secret key selector for the Venafi Cloud API token. - APITokenSecretRef cmmeta.SecretKeySelector `json:"apiTokenSecretRef"` -} - -// Configures an issuer to 'self sign' certificates using the -// private key used to create the CertificateRequest object. -type SelfSignedIssuer struct { - // The CRL distribution points is an X.509 v3 certificate extension which identifies - // the location of the CRL from which the revocation of this certificate can be checked. - // If not set certificate will be issued without CDP. Values are strings. - // +optional - CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` -} - -// Configures an issuer to sign certificates using a HashiCorp Vault -// PKI backend. -type VaultIssuer struct { - // Auth configures how cert-manager authenticates with the Vault server. - Auth VaultAuth `json:"auth"` - - // Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200". - Server string `json:"server"` - - // Path is the mount path of the Vault PKI backend's `sign` endpoint, e.g: - // "my_pki_mount/sign/my-role-name". - Path string `json:"path"` - - // Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" - // More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces - // +optional - Namespace string `json:"namespace,omitempty"` - - // PEM-encoded CA bundle (base64-encoded) used to validate Vault server - // certificate. Only used if the Server URL is using HTTPS protocol. This - // parameter is ignored for plain HTTP protocol connection. If not set the - // system root certificates are used to validate the TLS connection. - // +optional - CABundle []byte `json:"caBundle,omitempty"` -} - -// Configuration used to authenticate with a Vault server. -// Only one of `tokenSecretRef`, `appRole` or `kubernetes` may be specified. -type VaultAuth struct { - // TokenSecretRef authenticates with Vault by presenting a token. - // +optional - TokenSecretRef *cmmeta.SecretKeySelector `json:"tokenSecretRef,omitempty"` - - // AppRole authenticates with Vault using the App Role auth mechanism, - // with the role and secret stored in a Kubernetes Secret resource. - // +optional - AppRole *VaultAppRole `json:"appRole,omitempty"` - - // Kubernetes authenticates with Vault by passing the ServiceAccount - // token stored in the named Secret resource to the Vault server. - // +optional - Kubernetes *VaultKubernetesAuth `json:"kubernetes,omitempty"` -} - -// VaultAppRole authenticates with Vault using the App Role auth mechanism, -// with the role and secret stored in a Kubernetes Secret resource. -type VaultAppRole struct { - // Path where the App Role authentication backend is mounted in Vault, e.g: - // "approle" - Path string `json:"path"` - - // RoleID configured in the App Role authentication backend when setting - // up the authentication backend in Vault. - RoleId string `json:"roleId"` - - // Reference to a key in a Secret that contains the App Role secret used - // to authenticate with Vault. - // The `key` field must be specified and denotes which entry within the Secret - // resource is used as the app role secret. - SecretRef cmmeta.SecretKeySelector `json:"secretRef"` -} - -// Authenticate against Vault using a Kubernetes ServiceAccount token stored in -// a Secret. -type VaultKubernetesAuth struct { - // The Vault mountPath here is the mount path to use when authenticating with - // Vault. For example, setting a value to `/v1/auth/foo`, will use the path - // `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the - // default value "/v1/auth/kubernetes" will be used. - // +optional - Path string `json:"mountPath,omitempty"` - - // The required Secret field containing a Kubernetes ServiceAccount JWT used - // for authenticating with Vault. Use of 'ambient credentials' is not - // supported. - SecretRef cmmeta.SecretKeySelector `json:"secretRef"` - - // A required field containing the Vault Role to assume. A Role binds a - // Kubernetes ServiceAccount with a set of Vault policies. - Role string `json:"role"` -} - -type CAIssuer struct { - // SecretName is the name of the secret used to sign Certificates issued - // by this Issuer. - SecretName string `json:"secretName"` - - // The CRL distribution points is an X.509 v3 certificate extension which identifies - // the location of the CRL from which the revocation of this certificate can be checked. - // If not set, certificates will be issued without distribution points set. - // +optional - CRLDistributionPoints []string `json:"crlDistributionPoints,omitempty"` - - // The OCSP server list is an X.509 v3 extension that defines a list of - // URLs of OCSP responders. The OCSP responders can be queried for the - // revocation status of an issued certificate. If not set, the - // certificate will be issued with no OCSP servers set. For example, an - // OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - // +optional - OCSPServers []string `json:"ocspServers,omitempty"` -} - -// IssuerStatus contains status information about an Issuer -type IssuerStatus struct { - // List of status conditions to indicate the status of a CertificateRequest. - // Known condition types are `Ready`. - // +optional - Conditions []IssuerCondition `json:"conditions,omitempty"` - - // ACME specific status options. - // This field should only be set if the Issuer is configured to use an ACME - // server to issue certificates. - // +optional - ACME *cmacme.ACMEIssuerStatus `json:"acme,omitempty"` -} - -// IssuerCondition contains condition information for an Issuer. -type IssuerCondition struct { - // Type of the condition, known values are (`Ready`). - Type IssuerConditionType `json:"type"` - - // Status of the condition, one of (`True`, `False`, `Unknown`). - Status cmmeta.ConditionStatus `json:"status"` - - // LastTransitionTime is the timestamp corresponding to the last status - // change of this condition. - // +optional - LastTransitionTime *metav1.Time `json:"lastTransitionTime,omitempty"` - - // Reason is a brief machine readable explanation for the condition's last - // transition. - // +optional - Reason string `json:"reason,omitempty"` - - // Message is a human readable description of the details of the last - // transition, complementing reason. - // +optional - Message string `json:"message,omitempty"` - - // If set, this represents the .metadata.generation that the condition was - // set based upon. - // For instance, if .metadata.generation is currently 12, but the - // .status.condition[x].observedGeneration is 9, the condition is out of date - // with respect to the current state of the Issuer. - // +optional - ObservedGeneration int64 `json:"observedGeneration,omitempty"` -} - -// IssuerConditionType represents an Issuer condition value. -type IssuerConditionType string - -const ( - // IssuerConditionReady represents the fact that a given Issuer condition - // is in ready state and able to issue certificates. - // If the `status` of this condition is `False`, CertificateRequest controllers - // should prevent attempts to sign certificates. - IssuerConditionReady IssuerConditionType = "Ready" -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/zz_generated.deepcopy.go b/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/zz_generated.deepcopy.go deleted file mode 100644 index 8a60c72537..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1/zz_generated.deepcopy.go +++ /dev/null @@ -1,995 +0,0 @@ -//go:build !ignore_autogenerated -// +build !ignore_autogenerated - -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1beta1 - -import ( - acmev1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CAIssuer) DeepCopyInto(out *CAIssuer) { - *out = *in - if in.CRLDistributionPoints != nil { - in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.OCSPServers != nil { - in, out := &in.OCSPServers, &out.OCSPServers - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CAIssuer. -func (in *CAIssuer) DeepCopy() *CAIssuer { - if in == nil { - return nil - } - out := new(CAIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Certificate) DeepCopyInto(out *Certificate) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Certificate. -func (in *Certificate) DeepCopy() *Certificate { - if in == nil { - return nil - } - out := new(Certificate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Certificate) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateCondition) DeepCopyInto(out *CertificateCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateCondition. -func (in *CertificateCondition) DeepCopy() *CertificateCondition { - if in == nil { - return nil - } - out := new(CertificateCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateKeystores) DeepCopyInto(out *CertificateKeystores) { - *out = *in - if in.JKS != nil { - in, out := &in.JKS, &out.JKS - *out = new(JKSKeystore) - **out = **in - } - if in.PKCS12 != nil { - in, out := &in.PKCS12, &out.PKCS12 - *out = new(PKCS12Keystore) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateKeystores. -func (in *CertificateKeystores) DeepCopy() *CertificateKeystores { - if in == nil { - return nil - } - out := new(CertificateKeystores) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateList) DeepCopyInto(out *CertificateList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Certificate, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateList. -func (in *CertificateList) DeepCopy() *CertificateList { - if in == nil { - return nil - } - out := new(CertificateList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificatePrivateKey) DeepCopyInto(out *CertificatePrivateKey) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificatePrivateKey. -func (in *CertificatePrivateKey) DeepCopy() *CertificatePrivateKey { - if in == nil { - return nil - } - out := new(CertificatePrivateKey) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequest) DeepCopyInto(out *CertificateRequest) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequest. -func (in *CertificateRequest) DeepCopy() *CertificateRequest { - if in == nil { - return nil - } - out := new(CertificateRequest) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateRequest) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestCondition) DeepCopyInto(out *CertificateRequestCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestCondition. -func (in *CertificateRequestCondition) DeepCopy() *CertificateRequestCondition { - if in == nil { - return nil - } - out := new(CertificateRequestCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestList) DeepCopyInto(out *CertificateRequestList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]CertificateRequest, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestList. -func (in *CertificateRequestList) DeepCopy() *CertificateRequestList { - if in == nil { - return nil - } - out := new(CertificateRequestList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *CertificateRequestList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestSpec) DeepCopyInto(out *CertificateRequestSpec) { - *out = *in - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(v1.Duration) - **out = **in - } - out.IssuerRef = in.IssuerRef - if in.Request != nil { - in, out := &in.Request, &out.Request - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.Usages != nil { - in, out := &in.Usages, &out.Usages - *out = make([]KeyUsage, len(*in)) - copy(*out, *in) - } - if in.Groups != nil { - in, out := &in.Groups, &out.Groups - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Extra != nil { - in, out := &in.Extra, &out.Extra - *out = make(map[string][]string, len(*in)) - for key, val := range *in { - var outVal []string - if val == nil { - (*out)[key] = nil - } else { - in, out := &val, &outVal - *out = make([]string, len(*in)) - copy(*out, *in) - } - (*out)[key] = outVal - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestSpec. -func (in *CertificateRequestSpec) DeepCopy() *CertificateRequestSpec { - if in == nil { - return nil - } - out := new(CertificateRequestSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateRequestStatus) DeepCopyInto(out *CertificateRequestStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]CertificateRequestCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.Certificate != nil { - in, out := &in.Certificate, &out.Certificate - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.CA != nil { - in, out := &in.CA, &out.CA - *out = make([]byte, len(*in)) - copy(*out, *in) - } - if in.FailureTime != nil { - in, out := &in.FailureTime, &out.FailureTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateRequestStatus. -func (in *CertificateRequestStatus) DeepCopy() *CertificateRequestStatus { - if in == nil { - return nil - } - out := new(CertificateRequestStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSecretTemplate) DeepCopyInto(out *CertificateSecretTemplate) { - *out = *in - if in.Annotations != nil { - in, out := &in.Annotations, &out.Annotations - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - if in.Labels != nil { - in, out := &in.Labels, &out.Labels - *out = make(map[string]string, len(*in)) - for key, val := range *in { - (*out)[key] = val - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSecretTemplate. -func (in *CertificateSecretTemplate) DeepCopy() *CertificateSecretTemplate { - if in == nil { - return nil - } - out := new(CertificateSecretTemplate) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec) { - *out = *in - if in.Subject != nil { - in, out := &in.Subject, &out.Subject - *out = new(X509Subject) - (*in).DeepCopyInto(*out) - } - if in.Duration != nil { - in, out := &in.Duration, &out.Duration - *out = new(v1.Duration) - **out = **in - } - if in.RenewBefore != nil { - in, out := &in.RenewBefore, &out.RenewBefore - *out = new(v1.Duration) - **out = **in - } - if in.DNSNames != nil { - in, out := &in.DNSNames, &out.DNSNames - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.IPAddresses != nil { - in, out := &in.IPAddresses, &out.IPAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.URISANs != nil { - in, out := &in.URISANs, &out.URISANs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.EmailSANs != nil { - in, out := &in.EmailSANs, &out.EmailSANs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SecretTemplate != nil { - in, out := &in.SecretTemplate, &out.SecretTemplate - *out = new(CertificateSecretTemplate) - (*in).DeepCopyInto(*out) - } - if in.Keystores != nil { - in, out := &in.Keystores, &out.Keystores - *out = new(CertificateKeystores) - (*in).DeepCopyInto(*out) - } - out.IssuerRef = in.IssuerRef - if in.Usages != nil { - in, out := &in.Usages, &out.Usages - *out = make([]KeyUsage, len(*in)) - copy(*out, *in) - } - if in.PrivateKey != nil { - in, out := &in.PrivateKey, &out.PrivateKey - *out = new(CertificatePrivateKey) - **out = **in - } - if in.EncodeUsagesInRequest != nil { - in, out := &in.EncodeUsagesInRequest, &out.EncodeUsagesInRequest - *out = new(bool) - **out = **in - } - if in.RevisionHistoryLimit != nil { - in, out := &in.RevisionHistoryLimit, &out.RevisionHistoryLimit - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec. -func (in *CertificateSpec) DeepCopy() *CertificateSpec { - if in == nil { - return nil - } - out := new(CertificateSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CertificateStatus) DeepCopyInto(out *CertificateStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]CertificateCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.LastFailureTime != nil { - in, out := &in.LastFailureTime, &out.LastFailureTime - *out = (*in).DeepCopy() - } - if in.NotBefore != nil { - in, out := &in.NotBefore, &out.NotBefore - *out = (*in).DeepCopy() - } - if in.NotAfter != nil { - in, out := &in.NotAfter, &out.NotAfter - *out = (*in).DeepCopy() - } - if in.RenewalTime != nil { - in, out := &in.RenewalTime, &out.RenewalTime - *out = (*in).DeepCopy() - } - if in.Revision != nil { - in, out := &in.Revision, &out.Revision - *out = new(int) - **out = **in - } - if in.NextPrivateKeySecretName != nil { - in, out := &in.NextPrivateKeySecretName, &out.NextPrivateKeySecretName - *out = new(string) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateStatus. -func (in *CertificateStatus) DeepCopy() *CertificateStatus { - if in == nil { - return nil - } - out := new(CertificateStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterIssuer) DeepCopyInto(out *ClusterIssuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuer. -func (in *ClusterIssuer) DeepCopy() *ClusterIssuer { - if in == nil { - return nil - } - out := new(ClusterIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterIssuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterIssuerList) DeepCopyInto(out *ClusterIssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ClusterIssuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterIssuerList. -func (in *ClusterIssuerList) DeepCopy() *ClusterIssuerList { - if in == nil { - return nil - } - out := new(ClusterIssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ClusterIssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Issuer) DeepCopyInto(out *Issuer) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Issuer. -func (in *Issuer) DeepCopy() *Issuer { - if in == nil { - return nil - } - out := new(Issuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Issuer) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerCondition) DeepCopyInto(out *IssuerCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerCondition. -func (in *IssuerCondition) DeepCopy() *IssuerCondition { - if in == nil { - return nil - } - out := new(IssuerCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerConfig) DeepCopyInto(out *IssuerConfig) { - *out = *in - if in.ACME != nil { - in, out := &in.ACME, &out.ACME - *out = new(acmev1beta1.ACMEIssuer) - (*in).DeepCopyInto(*out) - } - if in.CA != nil { - in, out := &in.CA, &out.CA - *out = new(CAIssuer) - (*in).DeepCopyInto(*out) - } - if in.Vault != nil { - in, out := &in.Vault, &out.Vault - *out = new(VaultIssuer) - (*in).DeepCopyInto(*out) - } - if in.SelfSigned != nil { - in, out := &in.SelfSigned, &out.SelfSigned - *out = new(SelfSignedIssuer) - (*in).DeepCopyInto(*out) - } - if in.Venafi != nil { - in, out := &in.Venafi, &out.Venafi - *out = new(VenafiIssuer) - (*in).DeepCopyInto(*out) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerConfig. -func (in *IssuerConfig) DeepCopy() *IssuerConfig { - if in == nil { - return nil - } - out := new(IssuerConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerList) DeepCopyInto(out *IssuerList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Issuer, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerList. -func (in *IssuerList) DeepCopy() *IssuerList { - if in == nil { - return nil - } - out := new(IssuerList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IssuerList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerSpec) DeepCopyInto(out *IssuerSpec) { - *out = *in - in.IssuerConfig.DeepCopyInto(&out.IssuerConfig) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerSpec. -func (in *IssuerSpec) DeepCopy() *IssuerSpec { - if in == nil { - return nil - } - out := new(IssuerSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IssuerStatus) DeepCopyInto(out *IssuerStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]IssuerCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.ACME != nil { - in, out := &in.ACME, &out.ACME - *out = new(acmev1beta1.ACMEIssuerStatus) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IssuerStatus. -func (in *IssuerStatus) DeepCopy() *IssuerStatus { - if in == nil { - return nil - } - out := new(IssuerStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *JKSKeystore) DeepCopyInto(out *JKSKeystore) { - *out = *in - out.PasswordSecretRef = in.PasswordSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JKSKeystore. -func (in *JKSKeystore) DeepCopy() *JKSKeystore { - if in == nil { - return nil - } - out := new(JKSKeystore) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *PKCS12Keystore) DeepCopyInto(out *PKCS12Keystore) { - *out = *in - out.PasswordSecretRef = in.PasswordSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PKCS12Keystore. -func (in *PKCS12Keystore) DeepCopy() *PKCS12Keystore { - if in == nil { - return nil - } - out := new(PKCS12Keystore) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *SelfSignedIssuer) DeepCopyInto(out *SelfSignedIssuer) { - *out = *in - if in.CRLDistributionPoints != nil { - in, out := &in.CRLDistributionPoints, &out.CRLDistributionPoints - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelfSignedIssuer. -func (in *SelfSignedIssuer) DeepCopy() *SelfSignedIssuer { - if in == nil { - return nil - } - out := new(SelfSignedIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultAppRole) DeepCopyInto(out *VaultAppRole) { - *out = *in - out.SecretRef = in.SecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAppRole. -func (in *VaultAppRole) DeepCopy() *VaultAppRole { - if in == nil { - return nil - } - out := new(VaultAppRole) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultAuth) DeepCopyInto(out *VaultAuth) { - *out = *in - if in.TokenSecretRef != nil { - in, out := &in.TokenSecretRef, &out.TokenSecretRef - *out = new(metav1.SecretKeySelector) - **out = **in - } - if in.AppRole != nil { - in, out := &in.AppRole, &out.AppRole - *out = new(VaultAppRole) - **out = **in - } - if in.Kubernetes != nil { - in, out := &in.Kubernetes, &out.Kubernetes - *out = new(VaultKubernetesAuth) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultAuth. -func (in *VaultAuth) DeepCopy() *VaultAuth { - if in == nil { - return nil - } - out := new(VaultAuth) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultIssuer) DeepCopyInto(out *VaultIssuer) { - *out = *in - in.Auth.DeepCopyInto(&out.Auth) - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultIssuer. -func (in *VaultIssuer) DeepCopy() *VaultIssuer { - if in == nil { - return nil - } - out := new(VaultIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VaultKubernetesAuth) DeepCopyInto(out *VaultKubernetesAuth) { - *out = *in - out.SecretRef = in.SecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VaultKubernetesAuth. -func (in *VaultKubernetesAuth) DeepCopy() *VaultKubernetesAuth { - if in == nil { - return nil - } - out := new(VaultKubernetesAuth) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiCloud) DeepCopyInto(out *VenafiCloud) { - *out = *in - out.APITokenSecretRef = in.APITokenSecretRef - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiCloud. -func (in *VenafiCloud) DeepCopy() *VenafiCloud { - if in == nil { - return nil - } - out := new(VenafiCloud) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiIssuer) DeepCopyInto(out *VenafiIssuer) { - *out = *in - if in.TPP != nil { - in, out := &in.TPP, &out.TPP - *out = new(VenafiTPP) - (*in).DeepCopyInto(*out) - } - if in.Cloud != nil { - in, out := &in.Cloud, &out.Cloud - *out = new(VenafiCloud) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiIssuer. -func (in *VenafiIssuer) DeepCopy() *VenafiIssuer { - if in == nil { - return nil - } - out := new(VenafiIssuer) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VenafiTPP) DeepCopyInto(out *VenafiTPP) { - *out = *in - out.CredentialsRef = in.CredentialsRef - if in.CABundle != nil { - in, out := &in.CABundle, &out.CABundle - *out = make([]byte, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VenafiTPP. -func (in *VenafiTPP) DeepCopy() *VenafiTPP { - if in == nil { - return nil - } - out := new(VenafiTPP) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *X509Subject) DeepCopyInto(out *X509Subject) { - *out = *in - if in.Organizations != nil { - in, out := &in.Organizations, &out.Organizations - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Countries != nil { - in, out := &in.Countries, &out.Countries - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.OrganizationalUnits != nil { - in, out := &in.OrganizationalUnits, &out.OrganizationalUnits - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Localities != nil { - in, out := &in.Localities, &out.Localities - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.Provinces != nil { - in, out := &in.Provinces, &out.Provinces - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.StreetAddresses != nil { - in, out := &in.StreetAddresses, &out.StreetAddresses - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.PostalCodes != nil { - in, out := &in.PostalCodes, &out.PostalCodes - *out = make([]string, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new X509Subject. -func (in *X509Subject) DeepCopy() *X509Subject { - if in == nil { - return nil - } - out := new(X509Subject) - in.DeepCopyInto(out) - return out -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/BUILD.bazel deleted file mode 100644 index 951e2136c3..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/BUILD.bazel +++ /dev/null @@ -1,25 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "clientset.go", - "doc.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1:go_default_library", - "//vendor/k8s.io/client-go/discovery:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - "//vendor/k8s.io/client-go/util/flowcontrol:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/clientset.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/clientset.go deleted file mode 100644 index c929777c5e..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/clientset.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package versioned - -import ( - "fmt" - - acmev1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1" - acmev1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2" - acmev1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3" - acmev1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" - certmanagerv1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2" - certmanagerv1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3" - certmanagerv1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1" - discovery "k8s.io/client-go/discovery" - rest "k8s.io/client-go/rest" - flowcontrol "k8s.io/client-go/util/flowcontrol" -) - -type Interface interface { - Discovery() discovery.DiscoveryInterface - AcmeV1alpha2() acmev1alpha2.AcmeV1alpha2Interface - AcmeV1alpha3() acmev1alpha3.AcmeV1alpha3Interface - AcmeV1beta1() acmev1beta1.AcmeV1beta1Interface - AcmeV1() acmev1.AcmeV1Interface - CertmanagerV1alpha2() certmanagerv1alpha2.CertmanagerV1alpha2Interface - CertmanagerV1alpha3() certmanagerv1alpha3.CertmanagerV1alpha3Interface - CertmanagerV1beta1() certmanagerv1beta1.CertmanagerV1beta1Interface - CertmanagerV1() certmanagerv1.CertmanagerV1Interface -} - -// Clientset contains the clients for groups. Each group has exactly one -// version included in a Clientset. -type Clientset struct { - *discovery.DiscoveryClient - acmeV1alpha2 *acmev1alpha2.AcmeV1alpha2Client - acmeV1alpha3 *acmev1alpha3.AcmeV1alpha3Client - acmeV1beta1 *acmev1beta1.AcmeV1beta1Client - acmeV1 *acmev1.AcmeV1Client - certmanagerV1alpha2 *certmanagerv1alpha2.CertmanagerV1alpha2Client - certmanagerV1alpha3 *certmanagerv1alpha3.CertmanagerV1alpha3Client - certmanagerV1beta1 *certmanagerv1beta1.CertmanagerV1beta1Client - certmanagerV1 *certmanagerv1.CertmanagerV1Client -} - -// AcmeV1alpha2 retrieves the AcmeV1alpha2Client -func (c *Clientset) AcmeV1alpha2() acmev1alpha2.AcmeV1alpha2Interface { - return c.acmeV1alpha2 -} - -// AcmeV1alpha3 retrieves the AcmeV1alpha3Client -func (c *Clientset) AcmeV1alpha3() acmev1alpha3.AcmeV1alpha3Interface { - return c.acmeV1alpha3 -} - -// AcmeV1beta1 retrieves the AcmeV1beta1Client -func (c *Clientset) AcmeV1beta1() acmev1beta1.AcmeV1beta1Interface { - return c.acmeV1beta1 -} - -// AcmeV1 retrieves the AcmeV1Client -func (c *Clientset) AcmeV1() acmev1.AcmeV1Interface { - return c.acmeV1 -} - -// CertmanagerV1alpha2 retrieves the CertmanagerV1alpha2Client -func (c *Clientset) CertmanagerV1alpha2() certmanagerv1alpha2.CertmanagerV1alpha2Interface { - return c.certmanagerV1alpha2 -} - -// CertmanagerV1alpha3 retrieves the CertmanagerV1alpha3Client -func (c *Clientset) CertmanagerV1alpha3() certmanagerv1alpha3.CertmanagerV1alpha3Interface { - return c.certmanagerV1alpha3 -} - -// CertmanagerV1beta1 retrieves the CertmanagerV1beta1Client -func (c *Clientset) CertmanagerV1beta1() certmanagerv1beta1.CertmanagerV1beta1Interface { - return c.certmanagerV1beta1 -} - -// CertmanagerV1 retrieves the CertmanagerV1Client -func (c *Clientset) CertmanagerV1() certmanagerv1.CertmanagerV1Interface { - return c.certmanagerV1 -} - -// Discovery retrieves the DiscoveryClient -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - if c == nil { - return nil - } - return c.DiscoveryClient -} - -// NewForConfig creates a new Clientset for the given config. -// If config's RateLimiter is not set and QPS and Burst are acceptable, -// NewForConfig will generate a rate-limiter in configShallowCopy. -func NewForConfig(c *rest.Config) (*Clientset, error) { - configShallowCopy := *c - if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { - if configShallowCopy.Burst <= 0 { - return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") - } - configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) - } - var cs Clientset - var err error - cs.acmeV1alpha2, err = acmev1alpha2.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.acmeV1alpha3, err = acmev1alpha3.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.acmeV1beta1, err = acmev1beta1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.acmeV1, err = acmev1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.certmanagerV1alpha2, err = certmanagerv1alpha2.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.certmanagerV1alpha3, err = certmanagerv1alpha3.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.certmanagerV1beta1, err = certmanagerv1beta1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - cs.certmanagerV1, err = certmanagerv1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - - cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) - if err != nil { - return nil, err - } - return &cs, nil -} - -// NewForConfigOrDie creates a new Clientset for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *Clientset { - var cs Clientset - cs.acmeV1alpha2 = acmev1alpha2.NewForConfigOrDie(c) - cs.acmeV1alpha3 = acmev1alpha3.NewForConfigOrDie(c) - cs.acmeV1beta1 = acmev1beta1.NewForConfigOrDie(c) - cs.acmeV1 = acmev1.NewForConfigOrDie(c) - cs.certmanagerV1alpha2 = certmanagerv1alpha2.NewForConfigOrDie(c) - cs.certmanagerV1alpha3 = certmanagerv1alpha3.NewForConfigOrDie(c) - cs.certmanagerV1beta1 = certmanagerv1beta1.NewForConfigOrDie(c) - cs.certmanagerV1 = certmanagerv1.NewForConfigOrDie(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) - return &cs -} - -// New creates a new Clientset for the given RESTClient. -func New(c rest.Interface) *Clientset { - var cs Clientset - cs.acmeV1alpha2 = acmev1alpha2.New(c) - cs.acmeV1alpha3 = acmev1alpha3.New(c) - cs.acmeV1beta1 = acmev1beta1.New(c) - cs.acmeV1 = acmev1.New(c) - cs.certmanagerV1alpha2 = certmanagerv1alpha2.New(c) - cs.certmanagerV1alpha3 = certmanagerv1alpha3.New(c) - cs.certmanagerV1beta1 = certmanagerv1beta1.New(c) - cs.certmanagerV1 = certmanagerv1.New(c) - - cs.DiscoveryClient = discovery.NewDiscoveryClient(c) - return &cs -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel deleted file mode 100644 index 4d7e88c6ac..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/BUILD.bazel +++ /dev/null @@ -1,49 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "clientset_generated.go", - "doc.go", - "register.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/discovery:go_default_library", - "//vendor/k8s.io/client-go/discovery/fake:go_default_library", - "//vendor/k8s.io/client-go/testing:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go deleted file mode 100644 index 33e8c759e3..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake/clientset_generated.go +++ /dev/null @@ -1,134 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - clientset "github.com/jetstack/cert-manager/pkg/client/clientset/versioned" - acmev1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1" - fakeacmev1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake" - acmev1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2" - fakeacmev1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake" - acmev1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3" - fakeacmev1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake" - acmev1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1" - fakeacmev1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake" - certmanagerv1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1" - fakecertmanagerv1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake" - certmanagerv1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2" - fakecertmanagerv1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake" - certmanagerv1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3" - fakecertmanagerv1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake" - certmanagerv1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1" - fakecertmanagerv1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/discovery" - fakediscovery "k8s.io/client-go/discovery/fake" - "k8s.io/client-go/testing" -) - -// NewSimpleClientset returns a clientset that will respond with the provided objects. -// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, -// without applying any validations and/or defaults. It shouldn't be considered a replacement -// for a real clientset and is mostly useful in simple unit tests. -func NewSimpleClientset(objects ...runtime.Object) *Clientset { - o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) - for _, obj := range objects { - if err := o.Add(obj); err != nil { - panic(err) - } - } - - cs := &Clientset{tracker: o} - cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} - cs.AddReactor("*", "*", testing.ObjectReaction(o)) - cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { - gvr := action.GetResource() - ns := action.GetNamespace() - watch, err := o.Watch(gvr, ns) - if err != nil { - return false, nil, err - } - return true, watch, nil - }) - - return cs -} - -// Clientset implements clientset.Interface. Meant to be embedded into a -// struct to get a default implementation. This makes faking out just the method -// you want to test easier. -type Clientset struct { - testing.Fake - discovery *fakediscovery.FakeDiscovery - tracker testing.ObjectTracker -} - -func (c *Clientset) Discovery() discovery.DiscoveryInterface { - return c.discovery -} - -func (c *Clientset) Tracker() testing.ObjectTracker { - return c.tracker -} - -var ( - _ clientset.Interface = &Clientset{} - _ testing.FakeClient = &Clientset{} -) - -// AcmeV1alpha2 retrieves the AcmeV1alpha2Client -func (c *Clientset) AcmeV1alpha2() acmev1alpha2.AcmeV1alpha2Interface { - return &fakeacmev1alpha2.FakeAcmeV1alpha2{Fake: &c.Fake} -} - -// AcmeV1alpha3 retrieves the AcmeV1alpha3Client -func (c *Clientset) AcmeV1alpha3() acmev1alpha3.AcmeV1alpha3Interface { - return &fakeacmev1alpha3.FakeAcmeV1alpha3{Fake: &c.Fake} -} - -// AcmeV1beta1 retrieves the AcmeV1beta1Client -func (c *Clientset) AcmeV1beta1() acmev1beta1.AcmeV1beta1Interface { - return &fakeacmev1beta1.FakeAcmeV1beta1{Fake: &c.Fake} -} - -// AcmeV1 retrieves the AcmeV1Client -func (c *Clientset) AcmeV1() acmev1.AcmeV1Interface { - return &fakeacmev1.FakeAcmeV1{Fake: &c.Fake} -} - -// CertmanagerV1alpha2 retrieves the CertmanagerV1alpha2Client -func (c *Clientset) CertmanagerV1alpha2() certmanagerv1alpha2.CertmanagerV1alpha2Interface { - return &fakecertmanagerv1alpha2.FakeCertmanagerV1alpha2{Fake: &c.Fake} -} - -// CertmanagerV1alpha3 retrieves the CertmanagerV1alpha3Client -func (c *Clientset) CertmanagerV1alpha3() certmanagerv1alpha3.CertmanagerV1alpha3Interface { - return &fakecertmanagerv1alpha3.FakeCertmanagerV1alpha3{Fake: &c.Fake} -} - -// CertmanagerV1beta1 retrieves the CertmanagerV1beta1Client -func (c *Clientset) CertmanagerV1beta1() certmanagerv1beta1.CertmanagerV1beta1Interface { - return &fakecertmanagerv1beta1.FakeCertmanagerV1beta1{Fake: &c.Fake} -} - -// CertmanagerV1 retrieves the CertmanagerV1Client -func (c *Clientset) CertmanagerV1() certmanagerv1.CertmanagerV1Interface { - return &fakecertmanagerv1.FakeCertmanagerV1{Fake: &c.Fake} -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel deleted file mode 100644 index 743bb45948..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "register.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/serializer:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/util/runtime:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel deleted file mode 100644 index edf86918e1..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/BUILD.bazel +++ /dev/null @@ -1,23 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "acme_client.go", - "challenge.go", - "doc.go", - "generated_expansion.go", - "order.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/BUILD.bazel deleted file mode 100644 index f13dc63530..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/BUILD.bazel +++ /dev/null @@ -1,23 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "acme_client.go", - "challenge.go", - "doc.go", - "generated_expansion.go", - "order.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/acme_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/acme_client.go deleted file mode 100644 index a38c8f2354..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/acme_client.go +++ /dev/null @@ -1,94 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type AcmeV1alpha2Interface interface { - RESTClient() rest.Interface - ChallengesGetter - OrdersGetter -} - -// AcmeV1alpha2Client is used to interact with features provided by the acme.cert-manager.io group. -type AcmeV1alpha2Client struct { - restClient rest.Interface -} - -func (c *AcmeV1alpha2Client) Challenges(namespace string) ChallengeInterface { - return newChallenges(c, namespace) -} - -func (c *AcmeV1alpha2Client) Orders(namespace string) OrderInterface { - return newOrders(c, namespace) -} - -// NewForConfig creates a new AcmeV1alpha2Client for the given config. -func NewForConfig(c *rest.Config) (*AcmeV1alpha2Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &AcmeV1alpha2Client{client}, nil -} - -// NewForConfigOrDie creates a new AcmeV1alpha2Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *AcmeV1alpha2Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new AcmeV1alpha2Client for the given RESTClient. -func New(c rest.Interface) *AcmeV1alpha2Client { - return &AcmeV1alpha2Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha2.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *AcmeV1alpha2Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/challenge.go deleted file mode 100644 index 343c883bc9..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/challenge.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ChallengesGetter has a method to return a ChallengeInterface. -// A group's client should implement this interface. -type ChallengesGetter interface { - Challenges(namespace string) ChallengeInterface -} - -// ChallengeInterface has methods to work with Challenge resources. -type ChallengeInterface interface { - Create(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.CreateOptions) (*v1alpha2.Challenge, error) - Update(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.UpdateOptions) (*v1alpha2.Challenge, error) - UpdateStatus(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.UpdateOptions) (*v1alpha2.Challenge, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.Challenge, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.ChallengeList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Challenge, err error) - ChallengeExpansion -} - -// challenges implements ChallengeInterface -type challenges struct { - client rest.Interface - ns string -} - -// newChallenges returns a Challenges -func newChallenges(c *AcmeV1alpha2Client, namespace string) *challenges { - return &challenges{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the challenge, and returns the corresponding challenge object, and an error if there is any. -func (c *challenges) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Challenge, err error) { - result = &v1alpha2.Challenge{} - err = c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Challenges that match those selectors. -func (c *challenges) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ChallengeList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.ChallengeList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested challenges. -func (c *challenges) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a challenge and creates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *challenges) Create(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.CreateOptions) (result *v1alpha2.Challenge, err error) { - result = &v1alpha2.Challenge{} - err = c.client.Post(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a challenge and updates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *challenges) Update(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.UpdateOptions) (result *v1alpha2.Challenge, err error) { - result = &v1alpha2.Challenge{} - err = c.client.Put(). - Namespace(c.ns). - Resource("challenges"). - Name(challenge.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *challenges) UpdateStatus(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.UpdateOptions) (result *v1alpha2.Challenge, err error) { - result = &v1alpha2.Challenge{} - err = c.client.Put(). - Namespace(c.ns). - Resource("challenges"). - Name(challenge.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the challenge and deletes it. Returns an error if one occurs. -func (c *challenges) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("challenges"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *challenges) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched challenge. -func (c *challenges) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Challenge, err error) { - result = &v1alpha2.Challenge{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("challenges"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/BUILD.bazel deleted file mode 100644 index 7eb6655542..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/BUILD.bazel +++ /dev/null @@ -1,25 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_acme_client.go", - "fake_challenge.go", - "fake_order.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - "//vendor/k8s.io/client-go/testing:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_acme_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_acme_client.go deleted file mode 100644 index 5c5a102afd..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_acme_client.go +++ /dev/null @@ -1,44 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeAcmeV1alpha2 struct { - *testing.Fake -} - -func (c *FakeAcmeV1alpha2) Challenges(namespace string) v1alpha2.ChallengeInterface { - return &FakeChallenges{c, namespace} -} - -func (c *FakeAcmeV1alpha2) Orders(namespace string) v1alpha2.OrderInterface { - return &FakeOrders{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeAcmeV1alpha2) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_challenge.go deleted file mode 100644 index d8da13775f..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_challenge.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeChallenges implements ChallengeInterface -type FakeChallenges struct { - Fake *FakeAcmeV1alpha2 - ns string -} - -var challengesResource = schema.GroupVersionResource{Group: "acme.cert-manager.io", Version: "v1alpha2", Resource: "challenges"} - -var challengesKind = schema.GroupVersionKind{Group: "acme.cert-manager.io", Version: "v1alpha2", Kind: "Challenge"} - -// Get takes name of the challenge, and returns the corresponding challenge object, and an error if there is any. -func (c *FakeChallenges) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(challengesResource, c.ns, name), &v1alpha2.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Challenge), err -} - -// List takes label and field selectors, and returns the list of Challenges that match those selectors. -func (c *FakeChallenges) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ChallengeList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(challengesResource, challengesKind, c.ns, opts), &v1alpha2.ChallengeList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.ChallengeList{ListMeta: obj.(*v1alpha2.ChallengeList).ListMeta} - for _, item := range obj.(*v1alpha2.ChallengeList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested challenges. -func (c *FakeChallenges) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(challengesResource, c.ns, opts)) - -} - -// Create takes the representation of a challenge and creates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *FakeChallenges) Create(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.CreateOptions) (result *v1alpha2.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(challengesResource, c.ns, challenge), &v1alpha2.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Challenge), err -} - -// Update takes the representation of a challenge and updates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *FakeChallenges) Update(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.UpdateOptions) (result *v1alpha2.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(challengesResource, c.ns, challenge), &v1alpha2.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Challenge), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeChallenges) UpdateStatus(ctx context.Context, challenge *v1alpha2.Challenge, opts v1.UpdateOptions) (*v1alpha2.Challenge, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(challengesResource, "status", c.ns, challenge), &v1alpha2.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Challenge), err -} - -// Delete takes name of the challenge and deletes it. Returns an error if one occurs. -func (c *FakeChallenges) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(challengesResource, c.ns, name), &v1alpha2.Challenge{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeChallenges) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(challengesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.ChallengeList{}) - return err -} - -// Patch applies the patch and returns the patched challenge. -func (c *FakeChallenges) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(challengesResource, c.ns, name, pt, data, subresources...), &v1alpha2.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Challenge), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_order.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_order.go deleted file mode 100644 index d918413b7a..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake/fake_order.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOrders implements OrderInterface -type FakeOrders struct { - Fake *FakeAcmeV1alpha2 - ns string -} - -var ordersResource = schema.GroupVersionResource{Group: "acme.cert-manager.io", Version: "v1alpha2", Resource: "orders"} - -var ordersKind = schema.GroupVersionKind{Group: "acme.cert-manager.io", Version: "v1alpha2", Kind: "Order"} - -// Get takes name of the order, and returns the corresponding order object, and an error if there is any. -func (c *FakeOrders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ordersResource, c.ns, name), &v1alpha2.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Order), err -} - -// List takes label and field selectors, and returns the list of Orders that match those selectors. -func (c *FakeOrders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.OrderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ordersResource, ordersKind, c.ns, opts), &v1alpha2.OrderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.OrderList{ListMeta: obj.(*v1alpha2.OrderList).ListMeta} - for _, item := range obj.(*v1alpha2.OrderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested orders. -func (c *FakeOrders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ordersResource, c.ns, opts)) - -} - -// Create takes the representation of a order and creates it. Returns the server's representation of the order, and an error, if there is any. -func (c *FakeOrders) Create(ctx context.Context, order *v1alpha2.Order, opts v1.CreateOptions) (result *v1alpha2.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ordersResource, c.ns, order), &v1alpha2.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Order), err -} - -// Update takes the representation of a order and updates it. Returns the server's representation of the order, and an error, if there is any. -func (c *FakeOrders) Update(ctx context.Context, order *v1alpha2.Order, opts v1.UpdateOptions) (result *v1alpha2.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ordersResource, c.ns, order), &v1alpha2.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Order), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOrders) UpdateStatus(ctx context.Context, order *v1alpha2.Order, opts v1.UpdateOptions) (*v1alpha2.Order, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ordersResource, "status", c.ns, order), &v1alpha2.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Order), err -} - -// Delete takes name of the order and deletes it. Returns an error if one occurs. -func (c *FakeOrders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(ordersResource, c.ns, name), &v1alpha2.Order{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOrders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ordersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.OrderList{}) - return err -} - -// Patch applies the patch and returns the patched order. -func (c *FakeOrders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ordersResource, c.ns, name, pt, data, subresources...), &v1alpha2.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Order), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/generated_expansion.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/generated_expansion.go deleted file mode 100644 index f26f37b2c2..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/generated_expansion.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -type ChallengeExpansion interface{} - -type OrderExpansion interface{} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/order.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/order.go deleted file mode 100644 index 1387165089..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/order.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OrdersGetter has a method to return a OrderInterface. -// A group's client should implement this interface. -type OrdersGetter interface { - Orders(namespace string) OrderInterface -} - -// OrderInterface has methods to work with Order resources. -type OrderInterface interface { - Create(ctx context.Context, order *v1alpha2.Order, opts v1.CreateOptions) (*v1alpha2.Order, error) - Update(ctx context.Context, order *v1alpha2.Order, opts v1.UpdateOptions) (*v1alpha2.Order, error) - UpdateStatus(ctx context.Context, order *v1alpha2.Order, opts v1.UpdateOptions) (*v1alpha2.Order, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.Order, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.OrderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Order, err error) - OrderExpansion -} - -// orders implements OrderInterface -type orders struct { - client rest.Interface - ns string -} - -// newOrders returns a Orders -func newOrders(c *AcmeV1alpha2Client, namespace string) *orders { - return &orders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the order, and returns the corresponding order object, and an error if there is any. -func (c *orders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Order, err error) { - result = &v1alpha2.Order{} - err = c.client.Get(). - Namespace(c.ns). - Resource("orders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Orders that match those selectors. -func (c *orders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.OrderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.OrderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested orders. -func (c *orders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a order and creates it. Returns the server's representation of the order, and an error, if there is any. -func (c *orders) Create(ctx context.Context, order *v1alpha2.Order, opts v1.CreateOptions) (result *v1alpha2.Order, err error) { - result = &v1alpha2.Order{} - err = c.client.Post(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a order and updates it. Returns the server's representation of the order, and an error, if there is any. -func (c *orders) Update(ctx context.Context, order *v1alpha2.Order, opts v1.UpdateOptions) (result *v1alpha2.Order, err error) { - result = &v1alpha2.Order{} - err = c.client.Put(). - Namespace(c.ns). - Resource("orders"). - Name(order.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *orders) UpdateStatus(ctx context.Context, order *v1alpha2.Order, opts v1.UpdateOptions) (result *v1alpha2.Order, err error) { - result = &v1alpha2.Order{} - err = c.client.Put(). - Namespace(c.ns). - Resource("orders"). - Name(order.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the order and deletes it. Returns an error if one occurs. -func (c *orders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("orders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *orders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched order. -func (c *orders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Order, err error) { - result = &v1alpha2.Order{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("orders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/BUILD.bazel deleted file mode 100644 index 03a7464c1b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/BUILD.bazel +++ /dev/null @@ -1,23 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "acme_client.go", - "challenge.go", - "doc.go", - "generated_expansion.go", - "order.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/acme_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/acme_client.go deleted file mode 100644 index 225b1092b5..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/acme_client.go +++ /dev/null @@ -1,94 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type AcmeV1alpha3Interface interface { - RESTClient() rest.Interface - ChallengesGetter - OrdersGetter -} - -// AcmeV1alpha3Client is used to interact with features provided by the acme.cert-manager.io group. -type AcmeV1alpha3Client struct { - restClient rest.Interface -} - -func (c *AcmeV1alpha3Client) Challenges(namespace string) ChallengeInterface { - return newChallenges(c, namespace) -} - -func (c *AcmeV1alpha3Client) Orders(namespace string) OrderInterface { - return newOrders(c, namespace) -} - -// NewForConfig creates a new AcmeV1alpha3Client for the given config. -func NewForConfig(c *rest.Config) (*AcmeV1alpha3Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &AcmeV1alpha3Client{client}, nil -} - -// NewForConfigOrDie creates a new AcmeV1alpha3Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *AcmeV1alpha3Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new AcmeV1alpha3Client for the given RESTClient. -func New(c rest.Interface) *AcmeV1alpha3Client { - return &AcmeV1alpha3Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha3.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *AcmeV1alpha3Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/challenge.go deleted file mode 100644 index f24a71ea45..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/challenge.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - "context" - "time" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ChallengesGetter has a method to return a ChallengeInterface. -// A group's client should implement this interface. -type ChallengesGetter interface { - Challenges(namespace string) ChallengeInterface -} - -// ChallengeInterface has methods to work with Challenge resources. -type ChallengeInterface interface { - Create(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.CreateOptions) (*v1alpha3.Challenge, error) - Update(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.UpdateOptions) (*v1alpha3.Challenge, error) - UpdateStatus(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.UpdateOptions) (*v1alpha3.Challenge, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha3.Challenge, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha3.ChallengeList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Challenge, err error) - ChallengeExpansion -} - -// challenges implements ChallengeInterface -type challenges struct { - client rest.Interface - ns string -} - -// newChallenges returns a Challenges -func newChallenges(c *AcmeV1alpha3Client, namespace string) *challenges { - return &challenges{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the challenge, and returns the corresponding challenge object, and an error if there is any. -func (c *challenges) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Challenge, err error) { - result = &v1alpha3.Challenge{} - err = c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Challenges that match those selectors. -func (c *challenges) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.ChallengeList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha3.ChallengeList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested challenges. -func (c *challenges) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a challenge and creates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *challenges) Create(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.CreateOptions) (result *v1alpha3.Challenge, err error) { - result = &v1alpha3.Challenge{} - err = c.client.Post(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a challenge and updates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *challenges) Update(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.UpdateOptions) (result *v1alpha3.Challenge, err error) { - result = &v1alpha3.Challenge{} - err = c.client.Put(). - Namespace(c.ns). - Resource("challenges"). - Name(challenge.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *challenges) UpdateStatus(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.UpdateOptions) (result *v1alpha3.Challenge, err error) { - result = &v1alpha3.Challenge{} - err = c.client.Put(). - Namespace(c.ns). - Resource("challenges"). - Name(challenge.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the challenge and deletes it. Returns an error if one occurs. -func (c *challenges) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("challenges"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *challenges) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched challenge. -func (c *challenges) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Challenge, err error) { - result = &v1alpha3.Challenge{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("challenges"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/doc.go deleted file mode 100644 index 4219b41427..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha3 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/BUILD.bazel deleted file mode 100644 index ef7e105e35..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/BUILD.bazel +++ /dev/null @@ -1,25 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_acme_client.go", - "fake_challenge.go", - "fake_order.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - "//vendor/k8s.io/client-go/testing:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/doc.go deleted file mode 100644 index ec03ff1f3b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_acme_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_acme_client.go deleted file mode 100644 index 2d535815fc..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_acme_client.go +++ /dev/null @@ -1,44 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeAcmeV1alpha3 struct { - *testing.Fake -} - -func (c *FakeAcmeV1alpha3) Challenges(namespace string) v1alpha3.ChallengeInterface { - return &FakeChallenges{c, namespace} -} - -func (c *FakeAcmeV1alpha3) Orders(namespace string) v1alpha3.OrderInterface { - return &FakeOrders{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeAcmeV1alpha3) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_challenge.go deleted file mode 100644 index 05d072c65e..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_challenge.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeChallenges implements ChallengeInterface -type FakeChallenges struct { - Fake *FakeAcmeV1alpha3 - ns string -} - -var challengesResource = schema.GroupVersionResource{Group: "acme.cert-manager.io", Version: "v1alpha3", Resource: "challenges"} - -var challengesKind = schema.GroupVersionKind{Group: "acme.cert-manager.io", Version: "v1alpha3", Kind: "Challenge"} - -// Get takes name of the challenge, and returns the corresponding challenge object, and an error if there is any. -func (c *FakeChallenges) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(challengesResource, c.ns, name), &v1alpha3.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Challenge), err -} - -// List takes label and field selectors, and returns the list of Challenges that match those selectors. -func (c *FakeChallenges) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.ChallengeList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(challengesResource, challengesKind, c.ns, opts), &v1alpha3.ChallengeList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha3.ChallengeList{ListMeta: obj.(*v1alpha3.ChallengeList).ListMeta} - for _, item := range obj.(*v1alpha3.ChallengeList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested challenges. -func (c *FakeChallenges) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(challengesResource, c.ns, opts)) - -} - -// Create takes the representation of a challenge and creates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *FakeChallenges) Create(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.CreateOptions) (result *v1alpha3.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(challengesResource, c.ns, challenge), &v1alpha3.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Challenge), err -} - -// Update takes the representation of a challenge and updates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *FakeChallenges) Update(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.UpdateOptions) (result *v1alpha3.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(challengesResource, c.ns, challenge), &v1alpha3.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Challenge), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeChallenges) UpdateStatus(ctx context.Context, challenge *v1alpha3.Challenge, opts v1.UpdateOptions) (*v1alpha3.Challenge, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(challengesResource, "status", c.ns, challenge), &v1alpha3.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Challenge), err -} - -// Delete takes name of the challenge and deletes it. Returns an error if one occurs. -func (c *FakeChallenges) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(challengesResource, c.ns, name), &v1alpha3.Challenge{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeChallenges) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(challengesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha3.ChallengeList{}) - return err -} - -// Patch applies the patch and returns the patched challenge. -func (c *FakeChallenges) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(challengesResource, c.ns, name, pt, data, subresources...), &v1alpha3.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Challenge), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_order.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_order.go deleted file mode 100644 index cb1b01ca5f..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake/fake_order.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOrders implements OrderInterface -type FakeOrders struct { - Fake *FakeAcmeV1alpha3 - ns string -} - -var ordersResource = schema.GroupVersionResource{Group: "acme.cert-manager.io", Version: "v1alpha3", Resource: "orders"} - -var ordersKind = schema.GroupVersionKind{Group: "acme.cert-manager.io", Version: "v1alpha3", Kind: "Order"} - -// Get takes name of the order, and returns the corresponding order object, and an error if there is any. -func (c *FakeOrders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ordersResource, c.ns, name), &v1alpha3.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Order), err -} - -// List takes label and field selectors, and returns the list of Orders that match those selectors. -func (c *FakeOrders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.OrderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ordersResource, ordersKind, c.ns, opts), &v1alpha3.OrderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha3.OrderList{ListMeta: obj.(*v1alpha3.OrderList).ListMeta} - for _, item := range obj.(*v1alpha3.OrderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested orders. -func (c *FakeOrders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ordersResource, c.ns, opts)) - -} - -// Create takes the representation of a order and creates it. Returns the server's representation of the order, and an error, if there is any. -func (c *FakeOrders) Create(ctx context.Context, order *v1alpha3.Order, opts v1.CreateOptions) (result *v1alpha3.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ordersResource, c.ns, order), &v1alpha3.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Order), err -} - -// Update takes the representation of a order and updates it. Returns the server's representation of the order, and an error, if there is any. -func (c *FakeOrders) Update(ctx context.Context, order *v1alpha3.Order, opts v1.UpdateOptions) (result *v1alpha3.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ordersResource, c.ns, order), &v1alpha3.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Order), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOrders) UpdateStatus(ctx context.Context, order *v1alpha3.Order, opts v1.UpdateOptions) (*v1alpha3.Order, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ordersResource, "status", c.ns, order), &v1alpha3.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Order), err -} - -// Delete takes name of the order and deletes it. Returns an error if one occurs. -func (c *FakeOrders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(ordersResource, c.ns, name), &v1alpha3.Order{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOrders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ordersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha3.OrderList{}) - return err -} - -// Patch applies the patch and returns the patched order. -func (c *FakeOrders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ordersResource, c.ns, name, pt, data, subresources...), &v1alpha3.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Order), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/generated_expansion.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/generated_expansion.go deleted file mode 100644 index 468380c071..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/generated_expansion.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -type ChallengeExpansion interface{} - -type OrderExpansion interface{} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/order.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/order.go deleted file mode 100644 index 84bcdbb594..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/order.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - "context" - "time" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OrdersGetter has a method to return a OrderInterface. -// A group's client should implement this interface. -type OrdersGetter interface { - Orders(namespace string) OrderInterface -} - -// OrderInterface has methods to work with Order resources. -type OrderInterface interface { - Create(ctx context.Context, order *v1alpha3.Order, opts v1.CreateOptions) (*v1alpha3.Order, error) - Update(ctx context.Context, order *v1alpha3.Order, opts v1.UpdateOptions) (*v1alpha3.Order, error) - UpdateStatus(ctx context.Context, order *v1alpha3.Order, opts v1.UpdateOptions) (*v1alpha3.Order, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha3.Order, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha3.OrderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Order, err error) - OrderExpansion -} - -// orders implements OrderInterface -type orders struct { - client rest.Interface - ns string -} - -// newOrders returns a Orders -func newOrders(c *AcmeV1alpha3Client, namespace string) *orders { - return &orders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the order, and returns the corresponding order object, and an error if there is any. -func (c *orders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Order, err error) { - result = &v1alpha3.Order{} - err = c.client.Get(). - Namespace(c.ns). - Resource("orders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Orders that match those selectors. -func (c *orders) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.OrderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha3.OrderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested orders. -func (c *orders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a order and creates it. Returns the server's representation of the order, and an error, if there is any. -func (c *orders) Create(ctx context.Context, order *v1alpha3.Order, opts v1.CreateOptions) (result *v1alpha3.Order, err error) { - result = &v1alpha3.Order{} - err = c.client.Post(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a order and updates it. Returns the server's representation of the order, and an error, if there is any. -func (c *orders) Update(ctx context.Context, order *v1alpha3.Order, opts v1.UpdateOptions) (result *v1alpha3.Order, err error) { - result = &v1alpha3.Order{} - err = c.client.Put(). - Namespace(c.ns). - Resource("orders"). - Name(order.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *orders) UpdateStatus(ctx context.Context, order *v1alpha3.Order, opts v1.UpdateOptions) (result *v1alpha3.Order, err error) { - result = &v1alpha3.Order{} - err = c.client.Put(). - Namespace(c.ns). - Resource("orders"). - Name(order.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the order and deletes it. Returns an error if one occurs. -func (c *orders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("orders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *orders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched order. -func (c *orders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Order, err error) { - result = &v1alpha3.Order{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("orders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/acme_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/acme_client.go deleted file mode 100644 index e4bc884cdf..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/acme_client.go +++ /dev/null @@ -1,94 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type AcmeV1beta1Interface interface { - RESTClient() rest.Interface - ChallengesGetter - OrdersGetter -} - -// AcmeV1beta1Client is used to interact with features provided by the acme.cert-manager.io group. -type AcmeV1beta1Client struct { - restClient rest.Interface -} - -func (c *AcmeV1beta1Client) Challenges(namespace string) ChallengeInterface { - return newChallenges(c, namespace) -} - -func (c *AcmeV1beta1Client) Orders(namespace string) OrderInterface { - return newOrders(c, namespace) -} - -// NewForConfig creates a new AcmeV1beta1Client for the given config. -func NewForConfig(c *rest.Config) (*AcmeV1beta1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &AcmeV1beta1Client{client}, nil -} - -// NewForConfigOrDie creates a new AcmeV1beta1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *AcmeV1beta1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new AcmeV1beta1Client for the given RESTClient. -func New(c rest.Interface) *AcmeV1beta1Client { - return &AcmeV1beta1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1beta1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *AcmeV1beta1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/challenge.go deleted file mode 100644 index e73f30f387..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/challenge.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ChallengesGetter has a method to return a ChallengeInterface. -// A group's client should implement this interface. -type ChallengesGetter interface { - Challenges(namespace string) ChallengeInterface -} - -// ChallengeInterface has methods to work with Challenge resources. -type ChallengeInterface interface { - Create(ctx context.Context, challenge *v1beta1.Challenge, opts v1.CreateOptions) (*v1beta1.Challenge, error) - Update(ctx context.Context, challenge *v1beta1.Challenge, opts v1.UpdateOptions) (*v1beta1.Challenge, error) - UpdateStatus(ctx context.Context, challenge *v1beta1.Challenge, opts v1.UpdateOptions) (*v1beta1.Challenge, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.Challenge, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.ChallengeList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Challenge, err error) - ChallengeExpansion -} - -// challenges implements ChallengeInterface -type challenges struct { - client rest.Interface - ns string -} - -// newChallenges returns a Challenges -func newChallenges(c *AcmeV1beta1Client, namespace string) *challenges { - return &challenges{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the challenge, and returns the corresponding challenge object, and an error if there is any. -func (c *challenges) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Challenge, err error) { - result = &v1beta1.Challenge{} - err = c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Challenges that match those selectors. -func (c *challenges) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ChallengeList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.ChallengeList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested challenges. -func (c *challenges) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a challenge and creates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *challenges) Create(ctx context.Context, challenge *v1beta1.Challenge, opts v1.CreateOptions) (result *v1beta1.Challenge, err error) { - result = &v1beta1.Challenge{} - err = c.client.Post(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a challenge and updates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *challenges) Update(ctx context.Context, challenge *v1beta1.Challenge, opts v1.UpdateOptions) (result *v1beta1.Challenge, err error) { - result = &v1beta1.Challenge{} - err = c.client.Put(). - Namespace(c.ns). - Resource("challenges"). - Name(challenge.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *challenges) UpdateStatus(ctx context.Context, challenge *v1beta1.Challenge, opts v1.UpdateOptions) (result *v1beta1.Challenge, err error) { - result = &v1beta1.Challenge{} - err = c.client.Put(). - Namespace(c.ns). - Resource("challenges"). - Name(challenge.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(challenge). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the challenge and deletes it. Returns an error if one occurs. -func (c *challenges) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("challenges"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *challenges) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("challenges"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched challenge. -func (c *challenges) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Challenge, err error) { - result = &v1beta1.Challenge{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("challenges"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/doc.go deleted file mode 100644 index 9f9e4da328..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1beta1 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/BUILD.bazel deleted file mode 100644 index 88c2b9cd99..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/BUILD.bazel +++ /dev/null @@ -1,25 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_acme_client.go", - "fake_challenge.go", - "fake_order.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - "//vendor/k8s.io/client-go/testing:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/doc.go deleted file mode 100644 index ec03ff1f3b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_acme_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_acme_client.go deleted file mode 100644 index 8d360c9ec8..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_acme_client.go +++ /dev/null @@ -1,44 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeAcmeV1beta1 struct { - *testing.Fake -} - -func (c *FakeAcmeV1beta1) Challenges(namespace string) v1beta1.ChallengeInterface { - return &FakeChallenges{c, namespace} -} - -func (c *FakeAcmeV1beta1) Orders(namespace string) v1beta1.OrderInterface { - return &FakeOrders{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeAcmeV1beta1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_challenge.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_challenge.go deleted file mode 100644 index 8dd8cb8eae..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_challenge.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeChallenges implements ChallengeInterface -type FakeChallenges struct { - Fake *FakeAcmeV1beta1 - ns string -} - -var challengesResource = schema.GroupVersionResource{Group: "acme.cert-manager.io", Version: "v1beta1", Resource: "challenges"} - -var challengesKind = schema.GroupVersionKind{Group: "acme.cert-manager.io", Version: "v1beta1", Kind: "Challenge"} - -// Get takes name of the challenge, and returns the corresponding challenge object, and an error if there is any. -func (c *FakeChallenges) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(challengesResource, c.ns, name), &v1beta1.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Challenge), err -} - -// List takes label and field selectors, and returns the list of Challenges that match those selectors. -func (c *FakeChallenges) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ChallengeList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(challengesResource, challengesKind, c.ns, opts), &v1beta1.ChallengeList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.ChallengeList{ListMeta: obj.(*v1beta1.ChallengeList).ListMeta} - for _, item := range obj.(*v1beta1.ChallengeList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested challenges. -func (c *FakeChallenges) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(challengesResource, c.ns, opts)) - -} - -// Create takes the representation of a challenge and creates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *FakeChallenges) Create(ctx context.Context, challenge *v1beta1.Challenge, opts v1.CreateOptions) (result *v1beta1.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(challengesResource, c.ns, challenge), &v1beta1.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Challenge), err -} - -// Update takes the representation of a challenge and updates it. Returns the server's representation of the challenge, and an error, if there is any. -func (c *FakeChallenges) Update(ctx context.Context, challenge *v1beta1.Challenge, opts v1.UpdateOptions) (result *v1beta1.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(challengesResource, c.ns, challenge), &v1beta1.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Challenge), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeChallenges) UpdateStatus(ctx context.Context, challenge *v1beta1.Challenge, opts v1.UpdateOptions) (*v1beta1.Challenge, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(challengesResource, "status", c.ns, challenge), &v1beta1.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Challenge), err -} - -// Delete takes name of the challenge and deletes it. Returns an error if one occurs. -func (c *FakeChallenges) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(challengesResource, c.ns, name), &v1beta1.Challenge{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeChallenges) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(challengesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.ChallengeList{}) - return err -} - -// Patch applies the patch and returns the patched challenge. -func (c *FakeChallenges) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Challenge, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(challengesResource, c.ns, name, pt, data, subresources...), &v1beta1.Challenge{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Challenge), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_order.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_order.go deleted file mode 100644 index 21a434291f..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake/fake_order.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeOrders implements OrderInterface -type FakeOrders struct { - Fake *FakeAcmeV1beta1 - ns string -} - -var ordersResource = schema.GroupVersionResource{Group: "acme.cert-manager.io", Version: "v1beta1", Resource: "orders"} - -var ordersKind = schema.GroupVersionKind{Group: "acme.cert-manager.io", Version: "v1beta1", Kind: "Order"} - -// Get takes name of the order, and returns the corresponding order object, and an error if there is any. -func (c *FakeOrders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(ordersResource, c.ns, name), &v1beta1.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Order), err -} - -// List takes label and field selectors, and returns the list of Orders that match those selectors. -func (c *FakeOrders) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.OrderList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(ordersResource, ordersKind, c.ns, opts), &v1beta1.OrderList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.OrderList{ListMeta: obj.(*v1beta1.OrderList).ListMeta} - for _, item := range obj.(*v1beta1.OrderList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested orders. -func (c *FakeOrders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(ordersResource, c.ns, opts)) - -} - -// Create takes the representation of a order and creates it. Returns the server's representation of the order, and an error, if there is any. -func (c *FakeOrders) Create(ctx context.Context, order *v1beta1.Order, opts v1.CreateOptions) (result *v1beta1.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(ordersResource, c.ns, order), &v1beta1.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Order), err -} - -// Update takes the representation of a order and updates it. Returns the server's representation of the order, and an error, if there is any. -func (c *FakeOrders) Update(ctx context.Context, order *v1beta1.Order, opts v1.UpdateOptions) (result *v1beta1.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(ordersResource, c.ns, order), &v1beta1.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Order), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeOrders) UpdateStatus(ctx context.Context, order *v1beta1.Order, opts v1.UpdateOptions) (*v1beta1.Order, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(ordersResource, "status", c.ns, order), &v1beta1.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Order), err -} - -// Delete takes name of the order and deletes it. Returns an error if one occurs. -func (c *FakeOrders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(ordersResource, c.ns, name), &v1beta1.Order{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeOrders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(ordersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.OrderList{}) - return err -} - -// Patch applies the patch and returns the patched order. -func (c *FakeOrders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Order, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(ordersResource, c.ns, name, pt, data, subresources...), &v1beta1.Order{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Order), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/generated_expansion.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/generated_expansion.go deleted file mode 100644 index 4e81778d40..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/generated_expansion.go +++ /dev/null @@ -1,23 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -type ChallengeExpansion interface{} - -type OrderExpansion interface{} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/order.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/order.go deleted file mode 100644 index 255a468f36..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/order.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// OrdersGetter has a method to return a OrderInterface. -// A group's client should implement this interface. -type OrdersGetter interface { - Orders(namespace string) OrderInterface -} - -// OrderInterface has methods to work with Order resources. -type OrderInterface interface { - Create(ctx context.Context, order *v1beta1.Order, opts v1.CreateOptions) (*v1beta1.Order, error) - Update(ctx context.Context, order *v1beta1.Order, opts v1.UpdateOptions) (*v1beta1.Order, error) - UpdateStatus(ctx context.Context, order *v1beta1.Order, opts v1.UpdateOptions) (*v1beta1.Order, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.Order, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.OrderList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Order, err error) - OrderExpansion -} - -// orders implements OrderInterface -type orders struct { - client rest.Interface - ns string -} - -// newOrders returns a Orders -func newOrders(c *AcmeV1beta1Client, namespace string) *orders { - return &orders{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the order, and returns the corresponding order object, and an error if there is any. -func (c *orders) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Order, err error) { - result = &v1beta1.Order{} - err = c.client.Get(). - Namespace(c.ns). - Resource("orders"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Orders that match those selectors. -func (c *orders) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.OrderList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.OrderList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested orders. -func (c *orders) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a order and creates it. Returns the server's representation of the order, and an error, if there is any. -func (c *orders) Create(ctx context.Context, order *v1beta1.Order, opts v1.CreateOptions) (result *v1beta1.Order, err error) { - result = &v1beta1.Order{} - err = c.client.Post(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a order and updates it. Returns the server's representation of the order, and an error, if there is any. -func (c *orders) Update(ctx context.Context, order *v1beta1.Order, opts v1.UpdateOptions) (result *v1beta1.Order, err error) { - result = &v1beta1.Order{} - err = c.client.Put(). - Namespace(c.ns). - Resource("orders"). - Name(order.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *orders) UpdateStatus(ctx context.Context, order *v1beta1.Order, opts v1.UpdateOptions) (result *v1beta1.Order, err error) { - result = &v1beta1.Order{} - err = c.client.Put(). - Namespace(c.ns). - Resource("orders"). - Name(order.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(order). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the order and deletes it. Returns an error if one occurs. -func (c *orders) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("orders"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *orders) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("orders"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched order. -func (c *orders) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Order, err error) { - result = &v1beta1.Order{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("orders"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/doc.go deleted file mode 100644 index ec03ff1f3b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/BUILD.bazel deleted file mode 100644 index 4e4c697852..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/BUILD.bazel +++ /dev/null @@ -1,25 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "certificate.go", - "certificaterequest.go", - "certmanager_client.go", - "clusterissuer.go", - "doc.go", - "generated_expansion.go", - "issuer.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificate.go deleted file mode 100644 index 729d9839dd..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificate.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CertificatesGetter has a method to return a CertificateInterface. -// A group's client should implement this interface. -type CertificatesGetter interface { - Certificates(namespace string) CertificateInterface -} - -// CertificateInterface has methods to work with Certificate resources. -type CertificateInterface interface { - Create(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.CreateOptions) (*v1alpha2.Certificate, error) - Update(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.UpdateOptions) (*v1alpha2.Certificate, error) - UpdateStatus(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.UpdateOptions) (*v1alpha2.Certificate, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.Certificate, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.CertificateList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Certificate, err error) - CertificateExpansion -} - -// certificates implements CertificateInterface -type certificates struct { - client rest.Interface - ns string -} - -// newCertificates returns a Certificates -func newCertificates(c *CertmanagerV1alpha2Client, namespace string) *certificates { - return &certificates{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the certificate, and returns the corresponding certificate object, and an error if there is any. -func (c *certificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Certificate, err error) { - result = &v1alpha2.Certificate{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Certificates that match those selectors. -func (c *certificates) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.CertificateList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.CertificateList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested certificates. -func (c *certificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a certificate and creates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *certificates) Create(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.CreateOptions) (result *v1alpha2.Certificate, err error) { - result = &v1alpha2.Certificate{} - err = c.client.Post(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a certificate and updates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *certificates) Update(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.UpdateOptions) (result *v1alpha2.Certificate, err error) { - result = &v1alpha2.Certificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificates"). - Name(certificate.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *certificates) UpdateStatus(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.UpdateOptions) (result *v1alpha2.Certificate, err error) { - result = &v1alpha2.Certificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificates"). - Name(certificate.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the certificate and deletes it. Returns an error if one occurs. -func (c *certificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("certificates"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *certificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched certificate. -func (c *certificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Certificate, err error) { - result = &v1alpha2.Certificate{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("certificates"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificaterequest.go deleted file mode 100644 index e2452fff50..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certificaterequest.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CertificateRequestsGetter has a method to return a CertificateRequestInterface. -// A group's client should implement this interface. -type CertificateRequestsGetter interface { - CertificateRequests(namespace string) CertificateRequestInterface -} - -// CertificateRequestInterface has methods to work with CertificateRequest resources. -type CertificateRequestInterface interface { - Create(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.CreateOptions) (*v1alpha2.CertificateRequest, error) - Update(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.UpdateOptions) (*v1alpha2.CertificateRequest, error) - UpdateStatus(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.UpdateOptions) (*v1alpha2.CertificateRequest, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.CertificateRequest, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.CertificateRequestList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.CertificateRequest, err error) - CertificateRequestExpansion -} - -// certificateRequests implements CertificateRequestInterface -type certificateRequests struct { - client rest.Interface - ns string -} - -// newCertificateRequests returns a CertificateRequests -func newCertificateRequests(c *CertmanagerV1alpha2Client, namespace string) *certificateRequests { - return &certificateRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the certificateRequest, and returns the corresponding certificateRequest object, and an error if there is any. -func (c *certificateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.CertificateRequest, err error) { - result = &v1alpha2.CertificateRequest{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CertificateRequests that match those selectors. -func (c *certificateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.CertificateRequestList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.CertificateRequestList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested certificateRequests. -func (c *certificateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a certificateRequest and creates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *certificateRequests) Create(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.CreateOptions) (result *v1alpha2.CertificateRequest, err error) { - result = &v1alpha2.CertificateRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a certificateRequest and updates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *certificateRequests) Update(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.UpdateOptions) (result *v1alpha2.CertificateRequest, err error) { - result = &v1alpha2.CertificateRequest{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(certificateRequest.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *certificateRequests) UpdateStatus(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.UpdateOptions) (result *v1alpha2.CertificateRequest, err error) { - result = &v1alpha2.CertificateRequest{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(certificateRequest.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. -func (c *certificateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *certificateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched certificateRequest. -func (c *certificateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.CertificateRequest, err error) { - result = &v1alpha2.CertificateRequest{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certmanager_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certmanager_client.go deleted file mode 100644 index 4c28af4426..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/certmanager_client.go +++ /dev/null @@ -1,104 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type CertmanagerV1alpha2Interface interface { - RESTClient() rest.Interface - CertificatesGetter - CertificateRequestsGetter - ClusterIssuersGetter - IssuersGetter -} - -// CertmanagerV1alpha2Client is used to interact with features provided by the cert-manager.io group. -type CertmanagerV1alpha2Client struct { - restClient rest.Interface -} - -func (c *CertmanagerV1alpha2Client) Certificates(namespace string) CertificateInterface { - return newCertificates(c, namespace) -} - -func (c *CertmanagerV1alpha2Client) CertificateRequests(namespace string) CertificateRequestInterface { - return newCertificateRequests(c, namespace) -} - -func (c *CertmanagerV1alpha2Client) ClusterIssuers() ClusterIssuerInterface { - return newClusterIssuers(c) -} - -func (c *CertmanagerV1alpha2Client) Issuers(namespace string) IssuerInterface { - return newIssuers(c, namespace) -} - -// NewForConfig creates a new CertmanagerV1alpha2Client for the given config. -func NewForConfig(c *rest.Config) (*CertmanagerV1alpha2Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &CertmanagerV1alpha2Client{client}, nil -} - -// NewForConfigOrDie creates a new CertmanagerV1alpha2Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *CertmanagerV1alpha2Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new CertmanagerV1alpha2Client for the given RESTClient. -func New(c rest.Interface) *CertmanagerV1alpha2Client { - return &CertmanagerV1alpha2Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha2.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *CertmanagerV1alpha2Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/clusterissuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/clusterissuer.go deleted file mode 100644 index 21b2dc906c..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/clusterissuer.go +++ /dev/null @@ -1,184 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ClusterIssuersGetter has a method to return a ClusterIssuerInterface. -// A group's client should implement this interface. -type ClusterIssuersGetter interface { - ClusterIssuers() ClusterIssuerInterface -} - -// ClusterIssuerInterface has methods to work with ClusterIssuer resources. -type ClusterIssuerInterface interface { - Create(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.CreateOptions) (*v1alpha2.ClusterIssuer, error) - Update(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.UpdateOptions) (*v1alpha2.ClusterIssuer, error) - UpdateStatus(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.UpdateOptions) (*v1alpha2.ClusterIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.ClusterIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.ClusterIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterIssuer, err error) - ClusterIssuerExpansion -} - -// clusterIssuers implements ClusterIssuerInterface -type clusterIssuers struct { - client rest.Interface -} - -// newClusterIssuers returns a ClusterIssuers -func newClusterIssuers(c *CertmanagerV1alpha2Client) *clusterIssuers { - return &clusterIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the clusterIssuer, and returns the corresponding clusterIssuer object, and an error if there is any. -func (c *clusterIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ClusterIssuer, err error) { - result = &v1alpha2.ClusterIssuer{} - err = c.client.Get(). - Resource("clusterissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ClusterIssuers that match those selectors. -func (c *clusterIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ClusterIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.ClusterIssuerList{} - err = c.client.Get(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested clusterIssuers. -func (c *clusterIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a clusterIssuer and creates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *clusterIssuers) Create(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.CreateOptions) (result *v1alpha2.ClusterIssuer, err error) { - result = &v1alpha2.ClusterIssuer{} - err = c.client.Post(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a clusterIssuer and updates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *clusterIssuers) Update(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.UpdateOptions) (result *v1alpha2.ClusterIssuer, err error) { - result = &v1alpha2.ClusterIssuer{} - err = c.client.Put(). - Resource("clusterissuers"). - Name(clusterIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *clusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.UpdateOptions) (result *v1alpha2.ClusterIssuer, err error) { - result = &v1alpha2.ClusterIssuer{} - err = c.client.Put(). - Resource("clusterissuers"). - Name(clusterIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. -func (c *clusterIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("clusterissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *clusterIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("clusterissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched clusterIssuer. -func (c *clusterIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterIssuer, err error) { - result = &v1alpha2.ClusterIssuer{} - err = c.client.Patch(pt). - Resource("clusterissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/doc.go deleted file mode 100644 index f4c515e6e1..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha2 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/BUILD.bazel deleted file mode 100644 index a2a035f39d..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_certificate.go", - "fake_certificaterequest.go", - "fake_certmanager_client.go", - "fake_clusterissuer.go", - "fake_issuer.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - "//vendor/k8s.io/client-go/testing:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/doc.go deleted file mode 100644 index ec03ff1f3b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificate.go deleted file mode 100644 index 7d74648d93..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificate.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCertificates implements CertificateInterface -type FakeCertificates struct { - Fake *FakeCertmanagerV1alpha2 - ns string -} - -var certificatesResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha2", Resource: "certificates"} - -var certificatesKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha2", Kind: "Certificate"} - -// Get takes name of the certificate, and returns the corresponding certificate object, and an error if there is any. -func (c *FakeCertificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(certificatesResource, c.ns, name), &v1alpha2.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Certificate), err -} - -// List takes label and field selectors, and returns the list of Certificates that match those selectors. -func (c *FakeCertificates) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.CertificateList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(certificatesResource, certificatesKind, c.ns, opts), &v1alpha2.CertificateList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.CertificateList{ListMeta: obj.(*v1alpha2.CertificateList).ListMeta} - for _, item := range obj.(*v1alpha2.CertificateList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested certificates. -func (c *FakeCertificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(certificatesResource, c.ns, opts)) - -} - -// Create takes the representation of a certificate and creates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *FakeCertificates) Create(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.CreateOptions) (result *v1alpha2.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(certificatesResource, c.ns, certificate), &v1alpha2.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Certificate), err -} - -// Update takes the representation of a certificate and updates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *FakeCertificates) Update(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.UpdateOptions) (result *v1alpha2.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(certificatesResource, c.ns, certificate), &v1alpha2.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Certificate), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCertificates) UpdateStatus(ctx context.Context, certificate *v1alpha2.Certificate, opts v1.UpdateOptions) (*v1alpha2.Certificate, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(certificatesResource, "status", c.ns, certificate), &v1alpha2.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Certificate), err -} - -// Delete takes name of the certificate and deletes it. Returns an error if one occurs. -func (c *FakeCertificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificatesResource, c.ns, name), &v1alpha2.Certificate{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCertificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(certificatesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.CertificateList{}) - return err -} - -// Patch applies the patch and returns the patched certificate. -func (c *FakeCertificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(certificatesResource, c.ns, name, pt, data, subresources...), &v1alpha2.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Certificate), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificaterequest.go deleted file mode 100644 index 04c75f8905..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certificaterequest.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCertificateRequests implements CertificateRequestInterface -type FakeCertificateRequests struct { - Fake *FakeCertmanagerV1alpha2 - ns string -} - -var certificaterequestsResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha2", Resource: "certificaterequests"} - -var certificaterequestsKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha2", Kind: "CertificateRequest"} - -// Get takes name of the certificateRequest, and returns the corresponding certificateRequest object, and an error if there is any. -func (c *FakeCertificateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(certificaterequestsResource, c.ns, name), &v1alpha2.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.CertificateRequest), err -} - -// List takes label and field selectors, and returns the list of CertificateRequests that match those selectors. -func (c *FakeCertificateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.CertificateRequestList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(certificaterequestsResource, certificaterequestsKind, c.ns, opts), &v1alpha2.CertificateRequestList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.CertificateRequestList{ListMeta: obj.(*v1alpha2.CertificateRequestList).ListMeta} - for _, item := range obj.(*v1alpha2.CertificateRequestList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested certificateRequests. -func (c *FakeCertificateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(certificaterequestsResource, c.ns, opts)) - -} - -// Create takes the representation of a certificateRequest and creates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *FakeCertificateRequests) Create(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.CreateOptions) (result *v1alpha2.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(certificaterequestsResource, c.ns, certificateRequest), &v1alpha2.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.CertificateRequest), err -} - -// Update takes the representation of a certificateRequest and updates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *FakeCertificateRequests) Update(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.UpdateOptions) (result *v1alpha2.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(certificaterequestsResource, c.ns, certificateRequest), &v1alpha2.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.CertificateRequest), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCertificateRequests) UpdateStatus(ctx context.Context, certificateRequest *v1alpha2.CertificateRequest, opts v1.UpdateOptions) (*v1alpha2.CertificateRequest, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(certificaterequestsResource, "status", c.ns, certificateRequest), &v1alpha2.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.CertificateRequest), err -} - -// Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. -func (c *FakeCertificateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificaterequestsResource, c.ns, name), &v1alpha2.CertificateRequest{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCertificateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(certificaterequestsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.CertificateRequestList{}) - return err -} - -// Patch applies the patch and returns the patched certificateRequest. -func (c *FakeCertificateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(certificaterequestsResource, c.ns, name, pt, data, subresources...), &v1alpha2.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.CertificateRequest), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certmanager_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certmanager_client.go deleted file mode 100644 index 5e6f936283..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_certmanager_client.go +++ /dev/null @@ -1,52 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha2 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeCertmanagerV1alpha2 struct { - *testing.Fake -} - -func (c *FakeCertmanagerV1alpha2) Certificates(namespace string) v1alpha2.CertificateInterface { - return &FakeCertificates{c, namespace} -} - -func (c *FakeCertmanagerV1alpha2) CertificateRequests(namespace string) v1alpha2.CertificateRequestInterface { - return &FakeCertificateRequests{c, namespace} -} - -func (c *FakeCertmanagerV1alpha2) ClusterIssuers() v1alpha2.ClusterIssuerInterface { - return &FakeClusterIssuers{c} -} - -func (c *FakeCertmanagerV1alpha2) Issuers(namespace string) v1alpha2.IssuerInterface { - return &FakeIssuers{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeCertmanagerV1alpha2) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_clusterissuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_clusterissuer.go deleted file mode 100644 index 010030da2a..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_clusterissuer.go +++ /dev/null @@ -1,133 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeClusterIssuers implements ClusterIssuerInterface -type FakeClusterIssuers struct { - Fake *FakeCertmanagerV1alpha2 -} - -var clusterissuersResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha2", Resource: "clusterissuers"} - -var clusterissuersKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha2", Kind: "ClusterIssuer"} - -// Get takes name of the clusterIssuer, and returns the corresponding clusterIssuer object, and an error if there is any. -func (c *FakeClusterIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(clusterissuersResource, name), &v1alpha2.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterIssuer), err -} - -// List takes label and field selectors, and returns the list of ClusterIssuers that match those selectors. -func (c *FakeClusterIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ClusterIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(clusterissuersResource, clusterissuersKind, opts), &v1alpha2.ClusterIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.ClusterIssuerList{ListMeta: obj.(*v1alpha2.ClusterIssuerList).ListMeta} - for _, item := range obj.(*v1alpha2.ClusterIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested clusterIssuers. -func (c *FakeClusterIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(clusterissuersResource, opts)) -} - -// Create takes the representation of a clusterIssuer and creates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *FakeClusterIssuers) Create(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.CreateOptions) (result *v1alpha2.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(clusterissuersResource, clusterIssuer), &v1alpha2.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterIssuer), err -} - -// Update takes the representation of a clusterIssuer and updates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *FakeClusterIssuers) Update(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.UpdateOptions) (result *v1alpha2.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(clusterissuersResource, clusterIssuer), &v1alpha2.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeClusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *v1alpha2.ClusterIssuer, opts v1.UpdateOptions) (*v1alpha2.ClusterIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(clusterissuersResource, "status", clusterIssuer), &v1alpha2.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterIssuer), err -} - -// Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. -func (c *FakeClusterIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(clusterissuersResource, name), &v1alpha2.ClusterIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeClusterIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(clusterissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.ClusterIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched clusterIssuer. -func (c *FakeClusterIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(clusterissuersResource, name, pt, data, subresources...), &v1alpha2.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.ClusterIssuer), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_issuer.go deleted file mode 100644 index 6c26780b35..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake/fake_issuer.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeIssuers implements IssuerInterface -type FakeIssuers struct { - Fake *FakeCertmanagerV1alpha2 - ns string -} - -var issuersResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha2", Resource: "issuers"} - -var issuersKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha2", Kind: "Issuer"} - -// Get takes name of the issuer, and returns the corresponding issuer object, and an error if there is any. -func (c *FakeIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(issuersResource, c.ns, name), &v1alpha2.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Issuer), err -} - -// List takes label and field selectors, and returns the list of Issuers that match those selectors. -func (c *FakeIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.IssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(issuersResource, issuersKind, c.ns, opts), &v1alpha2.IssuerList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha2.IssuerList{ListMeta: obj.(*v1alpha2.IssuerList).ListMeta} - for _, item := range obj.(*v1alpha2.IssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested issuers. -func (c *FakeIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(issuersResource, c.ns, opts)) - -} - -// Create takes the representation of a issuer and creates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *FakeIssuers) Create(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.CreateOptions) (result *v1alpha2.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(issuersResource, c.ns, issuer), &v1alpha2.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Issuer), err -} - -// Update takes the representation of a issuer and updates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *FakeIssuers) Update(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.UpdateOptions) (result *v1alpha2.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(issuersResource, c.ns, issuer), &v1alpha2.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Issuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeIssuers) UpdateStatus(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.UpdateOptions) (*v1alpha2.Issuer, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(issuersResource, "status", c.ns, issuer), &v1alpha2.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Issuer), err -} - -// Delete takes name of the issuer and deletes it. Returns an error if one occurs. -func (c *FakeIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(issuersResource, c.ns, name), &v1alpha2.Issuer{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(issuersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha2.IssuerList{}) - return err -} - -// Patch applies the patch and returns the patched issuer. -func (c *FakeIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(issuersResource, c.ns, name, pt, data, subresources...), &v1alpha2.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha2.Issuer), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/generated_expansion.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/generated_expansion.go deleted file mode 100644 index af6dd9ec06..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/generated_expansion.go +++ /dev/null @@ -1,27 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -type CertificateExpansion interface{} - -type CertificateRequestExpansion interface{} - -type ClusterIssuerExpansion interface{} - -type IssuerExpansion interface{} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/issuer.go deleted file mode 100644 index f78c18fdc1..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/issuer.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha2 - -import ( - "context" - "time" - - v1alpha2 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// IssuersGetter has a method to return a IssuerInterface. -// A group's client should implement this interface. -type IssuersGetter interface { - Issuers(namespace string) IssuerInterface -} - -// IssuerInterface has methods to work with Issuer resources. -type IssuerInterface interface { - Create(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.CreateOptions) (*v1alpha2.Issuer, error) - Update(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.UpdateOptions) (*v1alpha2.Issuer, error) - UpdateStatus(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.UpdateOptions) (*v1alpha2.Issuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.Issuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.IssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Issuer, err error) - IssuerExpansion -} - -// issuers implements IssuerInterface -type issuers struct { - client rest.Interface - ns string -} - -// newIssuers returns a Issuers -func newIssuers(c *CertmanagerV1alpha2Client, namespace string) *issuers { - return &issuers{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the issuer, and returns the corresponding issuer object, and an error if there is any. -func (c *issuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.Issuer, err error) { - result = &v1alpha2.Issuer{} - err = c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Issuers that match those selectors. -func (c *issuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.IssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha2.IssuerList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested issuers. -func (c *issuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a issuer and creates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *issuers) Create(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.CreateOptions) (result *v1alpha2.Issuer, err error) { - result = &v1alpha2.Issuer{} - err = c.client.Post(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a issuer and updates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *issuers) Update(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.UpdateOptions) (result *v1alpha2.Issuer, err error) { - result = &v1alpha2.Issuer{} - err = c.client.Put(). - Namespace(c.ns). - Resource("issuers"). - Name(issuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *issuers) UpdateStatus(ctx context.Context, issuer *v1alpha2.Issuer, opts v1.UpdateOptions) (result *v1alpha2.Issuer, err error) { - result = &v1alpha2.Issuer{} - err = c.client.Put(). - Namespace(c.ns). - Resource("issuers"). - Name(issuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the issuer and deletes it. Returns an error if one occurs. -func (c *issuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("issuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *issuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched issuer. -func (c *issuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.Issuer, err error) { - result = &v1alpha2.Issuer{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("issuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/BUILD.bazel deleted file mode 100644 index 65531fabbd..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/BUILD.bazel +++ /dev/null @@ -1,25 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "certificate.go", - "certificaterequest.go", - "certmanager_client.go", - "clusterissuer.go", - "doc.go", - "generated_expansion.go", - "issuer.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificate.go deleted file mode 100644 index ccfb41edc2..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificate.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - "context" - "time" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CertificatesGetter has a method to return a CertificateInterface. -// A group's client should implement this interface. -type CertificatesGetter interface { - Certificates(namespace string) CertificateInterface -} - -// CertificateInterface has methods to work with Certificate resources. -type CertificateInterface interface { - Create(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.CreateOptions) (*v1alpha3.Certificate, error) - Update(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.UpdateOptions) (*v1alpha3.Certificate, error) - UpdateStatus(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.UpdateOptions) (*v1alpha3.Certificate, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha3.Certificate, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha3.CertificateList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Certificate, err error) - CertificateExpansion -} - -// certificates implements CertificateInterface -type certificates struct { - client rest.Interface - ns string -} - -// newCertificates returns a Certificates -func newCertificates(c *CertmanagerV1alpha3Client, namespace string) *certificates { - return &certificates{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the certificate, and returns the corresponding certificate object, and an error if there is any. -func (c *certificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Certificate, err error) { - result = &v1alpha3.Certificate{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Certificates that match those selectors. -func (c *certificates) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.CertificateList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha3.CertificateList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested certificates. -func (c *certificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a certificate and creates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *certificates) Create(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.CreateOptions) (result *v1alpha3.Certificate, err error) { - result = &v1alpha3.Certificate{} - err = c.client.Post(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a certificate and updates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *certificates) Update(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.UpdateOptions) (result *v1alpha3.Certificate, err error) { - result = &v1alpha3.Certificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificates"). - Name(certificate.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *certificates) UpdateStatus(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.UpdateOptions) (result *v1alpha3.Certificate, err error) { - result = &v1alpha3.Certificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificates"). - Name(certificate.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the certificate and deletes it. Returns an error if one occurs. -func (c *certificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("certificates"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *certificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched certificate. -func (c *certificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Certificate, err error) { - result = &v1alpha3.Certificate{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("certificates"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificaterequest.go deleted file mode 100644 index 1a8fe0d331..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certificaterequest.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - "context" - "time" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CertificateRequestsGetter has a method to return a CertificateRequestInterface. -// A group's client should implement this interface. -type CertificateRequestsGetter interface { - CertificateRequests(namespace string) CertificateRequestInterface -} - -// CertificateRequestInterface has methods to work with CertificateRequest resources. -type CertificateRequestInterface interface { - Create(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.CreateOptions) (*v1alpha3.CertificateRequest, error) - Update(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.UpdateOptions) (*v1alpha3.CertificateRequest, error) - UpdateStatus(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.UpdateOptions) (*v1alpha3.CertificateRequest, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha3.CertificateRequest, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha3.CertificateRequestList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.CertificateRequest, err error) - CertificateRequestExpansion -} - -// certificateRequests implements CertificateRequestInterface -type certificateRequests struct { - client rest.Interface - ns string -} - -// newCertificateRequests returns a CertificateRequests -func newCertificateRequests(c *CertmanagerV1alpha3Client, namespace string) *certificateRequests { - return &certificateRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the certificateRequest, and returns the corresponding certificateRequest object, and an error if there is any. -func (c *certificateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.CertificateRequest, err error) { - result = &v1alpha3.CertificateRequest{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CertificateRequests that match those selectors. -func (c *certificateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.CertificateRequestList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha3.CertificateRequestList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested certificateRequests. -func (c *certificateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a certificateRequest and creates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *certificateRequests) Create(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.CreateOptions) (result *v1alpha3.CertificateRequest, err error) { - result = &v1alpha3.CertificateRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a certificateRequest and updates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *certificateRequests) Update(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.UpdateOptions) (result *v1alpha3.CertificateRequest, err error) { - result = &v1alpha3.CertificateRequest{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(certificateRequest.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *certificateRequests) UpdateStatus(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.UpdateOptions) (result *v1alpha3.CertificateRequest, err error) { - result = &v1alpha3.CertificateRequest{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(certificateRequest.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. -func (c *certificateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *certificateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched certificateRequest. -func (c *certificateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.CertificateRequest, err error) { - result = &v1alpha3.CertificateRequest{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certmanager_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certmanager_client.go deleted file mode 100644 index 850b37e240..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/certmanager_client.go +++ /dev/null @@ -1,104 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type CertmanagerV1alpha3Interface interface { - RESTClient() rest.Interface - CertificatesGetter - CertificateRequestsGetter - ClusterIssuersGetter - IssuersGetter -} - -// CertmanagerV1alpha3Client is used to interact with features provided by the cert-manager.io group. -type CertmanagerV1alpha3Client struct { - restClient rest.Interface -} - -func (c *CertmanagerV1alpha3Client) Certificates(namespace string) CertificateInterface { - return newCertificates(c, namespace) -} - -func (c *CertmanagerV1alpha3Client) CertificateRequests(namespace string) CertificateRequestInterface { - return newCertificateRequests(c, namespace) -} - -func (c *CertmanagerV1alpha3Client) ClusterIssuers() ClusterIssuerInterface { - return newClusterIssuers(c) -} - -func (c *CertmanagerV1alpha3Client) Issuers(namespace string) IssuerInterface { - return newIssuers(c, namespace) -} - -// NewForConfig creates a new CertmanagerV1alpha3Client for the given config. -func NewForConfig(c *rest.Config) (*CertmanagerV1alpha3Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &CertmanagerV1alpha3Client{client}, nil -} - -// NewForConfigOrDie creates a new CertmanagerV1alpha3Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *CertmanagerV1alpha3Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new CertmanagerV1alpha3Client for the given RESTClient. -func New(c rest.Interface) *CertmanagerV1alpha3Client { - return &CertmanagerV1alpha3Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1alpha3.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *CertmanagerV1alpha3Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/clusterissuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/clusterissuer.go deleted file mode 100644 index 64086b4bb9..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/clusterissuer.go +++ /dev/null @@ -1,184 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - "context" - "time" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ClusterIssuersGetter has a method to return a ClusterIssuerInterface. -// A group's client should implement this interface. -type ClusterIssuersGetter interface { - ClusterIssuers() ClusterIssuerInterface -} - -// ClusterIssuerInterface has methods to work with ClusterIssuer resources. -type ClusterIssuerInterface interface { - Create(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.CreateOptions) (*v1alpha3.ClusterIssuer, error) - Update(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.UpdateOptions) (*v1alpha3.ClusterIssuer, error) - UpdateStatus(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.UpdateOptions) (*v1alpha3.ClusterIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha3.ClusterIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha3.ClusterIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.ClusterIssuer, err error) - ClusterIssuerExpansion -} - -// clusterIssuers implements ClusterIssuerInterface -type clusterIssuers struct { - client rest.Interface -} - -// newClusterIssuers returns a ClusterIssuers -func newClusterIssuers(c *CertmanagerV1alpha3Client) *clusterIssuers { - return &clusterIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the clusterIssuer, and returns the corresponding clusterIssuer object, and an error if there is any. -func (c *clusterIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.ClusterIssuer, err error) { - result = &v1alpha3.ClusterIssuer{} - err = c.client.Get(). - Resource("clusterissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ClusterIssuers that match those selectors. -func (c *clusterIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.ClusterIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha3.ClusterIssuerList{} - err = c.client.Get(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested clusterIssuers. -func (c *clusterIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a clusterIssuer and creates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *clusterIssuers) Create(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.CreateOptions) (result *v1alpha3.ClusterIssuer, err error) { - result = &v1alpha3.ClusterIssuer{} - err = c.client.Post(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a clusterIssuer and updates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *clusterIssuers) Update(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.UpdateOptions) (result *v1alpha3.ClusterIssuer, err error) { - result = &v1alpha3.ClusterIssuer{} - err = c.client.Put(). - Resource("clusterissuers"). - Name(clusterIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *clusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.UpdateOptions) (result *v1alpha3.ClusterIssuer, err error) { - result = &v1alpha3.ClusterIssuer{} - err = c.client.Put(). - Resource("clusterissuers"). - Name(clusterIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. -func (c *clusterIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("clusterissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *clusterIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("clusterissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched clusterIssuer. -func (c *clusterIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.ClusterIssuer, err error) { - result = &v1alpha3.ClusterIssuer{} - err = c.client.Patch(pt). - Resource("clusterissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/doc.go deleted file mode 100644 index 4219b41427..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1alpha3 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/BUILD.bazel deleted file mode 100644 index 2a521015da..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_certificate.go", - "fake_certificaterequest.go", - "fake_certmanager_client.go", - "fake_clusterissuer.go", - "fake_issuer.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - "//vendor/k8s.io/client-go/testing:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/doc.go deleted file mode 100644 index ec03ff1f3b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificate.go deleted file mode 100644 index f478845850..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificate.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCertificates implements CertificateInterface -type FakeCertificates struct { - Fake *FakeCertmanagerV1alpha3 - ns string -} - -var certificatesResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha3", Resource: "certificates"} - -var certificatesKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha3", Kind: "Certificate"} - -// Get takes name of the certificate, and returns the corresponding certificate object, and an error if there is any. -func (c *FakeCertificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(certificatesResource, c.ns, name), &v1alpha3.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Certificate), err -} - -// List takes label and field selectors, and returns the list of Certificates that match those selectors. -func (c *FakeCertificates) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.CertificateList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(certificatesResource, certificatesKind, c.ns, opts), &v1alpha3.CertificateList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha3.CertificateList{ListMeta: obj.(*v1alpha3.CertificateList).ListMeta} - for _, item := range obj.(*v1alpha3.CertificateList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested certificates. -func (c *FakeCertificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(certificatesResource, c.ns, opts)) - -} - -// Create takes the representation of a certificate and creates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *FakeCertificates) Create(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.CreateOptions) (result *v1alpha3.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(certificatesResource, c.ns, certificate), &v1alpha3.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Certificate), err -} - -// Update takes the representation of a certificate and updates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *FakeCertificates) Update(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.UpdateOptions) (result *v1alpha3.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(certificatesResource, c.ns, certificate), &v1alpha3.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Certificate), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCertificates) UpdateStatus(ctx context.Context, certificate *v1alpha3.Certificate, opts v1.UpdateOptions) (*v1alpha3.Certificate, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(certificatesResource, "status", c.ns, certificate), &v1alpha3.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Certificate), err -} - -// Delete takes name of the certificate and deletes it. Returns an error if one occurs. -func (c *FakeCertificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificatesResource, c.ns, name), &v1alpha3.Certificate{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCertificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(certificatesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha3.CertificateList{}) - return err -} - -// Patch applies the patch and returns the patched certificate. -func (c *FakeCertificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(certificatesResource, c.ns, name, pt, data, subresources...), &v1alpha3.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Certificate), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificaterequest.go deleted file mode 100644 index 9919848d55..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certificaterequest.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCertificateRequests implements CertificateRequestInterface -type FakeCertificateRequests struct { - Fake *FakeCertmanagerV1alpha3 - ns string -} - -var certificaterequestsResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha3", Resource: "certificaterequests"} - -var certificaterequestsKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha3", Kind: "CertificateRequest"} - -// Get takes name of the certificateRequest, and returns the corresponding certificateRequest object, and an error if there is any. -func (c *FakeCertificateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(certificaterequestsResource, c.ns, name), &v1alpha3.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.CertificateRequest), err -} - -// List takes label and field selectors, and returns the list of CertificateRequests that match those selectors. -func (c *FakeCertificateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.CertificateRequestList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(certificaterequestsResource, certificaterequestsKind, c.ns, opts), &v1alpha3.CertificateRequestList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha3.CertificateRequestList{ListMeta: obj.(*v1alpha3.CertificateRequestList).ListMeta} - for _, item := range obj.(*v1alpha3.CertificateRequestList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested certificateRequests. -func (c *FakeCertificateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(certificaterequestsResource, c.ns, opts)) - -} - -// Create takes the representation of a certificateRequest and creates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *FakeCertificateRequests) Create(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.CreateOptions) (result *v1alpha3.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(certificaterequestsResource, c.ns, certificateRequest), &v1alpha3.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.CertificateRequest), err -} - -// Update takes the representation of a certificateRequest and updates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *FakeCertificateRequests) Update(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.UpdateOptions) (result *v1alpha3.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(certificaterequestsResource, c.ns, certificateRequest), &v1alpha3.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.CertificateRequest), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCertificateRequests) UpdateStatus(ctx context.Context, certificateRequest *v1alpha3.CertificateRequest, opts v1.UpdateOptions) (*v1alpha3.CertificateRequest, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(certificaterequestsResource, "status", c.ns, certificateRequest), &v1alpha3.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.CertificateRequest), err -} - -// Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. -func (c *FakeCertificateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificaterequestsResource, c.ns, name), &v1alpha3.CertificateRequest{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCertificateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(certificaterequestsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha3.CertificateRequestList{}) - return err -} - -// Patch applies the patch and returns the patched certificateRequest. -func (c *FakeCertificateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(certificaterequestsResource, c.ns, name, pt, data, subresources...), &v1alpha3.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.CertificateRequest), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certmanager_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certmanager_client.go deleted file mode 100644 index fd237b49e3..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_certmanager_client.go +++ /dev/null @@ -1,52 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1alpha3 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeCertmanagerV1alpha3 struct { - *testing.Fake -} - -func (c *FakeCertmanagerV1alpha3) Certificates(namespace string) v1alpha3.CertificateInterface { - return &FakeCertificates{c, namespace} -} - -func (c *FakeCertmanagerV1alpha3) CertificateRequests(namespace string) v1alpha3.CertificateRequestInterface { - return &FakeCertificateRequests{c, namespace} -} - -func (c *FakeCertmanagerV1alpha3) ClusterIssuers() v1alpha3.ClusterIssuerInterface { - return &FakeClusterIssuers{c} -} - -func (c *FakeCertmanagerV1alpha3) Issuers(namespace string) v1alpha3.IssuerInterface { - return &FakeIssuers{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeCertmanagerV1alpha3) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_clusterissuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_clusterissuer.go deleted file mode 100644 index 489be7bdbe..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_clusterissuer.go +++ /dev/null @@ -1,133 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeClusterIssuers implements ClusterIssuerInterface -type FakeClusterIssuers struct { - Fake *FakeCertmanagerV1alpha3 -} - -var clusterissuersResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha3", Resource: "clusterissuers"} - -var clusterissuersKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha3", Kind: "ClusterIssuer"} - -// Get takes name of the clusterIssuer, and returns the corresponding clusterIssuer object, and an error if there is any. -func (c *FakeClusterIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(clusterissuersResource, name), &v1alpha3.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.ClusterIssuer), err -} - -// List takes label and field selectors, and returns the list of ClusterIssuers that match those selectors. -func (c *FakeClusterIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.ClusterIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(clusterissuersResource, clusterissuersKind, opts), &v1alpha3.ClusterIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha3.ClusterIssuerList{ListMeta: obj.(*v1alpha3.ClusterIssuerList).ListMeta} - for _, item := range obj.(*v1alpha3.ClusterIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested clusterIssuers. -func (c *FakeClusterIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(clusterissuersResource, opts)) -} - -// Create takes the representation of a clusterIssuer and creates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *FakeClusterIssuers) Create(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.CreateOptions) (result *v1alpha3.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(clusterissuersResource, clusterIssuer), &v1alpha3.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.ClusterIssuer), err -} - -// Update takes the representation of a clusterIssuer and updates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *FakeClusterIssuers) Update(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.UpdateOptions) (result *v1alpha3.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(clusterissuersResource, clusterIssuer), &v1alpha3.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.ClusterIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeClusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *v1alpha3.ClusterIssuer, opts v1.UpdateOptions) (*v1alpha3.ClusterIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(clusterissuersResource, "status", clusterIssuer), &v1alpha3.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.ClusterIssuer), err -} - -// Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. -func (c *FakeClusterIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(clusterissuersResource, name), &v1alpha3.ClusterIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeClusterIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(clusterissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha3.ClusterIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched clusterIssuer. -func (c *FakeClusterIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(clusterissuersResource, name, pt, data, subresources...), &v1alpha3.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.ClusterIssuer), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_issuer.go deleted file mode 100644 index b216faf952..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake/fake_issuer.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeIssuers implements IssuerInterface -type FakeIssuers struct { - Fake *FakeCertmanagerV1alpha3 - ns string -} - -var issuersResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1alpha3", Resource: "issuers"} - -var issuersKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1alpha3", Kind: "Issuer"} - -// Get takes name of the issuer, and returns the corresponding issuer object, and an error if there is any. -func (c *FakeIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(issuersResource, c.ns, name), &v1alpha3.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Issuer), err -} - -// List takes label and field selectors, and returns the list of Issuers that match those selectors. -func (c *FakeIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.IssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(issuersResource, issuersKind, c.ns, opts), &v1alpha3.IssuerList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1alpha3.IssuerList{ListMeta: obj.(*v1alpha3.IssuerList).ListMeta} - for _, item := range obj.(*v1alpha3.IssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested issuers. -func (c *FakeIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(issuersResource, c.ns, opts)) - -} - -// Create takes the representation of a issuer and creates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *FakeIssuers) Create(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.CreateOptions) (result *v1alpha3.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(issuersResource, c.ns, issuer), &v1alpha3.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Issuer), err -} - -// Update takes the representation of a issuer and updates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *FakeIssuers) Update(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.UpdateOptions) (result *v1alpha3.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(issuersResource, c.ns, issuer), &v1alpha3.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Issuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeIssuers) UpdateStatus(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.UpdateOptions) (*v1alpha3.Issuer, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(issuersResource, "status", c.ns, issuer), &v1alpha3.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Issuer), err -} - -// Delete takes name of the issuer and deletes it. Returns an error if one occurs. -func (c *FakeIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(issuersResource, c.ns, name), &v1alpha3.Issuer{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(issuersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1alpha3.IssuerList{}) - return err -} - -// Patch applies the patch and returns the patched issuer. -func (c *FakeIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(issuersResource, c.ns, name, pt, data, subresources...), &v1alpha3.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1alpha3.Issuer), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/generated_expansion.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/generated_expansion.go deleted file mode 100644 index 812797aaa6..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/generated_expansion.go +++ /dev/null @@ -1,27 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -type CertificateExpansion interface{} - -type CertificateRequestExpansion interface{} - -type ClusterIssuerExpansion interface{} - -type IssuerExpansion interface{} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/issuer.go deleted file mode 100644 index ccc4c34a46..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/issuer.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1alpha3 - -import ( - "context" - "time" - - v1alpha3 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// IssuersGetter has a method to return a IssuerInterface. -// A group's client should implement this interface. -type IssuersGetter interface { - Issuers(namespace string) IssuerInterface -} - -// IssuerInterface has methods to work with Issuer resources. -type IssuerInterface interface { - Create(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.CreateOptions) (*v1alpha3.Issuer, error) - Update(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.UpdateOptions) (*v1alpha3.Issuer, error) - UpdateStatus(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.UpdateOptions) (*v1alpha3.Issuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha3.Issuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1alpha3.IssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Issuer, err error) - IssuerExpansion -} - -// issuers implements IssuerInterface -type issuers struct { - client rest.Interface - ns string -} - -// newIssuers returns a Issuers -func newIssuers(c *CertmanagerV1alpha3Client, namespace string) *issuers { - return &issuers{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the issuer, and returns the corresponding issuer object, and an error if there is any. -func (c *issuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha3.Issuer, err error) { - result = &v1alpha3.Issuer{} - err = c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Issuers that match those selectors. -func (c *issuers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha3.IssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1alpha3.IssuerList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested issuers. -func (c *issuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a issuer and creates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *issuers) Create(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.CreateOptions) (result *v1alpha3.Issuer, err error) { - result = &v1alpha3.Issuer{} - err = c.client.Post(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a issuer and updates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *issuers) Update(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.UpdateOptions) (result *v1alpha3.Issuer, err error) { - result = &v1alpha3.Issuer{} - err = c.client.Put(). - Namespace(c.ns). - Resource("issuers"). - Name(issuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *issuers) UpdateStatus(ctx context.Context, issuer *v1alpha3.Issuer, opts v1.UpdateOptions) (result *v1alpha3.Issuer, err error) { - result = &v1alpha3.Issuer{} - err = c.client.Put(). - Namespace(c.ns). - Resource("issuers"). - Name(issuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the issuer and deletes it. Returns an error if one occurs. -func (c *issuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("issuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *issuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched issuer. -func (c *issuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha3.Issuer, err error) { - result = &v1alpha3.Issuer{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("issuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/BUILD.bazel deleted file mode 100644 index 187cf7a481..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/BUILD.bazel +++ /dev/null @@ -1,25 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "certificate.go", - "certificaterequest.go", - "certmanager_client.go", - "clusterissuer.go", - "doc.go", - "generated_expansion.go", - "issuer.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificate.go deleted file mode 100644 index 30ec021a35..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificate.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CertificatesGetter has a method to return a CertificateInterface. -// A group's client should implement this interface. -type CertificatesGetter interface { - Certificates(namespace string) CertificateInterface -} - -// CertificateInterface has methods to work with Certificate resources. -type CertificateInterface interface { - Create(ctx context.Context, certificate *v1beta1.Certificate, opts v1.CreateOptions) (*v1beta1.Certificate, error) - Update(ctx context.Context, certificate *v1beta1.Certificate, opts v1.UpdateOptions) (*v1beta1.Certificate, error) - UpdateStatus(ctx context.Context, certificate *v1beta1.Certificate, opts v1.UpdateOptions) (*v1beta1.Certificate, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.Certificate, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.CertificateList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Certificate, err error) - CertificateExpansion -} - -// certificates implements CertificateInterface -type certificates struct { - client rest.Interface - ns string -} - -// newCertificates returns a Certificates -func newCertificates(c *CertmanagerV1beta1Client, namespace string) *certificates { - return &certificates{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the certificate, and returns the corresponding certificate object, and an error if there is any. -func (c *certificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Certificate, err error) { - result = &v1beta1.Certificate{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Certificates that match those selectors. -func (c *certificates) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.CertificateList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.CertificateList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested certificates. -func (c *certificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a certificate and creates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *certificates) Create(ctx context.Context, certificate *v1beta1.Certificate, opts v1.CreateOptions) (result *v1beta1.Certificate, err error) { - result = &v1beta1.Certificate{} - err = c.client.Post(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a certificate and updates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *certificates) Update(ctx context.Context, certificate *v1beta1.Certificate, opts v1.UpdateOptions) (result *v1beta1.Certificate, err error) { - result = &v1beta1.Certificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificates"). - Name(certificate.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *certificates) UpdateStatus(ctx context.Context, certificate *v1beta1.Certificate, opts v1.UpdateOptions) (result *v1beta1.Certificate, err error) { - result = &v1beta1.Certificate{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificates"). - Name(certificate.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificate). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the certificate and deletes it. Returns an error if one occurs. -func (c *certificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("certificates"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *certificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("certificates"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched certificate. -func (c *certificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Certificate, err error) { - result = &v1beta1.Certificate{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("certificates"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificaterequest.go deleted file mode 100644 index 4a1f5dee5e..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certificaterequest.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// CertificateRequestsGetter has a method to return a CertificateRequestInterface. -// A group's client should implement this interface. -type CertificateRequestsGetter interface { - CertificateRequests(namespace string) CertificateRequestInterface -} - -// CertificateRequestInterface has methods to work with CertificateRequest resources. -type CertificateRequestInterface interface { - Create(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.CreateOptions) (*v1beta1.CertificateRequest, error) - Update(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.UpdateOptions) (*v1beta1.CertificateRequest, error) - UpdateStatus(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.UpdateOptions) (*v1beta1.CertificateRequest, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.CertificateRequest, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.CertificateRequestList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.CertificateRequest, err error) - CertificateRequestExpansion -} - -// certificateRequests implements CertificateRequestInterface -type certificateRequests struct { - client rest.Interface - ns string -} - -// newCertificateRequests returns a CertificateRequests -func newCertificateRequests(c *CertmanagerV1beta1Client, namespace string) *certificateRequests { - return &certificateRequests{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the certificateRequest, and returns the corresponding certificateRequest object, and an error if there is any. -func (c *certificateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.CertificateRequest, err error) { - result = &v1beta1.CertificateRequest{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of CertificateRequests that match those selectors. -func (c *certificateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.CertificateRequestList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.CertificateRequestList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested certificateRequests. -func (c *certificateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a certificateRequest and creates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *certificateRequests) Create(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.CreateOptions) (result *v1beta1.CertificateRequest, err error) { - result = &v1beta1.CertificateRequest{} - err = c.client.Post(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a certificateRequest and updates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *certificateRequests) Update(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.UpdateOptions) (result *v1beta1.CertificateRequest, err error) { - result = &v1beta1.CertificateRequest{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(certificateRequest.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *certificateRequests) UpdateStatus(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.UpdateOptions) (result *v1beta1.CertificateRequest, err error) { - result = &v1beta1.CertificateRequest{} - err = c.client.Put(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(certificateRequest.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(certificateRequest). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. -func (c *certificateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *certificateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("certificaterequests"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched certificateRequest. -func (c *certificateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.CertificateRequest, err error) { - result = &v1beta1.CertificateRequest{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("certificaterequests"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certmanager_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certmanager_client.go deleted file mode 100644 index 903f6131b5..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/certmanager_client.go +++ /dev/null @@ -1,104 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - rest "k8s.io/client-go/rest" -) - -type CertmanagerV1beta1Interface interface { - RESTClient() rest.Interface - CertificatesGetter - CertificateRequestsGetter - ClusterIssuersGetter - IssuersGetter -} - -// CertmanagerV1beta1Client is used to interact with features provided by the cert-manager.io group. -type CertmanagerV1beta1Client struct { - restClient rest.Interface -} - -func (c *CertmanagerV1beta1Client) Certificates(namespace string) CertificateInterface { - return newCertificates(c, namespace) -} - -func (c *CertmanagerV1beta1Client) CertificateRequests(namespace string) CertificateRequestInterface { - return newCertificateRequests(c, namespace) -} - -func (c *CertmanagerV1beta1Client) ClusterIssuers() ClusterIssuerInterface { - return newClusterIssuers(c) -} - -func (c *CertmanagerV1beta1Client) Issuers(namespace string) IssuerInterface { - return newIssuers(c, namespace) -} - -// NewForConfig creates a new CertmanagerV1beta1Client for the given config. -func NewForConfig(c *rest.Config) (*CertmanagerV1beta1Client, error) { - config := *c - if err := setConfigDefaults(&config); err != nil { - return nil, err - } - client, err := rest.RESTClientFor(&config) - if err != nil { - return nil, err - } - return &CertmanagerV1beta1Client{client}, nil -} - -// NewForConfigOrDie creates a new CertmanagerV1beta1Client for the given config and -// panics if there is an error in the config. -func NewForConfigOrDie(c *rest.Config) *CertmanagerV1beta1Client { - client, err := NewForConfig(c) - if err != nil { - panic(err) - } - return client -} - -// New creates a new CertmanagerV1beta1Client for the given RESTClient. -func New(c rest.Interface) *CertmanagerV1beta1Client { - return &CertmanagerV1beta1Client{c} -} - -func setConfigDefaults(config *rest.Config) error { - gv := v1beta1.SchemeGroupVersion - config.GroupVersion = &gv - config.APIPath = "/apis" - config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() - - if config.UserAgent == "" { - config.UserAgent = rest.DefaultKubernetesUserAgent() - } - - return nil -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *CertmanagerV1beta1Client) RESTClient() rest.Interface { - if c == nil { - return nil - } - return c.restClient -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/clusterissuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/clusterissuer.go deleted file mode 100644 index 055cae54fa..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/clusterissuer.go +++ /dev/null @@ -1,184 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// ClusterIssuersGetter has a method to return a ClusterIssuerInterface. -// A group's client should implement this interface. -type ClusterIssuersGetter interface { - ClusterIssuers() ClusterIssuerInterface -} - -// ClusterIssuerInterface has methods to work with ClusterIssuer resources. -type ClusterIssuerInterface interface { - Create(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.CreateOptions) (*v1beta1.ClusterIssuer, error) - Update(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.UpdateOptions) (*v1beta1.ClusterIssuer, error) - UpdateStatus(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.UpdateOptions) (*v1beta1.ClusterIssuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.ClusterIssuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.ClusterIssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ClusterIssuer, err error) - ClusterIssuerExpansion -} - -// clusterIssuers implements ClusterIssuerInterface -type clusterIssuers struct { - client rest.Interface -} - -// newClusterIssuers returns a ClusterIssuers -func newClusterIssuers(c *CertmanagerV1beta1Client) *clusterIssuers { - return &clusterIssuers{ - client: c.RESTClient(), - } -} - -// Get takes name of the clusterIssuer, and returns the corresponding clusterIssuer object, and an error if there is any. -func (c *clusterIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.ClusterIssuer, err error) { - result = &v1beta1.ClusterIssuer{} - err = c.client.Get(). - Resource("clusterissuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of ClusterIssuers that match those selectors. -func (c *clusterIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ClusterIssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.ClusterIssuerList{} - err = c.client.Get(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested clusterIssuers. -func (c *clusterIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a clusterIssuer and creates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *clusterIssuers) Create(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.CreateOptions) (result *v1beta1.ClusterIssuer, err error) { - result = &v1beta1.ClusterIssuer{} - err = c.client.Post(). - Resource("clusterissuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a clusterIssuer and updates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *clusterIssuers) Update(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.UpdateOptions) (result *v1beta1.ClusterIssuer, err error) { - result = &v1beta1.ClusterIssuer{} - err = c.client.Put(). - Resource("clusterissuers"). - Name(clusterIssuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *clusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.UpdateOptions) (result *v1beta1.ClusterIssuer, err error) { - result = &v1beta1.ClusterIssuer{} - err = c.client.Put(). - Resource("clusterissuers"). - Name(clusterIssuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(clusterIssuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. -func (c *clusterIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Resource("clusterissuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *clusterIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Resource("clusterissuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched clusterIssuer. -func (c *clusterIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ClusterIssuer, err error) { - result = &v1beta1.ClusterIssuer{} - err = c.client.Patch(pt). - Resource("clusterissuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/doc.go deleted file mode 100644 index 9f9e4da328..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. -package v1beta1 diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/BUILD.bazel b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/BUILD.bazel deleted file mode 100644 index 3b56756d8b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/BUILD.bazel +++ /dev/null @@ -1,27 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = [ - "doc.go", - "fake_certificate.go", - "fake_certificaterequest.go", - "fake_certmanager_client.go", - "fake_clusterissuer.go", - "fake_issuer.go", - ], - importmap = "k8s.io/kops/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake", - importpath = "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake", - visibility = ["//visibility:public"], - deps = [ - "//vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1:go_default_library", - "//vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/labels:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/types:go_default_library", - "//vendor/k8s.io/apimachinery/pkg/watch:go_default_library", - "//vendor/k8s.io/client-go/rest:go_default_library", - "//vendor/k8s.io/client-go/testing:go_default_library", - ], -) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/doc.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/doc.go deleted file mode 100644 index ec03ff1f3b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -// Package fake has the automatically generated clients. -package fake diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificate.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificate.go deleted file mode 100644 index e5616ccb4e..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificate.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCertificates implements CertificateInterface -type FakeCertificates struct { - Fake *FakeCertmanagerV1beta1 - ns string -} - -var certificatesResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1beta1", Resource: "certificates"} - -var certificatesKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1beta1", Kind: "Certificate"} - -// Get takes name of the certificate, and returns the corresponding certificate object, and an error if there is any. -func (c *FakeCertificates) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(certificatesResource, c.ns, name), &v1beta1.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Certificate), err -} - -// List takes label and field selectors, and returns the list of Certificates that match those selectors. -func (c *FakeCertificates) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.CertificateList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(certificatesResource, certificatesKind, c.ns, opts), &v1beta1.CertificateList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.CertificateList{ListMeta: obj.(*v1beta1.CertificateList).ListMeta} - for _, item := range obj.(*v1beta1.CertificateList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested certificates. -func (c *FakeCertificates) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(certificatesResource, c.ns, opts)) - -} - -// Create takes the representation of a certificate and creates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *FakeCertificates) Create(ctx context.Context, certificate *v1beta1.Certificate, opts v1.CreateOptions) (result *v1beta1.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(certificatesResource, c.ns, certificate), &v1beta1.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Certificate), err -} - -// Update takes the representation of a certificate and updates it. Returns the server's representation of the certificate, and an error, if there is any. -func (c *FakeCertificates) Update(ctx context.Context, certificate *v1beta1.Certificate, opts v1.UpdateOptions) (result *v1beta1.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(certificatesResource, c.ns, certificate), &v1beta1.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Certificate), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCertificates) UpdateStatus(ctx context.Context, certificate *v1beta1.Certificate, opts v1.UpdateOptions) (*v1beta1.Certificate, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(certificatesResource, "status", c.ns, certificate), &v1beta1.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Certificate), err -} - -// Delete takes name of the certificate and deletes it. Returns an error if one occurs. -func (c *FakeCertificates) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificatesResource, c.ns, name), &v1beta1.Certificate{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCertificates) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(certificatesResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.CertificateList{}) - return err -} - -// Patch applies the patch and returns the patched certificate. -func (c *FakeCertificates) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Certificate, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(certificatesResource, c.ns, name, pt, data, subresources...), &v1beta1.Certificate{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Certificate), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificaterequest.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificaterequest.go deleted file mode 100644 index f2bf81c03b..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certificaterequest.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeCertificateRequests implements CertificateRequestInterface -type FakeCertificateRequests struct { - Fake *FakeCertmanagerV1beta1 - ns string -} - -var certificaterequestsResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1beta1", Resource: "certificaterequests"} - -var certificaterequestsKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1beta1", Kind: "CertificateRequest"} - -// Get takes name of the certificateRequest, and returns the corresponding certificateRequest object, and an error if there is any. -func (c *FakeCertificateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(certificaterequestsResource, c.ns, name), &v1beta1.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.CertificateRequest), err -} - -// List takes label and field selectors, and returns the list of CertificateRequests that match those selectors. -func (c *FakeCertificateRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.CertificateRequestList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(certificaterequestsResource, certificaterequestsKind, c.ns, opts), &v1beta1.CertificateRequestList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.CertificateRequestList{ListMeta: obj.(*v1beta1.CertificateRequestList).ListMeta} - for _, item := range obj.(*v1beta1.CertificateRequestList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested certificateRequests. -func (c *FakeCertificateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(certificaterequestsResource, c.ns, opts)) - -} - -// Create takes the representation of a certificateRequest and creates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *FakeCertificateRequests) Create(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.CreateOptions) (result *v1beta1.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(certificaterequestsResource, c.ns, certificateRequest), &v1beta1.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.CertificateRequest), err -} - -// Update takes the representation of a certificateRequest and updates it. Returns the server's representation of the certificateRequest, and an error, if there is any. -func (c *FakeCertificateRequests) Update(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.UpdateOptions) (result *v1beta1.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(certificaterequestsResource, c.ns, certificateRequest), &v1beta1.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.CertificateRequest), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeCertificateRequests) UpdateStatus(ctx context.Context, certificateRequest *v1beta1.CertificateRequest, opts v1.UpdateOptions) (*v1beta1.CertificateRequest, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(certificaterequestsResource, "status", c.ns, certificateRequest), &v1beta1.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.CertificateRequest), err -} - -// Delete takes name of the certificateRequest and deletes it. Returns an error if one occurs. -func (c *FakeCertificateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(certificaterequestsResource, c.ns, name), &v1beta1.CertificateRequest{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeCertificateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(certificaterequestsResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.CertificateRequestList{}) - return err -} - -// Patch applies the patch and returns the patched certificateRequest. -func (c *FakeCertificateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.CertificateRequest, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(certificaterequestsResource, c.ns, name, pt, data, subresources...), &v1beta1.CertificateRequest{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.CertificateRequest), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certmanager_client.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certmanager_client.go deleted file mode 100644 index c449dc9c53..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_certmanager_client.go +++ /dev/null @@ -1,52 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - v1beta1 "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1" - rest "k8s.io/client-go/rest" - testing "k8s.io/client-go/testing" -) - -type FakeCertmanagerV1beta1 struct { - *testing.Fake -} - -func (c *FakeCertmanagerV1beta1) Certificates(namespace string) v1beta1.CertificateInterface { - return &FakeCertificates{c, namespace} -} - -func (c *FakeCertmanagerV1beta1) CertificateRequests(namespace string) v1beta1.CertificateRequestInterface { - return &FakeCertificateRequests{c, namespace} -} - -func (c *FakeCertmanagerV1beta1) ClusterIssuers() v1beta1.ClusterIssuerInterface { - return &FakeClusterIssuers{c} -} - -func (c *FakeCertmanagerV1beta1) Issuers(namespace string) v1beta1.IssuerInterface { - return &FakeIssuers{c, namespace} -} - -// RESTClient returns a RESTClient that is used to communicate -// with API server by this client implementation. -func (c *FakeCertmanagerV1beta1) RESTClient() rest.Interface { - var ret *rest.RESTClient - return ret -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_clusterissuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_clusterissuer.go deleted file mode 100644 index bb08707132..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_clusterissuer.go +++ /dev/null @@ -1,133 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeClusterIssuers implements ClusterIssuerInterface -type FakeClusterIssuers struct { - Fake *FakeCertmanagerV1beta1 -} - -var clusterissuersResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1beta1", Resource: "clusterissuers"} - -var clusterissuersKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1beta1", Kind: "ClusterIssuer"} - -// Get takes name of the clusterIssuer, and returns the corresponding clusterIssuer object, and an error if there is any. -func (c *FakeClusterIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootGetAction(clusterissuersResource, name), &v1beta1.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.ClusterIssuer), err -} - -// List takes label and field selectors, and returns the list of ClusterIssuers that match those selectors. -func (c *FakeClusterIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ClusterIssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootListAction(clusterissuersResource, clusterissuersKind, opts), &v1beta1.ClusterIssuerList{}) - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.ClusterIssuerList{ListMeta: obj.(*v1beta1.ClusterIssuerList).ListMeta} - for _, item := range obj.(*v1beta1.ClusterIssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested clusterIssuers. -func (c *FakeClusterIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewRootWatchAction(clusterissuersResource, opts)) -} - -// Create takes the representation of a clusterIssuer and creates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *FakeClusterIssuers) Create(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.CreateOptions) (result *v1beta1.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootCreateAction(clusterissuersResource, clusterIssuer), &v1beta1.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.ClusterIssuer), err -} - -// Update takes the representation of a clusterIssuer and updates it. Returns the server's representation of the clusterIssuer, and an error, if there is any. -func (c *FakeClusterIssuers) Update(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.UpdateOptions) (result *v1beta1.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateAction(clusterissuersResource, clusterIssuer), &v1beta1.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.ClusterIssuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeClusterIssuers) UpdateStatus(ctx context.Context, clusterIssuer *v1beta1.ClusterIssuer, opts v1.UpdateOptions) (*v1beta1.ClusterIssuer, error) { - obj, err := c.Fake. - Invokes(testing.NewRootUpdateSubresourceAction(clusterissuersResource, "status", clusterIssuer), &v1beta1.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.ClusterIssuer), err -} - -// Delete takes name of the clusterIssuer and deletes it. Returns an error if one occurs. -func (c *FakeClusterIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewRootDeleteAction(clusterissuersResource, name), &v1beta1.ClusterIssuer{}) - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeClusterIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewRootDeleteCollectionAction(clusterissuersResource, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.ClusterIssuerList{}) - return err -} - -// Patch applies the patch and returns the patched clusterIssuer. -func (c *FakeClusterIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ClusterIssuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewRootPatchSubresourceAction(clusterissuersResource, name, pt, data, subresources...), &v1beta1.ClusterIssuer{}) - if obj == nil { - return nil, err - } - return obj.(*v1beta1.ClusterIssuer), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_issuer.go deleted file mode 100644 index 0b37917d1e..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake/fake_issuer.go +++ /dev/null @@ -1,142 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package fake - -import ( - "context" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - labels "k8s.io/apimachinery/pkg/labels" - schema "k8s.io/apimachinery/pkg/runtime/schema" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - testing "k8s.io/client-go/testing" -) - -// FakeIssuers implements IssuerInterface -type FakeIssuers struct { - Fake *FakeCertmanagerV1beta1 - ns string -} - -var issuersResource = schema.GroupVersionResource{Group: "cert-manager.io", Version: "v1beta1", Resource: "issuers"} - -var issuersKind = schema.GroupVersionKind{Group: "cert-manager.io", Version: "v1beta1", Kind: "Issuer"} - -// Get takes name of the issuer, and returns the corresponding issuer object, and an error if there is any. -func (c *FakeIssuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewGetAction(issuersResource, c.ns, name), &v1beta1.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Issuer), err -} - -// List takes label and field selectors, and returns the list of Issuers that match those selectors. -func (c *FakeIssuers) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.IssuerList, err error) { - obj, err := c.Fake. - Invokes(testing.NewListAction(issuersResource, issuersKind, c.ns, opts), &v1beta1.IssuerList{}) - - if obj == nil { - return nil, err - } - - label, _, _ := testing.ExtractFromListOptions(opts) - if label == nil { - label = labels.Everything() - } - list := &v1beta1.IssuerList{ListMeta: obj.(*v1beta1.IssuerList).ListMeta} - for _, item := range obj.(*v1beta1.IssuerList).Items { - if label.Matches(labels.Set(item.Labels)) { - list.Items = append(list.Items, item) - } - } - return list, err -} - -// Watch returns a watch.Interface that watches the requested issuers. -func (c *FakeIssuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - return c.Fake. - InvokesWatch(testing.NewWatchAction(issuersResource, c.ns, opts)) - -} - -// Create takes the representation of a issuer and creates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *FakeIssuers) Create(ctx context.Context, issuer *v1beta1.Issuer, opts v1.CreateOptions) (result *v1beta1.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewCreateAction(issuersResource, c.ns, issuer), &v1beta1.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Issuer), err -} - -// Update takes the representation of a issuer and updates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *FakeIssuers) Update(ctx context.Context, issuer *v1beta1.Issuer, opts v1.UpdateOptions) (result *v1beta1.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateAction(issuersResource, c.ns, issuer), &v1beta1.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Issuer), err -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *FakeIssuers) UpdateStatus(ctx context.Context, issuer *v1beta1.Issuer, opts v1.UpdateOptions) (*v1beta1.Issuer, error) { - obj, err := c.Fake. - Invokes(testing.NewUpdateSubresourceAction(issuersResource, "status", c.ns, issuer), &v1beta1.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Issuer), err -} - -// Delete takes name of the issuer and deletes it. Returns an error if one occurs. -func (c *FakeIssuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - _, err := c.Fake. - Invokes(testing.NewDeleteAction(issuersResource, c.ns, name), &v1beta1.Issuer{}) - - return err -} - -// DeleteCollection deletes a collection of objects. -func (c *FakeIssuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - action := testing.NewDeleteCollectionAction(issuersResource, c.ns, listOpts) - - _, err := c.Fake.Invokes(action, &v1beta1.IssuerList{}) - return err -} - -// Patch applies the patch and returns the patched issuer. -func (c *FakeIssuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Issuer, err error) { - obj, err := c.Fake. - Invokes(testing.NewPatchSubresourceAction(issuersResource, c.ns, name, pt, data, subresources...), &v1beta1.Issuer{}) - - if obj == nil { - return nil, err - } - return obj.(*v1beta1.Issuer), err -} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/generated_expansion.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/generated_expansion.go deleted file mode 100644 index 9090ded490..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/generated_expansion.go +++ /dev/null @@ -1,27 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -type CertificateExpansion interface{} - -type CertificateRequestExpansion interface{} - -type ClusterIssuerExpansion interface{} - -type IssuerExpansion interface{} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/issuer.go b/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/issuer.go deleted file mode 100644 index 763f463226..0000000000 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/issuer.go +++ /dev/null @@ -1,195 +0,0 @@ -/* -Copyright The cert-manager Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -// Code generated by client-gen. DO NOT EDIT. - -package v1beta1 - -import ( - "context" - "time" - - v1beta1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1" - scheme "github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme" - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - types "k8s.io/apimachinery/pkg/types" - watch "k8s.io/apimachinery/pkg/watch" - rest "k8s.io/client-go/rest" -) - -// IssuersGetter has a method to return a IssuerInterface. -// A group's client should implement this interface. -type IssuersGetter interface { - Issuers(namespace string) IssuerInterface -} - -// IssuerInterface has methods to work with Issuer resources. -type IssuerInterface interface { - Create(ctx context.Context, issuer *v1beta1.Issuer, opts v1.CreateOptions) (*v1beta1.Issuer, error) - Update(ctx context.Context, issuer *v1beta1.Issuer, opts v1.UpdateOptions) (*v1beta1.Issuer, error) - UpdateStatus(ctx context.Context, issuer *v1beta1.Issuer, opts v1.UpdateOptions) (*v1beta1.Issuer, error) - Delete(ctx context.Context, name string, opts v1.DeleteOptions) error - DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error - Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.Issuer, error) - List(ctx context.Context, opts v1.ListOptions) (*v1beta1.IssuerList, error) - Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) - Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Issuer, err error) - IssuerExpansion -} - -// issuers implements IssuerInterface -type issuers struct { - client rest.Interface - ns string -} - -// newIssuers returns a Issuers -func newIssuers(c *CertmanagerV1beta1Client, namespace string) *issuers { - return &issuers{ - client: c.RESTClient(), - ns: namespace, - } -} - -// Get takes name of the issuer, and returns the corresponding issuer object, and an error if there is any. -func (c *issuers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Issuer, err error) { - result = &v1beta1.Issuer{} - err = c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - Name(name). - VersionedParams(&options, scheme.ParameterCodec). - Do(ctx). - Into(result) - return -} - -// List takes label and field selectors, and returns the list of Issuers that match those selectors. -func (c *issuers) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.IssuerList, err error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - result = &v1beta1.IssuerList{} - err = c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Do(ctx). - Into(result) - return -} - -// Watch returns a watch.Interface that watches the requested issuers. -func (c *issuers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { - var timeout time.Duration - if opts.TimeoutSeconds != nil { - timeout = time.Duration(*opts.TimeoutSeconds) * time.Second - } - opts.Watch = true - return c.client.Get(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Timeout(timeout). - Watch(ctx) -} - -// Create takes the representation of a issuer and creates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *issuers) Create(ctx context.Context, issuer *v1beta1.Issuer, opts v1.CreateOptions) (result *v1beta1.Issuer, err error) { - result = &v1beta1.Issuer{} - err = c.client.Post(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// Update takes the representation of a issuer and updates it. Returns the server's representation of the issuer, and an error, if there is any. -func (c *issuers) Update(ctx context.Context, issuer *v1beta1.Issuer, opts v1.UpdateOptions) (result *v1beta1.Issuer, err error) { - result = &v1beta1.Issuer{} - err = c.client.Put(). - Namespace(c.ns). - Resource("issuers"). - Name(issuer.Name). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// UpdateStatus was generated because the type contains a Status member. -// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). -func (c *issuers) UpdateStatus(ctx context.Context, issuer *v1beta1.Issuer, opts v1.UpdateOptions) (result *v1beta1.Issuer, err error) { - result = &v1beta1.Issuer{} - err = c.client.Put(). - Namespace(c.ns). - Resource("issuers"). - Name(issuer.Name). - SubResource("status"). - VersionedParams(&opts, scheme.ParameterCodec). - Body(issuer). - Do(ctx). - Into(result) - return -} - -// Delete takes name of the issuer and deletes it. Returns an error if one occurs. -func (c *issuers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { - return c.client.Delete(). - Namespace(c.ns). - Resource("issuers"). - Name(name). - Body(&opts). - Do(ctx). - Error() -} - -// DeleteCollection deletes a collection of objects. -func (c *issuers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { - var timeout time.Duration - if listOpts.TimeoutSeconds != nil { - timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second - } - return c.client.Delete(). - Namespace(c.ns). - Resource("issuers"). - VersionedParams(&listOpts, scheme.ParameterCodec). - Timeout(timeout). - Body(&opts). - Do(ctx). - Error() -} - -// Patch applies the patch and returns the patched issuer. -func (c *issuers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Issuer, err error) { - result = &v1beta1.Issuer{} - err = c.client.Patch(pt). - Namespace(c.ns). - Resource("issuers"). - Name(name). - SubResource(subresources...). - VersionedParams(&opts, scheme.ParameterCodec). - Body(data). - Do(ctx). - Into(result) - return -} diff --git a/vendor/github.com/klauspost/compress/.goreleaser.yml b/vendor/github.com/klauspost/compress/.goreleaser.yml index c9014ce1da..0af08e65e6 100644 --- a/vendor/github.com/klauspost/compress/.goreleaser.yml +++ b/vendor/github.com/klauspost/compress/.goreleaser.yml @@ -3,6 +3,7 @@ before: hooks: - ./gen.sh + - go install mvdan.cc/garble@latest builds: - @@ -31,6 +32,7 @@ builds: - mips64le goarm: - 7 + gobinary: garble - id: "s2d" binary: s2d @@ -57,6 +59,7 @@ builds: - mips64le goarm: - 7 + gobinary: garble - id: "s2sx" binary: s2sx @@ -84,6 +87,7 @@ builds: - mips64le goarm: - 7 + gobinary: garble archives: - diff --git a/vendor/github.com/klauspost/compress/README.md b/vendor/github.com/klauspost/compress/README.md index 3429879eb6..e8ff994f8b 100644 --- a/vendor/github.com/klauspost/compress/README.md +++ b/vendor/github.com/klauspost/compress/README.md @@ -17,6 +17,13 @@ This package provides various compression algorithms. # changelog +* Jan 11, 2022 (v1.14.1) + * s2: Add stream index in [#462](https://github.com/klauspost/compress/pull/462) + * flate: Speed and efficiency improvements in [#439](https://github.com/klauspost/compress/pull/439) [#461](https://github.com/klauspost/compress/pull/461) [#455](https://github.com/klauspost/compress/pull/455) [#452](https://github.com/klauspost/compress/pull/452) [#458](https://github.com/klauspost/compress/pull/458) + * zstd: Performance improvement in [#420]( https://github.com/klauspost/compress/pull/420) [#456](https://github.com/klauspost/compress/pull/456) [#437](https://github.com/klauspost/compress/pull/437) [#467](https://github.com/klauspost/compress/pull/467) [#468](https://github.com/klauspost/compress/pull/468) + * zstd: add arm64 xxhash assembly in [#464](https://github.com/klauspost/compress/pull/464) + * Add garbled for binaries for s2 in [#445](https://github.com/klauspost/compress/pull/445) + * Aug 30, 2021 (v1.13.5) * gz/zlib/flate: Alias stdlib errors [#425](https://github.com/klauspost/compress/pull/425) * s2: Add block support to commandline tools [#413](https://github.com/klauspost/compress/pull/413) @@ -432,6 +439,13 @@ For more information see my blog post on [Fast Linear Time Compression](http://b This is implemented on Go 1.7 as "Huffman Only" mode, though not exposed for gzip. +# Other packages + +Here are other packages of good quality and pure Go (no cgo wrappers or autoconverted code): + +* [github.com/pierrec/lz4](https://github.com/pierrec/lz4) - strong multithreaded LZ4 compression. +* [github.com/cosnicolaou/pbzip2](https://github.com/cosnicolaou/pbzip2) - multithreaded bzip2 decompression. +* [github.com/dsnet/compress](https://github.com/dsnet/compress) - brotli decompression, bzip2 writer. # license diff --git a/vendor/github.com/klauspost/compress/huff0/decompress.go b/vendor/github.com/klauspost/compress/huff0/decompress.go index 9b7cc8e97b..2a06bd1a7e 100644 --- a/vendor/github.com/klauspost/compress/huff0/decompress.go +++ b/vendor/github.com/klauspost/compress/huff0/decompress.go @@ -20,7 +20,7 @@ type dEntrySingle struct { // double-symbols decoding type dEntryDouble struct { - seq uint16 + seq [4]byte nBits uint8 len uint8 } @@ -753,23 +753,21 @@ func (d *Decoder) Decompress4X(dst, src []byte) ([]byte, error) { br[stream2].fillFast() val := br[stream].peekBitsFast(d.actualTableLog) - v := single[val&tlMask] - br[stream].advance(uint8(v.entry)) - buf[off+bufoff*stream] = uint8(v.entry >> 8) - val2 := br[stream2].peekBitsFast(d.actualTableLog) + v := single[val&tlMask] v2 := single[val2&tlMask] + br[stream].advance(uint8(v.entry)) br[stream2].advance(uint8(v2.entry)) + buf[off+bufoff*stream] = uint8(v.entry >> 8) buf[off+bufoff*stream2] = uint8(v2.entry >> 8) val = br[stream].peekBitsFast(d.actualTableLog) - v = single[val&tlMask] - br[stream].advance(uint8(v.entry)) - buf[off+bufoff*stream+1] = uint8(v.entry >> 8) - val2 = br[stream2].peekBitsFast(d.actualTableLog) + v = single[val&tlMask] v2 = single[val2&tlMask] + br[stream].advance(uint8(v.entry)) br[stream2].advance(uint8(v2.entry)) + buf[off+bufoff*stream+1] = uint8(v.entry >> 8) buf[off+bufoff*stream2+1] = uint8(v2.entry >> 8) } @@ -780,23 +778,21 @@ func (d *Decoder) Decompress4X(dst, src []byte) ([]byte, error) { br[stream2].fillFast() val := br[stream].peekBitsFast(d.actualTableLog) - v := single[val&tlMask] - br[stream].advance(uint8(v.entry)) - buf[off+bufoff*stream] = uint8(v.entry >> 8) - val2 := br[stream2].peekBitsFast(d.actualTableLog) + v := single[val&tlMask] v2 := single[val2&tlMask] + br[stream].advance(uint8(v.entry)) br[stream2].advance(uint8(v2.entry)) + buf[off+bufoff*stream] = uint8(v.entry >> 8) buf[off+bufoff*stream2] = uint8(v2.entry >> 8) val = br[stream].peekBitsFast(d.actualTableLog) - v = single[val&tlMask] - br[stream].advance(uint8(v.entry)) - buf[off+bufoff*stream+1] = uint8(v.entry >> 8) - val2 = br[stream2].peekBitsFast(d.actualTableLog) + v = single[val&tlMask] v2 = single[val2&tlMask] + br[stream].advance(uint8(v.entry)) br[stream2].advance(uint8(v2.entry)) + buf[off+bufoff*stream+1] = uint8(v.entry >> 8) buf[off+bufoff*stream2+1] = uint8(v2.entry >> 8) } @@ -914,7 +910,7 @@ func (d *Decoder) decompress4X8bit(dst, src []byte) ([]byte, error) { out := dst dstEvery := (dstSize + 3) / 4 - shift := (8 - d.actualTableLog) & 7 + shift := (56 + (8 - d.actualTableLog)) & 63 const tlSize = 1 << 8 single := d.dt.single[:tlSize] @@ -935,79 +931,91 @@ func (d *Decoder) decompress4X8bit(dst, src []byte) ([]byte, error) { // Interleave 2 decodes. const stream = 0 const stream2 = 1 - br[stream].fillFast() - br[stream2].fillFast() + br1 := &br[stream] + br2 := &br[stream2] + br1.fillFast() + br2.fillFast() - v := single[br[stream].peekByteFast()>>shift].entry + v := single[uint8(br1.value>>shift)].entry + v2 := single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 := single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br1.value>>shift)].entry + v2 = single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream+1] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+1] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br1.value>>shift)].entry + v2 = single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream+2] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry - buf[off+bufoff*stream+3] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry + v = single[uint8(br1.value>>shift)].entry + v2 = single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream2+3] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) + buf[off+bufoff*stream+3] = uint8(v >> 8) } { const stream = 2 const stream2 = 3 - br[stream].fillFast() - br[stream2].fillFast() + br1 := &br[stream] + br2 := &br[stream2] + br1.fillFast() + br2.fillFast() - v := single[br[stream].peekByteFast()>>shift].entry + v := single[uint8(br1.value>>shift)].entry + v2 := single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 := single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br1.value>>shift)].entry + v2 = single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream+1] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+1] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br1.value>>shift)].entry + v2 = single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream+2] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry - buf[off+bufoff*stream+3] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry + v = single[uint8(br1.value>>shift)].entry + v2 = single[uint8(br2.value>>shift)].entry + br1.bitsRead += uint8(v) + br1.value <<= v & 63 + br2.bitsRead += uint8(v2) + br2.value <<= v2 & 63 buf[off+bufoff*stream2+3] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) + buf[off+bufoff*stream+3] = uint8(v >> 8) } off += 4 @@ -1073,7 +1081,7 @@ func (d *Decoder) decompress4X8bit(dst, src []byte) ([]byte, error) { } // Read value and increment offset. - v := single[br.peekByteFast()>>shift].entry + v := single[uint8(br.value>>shift)].entry nBits := uint8(v) br.advance(nBits) bitsLeft -= int(nBits) @@ -1121,7 +1129,7 @@ func (d *Decoder) decompress4X8bitExactly(dst, src []byte) ([]byte, error) { out := dst dstEvery := (dstSize + 3) / 4 - const shift = 0 + const shift = 56 const tlSize = 1 << 8 const tlMask = tlSize - 1 single := d.dt.single[:tlSize] @@ -1145,37 +1153,41 @@ func (d *Decoder) decompress4X8bitExactly(dst, src []byte) ([]byte, error) { br[stream].fillFast() br[stream2].fillFast() - v := single[br[stream].peekByteFast()>>shift].entry + v := single[uint8(br[stream].value>>shift)].entry + v2 := single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 := single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br[stream].value>>shift)].entry + v2 = single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream+1] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+1] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br[stream].value>>shift)].entry + v2 = single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream+2] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br[stream].value>>shift)].entry + v2 = single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream+3] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+3] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) } { @@ -1184,37 +1196,41 @@ func (d *Decoder) decompress4X8bitExactly(dst, src []byte) ([]byte, error) { br[stream].fillFast() br[stream2].fillFast() - v := single[br[stream].peekByteFast()>>shift].entry + v := single[uint8(br[stream].value>>shift)].entry + v2 := single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 := single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br[stream].value>>shift)].entry + v2 = single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream+1] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+1] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br[stream].value>>shift)].entry + v2 = single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream+2] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+2] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) - v = single[br[stream].peekByteFast()>>shift].entry + v = single[uint8(br[stream].value>>shift)].entry + v2 = single[uint8(br[stream2].value>>shift)].entry + br[stream].bitsRead += uint8(v) + br[stream].value <<= v & 63 + br[stream2].bitsRead += uint8(v2) + br[stream2].value <<= v2 & 63 buf[off+bufoff*stream+3] = uint8(v >> 8) - br[stream].advance(uint8(v)) - - v2 = single[br[stream2].peekByteFast()>>shift].entry buf[off+bufoff*stream2+3] = uint8(v2 >> 8) - br[stream2].advance(uint8(v2)) } off += 4 @@ -1280,7 +1296,7 @@ func (d *Decoder) decompress4X8bitExactly(dst, src []byte) ([]byte, error) { } // Read value and increment offset. - v := single[br.peekByteFast()>>shift].entry + v := single[br.peekByteFast()].entry nBits := uint8(v) br.advance(nBits) bitsLeft -= int(nBits) diff --git a/vendor/github.com/klauspost/compress/zstd/bitreader.go b/vendor/github.com/klauspost/compress/zstd/bitreader.go index 8544585371..753d17df63 100644 --- a/vendor/github.com/klauspost/compress/zstd/bitreader.go +++ b/vendor/github.com/klauspost/compress/zstd/bitreader.go @@ -50,16 +50,23 @@ func (b *bitReader) getBits(n uint8) int { if n == 0 /*|| b.bitsRead >= 64 */ { return 0 } - return b.getBitsFast(n) + return int(b.get32BitsFast(n)) } -// getBitsFast requires that at least one bit is requested every time. +// get32BitsFast requires that at least one bit is requested every time. // There are no checks if the buffer is filled. -func (b *bitReader) getBitsFast(n uint8) int { +func (b *bitReader) get32BitsFast(n uint8) uint32 { const regMask = 64 - 1 v := uint32((b.value << (b.bitsRead & regMask)) >> ((regMask + 1 - n) & regMask)) b.bitsRead += n - return int(v) + return v +} + +func (b *bitReader) get16BitsFast(n uint8) uint16 { + const regMask = 64 - 1 + v := uint16((b.value << (b.bitsRead & regMask)) >> ((regMask + 1 - n) & regMask)) + b.bitsRead += n + return v } // fillFast() will make sure at least 32 bits are available. diff --git a/vendor/github.com/klauspost/compress/zstd/bitwriter.go b/vendor/github.com/klauspost/compress/zstd/bitwriter.go index 303ae90f94..b366182850 100644 --- a/vendor/github.com/klauspost/compress/zstd/bitwriter.go +++ b/vendor/github.com/klauspost/compress/zstd/bitwriter.go @@ -38,7 +38,7 @@ func (b *bitWriter) addBits16NC(value uint16, bits uint8) { b.nBits += bits } -// addBits32NC will add up to 32 bits. +// addBits32NC will add up to 31 bits. // It will not check if there is space for them, // so the caller must ensure that it has flushed recently. func (b *bitWriter) addBits32NC(value uint32, bits uint8) { @@ -46,6 +46,26 @@ func (b *bitWriter) addBits32NC(value uint32, bits uint8) { b.nBits += bits } +// addBits64NC will add up to 64 bits. +// There must be space for 32 bits. +func (b *bitWriter) addBits64NC(value uint64, bits uint8) { + if bits <= 31 { + b.addBits32Clean(uint32(value), bits) + return + } + b.addBits32Clean(uint32(value), 32) + b.flush32() + b.addBits32Clean(uint32(value>>32), bits-32) +} + +// addBits32Clean will add up to 32 bits. +// It will not check if there is space for them. +// The input must not contain more bits than specified. +func (b *bitWriter) addBits32Clean(value uint32, bits uint8) { + b.bitContainer |= uint64(value) << (b.nBits & 63) + b.nBits += bits +} + // addBits16Clean will add up to 16 bits. value may not contain more set bits than indicated. // It will not check if there is space for them, so the caller must ensure that it has flushed recently. func (b *bitWriter) addBits16Clean(value uint16, bits uint8) { diff --git a/vendor/github.com/klauspost/compress/zstd/blockenc.go b/vendor/github.com/klauspost/compress/zstd/blockenc.go index 3df185ee46..12e8f6f0b6 100644 --- a/vendor/github.com/klauspost/compress/zstd/blockenc.go +++ b/vendor/github.com/klauspost/compress/zstd/blockenc.go @@ -51,7 +51,7 @@ func (b *blockEnc) init() { if cap(b.literals) < maxCompressedBlockSize { b.literals = make([]byte, 0, maxCompressedBlockSize) } - const defSeqs = 200 + const defSeqs = 2000 if cap(b.sequences) < defSeqs { b.sequences = make([]seq, 0, defSeqs) } @@ -426,7 +426,7 @@ func fuzzFseEncoder(data []byte) int { return 0 } enc := fseEncoder{} - hist := enc.Histogram()[:256] + hist := enc.Histogram() maxSym := uint8(0) for i, v := range data { v = v & 63 @@ -722,52 +722,53 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error { println("Encoded seq", seq, s, "codes:", s.llCode, s.mlCode, s.ofCode, "states:", ll.state, ml.state, of.state, "bits:", llB, mlB, ofB) } seq-- - if llEnc.maxBits+mlEnc.maxBits+ofEnc.maxBits <= 32 { - // No need to flush (common) - for seq >= 0 { - s = b.sequences[seq] - wr.flush32() - llB, ofB, mlB := llTT[s.llCode], ofTT[s.ofCode], mlTT[s.mlCode] - // tabelog max is 8 for all. - of.encode(ofB) - ml.encode(mlB) - ll.encode(llB) - wr.flush32() + // Store sequences in reverse... + for seq >= 0 { + s = b.sequences[seq] - // We checked that all can stay within 32 bits - wr.addBits32NC(s.litLen, llB.outBits) - wr.addBits32NC(s.matchLen, mlB.outBits) - wr.addBits32NC(s.offset, ofB.outBits) + ofB := ofTT[s.ofCode] + wr.flush32() // tablelog max is below 8 for each, so it will fill max 24 bits. + //of.encode(ofB) + nbBitsOut := (uint32(of.state) + ofB.deltaNbBits) >> 16 + dstState := int32(of.state>>(nbBitsOut&15)) + int32(ofB.deltaFindState) + wr.addBits16NC(of.state, uint8(nbBitsOut)) + of.state = of.stateTable[dstState] - if debugSequences { - println("Encoded seq", seq, s) - } + // Accumulate extra bits. + outBits := ofB.outBits & 31 + extraBits := uint64(s.offset & bitMask32[outBits]) + extraBitsN := outBits - seq-- + mlB := mlTT[s.mlCode] + //ml.encode(mlB) + nbBitsOut = (uint32(ml.state) + mlB.deltaNbBits) >> 16 + dstState = int32(ml.state>>(nbBitsOut&15)) + int32(mlB.deltaFindState) + wr.addBits16NC(ml.state, uint8(nbBitsOut)) + ml.state = ml.stateTable[dstState] + + outBits = mlB.outBits & 31 + extraBits = extraBits<> 16 + dstState = int32(ll.state>>(nbBitsOut&15)) + int32(llB.deltaFindState) + wr.addBits16NC(ll.state, uint8(nbBitsOut)) + ll.state = ll.stateTable[dstState] + + outBits = llB.outBits & 31 + extraBits = extraBits<= 0 { - s = b.sequences[seq] - wr.flush32() - llB, ofB, mlB := llTT[s.llCode], ofTT[s.ofCode], mlTT[s.mlCode] - // tabelog max is below 8 for each. - of.encode(ofB) - ml.encode(mlB) - ll.encode(llB) - wr.flush32() - // ml+ll = max 32 bits total - wr.addBits32NC(s.litLen, llB.outBits) - wr.addBits32NC(s.matchLen, mlB.outBits) - wr.flush32() - wr.addBits32NC(s.offset, ofB.outBits) - - if debugSequences { - println("Encoded seq", seq, s) - } - - seq-- - } + seq-- } ml.flush(mlEnc.actualTableLog) of.flush(ofEnc.actualTableLog) @@ -801,14 +802,13 @@ func (b *blockEnc) genCodes() { // nothing to do return } - if len(b.sequences) > math.MaxUint16 { panic("can only encode up to 64K sequences") } // No bounds checks after here: - llH := b.coders.llEnc.Histogram()[:256] - ofH := b.coders.ofEnc.Histogram()[:256] - mlH := b.coders.mlEnc.Histogram()[:256] + llH := b.coders.llEnc.Histogram() + ofH := b.coders.ofEnc.Histogram() + mlH := b.coders.mlEnc.Histogram() for i := range llH { llH[i] = 0 } @@ -820,7 +820,8 @@ func (b *blockEnc) genCodes() { } var llMax, ofMax, mlMax uint8 - for i, seq := range b.sequences { + for i := range b.sequences { + seq := &b.sequences[i] v := llCode(seq.litLen) seq.llCode = v llH[v]++ @@ -844,7 +845,6 @@ func (b *blockEnc) genCodes() { panic(fmt.Errorf("mlMax > maxMatchLengthSymbol (%d), matchlen: %d", mlMax, seq.matchLen)) } } - b.sequences[i] = seq } maxCount := func(a []uint32) int { var max uint32 diff --git a/vendor/github.com/klauspost/compress/zstd/enc_base.go b/vendor/github.com/klauspost/compress/zstd/enc_base.go index 295cd602a4..15ae8ee807 100644 --- a/vendor/github.com/klauspost/compress/zstd/enc_base.go +++ b/vendor/github.com/klauspost/compress/zstd/enc_base.go @@ -108,11 +108,6 @@ func (e *fastBase) UseBlock(enc *blockEnc) { e.blk = enc } -func (e *fastBase) matchlenNoHist(s, t int32, src []byte) int32 { - // Extend the match to be as long as possible. - return int32(matchLen(src[s:], src[t:])) -} - func (e *fastBase) matchlen(s, t int32, src []byte) int32 { if debugAsserts { if s < 0 { @@ -131,9 +126,24 @@ func (e *fastBase) matchlen(s, t int32, src []byte) int32 { panic(fmt.Sprintf("len(src)-s (%d) > maxCompressedBlockSize (%d)", len(src)-int(s), maxCompressedBlockSize)) } } + a := src[s:] + b := src[t:] + b = b[:len(a)] + end := int32((len(a) >> 3) << 3) + for i := int32(0); i < end; i += 8 { + if diff := load6432(a, i) ^ load6432(b, i); diff != 0 { + return i + int32(bits.TrailingZeros64(diff)>>3) + } + } - // Extend the match to be as long as possible. - return int32(matchLen(src[s:], src[t:])) + a = a[end:] + b = b[end:] + for i := range a { + if a[i] != b[i] { + return int32(i) + end + } + } + return int32(len(a)) + end } // Reset the encoding table. diff --git a/vendor/github.com/klauspost/compress/zstd/enc_fast.go b/vendor/github.com/klauspost/compress/zstd/enc_fast.go index f2502629bc..5f08a28302 100644 --- a/vendor/github.com/klauspost/compress/zstd/enc_fast.go +++ b/vendor/github.com/klauspost/compress/zstd/enc_fast.go @@ -6,8 +6,6 @@ package zstd import ( "fmt" - "math" - "math/bits" ) const ( @@ -136,20 +134,7 @@ encodeLoop: // Consider history as well. var seq seq var length int32 - // length = 4 + e.matchlen(s+6, repIndex+4, src) - { - a := src[s+6:] - b := src[repIndex+4:] - endI := len(a) & (math.MaxInt32 - 7) - length = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - length = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } - + length = 4 + e.matchlen(s+6, repIndex+4, src) seq.matchLen = uint32(length - zstdMinMatch) // We might be able to match backwards. @@ -236,20 +221,7 @@ encodeLoop: } // Extend the 4-byte match as long as possible. - //l := e.matchlen(s+4, t+4, src) + 4 - var l int32 - { - a := src[s+4:] - b := src[t+4:] - endI := len(a) & (math.MaxInt32 - 7) - l = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - l = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + l := e.matchlen(s+4, t+4, src) + 4 // Extend backwards tMin := s - e.maxMatchOff @@ -286,20 +258,7 @@ encodeLoop: if o2 := s - offset2; canRepeat && load3232(src, o2) == uint32(cv) { // We have at least 4 byte match. // No need to check backwards. We come straight from a match - //l := 4 + e.matchlen(s+4, o2+4, src) - var l int32 - { - a := src[s+4:] - b := src[o2+4:] - endI := len(a) & (math.MaxInt32 - 7) - l = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - l = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + l := 4 + e.matchlen(s+4, o2+4, src) // Store this, since we have it. nextHash := hashLen(cv, hashLog, tableFastHashLen) @@ -418,21 +377,7 @@ encodeLoop: if len(blk.sequences) > 2 && load3232(src, repIndex) == uint32(cv>>16) { // Consider history as well. var seq seq - // length := 4 + e.matchlen(s+6, repIndex+4, src) - // length := 4 + int32(matchLen(src[s+6:], src[repIndex+4:])) - var length int32 - { - a := src[s+6:] - b := src[repIndex+4:] - endI := len(a) & (math.MaxInt32 - 7) - length = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - length = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + length := 4 + e.matchlen(s+6, repIndex+4, src) seq.matchLen = uint32(length - zstdMinMatch) @@ -522,21 +467,7 @@ encodeLoop: panic(fmt.Sprintf("t (%d) < 0 ", t)) } // Extend the 4-byte match as long as possible. - //l := e.matchlenNoHist(s+4, t+4, src) + 4 - // l := int32(matchLen(src[s+4:], src[t+4:])) + 4 - var l int32 - { - a := src[s+4:] - b := src[t+4:] - endI := len(a) & (math.MaxInt32 - 7) - l = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - l = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + l := e.matchlen(s+4, t+4, src) + 4 // Extend backwards tMin := s - e.maxMatchOff @@ -573,21 +504,7 @@ encodeLoop: if o2 := s - offset2; len(blk.sequences) > 2 && load3232(src, o2) == uint32(cv) { // We have at least 4 byte match. // No need to check backwards. We come straight from a match - //l := 4 + e.matchlenNoHist(s+4, o2+4, src) - // l := 4 + int32(matchLen(src[s+4:], src[o2+4:])) - var l int32 - { - a := src[s+4:] - b := src[o2+4:] - endI := len(a) & (math.MaxInt32 - 7) - l = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - l = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + l := 4 + e.matchlen(s+4, o2+4, src) // Store this, since we have it. nextHash := hashLen(cv, hashLog, tableFastHashLen) @@ -731,19 +648,7 @@ encodeLoop: // Consider history as well. var seq seq var length int32 - // length = 4 + e.matchlen(s+6, repIndex+4, src) - { - a := src[s+6:] - b := src[repIndex+4:] - endI := len(a) & (math.MaxInt32 - 7) - length = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - length = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + length = 4 + e.matchlen(s+6, repIndex+4, src) seq.matchLen = uint32(length - zstdMinMatch) @@ -831,20 +736,7 @@ encodeLoop: } // Extend the 4-byte match as long as possible. - //l := e.matchlen(s+4, t+4, src) + 4 - var l int32 - { - a := src[s+4:] - b := src[t+4:] - endI := len(a) & (math.MaxInt32 - 7) - l = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - l = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + l := e.matchlen(s+4, t+4, src) + 4 // Extend backwards tMin := s - e.maxMatchOff @@ -881,20 +773,7 @@ encodeLoop: if o2 := s - offset2; canRepeat && load3232(src, o2) == uint32(cv) { // We have at least 4 byte match. // No need to check backwards. We come straight from a match - //l := 4 + e.matchlen(s+4, o2+4, src) - var l int32 - { - a := src[s+4:] - b := src[o2+4:] - endI := len(a) & (math.MaxInt32 - 7) - l = int32(endI) + 4 - for i := 0; i < endI; i += 8 { - if diff := load64(a, i) ^ load64(b, i); diff != 0 { - l = int32(i+bits.TrailingZeros64(diff)>>3) + 4 - break - } - } - } + l := 4 + e.matchlen(s+4, o2+4, src) // Store this, since we have it. nextHash := hashLen(cv, hashLog, tableFastHashLen) diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder.go b/vendor/github.com/klauspost/compress/zstd/fse_decoder.go index e6d3d49b39..bb3d4fd6c3 100644 --- a/vendor/github.com/klauspost/compress/zstd/fse_decoder.go +++ b/vendor/github.com/klauspost/compress/zstd/fse_decoder.go @@ -379,7 +379,7 @@ func (s decSymbol) final() (int, uint8) { // This can only be used if no symbols are 0 bits. // At least tablelog bits must be available in the bit reader. func (s *fseState) nextFast(br *bitReader) (uint32, uint8) { - lowBits := uint16(br.getBitsFast(s.state.nbBits())) + lowBits := br.get16BitsFast(s.state.nbBits()) s.state = s.dt[s.state.newState()+lowBits] return s.state.baseline(), s.state.addBits() } diff --git a/vendor/github.com/klauspost/compress/zstd/fse_encoder.go b/vendor/github.com/klauspost/compress/zstd/fse_encoder.go index b4757ee3f0..5442061b18 100644 --- a/vendor/github.com/klauspost/compress/zstd/fse_encoder.go +++ b/vendor/github.com/klauspost/compress/zstd/fse_encoder.go @@ -62,9 +62,8 @@ func (s symbolTransform) String() string { // To indicate that you have populated the histogram call HistogramFinished // with the value of the highest populated symbol, as well as the number of entries // in the most populated entry. These are accepted at face value. -// The returned slice will always be length 256. -func (s *fseEncoder) Histogram() []uint32 { - return s.count[:] +func (s *fseEncoder) Histogram() *[256]uint32 { + return &s.count } // HistogramFinished can be called to indicate that the histogram has been populated. diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/BUILD.bazel b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/BUILD.bazel index 06a8f2a90e..da69f492bc 100644 --- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/BUILD.bazel +++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/BUILD.bazel @@ -4,8 +4,9 @@ go_library( name = "go_default_library", srcs = [ "xxhash.go", - "xxhash_amd64.go", "xxhash_amd64.s", + "xxhash_arm64.s", + "xxhash_asm.go", "xxhash_other.go", "xxhash_safe.go", ], diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s new file mode 100644 index 0000000000..6626095890 --- /dev/null +++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s @@ -0,0 +1,189 @@ +// +build gc,!purego + +#include "textflag.h" + +// Register allocation. +#define digest R1 +#define h R2 // Return value. +#define p R3 // Input pointer. +#define len R4 +#define nblocks R5 // len / 32. +#define prime1 R7 +#define prime2 R8 +#define prime3 R9 +#define prime4 R10 +#define prime5 R11 +#define v1 R12 +#define v2 R13 +#define v3 R14 +#define v4 R15 +#define x1 R20 +#define x2 R21 +#define x3 R22 +#define x4 R23 + +#define round(acc, x) \ + MADD prime2, acc, x, acc \ + ROR $64-31, acc \ + MUL prime1, acc \ + +// x = round(0, x). +#define round0(x) \ + MUL prime2, x \ + ROR $64-31, x \ + MUL prime1, x \ + +#define mergeRound(x) \ + round0(x) \ + EOR x, h \ + MADD h, prime4, prime1, h \ + +// Update v[1-4] with 32-byte blocks. Assumes len >= 32. +#define blocksLoop() \ + LSR $5, len, nblocks \ + PCALIGN $16 \ +loop: \ + LDP.P 32(p), (x1, x2) \ + round(v1, x1) \ + LDP -16(p), (x3, x4) \ + round(v2, x2) \ + SUB $1, nblocks \ + round(v3, x3) \ + round(v4, x4) \ + CBNZ nblocks, loop \ + + +// The primes are repeated here to ensure that they're stored +// in a contiguous array, so we can load them with LDP. +DATA primes<> +0(SB)/8, $11400714785074694791 +DATA primes<> +8(SB)/8, $14029467366897019727 +DATA primes<>+16(SB)/8, $1609587929392839161 +DATA primes<>+24(SB)/8, $9650029242287828579 +DATA primes<>+32(SB)/8, $2870177450012600261 +GLOBL primes<>(SB), NOPTR+RODATA, $40 + + +// func Sum64(b []byte) uint64 +TEXT ·Sum64(SB), NOFRAME+NOSPLIT, $0-32 + LDP b_base+0(FP), (p, len) + + LDP primes<> +0(SB), (prime1, prime2) + LDP primes<>+16(SB), (prime3, prime4) + MOVD primes<>+32(SB), prime5 + + CMP $32, len + CSEL LO, prime5, ZR, h // if len < 32 { h = prime5 } else { h = 0 } + BLO afterLoop + + ADD prime1, prime2, v1 + MOVD prime2, v2 + MOVD $0, v3 + NEG prime1, v4 + + blocksLoop() + + ROR $64-1, v1, x1 + ROR $64-7, v2, x2 + ADD x1, x2 + ROR $64-12, v3, x3 + ROR $64-18, v4, x4 + ADD x3, x4 + ADD x2, x4, h + + mergeRound(v1) + mergeRound(v2) + mergeRound(v3) + mergeRound(v4) + +afterLoop: + ADD len, h + + TBZ $4, len, try8 + LDP.P 16(p), (x1, x2) + + round0(x1) + ROR $64-27, h + EOR x1 @> 64-27, h, h + MADD h, prime4, prime1, h + + round0(x2) + ROR $64-27, h + EOR x2 @> 64-27, h + MADD h, prime4, prime1, h + +try8: + TBZ $3, len, try4 + MOVD.P 8(p), x1 + + round0(x1) + ROR $64-27, h + EOR x1 @> 64-27, h + MADD h, prime4, prime1, h + +try4: + TBZ $2, len, try2 + MOVWU.P 4(p), x2 + + MUL prime1, x2 + ROR $64-23, h + EOR x2 @> 64-23, h + MADD h, prime3, prime2, h + +try2: + TBZ $1, len, try1 + MOVHU.P 2(p), x3 + AND $255, x3, x1 + LSR $8, x3, x2 + + MUL prime5, x1 + ROR $64-11, h + EOR x1 @> 64-11, h + MUL prime1, h + + MUL prime5, x2 + ROR $64-11, h + EOR x2 @> 64-11, h + MUL prime1, h + +try1: + TBZ $0, len, end + MOVBU (p), x4 + + MUL prime5, x4 + ROR $64-11, h + EOR x4 @> 64-11, h + MUL prime1, h + +end: + EOR h >> 33, h + MUL prime2, h + EOR h >> 29, h + MUL prime3, h + EOR h >> 32, h + + MOVD h, ret+24(FP) + RET + + +// func writeBlocks(d *Digest, b []byte) int +// +// Assumes len(b) >= 32. +TEXT ·writeBlocks(SB), NOFRAME+NOSPLIT, $0-40 + LDP primes<>(SB), (prime1, prime2) + + // Load state. Assume v[1-4] are stored contiguously. + MOVD d+0(FP), digest + LDP 0(digest), (v1, v2) + LDP 16(digest), (v3, v4) + + LDP b_base+8(FP), (p, len) + + blocksLoop() + + // Store updated state. + STP (v1, v2), 0(digest) + STP (v3, v4), 16(digest) + + BIC $31, len + MOVD len, ret+32(FP) + RET diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go similarity index 55% rename from vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.go rename to vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go index 0ae847f75b..9216e0a40c 100644 --- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.go +++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go @@ -1,5 +1,8 @@ -//go:build !appengine && gc && !purego -// +build !appengine,gc,!purego +//go:build (amd64 || arm64) && !appengine && gc && !purego +// +build amd64 arm64 +// +build !appengine +// +build gc +// +build !purego package xxhash diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go index 1f52f296e7..2deb1ca755 100644 --- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go +++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go @@ -1,5 +1,5 @@ -//go:build !amd64 || appengine || !gc || purego -// +build !amd64 appengine !gc purego +//go:build (!amd64 && !arm64) || appengine || !gc || purego +// +build !amd64,!arm64 appengine !gc purego package xxhash diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec.go b/vendor/github.com/klauspost/compress/zstd/seqdec.go index 1dd39e63b7..bc731e4cb6 100644 --- a/vendor/github.com/klauspost/compress/zstd/seqdec.go +++ b/vendor/github.com/klauspost/compress/zstd/seqdec.go @@ -278,7 +278,7 @@ func (s *sequenceDecs) decode(seqs int, br *bitReader, hist []byte) error { mlState = mlTable[mlState.newState()&maxTableMask] ofState = ofTable[ofState.newState()&maxTableMask] } else { - bits := br.getBitsFast(nBits) + bits := br.get32BitsFast(nBits) lowBits := uint16(bits >> ((ofState.nbBits() + mlState.nbBits()) & 31)) llState = llTable[(llState.newState()+lowBits)&maxTableMask] @@ -326,7 +326,7 @@ func (s *sequenceDecs) updateAlt(br *bitReader) { s.offsets.state.state = s.offsets.state.dt[c.newState()] return } - bits := br.getBitsFast(nBits) + bits := br.get32BitsFast(nBits) lowBits := uint16(bits >> ((c.nbBits() + b.nbBits()) & 31)) s.litLengths.state.state = s.litLengths.state.dt[a.newState()+lowBits] diff --git a/vendor/github.com/mitchellh/copystructure/copystructure.go b/vendor/github.com/mitchellh/copystructure/copystructure.go index f2b925e75f..8089e6670a 100644 --- a/vendor/github.com/mitchellh/copystructure/copystructure.go +++ b/vendor/github.com/mitchellh/copystructure/copystructure.go @@ -51,6 +51,19 @@ type CopierFunc func(interface{}) (interface{}, error) // this map as well as to Copy in a mutex. var Copiers map[reflect.Type]CopierFunc = make(map[reflect.Type]CopierFunc) +// ShallowCopiers is a map of pointer types that behave specially +// when they are copied. If a type is found in this map while deep +// copying, the pointer value will be shallow copied and not walked +// into. +// +// The key should be the type, obtained using: reflect.TypeOf(value +// with type). +// +// It is unsafe to write to this map after Copies have started. If you +// are writing to this map while also copying, wrap all modifications to +// this map as well as to Copy in a mutex. +var ShallowCopiers map[reflect.Type]struct{} = make(map[reflect.Type]struct{}) + // Must is a helper that wraps a call to a function returning // (interface{}, error) and panics if the error is non-nil. It is intended // for use in variable initializations and should only be used when a copy @@ -73,6 +86,11 @@ type Config struct { // Copiers is a map of types associated with a CopierFunc. Use the global // Copiers map if this is nil. Copiers map[reflect.Type]CopierFunc + + // ShallowCopiers is a map of pointer types that when they are + // shallow copied no matter where they are encountered. Use the + // global ShallowCopiers if this is nil. + ShallowCopiers map[reflect.Type]struct{} } func (c Config) Copy(v interface{}) (interface{}, error) { @@ -88,6 +106,12 @@ func (c Config) Copy(v interface{}) (interface{}, error) { if c.Copiers == nil { c.Copiers = Copiers } + w.copiers = c.Copiers + + if c.ShallowCopiers == nil { + c.ShallowCopiers = ShallowCopiers + } + w.shallowCopiers = c.ShallowCopiers err := reflectwalk.Walk(v, w) if err != nil { @@ -116,10 +140,12 @@ func ifaceKey(pointers, depth int) uint64 { type walker struct { Result interface{} - depth int - ignoreDepth int - vals []reflect.Value - cs []reflect.Value + copiers map[reflect.Type]CopierFunc + shallowCopiers map[reflect.Type]struct{} + depth int + ignoreDepth int + vals []reflect.Value + cs []reflect.Value // This stores the number of pointers we've walked over, indexed by depth. ps []int @@ -286,6 +312,20 @@ func (w *walker) PointerExit(v bool) error { return nil } +func (w *walker) Pointer(v reflect.Value) error { + if _, ok := w.shallowCopiers[v.Type()]; ok { + // Shallow copy this value. Use the same logic as primitive, then + // return skip. + if err := w.Primitive(v); err != nil { + return err + } + + return reflectwalk.SkipEntry + } + + return nil +} + func (w *walker) Interface(v reflect.Value) error { if !v.IsValid() { return nil @@ -379,7 +419,7 @@ func (w *walker) Struct(s reflect.Value) error { w.lock(s) var v reflect.Value - if c, ok := Copiers[s.Type()]; ok { + if c, ok := w.copiers[s.Type()]; ok { // We have a Copier for this struct, so we use that copier to // get the copy, and we ignore anything deeper than this. w.ignoreDepth = w.depth diff --git a/vendor/github.com/mitchellh/reflectwalk/reflectwalk.go b/vendor/github.com/mitchellh/reflectwalk/reflectwalk.go index 3a93a0b114..7fee7b050b 100644 --- a/vendor/github.com/mitchellh/reflectwalk/reflectwalk.go +++ b/vendor/github.com/mitchellh/reflectwalk/reflectwalk.go @@ -69,6 +69,13 @@ type PointerWalker interface { PointerExit(bool) error } +// PointerValueWalker implementations are notified with the value of +// a particular pointer when a pointer is walked. Pointer is called +// right before PointerEnter. +type PointerValueWalker interface { + Pointer(reflect.Value) error +} + // SkipEntry can be returned from walk functions to skip walking // the value of this field. This is only valid in the following functions: // @@ -130,6 +137,17 @@ func walk(v reflect.Value, w interface{}) (err error) { } if pointerV.Kind() == reflect.Ptr { + if pw, ok := w.(PointerValueWalker); ok { + if err = pw.Pointer(pointerV); err != nil { + if err == SkipEntry { + // Skip the rest of this entry but clear the error + return nil + } + + return + } + } + pointer = true v = reflect.Indirect(pointerV) } diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go index 581cf7cdfa..35d8108958 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go @@ -53,10 +53,4 @@ const ( // AnnotationDescription is the annotation key for the human-readable description of the software packaged in the image. AnnotationDescription = "org.opencontainers.image.description" - - // AnnotationBaseImageDigest is the annotation key for the digest of the image's base image. - AnnotationBaseImageDigest = "org.opencontainers.image.base.digest" - - // AnnotationBaseImageName is the annotation key for the image reference of the image's base image. - AnnotationBaseImageName = "org.opencontainers.image.base.name" ) diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go index ffff4b6d18..fe799bd698 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go @@ -89,20 +89,9 @@ type Image struct { // Architecture is the CPU architecture which the binaries in this image are built to run on. Architecture string `json:"architecture"` - // Variant is the variant of the specified CPU architecture which image binaries are intended to run on. - Variant string `json:"variant,omitempty"` - // OS is the name of the operating system which the image is built to run on. OS string `json:"os"` - // OSVersion is an optional field specifying the operating system - // version, for example on Windows `10.0.14393.1066`. - OSVersion string `json:"os.version,omitempty"` - - // OSFeatures is an optional field specifying an array of strings, - // each listing a required OS feature (for example on Windows `win32k`). - OSFeatures []string `json:"os.features,omitempty"` - // Config defines the execution parameters which should be used as a base when running a container using the image. Config ImageConfig `json:"config,omitempty"` diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go index 4e6c4b2362..82da6c6a89 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go @@ -21,6 +21,9 @@ import "github.com/opencontainers/image-spec/specs-go" type Index struct { specs.Versioned + // MediaType specificies the type of this document data structure e.g. `application/vnd.oci.image.index.v1+json` + MediaType string `json:"mediaType,omitempty"` + // Manifests references platform specific manifests. Manifests []Descriptor `json:"manifests"` diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go index 7ff32c40ba..d72d15ce4b 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go @@ -20,6 +20,9 @@ import "github.com/opencontainers/image-spec/specs-go" type Manifest struct { specs.Versioned + // MediaType specificies the type of this document data structure e.g. `application/vnd.oci.image.manifest.v1+json` + MediaType string `json:"mediaType,omitempty"` + // Config references a configuration object for a container, by digest. // The referenced configuration object is a JSON blob that the runtime uses to set up the container. Config Descriptor `json:"config"` diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/mediatype.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/mediatype.go index 4f35ac134f..bad7bb97f4 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/mediatype.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/mediatype.go @@ -34,10 +34,6 @@ const ( // referenced by the manifest. MediaTypeImageLayerGzip = "application/vnd.oci.image.layer.v1.tar+gzip" - // MediaTypeImageLayerZstd is the media type used for zstd compressed - // layers referenced by the manifest. - MediaTypeImageLayerZstd = "application/vnd.oci.image.layer.v1.tar+zstd" - // MediaTypeImageLayerNonDistributable is the media type for layers referenced by // the manifest but with distribution restrictions. MediaTypeImageLayerNonDistributable = "application/vnd.oci.image.layer.nondistributable.v1.tar" @@ -47,11 +43,6 @@ const ( // restrictions. MediaTypeImageLayerNonDistributableGzip = "application/vnd.oci.image.layer.nondistributable.v1.tar+gzip" - // MediaTypeImageLayerNonDistributableZstd is the media type for zstd - // compressed layers referenced by the manifest but with distribution - // restrictions. - MediaTypeImageLayerNonDistributableZstd = "application/vnd.oci.image.layer.nondistributable.v1.tar+zstd" - // MediaTypeImageConfig specifies the media type for the image configuration. MediaTypeImageConfig = "application/vnd.oci.image.config.v1+json" ) diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/version.go b/vendor/github.com/opencontainers/image-spec/specs-go/version.go index 58f1095ab0..0d9543f160 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/version.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/version.go @@ -22,10 +22,10 @@ const ( // VersionMinor is for functionality in a backwards-compatible manner VersionMinor = 0 // VersionPatch is for backwards-compatible bug fixes - VersionPatch = 1 + VersionPatch = 2 // VersionDev indicates development branch. Releases will be empty string. - VersionDev = "-dev" + VersionDev = "" ) // Version is the specification version that the package types support. diff --git a/vendor/helm.sh/helm/v3/internal/experimental/registry/util.go b/vendor/helm.sh/helm/v3/internal/experimental/registry/util.go deleted file mode 100644 index 257e7af873..0000000000 --- a/vendor/helm.sh/helm/v3/internal/experimental/registry/util.go +++ /dev/null @@ -1,56 +0,0 @@ -/* -Copyright The Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package registry // import "helm.sh/helm/v3/internal/experimental/registry" - -import ( - "bytes" - "context" - "fmt" - "io" - "strings" - - "github.com/sirupsen/logrus" - orascontext "oras.land/oras-go/pkg/context" - - "helm.sh/helm/v3/pkg/chart" - "helm.sh/helm/v3/pkg/chart/loader" -) - -// IsOCI determines whether or not a URL is to be treated as an OCI URL -func IsOCI(url string) bool { - return strings.HasPrefix(url, fmt.Sprintf("%s://", OCIScheme)) -} - -// extractChartMeta is used to extract a chart metadata from a byte array -func extractChartMeta(chartData []byte) (*chart.Metadata, error) { - ch, err := loader.LoadArchive(bytes.NewReader(chartData)) - if err != nil { - return nil, err - } - return ch.Metadata, nil -} - -// ctx retrieves a fresh context. -// disable verbose logging coming from ORAS (unless debug is enabled) -func ctx(out io.Writer, debug bool) context.Context { - if !debug { - return orascontext.Background() - } - ctx := orascontext.WithLoggerFromWriter(context.Background(), out) - orascontext.GetLogger(ctx).Logger.SetLevel(logrus.DebugLevel) - return ctx -} diff --git a/vendor/helm.sh/helm/v3/internal/version/version.go b/vendor/helm.sh/helm/v3/internal/version/version.go index 201eee3598..edf8546f07 100644 --- a/vendor/helm.sh/helm/v3/internal/version/version.go +++ b/vendor/helm.sh/helm/v3/internal/version/version.go @@ -29,7 +29,7 @@ var ( // // Increment major number for new feature additions and behavioral changes. // Increment minor number for bug fixes and performance enhancements. - version = "v3.7" + version = "v3.8" // metadata is extra build time data metadata = "" diff --git a/vendor/helm.sh/helm/v3/pkg/cli/environment.go b/vendor/helm.sh/helm/v3/pkg/cli/environment.go index ee60d981f6..d5b208015a 100644 --- a/vendor/helm.sh/helm/v3/pkg/cli/environment.go +++ b/vendor/helm.sh/helm/v3/pkg/cli/environment.go @@ -81,7 +81,7 @@ func New() *EnvSettings { KubeAPIServer: os.Getenv("HELM_KUBEAPISERVER"), KubeCaFile: os.Getenv("HELM_KUBECAFILE"), PluginsDirectory: envOr("HELM_PLUGINS", helmpath.DataPath("plugins")), - RegistryConfig: envOr("HELM_REGISTRY_CONFIG", helmpath.ConfigPath("registry.json")), + RegistryConfig: envOr("HELM_REGISTRY_CONFIG", helmpath.ConfigPath("registry/config.json")), RepositoryConfig: envOr("HELM_REPOSITORY_CONFIG", helmpath.ConfigPath("repositories.yaml")), RepositoryCache: envOr("HELM_REPOSITORY_CACHE", helmpath.CachePath("repository")), } @@ -180,6 +180,11 @@ func (s *EnvSettings) Namespace() string { return "default" } +// SetNamespace sets the namespace in the configuration +func (s *EnvSettings) SetNamespace(namespace string) { + s.namespace = namespace +} + // RESTClientGetter gets the kubeconfig from EnvSettings func (s *EnvSettings) RESTClientGetter() genericclioptions.RESTClientGetter { return s.config diff --git a/vendor/helm.sh/helm/v3/pkg/getter/BUILD.bazel b/vendor/helm.sh/helm/v3/pkg/getter/BUILD.bazel index 86254f8da4..5ae532163c 100644 --- a/vendor/helm.sh/helm/v3/pkg/getter/BUILD.bazel +++ b/vendor/helm.sh/helm/v3/pkg/getter/BUILD.bazel @@ -14,11 +14,11 @@ go_library( visibility = ["//visibility:public"], deps = [ "//vendor/github.com/pkg/errors:go_default_library", - "//vendor/helm.sh/helm/v3/internal/experimental/registry:go_default_library", "//vendor/helm.sh/helm/v3/internal/tlsutil:go_default_library", "//vendor/helm.sh/helm/v3/internal/urlutil:go_default_library", "//vendor/helm.sh/helm/v3/internal/version:go_default_library", "//vendor/helm.sh/helm/v3/pkg/cli:go_default_library", "//vendor/helm.sh/helm/v3/pkg/plugin:go_default_library", + "//vendor/helm.sh/helm/v3/pkg/registry:go_default_library", ], ) diff --git a/vendor/helm.sh/helm/v3/pkg/getter/getter.go b/vendor/helm.sh/helm/v3/pkg/getter/getter.go index 3a0567a873..7f830bac70 100644 --- a/vendor/helm.sh/helm/v3/pkg/getter/getter.go +++ b/vendor/helm.sh/helm/v3/pkg/getter/getter.go @@ -22,8 +22,8 @@ import ( "github.com/pkg/errors" - "helm.sh/helm/v3/internal/experimental/registry" "helm.sh/helm/v3/pkg/cli" + "helm.sh/helm/v3/pkg/registry" ) // options are generic parameters to be provided to the getter during instantiation. diff --git a/vendor/helm.sh/helm/v3/pkg/getter/ocigetter.go b/vendor/helm.sh/helm/v3/pkg/getter/ocigetter.go index 45c92749c5..76c2db6283 100644 --- a/vendor/helm.sh/helm/v3/pkg/getter/ocigetter.go +++ b/vendor/helm.sh/helm/v3/pkg/getter/ocigetter.go @@ -20,7 +20,7 @@ import ( "fmt" "strings" - "helm.sh/helm/v3/internal/experimental/registry" + "helm.sh/helm/v3/pkg/registry" ) // OCIGetter is the default HTTP(/S) backend handler @@ -28,7 +28,7 @@ type OCIGetter struct { opts options } -//Get performs a Get from repo.Getter and returns the body. +// Get performs a Get from repo.Getter and returns the body. func (g *OCIGetter) Get(href string, options ...Option) (*bytes.Buffer, error) { for _, opt := range options { opt(&g.opts) @@ -50,10 +50,6 @@ func (g *OCIGetter) get(href string) (*bytes.Buffer, error) { registry.PullOptWithProv(true)) } - if version := g.opts.version; version != "" { - ref = fmt.Sprintf("%s:%s", ref, version) - } - result, err := client.Pull(ref, pullOpts...) if err != nil { return nil, err diff --git a/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_darwin.go b/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_darwin.go index e112b8337e..80477abab7 100644 --- a/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_darwin.go +++ b/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_darwin.go @@ -11,6 +11,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +//go:build darwin // +build darwin package helmpath diff --git a/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_unix.go b/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_unix.go index b4eae9f664..a5afc12371 100644 --- a/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_unix.go +++ b/vendor/helm.sh/helm/v3/pkg/helmpath/lazypath_unix.go @@ -11,6 +11,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +//go:build !windows && !darwin // +build !windows,!darwin package helmpath diff --git a/vendor/helm.sh/helm/v3/internal/experimental/registry/BUILD.bazel b/vendor/helm.sh/helm/v3/pkg/registry/BUILD.bazel similarity index 71% rename from vendor/helm.sh/helm/v3/internal/experimental/registry/BUILD.bazel rename to vendor/helm.sh/helm/v3/pkg/registry/BUILD.bazel index 61f69f8993..f6791a7fcb 100644 --- a/vendor/helm.sh/helm/v3/internal/experimental/registry/BUILD.bazel +++ b/vendor/helm.sh/helm/v3/pkg/registry/BUILD.bazel @@ -7,10 +7,11 @@ go_library( "constants.go", "util.go", ], - importmap = "k8s.io/kops/vendor/helm.sh/helm/v3/internal/experimental/registry", - importpath = "helm.sh/helm/v3/internal/experimental/registry", - visibility = ["//vendor/helm.sh/helm/v3:__subpackages__"], + importmap = "k8s.io/kops/vendor/helm.sh/helm/v3/pkg/registry", + importpath = "helm.sh/helm/v3/pkg/registry", + visibility = ["//visibility:public"], deps = [ + "//vendor/github.com/Masterminds/semver/v3:go_default_library", "//vendor/github.com/containerd/containerd/remotes:go_default_library", "//vendor/github.com/opencontainers/image-spec/specs-go/v1:go_default_library", "//vendor/github.com/pkg/errors:go_default_library", @@ -24,5 +25,8 @@ go_library( "//vendor/oras.land/oras-go/pkg/content:go_default_library", "//vendor/oras.land/oras-go/pkg/context:go_default_library", "//vendor/oras.land/oras-go/pkg/oras:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry/remote:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry/remote/auth:go_default_library", ], ) diff --git a/vendor/helm.sh/helm/v3/internal/experimental/registry/client.go b/vendor/helm.sh/helm/v3/pkg/registry/client.go similarity index 71% rename from vendor/helm.sh/helm/v3/internal/experimental/registry/client.go rename to vendor/helm.sh/helm/v3/pkg/registry/client.go index cc9e1fe796..679cd690d4 100644 --- a/vendor/helm.sh/helm/v3/internal/experimental/registry/client.go +++ b/vendor/helm.sh/helm/v3/pkg/registry/client.go @@ -14,16 +14,19 @@ See the License for the specific language governing permissions and limitations under the License. */ -package registry // import "helm.sh/helm/v3/internal/experimental/registry" +package registry // import "helm.sh/helm/v3/pkg/registry" import ( + "context" "encoding/json" "fmt" "io" "io/ioutil" "net/http" + "sort" "strings" + "github.com/Masterminds/semver/v3" "github.com/containerd/containerd/remotes" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" @@ -31,21 +34,32 @@ import ( dockerauth "oras.land/oras-go/pkg/auth/docker" "oras.land/oras-go/pkg/content" "oras.land/oras-go/pkg/oras" + "oras.land/oras-go/pkg/registry" + registryremote "oras.land/oras-go/pkg/registry/remote" + registryauth "oras.land/oras-go/pkg/registry/remote/auth" "helm.sh/helm/v3/internal/version" "helm.sh/helm/v3/pkg/chart" "helm.sh/helm/v3/pkg/helmpath" ) +// See https://github.com/helm/helm/issues/10166 +const registryUnderscoreMessage = ` +OCI artifact references (e.g. tags) do not support the plus sign (+). To support +storing semantic versions, Helm adopts the convention of changing plus (+) to +an underscore (_) in chart version tags when pushing to a registry and back to +a plus (+) when pulling from a registry.` + type ( // Client works with OCI-compliant registries Client struct { debug bool // path to repository config file e.g. ~/.docker/config.json - credentialsFile string - out io.Writer - authorizer auth.Client - resolver remotes.Resolver + credentialsFile string + out io.Writer + authorizer auth.Client + registryAuthorizer *registryauth.Client + resolver remotes.Resolver } // ClientOption allows specifying various settings configurable by the user for overriding the defaults @@ -65,7 +79,7 @@ func NewClient(options ...ClientOption) (*Client, error) { client.credentialsFile = helmpath.ConfigPath(CredentialsFileBasename) } if client.authorizer == nil { - authClient, err := dockerauth.NewClient(client.credentialsFile) + authClient, err := dockerauth.NewClientWithDockerFallback(client.credentialsFile) if err != nil { return nil, err } @@ -81,6 +95,39 @@ func NewClient(options ...ClientOption) (*Client, error) { } client.resolver = resolver } + if client.registryAuthorizer == nil { + client.registryAuthorizer = ®istryauth.Client{ + Header: http.Header{ + "User-Agent": {version.GetUserAgent()}, + }, + Cache: registryauth.DefaultCache, + Credential: func(ctx context.Context, reg string) (registryauth.Credential, error) { + dockerClient, ok := client.authorizer.(*dockerauth.Client) + if !ok { + return registryauth.EmptyCredential, errors.New("unable to obtain docker client") + } + + username, password, err := dockerClient.Credential(reg) + if err != nil { + return registryauth.EmptyCredential, errors.New("unable to retrieve credentials") + } + + // A blank returned username and password value is a bearer token + if username == "" && password != "" { + return registryauth.Credential{ + RefreshToken: password, + }, nil + } + + return registryauth.Credential{ + Username: username, + Password: password, + }, nil + + }, + } + + } return client, nil } @@ -207,6 +254,11 @@ type ( // Pull downloads a chart from a registry func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { + parsedRef, err := parseReference(ref) + if err != nil { + return nil, err + } + operation := &pullOperation{ withChart: true, // By default, always download the chart layer } @@ -217,7 +269,7 @@ func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { return nil, errors.New( "must specify at least one layer to pull (chart/prov)") } - store := content.NewMemoryStore() + memoryStore := content.NewMemory() allowedMediaTypes := []string{ ConfigMediaType, } @@ -232,12 +284,23 @@ func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { } allowedMediaTypes = append(allowedMediaTypes, ProvLayerMediaType) } - manifest, descriptors, err := oras.Pull(ctx(c.out, c.debug), c.resolver, ref, store, + + var descriptors, layers []ocispec.Descriptor + registryStore := content.Registry{Resolver: c.resolver} + + manifest, err := oras.Copy(ctx(c.out, c.debug), registryStore, parsedRef.String(), memoryStore, "", oras.WithPullEmptyNameAllowed(), - oras.WithAllowedMediaTypes(allowedMediaTypes)) + oras.WithAllowedMediaTypes(allowedMediaTypes), + oras.WithLayerDescriptors(func(l []ocispec.Descriptor) { + layers = l + })) if err != nil { return nil, err } + + descriptors = append(descriptors, manifest) + descriptors = append(descriptors, layers...) + numDescriptors := len(descriptors) if numDescriptors < minNumDescriptors { return nil, errors.New( @@ -291,10 +354,10 @@ func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { }, Chart: &descriptorPullSummaryWithMeta{}, Prov: &descriptorPullSummary{}, - Ref: ref, + Ref: parsedRef.String(), } var getManifestErr error - if _, manifestData, ok := store.Get(manifest); !ok { + if _, manifestData, ok := memoryStore.Get(manifest); !ok { getManifestErr = errors.Errorf("Unable to retrieve blob with digest %s", manifest.Digest) } else { result.Manifest.Data = manifestData @@ -303,7 +366,7 @@ func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { return nil, getManifestErr } var getConfigDescriptorErr error - if _, configData, ok := store.Get(*configDescriptor); !ok { + if _, configData, ok := memoryStore.Get(*configDescriptor); !ok { getConfigDescriptorErr = errors.Errorf("Unable to retrieve blob with digest %s", configDescriptor.Digest) } else { result.Config.Data = configData @@ -318,7 +381,7 @@ func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { } if operation.withChart { var getChartDescriptorErr error - if _, chartData, ok := store.Get(*chartDescriptor); !ok { + if _, chartData, ok := memoryStore.Get(*chartDescriptor); !ok { getChartDescriptorErr = errors.Errorf("Unable to retrieve blob with digest %s", chartDescriptor.Digest) } else { result.Chart.Data = chartData @@ -331,7 +394,7 @@ func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { } if operation.withProv && !provMissing { var getProvDescriptorErr error - if _, provData, ok := store.Get(*provDescriptor); !ok { + if _, provData, ok := memoryStore.Get(*provDescriptor); !ok { getProvDescriptorErr = errors.Errorf("Unable to retrieve blob with digest %s", provDescriptor.Digest) } else { result.Prov.Data = provData @@ -342,8 +405,15 @@ func (c *Client) Pull(ref string, options ...PullOption) (*PullResult, error) { return nil, getProvDescriptorErr } } + fmt.Fprintf(c.out, "Pulled: %s\n", result.Ref) fmt.Fprintf(c.out, "Digest: %s\n", result.Manifest.Digest) + + if strings.Contains(result.Ref, "_") { + fmt.Fprintf(c.out, "%s contains an underscore.\n", result.Ref) + fmt.Fprint(c.out, registryUnderscoreMessage+"\n") + } + return result, nil } @@ -399,6 +469,11 @@ type ( // Push uploads a chart to a registry. func (c *Client) Push(data []byte, ref string, options ...PushOption) (*PushResult, error) { + parsedRef, err := parseReference(ref) + if err != nil { + return nil, err + } + operation := &pushOperation{ strictMode: true, // By default, enable strict mode } @@ -415,21 +490,45 @@ func (c *Client) Push(data []byte, ref string, options ...PushOption) (*PushResu "strict mode enabled, ref basename and tag must match the chart name and version") } } - store := content.NewMemoryStore() - chartDescriptor := store.Add("", ChartLayerMediaType, data) + memoryStore := content.NewMemory() + chartDescriptor, err := memoryStore.Add("", ChartLayerMediaType, data) + if err != nil { + return nil, err + } + configData, err := json.Marshal(meta) if err != nil { return nil, err } - configDescriptor := store.Add("", ConfigMediaType, configData) + + configDescriptor, err := memoryStore.Add("", ConfigMediaType, configData) + if err != nil { + return nil, err + } + descriptors := []ocispec.Descriptor{chartDescriptor} var provDescriptor ocispec.Descriptor if operation.provData != nil { - provDescriptor = store.Add("", ProvLayerMediaType, operation.provData) + provDescriptor, err = memoryStore.Add("", ProvLayerMediaType, operation.provData) + if err != nil { + return nil, err + } + descriptors = append(descriptors, provDescriptor) } - manifest, err := oras.Push(ctx(c.out, c.debug), c.resolver, ref, store, descriptors, - oras.WithConfig(configDescriptor), oras.WithNameValidation(nil)) + + manifestData, manifest, err := content.GenerateManifest(&configDescriptor, nil, descriptors...) + if err != nil { + return nil, err + } + + if err := memoryStore.StoreManifest(parsedRef.String(), manifest, manifestData); err != nil { + return nil, err + } + + registryStore := content.Registry{Resolver: c.resolver} + _, err = oras.Copy(ctx(c.out, c.debug), memoryStore, parsedRef.String(), registryStore, "", + oras.WithNameValidation(nil)) if err != nil { return nil, err } @@ -449,7 +548,7 @@ func (c *Client) Push(data []byte, ref string, options ...PushOption) (*PushResu }, Chart: chartSummary, Prov: &descriptorPushSummary{}, // prevent nil references - Ref: ref, + Ref: parsedRef.String(), } if operation.provData != nil { result.Prov = &descriptorPushSummary{ @@ -459,6 +558,11 @@ func (c *Client) Push(data []byte, ref string, options ...PushOption) (*PushResu } fmt.Fprintf(c.out, "Pushed: %s\n", result.Ref) fmt.Fprintf(c.out, "Digest: %s\n", result.Manifest.Digest) + if strings.Contains(parsedRef.Reference, "_") { + fmt.Fprintf(c.out, "%s contains an underscore.\n", result.Ref) + fmt.Fprint(c.out, registryUnderscoreMessage+"\n") + } + return result, err } @@ -475,3 +579,55 @@ func PushOptStrictMode(strictMode bool) PushOption { operation.strictMode = strictMode } } + +// Tags provides a sorted list all semver compliant tags for a given repository +func (c *Client) Tags(ref string) ([]string, error) { + parsedReference, err := registry.ParseReference(ref) + if err != nil { + return nil, err + } + + repository := registryremote.Repository{ + Reference: parsedReference, + Client: c.registryAuthorizer, + } + + var registryTags []string + + for { + registryTags, err = registry.Tags(ctx(c.out, c.debug), &repository) + if err != nil { + // Fallback to http based request + if !repository.PlainHTTP && strings.Contains(err.Error(), "server gave HTTP response") { + repository.PlainHTTP = true + continue + } + return nil, err + } + + break + + } + + var tagVersions []*semver.Version + for _, tag := range registryTags { + // Change underscore (_) back to plus (+) for Helm + // See https://github.com/helm/helm/issues/10166 + tagVersion, err := semver.StrictNewVersion(strings.ReplaceAll(tag, "_", "+")) + if err == nil { + tagVersions = append(tagVersions, tagVersion) + } + } + + // Sort the collection + sort.Sort(sort.Reverse(semver.Collection(tagVersions))) + + tags := make([]string, len(tagVersions)) + + for iTv, tv := range tagVersions { + tags[iTv] = tv.String() + } + + return tags, nil + +} diff --git a/vendor/helm.sh/helm/v3/internal/experimental/registry/constants.go b/vendor/helm.sh/helm/v3/pkg/registry/constants.go similarity index 91% rename from vendor/helm.sh/helm/v3/internal/experimental/registry/constants.go rename to vendor/helm.sh/helm/v3/pkg/registry/constants.go index 876e4dc138..570b6f0d3f 100644 --- a/vendor/helm.sh/helm/v3/internal/experimental/registry/constants.go +++ b/vendor/helm.sh/helm/v3/pkg/registry/constants.go @@ -14,14 +14,14 @@ See the License for the specific language governing permissions and limitations under the License. */ -package registry // import "helm.sh/helm/v3/internal/experimental/registry" +package registry // import "helm.sh/helm/v3/pkg/registry" const ( // OCIScheme is the URL scheme for OCI-based requests OCIScheme = "oci" // CredentialsFileBasename is the filename for auth credentials file - CredentialsFileBasename = "registry.json" + CredentialsFileBasename = "registry/config.json" // ConfigMediaType is the reserved media type for the Helm chart manifest config ConfigMediaType = "application/vnd.cncf.helm.config.v1+json" diff --git a/vendor/helm.sh/helm/v3/pkg/registry/util.go b/vendor/helm.sh/helm/v3/pkg/registry/util.go new file mode 100644 index 0000000000..47eed267ff --- /dev/null +++ b/vendor/helm.sh/helm/v3/pkg/registry/util.go @@ -0,0 +1,131 @@ +/* +Copyright The Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package registry // import "helm.sh/helm/v3/pkg/registry" + +import ( + "bytes" + "context" + "fmt" + "io" + "strings" + + "github.com/Masterminds/semver/v3" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + orascontext "oras.land/oras-go/pkg/context" + "oras.land/oras-go/pkg/registry" + + "helm.sh/helm/v3/pkg/chart" + "helm.sh/helm/v3/pkg/chart/loader" +) + +// IsOCI determines whether or not a URL is to be treated as an OCI URL +func IsOCI(url string) bool { + return strings.HasPrefix(url, fmt.Sprintf("%s://", OCIScheme)) +} + +// ContainsTag determines whether a tag is found in a provided list of tags +func ContainsTag(tags []string, tag string) bool { + for _, t := range tags { + if tag == t { + return true + } + } + return false +} + +func GetTagMatchingVersionOrConstraint(tags []string, versionString string) (string, error) { + var constraint *semver.Constraints + if versionString == "" { + // If string is empty, set wildcard constraint + constraint, _ = semver.NewConstraint("*") + } else { + // when customer input exact version, check whether have exact match + // one first + for _, v := range tags { + if versionString == v { + return v, nil + } + } + + // Otherwise set constraint to the string given + var err error + constraint, err = semver.NewConstraint(versionString) + if err != nil { + return "", err + } + } + + // Otherwise try to find the first available version matching the string, + // in case it is a constraint + for _, v := range tags { + test, err := semver.NewVersion(v) + if err != nil { + continue + } + if constraint.Check(test) { + return v, nil + } + } + + return "", errors.Errorf("Could not locate a version matching provided version string %s", versionString) +} + +// extractChartMeta is used to extract a chart metadata from a byte array +func extractChartMeta(chartData []byte) (*chart.Metadata, error) { + ch, err := loader.LoadArchive(bytes.NewReader(chartData)) + if err != nil { + return nil, err + } + return ch.Metadata, nil +} + +// ctx retrieves a fresh context. +// disable verbose logging coming from ORAS (unless debug is enabled) +func ctx(out io.Writer, debug bool) context.Context { + if !debug { + return orascontext.Background() + } + ctx := orascontext.WithLoggerFromWriter(context.Background(), out) + orascontext.GetLogger(ctx).Logger.SetLevel(logrus.DebugLevel) + return ctx +} + +// parseReference will parse and validate the reference, and clean tags when +// applicable tags are only cleaned when plus (+) signs are present, and are +// converted to underscores (_) before pushing +// See https://github.com/helm/helm/issues/10166 +func parseReference(raw string) (registry.Reference, error) { + // The sole possible reference modification is replacing plus (+) signs + // present in tags with underscores (_). To do this properly, we first + // need to identify a tag, and then pass it on to the reference parser + // NOTE: Passing immediately to the reference parser will fail since (+) + // signs are an invalid tag character, and simply replacing all plus (+) + // occurrences could invalidate other portions of the URI + parts := strings.Split(raw, ":") + if len(parts) > 1 && !strings.Contains(parts[len(parts)-1], "/") { + tag := parts[len(parts)-1] + + if tag != "" { + // Replace any plus (+) signs with known underscore (_) conversion + newTag := strings.ReplaceAll(tag, "+", "_") + raw = strings.ReplaceAll(raw, tag, newTag) + } + } + + return registry.ParseReference(raw) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 6a6d2c6b64..f87eface1d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -4,7 +4,7 @@ cloud.google.com/go/compute/metadata # github.com/Azure/azure-pipeline-go v0.2.3 ## explicit; go 1.14 github.com/Azure/azure-pipeline-go/pipeline -# github.com/Azure/azure-sdk-for-go v56.2.0+incompatible +# github.com/Azure/azure-sdk-for-go v56.3.0+incompatible ## explicit github.com/Azure/azure-sdk-for-go/services/compute/mgmt/2020-06-01/compute github.com/Azure/azure-sdk-for-go/services/network/mgmt/2020-06-01/network @@ -21,12 +21,12 @@ github.com/Azure/go-ansiterm/winterm # github.com/Azure/go-autorest v14.2.0+incompatible ## explicit github.com/Azure/go-autorest -# github.com/Azure/go-autorest/autorest v0.11.19 -## explicit; go 1.12 +# github.com/Azure/go-autorest/autorest v0.11.20 +## explicit; go 1.15 github.com/Azure/go-autorest/autorest github.com/Azure/go-autorest/autorest/azure -# github.com/Azure/go-autorest/autorest/adal v0.9.14 -## explicit; go 1.12 +# github.com/Azure/go-autorest/autorest/adal v0.9.15 +## explicit; go 1.15 github.com/Azure/go-autorest/autorest/adal # github.com/Azure/go-autorest/autorest/azure/auth v0.5.7 ## explicit; go 1.12 @@ -176,6 +176,21 @@ github.com/blang/semver/v4 # github.com/cenkalti/backoff/v3 v3.0.0 ## explicit; go 1.12 github.com/cenkalti/backoff/v3 +# github.com/cert-manager/cert-manager v1.8.0 +## explicit; go 1.17 +github.com/cert-manager/cert-manager/pkg/apis/acme +github.com/cert-manager/cert-manager/pkg/apis/acme/v1 +github.com/cert-manager/cert-manager/pkg/apis/certmanager +github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1 +github.com/cert-manager/cert-manager/pkg/apis/meta +github.com/cert-manager/cert-manager/pkg/apis/meta/v1 +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/fake +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/scheme +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1 +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1 +github.com/cert-manager/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake # github.com/cespare/xxhash/v2 v2.1.2 ## explicit; go 1.11 github.com/cespare/xxhash/v2 @@ -185,7 +200,7 @@ github.com/chai2010/gettext-go/gettext github.com/chai2010/gettext-go/gettext/mo github.com/chai2010/gettext-go/gettext/plural github.com/chai2010/gettext-go/gettext/po -# github.com/containerd/containerd v1.5.7 +# github.com/containerd/containerd v1.5.10 ## explicit; go 1.16 github.com/containerd/containerd/archive/compression github.com/containerd/containerd/content @@ -219,13 +234,13 @@ github.com/digitalocean/godo # github.com/dimchansky/utfbom v1.1.1 ## explicit github.com/dimchansky/utfbom -# github.com/docker/cli v20.10.10+incompatible +# github.com/docker/cli v20.10.11+incompatible ## explicit github.com/docker/cli/cli/config github.com/docker/cli/cli/config/configfile github.com/docker/cli/cli/config/credentials github.com/docker/cli/cli/config/types -# github.com/docker/distribution v2.7.1+incompatible +# github.com/docker/distribution v2.8.1+incompatible ## explicit github.com/docker/distribution github.com/docker/distribution/digestset @@ -239,7 +254,7 @@ github.com/docker/distribution/registry/client/auth/challenge github.com/docker/distribution/registry/client/transport github.com/docker/distribution/registry/storage/cache github.com/docker/distribution/registry/storage/cache/memory -# github.com/docker/docker v20.10.10+incompatible +# github.com/docker/docker v20.10.12+incompatible ## explicit github.com/docker/docker/api/types github.com/docker/docker/api/types/blkiodev @@ -280,9 +295,6 @@ github.com/evanphx/json-patch # github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d ## explicit github.com/exponent-io/jsonpath -# github.com/form3tech-oss/jwt-go v3.2.3+incompatible -## explicit -github.com/form3tech-oss/jwt-go # github.com/fsnotify/fsnotify v1.5.1 ## explicit; go 1.13 github.com/fsnotify/fsnotify @@ -316,6 +328,9 @@ github.com/gogo/protobuf/gogoproto github.com/gogo/protobuf/proto github.com/gogo/protobuf/protoc-gen-gogo/descriptor github.com/gogo/protobuf/sortkeys +# github.com/golang-jwt/jwt/v4 v4.0.0 +## explicit; go 1.15 +github.com/golang-jwt/jwt/v4 # github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da ## explicit github.com/golang/groupcache/lru @@ -521,39 +536,6 @@ github.com/inconshreveable/mousetrap ## explicit; go 1.12 github.com/jacksontj/memberlistmesh github.com/jacksontj/memberlistmesh/clusterpb -# github.com/jetstack/cert-manager v1.6.2 -## explicit; go 1.17 -github.com/jetstack/cert-manager/pkg/apis/acme -github.com/jetstack/cert-manager/pkg/apis/acme/v1 -github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha2 -github.com/jetstack/cert-manager/pkg/apis/acme/v1alpha3 -github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1 -github.com/jetstack/cert-manager/pkg/apis/certmanager -github.com/jetstack/cert-manager/pkg/apis/certmanager/v1 -github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2 -github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha3 -github.com/jetstack/cert-manager/pkg/apis/certmanager/v1beta1 -github.com/jetstack/cert-manager/pkg/apis/meta -github.com/jetstack/cert-manager/pkg/apis/meta/v1 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/scheme -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha3/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1beta1/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha2/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1alpha3/fake -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1 -github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/certmanager/v1beta1/fake # github.com/jmespath/go-jmespath v0.4.0 ## explicit; go 1.14 github.com/jmespath/go-jmespath @@ -563,7 +545,7 @@ github.com/josharian/intern # github.com/json-iterator/go v1.1.12 ## explicit; go 1.12 github.com/json-iterator/go -# github.com/klauspost/compress v1.13.6 +# github.com/klauspost/compress v1.14.1 ## explicit; go 1.15 github.com/klauspost/compress github.com/klauspost/compress/fse @@ -594,7 +576,7 @@ github.com/matttproud/golang_protobuf_extensions/pbutil # github.com/miekg/dns v1.1.48 ## explicit; go 1.14 github.com/miekg/dns -# github.com/mitchellh/copystructure v1.1.1 +# github.com/mitchellh/copystructure v1.2.0 ## explicit; go 1.15 github.com/mitchellh/copystructure # github.com/mitchellh/go-homedir v1.1.0 @@ -606,7 +588,7 @@ github.com/mitchellh/go-wordwrap # github.com/mitchellh/mapstructure v1.4.3 ## explicit; go 1.14 github.com/mitchellh/mapstructure -# github.com/mitchellh/reflectwalk v1.0.1 +# github.com/mitchellh/reflectwalk v1.0.2 ## explicit github.com/mitchellh/reflectwalk # github.com/moby/locker v1.0.1 @@ -638,7 +620,7 @@ github.com/oklog/ulid # github.com/opencontainers/go-digest v1.0.0 ## explicit; go 1.13 github.com/opencontainers/go-digest -# github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 +# github.com/opencontainers/image-spec v1.0.2 ## explicit github.com/opencontainers/image-spec/specs-go github.com/opencontainers/image-spec/specs-go/v1 @@ -944,7 +926,7 @@ google.golang.org/appengine/internal/modules google.golang.org/appengine/internal/remote_api google.golang.org/appengine/internal/urlfetch google.golang.org/appengine/urlfetch -# google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa +# google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5 ## explicit; go 1.11 google.golang.org/genproto/googleapis/rpc/code google.golang.org/genproto/googleapis/rpc/errdetails @@ -1057,9 +1039,8 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b ## explicit gopkg.in/yaml.v3 -# helm.sh/helm/v3 v3.7.1 +# helm.sh/helm/v3 v3.8.1 ## explicit; go 1.16 -helm.sh/helm/v3/internal/experimental/registry helm.sh/helm/v3/internal/ignore helm.sh/helm/v3/internal/sympath helm.sh/helm/v3/internal/tlsutil @@ -1073,6 +1054,7 @@ helm.sh/helm/v3/pkg/getter helm.sh/helm/v3/pkg/helmpath helm.sh/helm/v3/pkg/helmpath/xdg helm.sh/helm/v3/pkg/plugin +helm.sh/helm/v3/pkg/registry helm.sh/helm/v3/pkg/strvals # k8s.io/api v0.23.5 => k8s.io/api v0.23.5 ## explicit; go 1.16 @@ -1568,15 +1550,21 @@ k8s.io/utils/net k8s.io/utils/nsenter k8s.io/utils/pointer k8s.io/utils/trace -# oras.land/oras-go v0.4.0 -## explicit; go 1.16 +# oras.land/oras-go v1.1.0 +## explicit; go 1.17 oras.land/oras-go/pkg/artifact oras.land/oras-go/pkg/auth oras.land/oras-go/pkg/auth/docker oras.land/oras-go/pkg/content oras.land/oras-go/pkg/context oras.land/oras-go/pkg/oras -# sigs.k8s.io/controller-runtime v0.11.0 +oras.land/oras-go/pkg/registry +oras.land/oras-go/pkg/registry/remote +oras.land/oras-go/pkg/registry/remote/auth +oras.land/oras-go/pkg/registry/remote/internal/errutil +oras.land/oras-go/pkg/registry/remote/internal/syncutil +oras.land/oras-go/pkg/target +# sigs.k8s.io/controller-runtime v0.11.1 ## explicit; go 1.17 sigs.k8s.io/controller-runtime sigs.k8s.io/controller-runtime/pkg/builder @@ -1618,6 +1606,9 @@ sigs.k8s.io/controller-runtime/pkg/webhook sigs.k8s.io/controller-runtime/pkg/webhook/admission sigs.k8s.io/controller-runtime/pkg/webhook/conversion sigs.k8s.io/controller-runtime/pkg/webhook/internal/metrics +# sigs.k8s.io/gateway-api v0.4.1 +## explicit; go 1.15 +sigs.k8s.io/gateway-api/apis/v1alpha2 # sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 ## explicit; go 1.16 sigs.k8s.io/json diff --git a/vendor/oras.land/oras-go/LICENSE b/vendor/oras.land/oras-go/LICENSE index 42a4c91dd2..a67d169389 100644 --- a/vendor/oras.land/oras-go/LICENSE +++ b/vendor/oras.land/oras-go/LICENSE @@ -1,22 +1,201 @@ - MIT License + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ - Copyright (c) Microsoft Corporation. All rights reserved. + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - Permission is hereby granted, free of charge, to any person obtaining a copy - of this software and associated documentation files (the "Software"), to deal - in the Software without restriction, including without limitation the rights - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - copies of the Software, and to permit persons to whom the Software is - furnished to do so, subject to the following conditions: + 1. Definitions. - The above copyright notice and this permission notice shall be included in all - copies or substantial portions of the Software. + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - SOFTWARE. + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2021 ORAS Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/oras.land/oras-go/pkg/auth/docker/client.go b/vendor/oras.land/oras-go/pkg/auth/docker/client.go index 8303798ffa..b225c89c03 100644 --- a/vendor/oras.land/oras-go/pkg/auth/docker/client.go +++ b/vendor/oras.land/oras-go/pkg/auth/docker/client.go @@ -64,6 +64,39 @@ func NewClient(configPaths ...string) (auth.Client, error) { }, nil } +// NewClientWithDockerFallback creates a new auth client +// which falls back on Docker's default config path. +// This allows support for ~/.docker/config.json as a fallback, +// as well as support for the DOCKER_CONFIG environment variable. +func NewClientWithDockerFallback(configPaths ...string) (auth.Client, error) { + if len(configPaths) == 0 { + return NewClient() + } + + var configs []*configfile.ConfigFile + for _, path := range configPaths { + cfg, err := loadConfigFile(path) + if err != nil { + return nil, errors.Wrap(err, path) + } + configs = append(configs, cfg) + } + + // Add the Docker default config last + dockerFallbackCfg, err := config.Load(config.Dir()) + if err != nil { + return nil, err + } + if !dockerFallbackCfg.ContainsAuth() { + dockerFallbackCfg.CredentialsStore = credentials.DetectDefaultStore(dockerFallbackCfg.CredentialsStore) + } + configs = append(configs, dockerFallbackCfg) + + return &Client{ + configs: configs, + }, nil +} + func (c *Client) primaryCredentialsStore(hostname string) credentials.Store { return c.configs[0].GetCredentialsStore(hostname) } diff --git a/vendor/oras.land/oras-go/pkg/content/BUILD.bazel b/vendor/oras.land/oras-go/pkg/content/BUILD.bazel index 059626bb20..3b09fe48c3 100644 --- a/vendor/oras.land/oras-go/pkg/content/BUILD.bazel +++ b/vendor/oras.land/oras-go/pkg/content/BUILD.bazel @@ -4,12 +4,13 @@ go_library( name = "go_default_library", srcs = [ "consts.go", - "decompressstore.go", + "decompress.go", "errors.go", "file.go", "gunzip.go", "interface.go", "iowriter.go", + "manifest.go", "memory.go", "multireader.go", "multiwriter.go", @@ -17,6 +18,7 @@ go_library( "opts.go", "passthrough.go", "readerat.go", + "registry.go", "untar.go", "utils.go", ], @@ -27,9 +29,13 @@ go_library( "//vendor/github.com/containerd/containerd/content:go_default_library", "//vendor/github.com/containerd/containerd/content/local:go_default_library", "//vendor/github.com/containerd/containerd/errdefs:go_default_library", + "//vendor/github.com/containerd/containerd/remotes:go_default_library", + "//vendor/github.com/containerd/containerd/remotes/docker:go_default_library", "//vendor/github.com/opencontainers/go-digest:go_default_library", "//vendor/github.com/opencontainers/image-spec/specs-go:go_default_library", "//vendor/github.com/opencontainers/image-spec/specs-go/v1:go_default_library", "//vendor/github.com/pkg/errors:go_default_library", + "//vendor/oras.land/oras-go/pkg/artifact:go_default_library", + "//vendor/oras.land/oras-go/pkg/auth/docker:go_default_library", ], ) diff --git a/vendor/oras.land/oras-go/pkg/content/decompressstore.go b/vendor/oras.land/oras-go/pkg/content/decompress.go similarity index 75% rename from vendor/oras.land/oras-go/pkg/content/decompressstore.go rename to vendor/oras.land/oras-go/pkg/content/decompress.go index 3912fc2f0f..ecde9c9a53 100644 --- a/vendor/oras.land/oras-go/pkg/content/decompressstore.go +++ b/vendor/oras.land/oras-go/pkg/content/decompress.go @@ -21,19 +21,21 @@ import ( "strings" ctrcontent "github.com/containerd/containerd/content" + "github.com/containerd/containerd/remotes" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) -// DecompressStore store to decompress content and extract from tar, if needed, wrapping +// Decompress store to decompress content and extract from tar, if needed, wrapping // another store. By default, a FileStore will simply take each artifact and write it to // a file, as a MemoryStore will do into memory. If the artifact is gzipped or tarred, // you might want to store the actual object inside tar or gzip. Wrap your Store -// with DecompressStore, and it will check the media-type and, if relevant, +// with Decompress, and it will check the media-type and, if relevant, // gunzip and/or untar. // // For example: // // fileStore := NewFileStore(rootPath) -// decompressStore := store.NewDecompressStore(fileStore, WithBlocksize(blocksize)) +// Decompress := store.NewDecompress(fileStore, WithBlocksize(blocksize)) // // The above example works if there is no tar, i.e. each artifact is just a single file, perhaps gzipped, // or if there is only one file in each tar archive. In other words, when each content.Writer has only one target output stream. @@ -42,15 +44,15 @@ import ( // target output stream. In that case, use the following example: // // multiStore := NewMultiStore(rootPath) // some store that can handle different filenames -// decompressStore := store.NewDecompressStore(multiStore, WithBlocksize(blocksize), WithMultiWriterIngester()) +// Decompress := store.NewDecompress(multiStore, WithBlocksize(blocksize), WithMultiWriterIngester()) // -type DecompressStore struct { - ingester ctrcontent.Ingester +type Decompress struct { + pusher remotes.Pusher blocksize int multiWriterIngester bool } -func NewDecompressStore(ingester ctrcontent.Ingester, opts ...WriterOpt) DecompressStore { +func NewDecompress(pusher remotes.Pusher, opts ...WriterOpt) Decompress { // we have to reprocess the opts to find the blocksize var wOpts WriterOpts for _, opt := range opts { @@ -60,50 +62,41 @@ func NewDecompressStore(ingester ctrcontent.Ingester, opts ...WriterOpt) Decompr } } - return DecompressStore{ingester, wOpts.Blocksize, wOpts.MultiWriterIngester} + return Decompress{pusher, wOpts.Blocksize, wOpts.MultiWriterIngester} } -// Writer get a writer -func (d DecompressStore) Writer(ctx context.Context, opts ...ctrcontent.WriterOpt) (ctrcontent.Writer, error) { +// Push get a content.Writer +func (d Decompress) Push(ctx context.Context, desc ocispec.Descriptor) (ctrcontent.Writer, error) { // the logic is straightforward: // - if there is a desc in the opts, and the mediatype is tar or tar+gzip, then pass the correct decompress writer // - else, pass the regular writer var ( writer ctrcontent.Writer err error - multiIngester MultiWriterIngester + multiIngester MultiWriterPusher ok bool ) // check to see if we are supposed to use a MultiWriterIngester if d.multiWriterIngester { - multiIngester, ok = d.ingester.(MultiWriterIngester) + multiIngester, ok = d.pusher.(MultiWriterPusher) if !ok { return nil, errors.New("configured to use multiwriter ingester, but ingester does not implement multiwriter") } } - // we have to reprocess the opts to find the desc - var wOpts ctrcontent.WriterOpts - for _, opt := range opts { - if err := opt(&wOpts); err != nil { - return nil, err - } - } // figure out if compression and/or archive exists - desc := wOpts.Desc // before we pass it down, we need to strip anything we are removing here // and possibly update the digest, since the store indexes things by digest hasGzip, hasTar, modifiedMediaType := checkCompression(desc.MediaType) - wOpts.Desc.MediaType = modifiedMediaType - opts = append(opts, ctrcontent.WithDescriptor(wOpts.Desc)) + desc.MediaType = modifiedMediaType // determine if we pass it blocksize, only if positive writerOpts := []WriterOpt{} if d.blocksize > 0 { writerOpts = append(writerOpts, WithBlocksize(d.blocksize)) } - writer, err = d.ingester.Writer(ctx, opts...) + writer, err = d.pusher.Push(ctx, desc) if err != nil { return nil, err } @@ -114,7 +107,7 @@ func (d DecompressStore) Writer(ctx context.Context, opts ...ctrcontent.WriterOp if multiIngester == nil { writer = NewUntarWriter(writer, writerOpts...) } else { - writers, err := multiIngester.Writers(ctx, opts...) + writers, err := multiIngester.Pushers(ctx, desc) if err != nil { return nil, err } @@ -123,7 +116,7 @@ func (d DecompressStore) Writer(ctx context.Context, opts ...ctrcontent.WriterOp } if hasGzip { if writer == nil { - writer, err = d.ingester.Writer(ctx, opts...) + writer, err = d.pusher.Push(ctx, desc) if err != nil { return nil, err } diff --git a/vendor/oras.land/oras-go/pkg/content/errors.go b/vendor/oras.land/oras-go/pkg/content/errors.go index c004ab8d06..72b2e727ad 100644 --- a/vendor/oras.land/oras-go/pkg/content/errors.go +++ b/vendor/oras.land/oras-go/pkg/content/errors.go @@ -23,6 +23,7 @@ var ( ErrNoName = errors.New("no_name") ErrUnsupportedSize = errors.New("unsupported_size") ErrUnsupportedVersion = errors.New("unsupported_version") + ErrInvalidReference = errors.New("invalid_reference") ) // FileStore errors diff --git a/vendor/oras.land/oras-go/pkg/content/file.go b/vendor/oras.land/oras-go/pkg/content/file.go index 4c9f62861f..e313175185 100644 --- a/vendor/oras.land/oras-go/pkg/content/file.go +++ b/vendor/oras.land/oras-go/pkg/content/file.go @@ -16,8 +16,11 @@ limitations under the License. package content import ( + "bytes" "compress/gzip" "context" + _ "crypto/sha256" + "fmt" "io" "io/ioutil" "os" @@ -28,18 +31,14 @@ import ( "github.com/containerd/containerd/content" "github.com/containerd/containerd/errdefs" + "github.com/containerd/containerd/remotes" digest "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" ) -// ensure interface -var ( - _ ProvideIngester = &FileStore{} -) - -// FileStore provides content from the file system -type FileStore struct { +// File provides content via files from the file system +type File struct { DisableOverwrite bool AllowPathTraversalOnWrite bool @@ -48,13 +47,15 @@ type FileStore struct { root string descriptor *sync.Map // map[digest.Digest]ocispec.Descriptor - pathMap *sync.Map + pathMap *sync.Map // map[name string](file string) + memoryMap *sync.Map // map[digest.Digest]([]byte) + refMap *sync.Map // map[string]ocispec.Descriptor tmpFiles *sync.Map ignoreNoName bool } -// NewFileStore creats a new file store -func NewFileStore(rootPath string, opts ...WriterOpt) *FileStore { +// NewFile creats a new file target. It represents a single root reference and all of its components. +func NewFile(rootPath string, opts ...WriterOpt) *File { // we have to process the opts to find if they told us to change defaults wOpts := DefaultWriterOpts() for _, opt := range opts { @@ -62,17 +63,117 @@ func NewFileStore(rootPath string, opts ...WriterOpt) *FileStore { continue } } - return &FileStore{ + return &File{ root: rootPath, descriptor: &sync.Map{}, pathMap: &sync.Map{}, + memoryMap: &sync.Map{}, + refMap: &sync.Map{}, tmpFiles: &sync.Map{}, ignoreNoName: wOpts.IgnoreNoName, } } -// Add adds a file reference -func (s *FileStore) Add(name, mediaType, path string) (ocispec.Descriptor, error) { +func (s *File) Resolver() remotes.Resolver { + return s +} + +func (s *File) Resolve(ctx context.Context, ref string) (name string, desc ocispec.Descriptor, err error) { + desc, ok := s.getRef(ref) + if !ok { + return "", ocispec.Descriptor{}, fmt.Errorf("unknown reference: %s", ref) + } + return ref, desc, nil +} + +func (s *File) Fetcher(ctx context.Context, ref string) (remotes.Fetcher, error) { + if _, ok := s.refMap.Load(ref); !ok { + return nil, fmt.Errorf("unknown reference: %s", ref) + } + return s, nil +} + +// Fetch get an io.ReadCloser for the specific content +func (s *File) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.ReadCloser, error) { + // first see if it is in the in-memory manifest map + manifest, ok := s.getMemory(desc) + if ok { + return ioutil.NopCloser(bytes.NewReader(manifest)), nil + } + desc, ok = s.get(desc) + if !ok { + return nil, ErrNotFound + } + name, ok := ResolveName(desc) + if !ok { + return nil, ErrNoName + } + path := s.ResolvePath(name) + return os.Open(path) +} + +func (s *File) Pusher(ctx context.Context, ref string) (remotes.Pusher, error) { + var tag, hash string + parts := strings.SplitN(ref, "@", 2) + if len(parts) > 0 { + tag = parts[0] + } + if len(parts) > 1 { + hash = parts[1] + } + return &filePusher{ + store: s, + ref: tag, + hash: hash, + }, nil +} + +type filePusher struct { + store *File + ref string + hash string +} + +func (s *filePusher) Push(ctx context.Context, desc ocispec.Descriptor) (content.Writer, error) { + name, ok := ResolveName(desc) + now := time.Now() + if !ok { + // if we were not told to ignore NoName, then return an error + if !s.store.ignoreNoName { + return nil, ErrNoName + } + + // just return a nil writer - we do not want to calculate the hash, so just use + // whatever was passed in the descriptor + return NewIoContentWriter(ioutil.Discard, WithOutputHash(desc.Digest)), nil + } + path, err := s.store.resolveWritePath(name) + if err != nil { + return nil, err + } + file, afterCommit, err := s.store.createWritePath(path, desc, name) + if err != nil { + return nil, err + } + + return &fileWriter{ + store: s.store, + file: file, + desc: desc, + digester: digest.Canonical.Digester(), + status: content.Status{ + Ref: name, + Total: desc.Size, + StartedAt: now, + UpdatedAt: now, + }, + afterCommit: afterCommit, + }, nil +} + +// Add adds a file reference from a path, either directory or single file, +// and returns the reference descriptor. +func (s *File) Add(name, mediaType, path string) (ocispec.Descriptor, error) { if path == "" { path = name } @@ -101,7 +202,33 @@ func (s *FileStore) Add(name, mediaType, path string) (ocispec.Descriptor, error return desc, nil } -func (s *FileStore) descFromFile(info os.FileInfo, mediaType, path string) (ocispec.Descriptor, error) { +// Load is a lower-level memory-only version of Add. Rather than taking a path, +// generating a descriptor and creating a reference, it takes raw data and a descriptor +// that describes that data and stores it in memory. It will disappear at process +// termination. +// +// It is especially useful for adding ephemeral data, such as config, that must +// exist in order to walk a manifest. +func (s *File) Load(desc ocispec.Descriptor, data []byte) error { + s.memoryMap.Store(desc.Digest, data) + return nil +} + +// Ref gets a reference's descriptor and content +func (s *File) Ref(ref string) (ocispec.Descriptor, []byte, error) { + desc, ok := s.getRef(ref) + if !ok { + return ocispec.Descriptor{}, nil, ErrNotFound + } + // first see if it is in the in-memory manifest map + manifest, ok := s.getMemory(desc) + if !ok { + return ocispec.Descriptor{}, nil, ErrNotFound + } + return desc, manifest, nil +} + +func (s *File) descFromFile(info os.FileInfo, mediaType, path string) (ocispec.Descriptor, error) { file, err := os.Open(path) if err != nil { return ocispec.Descriptor{}, err @@ -122,7 +249,7 @@ func (s *FileStore) descFromFile(info os.FileInfo, mediaType, path string) (ocis }, nil } -func (s *FileStore) descFromDir(name, mediaType, root string) (ocispec.Descriptor, error) { +func (s *File) descFromDir(name, mediaType, root string) (ocispec.Descriptor, error) { // generate temp file file, err := s.tempFile() if err != nil { @@ -167,7 +294,7 @@ func (s *FileStore) descFromDir(name, mediaType, root string) (ocispec.Descripto }, nil } -func (s *FileStore) tempFile() (*os.File, error) { +func (s *File) tempFile() (*os.File, error) { file, err := ioutil.TempFile("", TempFilePattern) if err != nil { return nil, err @@ -177,7 +304,7 @@ func (s *FileStore) tempFile() (*os.File, error) { } // Close frees up resources used by the file store -func (s *FileStore) Close() error { +func (s *File) Close() error { var errs []string s.tmpFiles.Range(func(name, _ interface{}) bool { if err := os.Remove(name.(string)); err != nil { @@ -188,75 +315,7 @@ func (s *FileStore) Close() error { return errors.New(strings.Join(errs, "; ")) } -// ReaderAt provides contents -func (s *FileStore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { - desc, ok := s.get(desc) - if !ok { - return nil, ErrNotFound - } - name, ok := ResolveName(desc) - if !ok { - return nil, ErrNoName - } - path := s.ResolvePath(name) - file, err := os.Open(path) - if err != nil { - return nil, err - } - - return sizeReaderAt{ - readAtCloser: file, - size: desc.Size, - }, nil -} - -// Writer begins or resumes the active writer identified by desc -func (s *FileStore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) { - var wOpts content.WriterOpts - for _, opt := range opts { - if err := opt(&wOpts); err != nil { - return nil, err - } - } - desc := wOpts.Desc - - name, ok := ResolveName(desc) - if !ok { - // if we were not told to ignore NoName, then return an error - if !s.ignoreNoName { - return nil, ErrNoName - } - - // just return a nil writer - we do not want to calculate the hash, so just use - // whatever was passed in the descriptor - return NewIoContentWriter(ioutil.Discard, WithOutputHash(desc.Digest)), nil - } - path, err := s.resolveWritePath(name) - if err != nil { - return nil, err - } - file, afterCommit, err := s.createWritePath(path, desc, name) - if err != nil { - return nil, err - } - - now := time.Now() - return &fileWriter{ - store: s, - file: file, - desc: desc, - digester: digest.Canonical.Digester(), - status: content.Status{ - Ref: name, - Total: desc.Size, - StartedAt: now, - UpdatedAt: now, - }, - afterCommit: afterCommit, - }, nil -} - -func (s *FileStore) resolveWritePath(name string) (string, error) { +func (s *File) resolveWritePath(name string) (string, error) { path := s.ResolvePath(name) if !s.AllowPathTraversalOnWrite { base, err := filepath.Abs(s.root) @@ -286,7 +345,7 @@ func (s *FileStore) resolveWritePath(name string) (string, error) { return path, nil } -func (s *FileStore) createWritePath(path string, desc ocispec.Descriptor, prefix string) (*os.File, func() error, error) { +func (s *File) createWritePath(path string, desc ocispec.Descriptor, prefix string) (*os.File, func() error, error) { if value, ok := desc.Annotations[AnnotationUnpack]; !ok || value != "true" { if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil { return nil, nil, err @@ -307,14 +366,14 @@ func (s *FileStore) createWritePath(path string, desc ocispec.Descriptor, prefix } // MapPath maps name to path -func (s *FileStore) MapPath(name, path string) string { +func (s *File) MapPath(name, path string) string { path = s.resolvePath(path) s.pathMap.Store(name, path) return path } // ResolvePath returns the path by name -func (s *FileStore) ResolvePath(name string) string { +func (s *File) ResolvePath(name string) string { if value, ok := s.pathMap.Load(name); ok { if path, ok := value.(string); ok { return path @@ -325,18 +384,18 @@ func (s *FileStore) ResolvePath(name string) string { return s.resolvePath(name) } -func (s *FileStore) resolvePath(path string) string { +func (s *File) resolvePath(path string) string { if filepath.IsAbs(path) { return path } return filepath.Join(s.root, path) } -func (s *FileStore) set(desc ocispec.Descriptor) { +func (s *File) set(desc ocispec.Descriptor) { s.descriptor.Store(desc.Digest, desc) } -func (s *FileStore) get(desc ocispec.Descriptor) (ocispec.Descriptor, bool) { +func (s *File) get(desc ocispec.Descriptor) (ocispec.Descriptor, bool) { value, ok := s.descriptor.Load(desc.Digest) if !ok { return ocispec.Descriptor{}, false @@ -345,8 +404,38 @@ func (s *FileStore) get(desc ocispec.Descriptor) (ocispec.Descriptor, bool) { return desc, ok } +func (s *File) getMemory(desc ocispec.Descriptor) ([]byte, bool) { + value, ok := s.memoryMap.Load(desc.Digest) + if !ok { + return nil, false + } + content, ok := value.([]byte) + return content, ok +} + +func (s *File) getRef(ref string) (ocispec.Descriptor, bool) { + value, ok := s.refMap.Load(ref) + if !ok { + return ocispec.Descriptor{}, false + } + desc, ok := value.(ocispec.Descriptor) + return desc, ok +} + +// StoreManifest stores a manifest linked to by the provided ref. The children of the +// manifest, such as layers and config, should already exist in the file store, either +// as files linked via Add(), or via Load(). If they do not exist, then a typical +// Fetcher that walks the manifest will hit an unresolved hash. +// +// StoreManifest does *not* validate their presence. +func (s *File) StoreManifest(ref string, desc ocispec.Descriptor, manifest []byte) error { + s.refMap.Store(ref, desc) + s.memoryMap.Store(desc.Digest, manifest) + return nil +} + type fileWriter struct { - store *FileStore + store *File file *os.File desc ocispec.Descriptor digester digest.Digester diff --git a/vendor/oras.land/oras-go/pkg/content/interface.go b/vendor/oras.land/oras-go/pkg/content/interface.go index b9daee4381..f5e312cca7 100644 --- a/vendor/oras.land/oras-go/pkg/content/interface.go +++ b/vendor/oras.land/oras-go/pkg/content/interface.go @@ -15,10 +15,12 @@ limitations under the License. package content -import "github.com/containerd/containerd/content" +import ( + "github.com/containerd/containerd/remotes" +) // ProvideIngester is the interface that groups the basic Read and Write methods. -type ProvideIngester interface { - content.Provider - content.Ingester +type Store interface { + remotes.Pusher + remotes.Fetcher } diff --git a/vendor/oras.land/oras-go/pkg/content/manifest.go b/vendor/oras.land/oras-go/pkg/content/manifest.go new file mode 100644 index 0000000000..9830920b4b --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/content/manifest.go @@ -0,0 +1,95 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package content + +import ( + "encoding/json" + "sort" + + "github.com/opencontainers/go-digest" + specs "github.com/opencontainers/image-spec/specs-go" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" + artifact "oras.land/oras-go/pkg/artifact" +) + +// GenerateManifest generates a manifest. The manifest will include the provided config, +// and descs as layers. Raw bytes will be returned. +func GenerateManifest(config *ocispec.Descriptor, annotations map[string]string, descs ...ocispec.Descriptor) ([]byte, ocispec.Descriptor, error) { + // Config - either it was set, or we have to set it + if config == nil { + _, configGen, err := GenerateConfig(nil) + if err != nil { + return nil, ocispec.Descriptor{}, err + } + config = &configGen + } + return pack(*config, annotations, descs) +} + +// GenerateConfig generates a blank config with optional annotations. +func GenerateConfig(annotations map[string]string) ([]byte, ocispec.Descriptor, error) { + configBytes := []byte("{}") + dig := digest.FromBytes(configBytes) + config := ocispec.Descriptor{ + MediaType: artifact.UnknownConfigMediaType, + Digest: dig, + Size: int64(len(configBytes)), + Annotations: annotations, + } + return configBytes, config, nil +} + +// GenerateManifestAndConfig generates a config and then a manifest. Raw bytes will be returned. +func GenerateManifestAndConfig(manifestAnnotations map[string]string, configAnnotations map[string]string, descs ...ocispec.Descriptor) (manifest []byte, manifestDesc ocispec.Descriptor, config []byte, configDesc ocispec.Descriptor, err error) { + config, configDesc, err = GenerateConfig(configAnnotations) + if err != nil { + return nil, ocispec.Descriptor{}, nil, ocispec.Descriptor{}, err + } + manifest, manifestDesc, err = GenerateManifest(&configDesc, manifestAnnotations, descs...) + if err != nil { + return nil, ocispec.Descriptor{}, nil, ocispec.Descriptor{}, err + } + return +} + +// pack given a bunch of descriptors, create a manifest that references all of them +func pack(config ocispec.Descriptor, annotations map[string]string, descriptors []ocispec.Descriptor) ([]byte, ocispec.Descriptor, error) { + if descriptors == nil { + descriptors = []ocispec.Descriptor{} // make it an empty array to prevent potential server-side bugs + } + // sort descriptors alphanumerically by sha hash so it always is consistent + sort.Slice(descriptors, func(i, j int) bool { + return descriptors[i].Digest < descriptors[j].Digest + }) + manifest := ocispec.Manifest{ + Versioned: specs.Versioned{ + SchemaVersion: 2, // historical value. does not pertain to OCI or docker version + }, + Config: config, + Layers: descriptors, + Annotations: annotations, + } + manifestBytes, err := json.Marshal(manifest) + if err != nil { + return nil, ocispec.Descriptor{}, err + } + manifestDescriptor := ocispec.Descriptor{ + MediaType: ocispec.MediaTypeImageManifest, + Digest: digest.FromBytes(manifestBytes), + Size: int64(len(manifestBytes)), + } + + return manifestBytes, manifestDescriptor, nil +} diff --git a/vendor/oras.land/oras-go/pkg/content/memory.go b/vendor/oras.land/oras-go/pkg/content/memory.go index 394a7a5a48..5c194b15a2 100644 --- a/vendor/oras.land/oras-go/pkg/content/memory.go +++ b/vendor/oras.land/oras-go/pkg/content/memory.go @@ -18,42 +18,114 @@ package content import ( "bytes" "context" + "fmt" + "io" + "io/ioutil" + "strings" "sync" "time" "github.com/containerd/containerd/content" "github.com/containerd/containerd/errdefs" + "github.com/containerd/containerd/remotes" digest "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" ) -// ensure interface -var ( - _ content.Provider = &Memorystore{} - _ content.Ingester = &Memorystore{} -) - -// Memorystore provides content from the memory -type Memorystore struct { +// Memory provides content from the memory +type Memory struct { descriptor map[digest.Digest]ocispec.Descriptor content map[digest.Digest][]byte nameMap map[string]ocispec.Descriptor + refMap map[string]ocispec.Descriptor lock *sync.Mutex } -// NewMemoryStore creats a new memory store -func NewMemoryStore() *Memorystore { - return &Memorystore{ +// NewMemory creats a new memory store +func NewMemory() *Memory { + return &Memory{ descriptor: make(map[digest.Digest]ocispec.Descriptor), content: make(map[digest.Digest][]byte), nameMap: make(map[string]ocispec.Descriptor), + refMap: make(map[string]ocispec.Descriptor), lock: &sync.Mutex{}, } } -// Add adds content -func (s *Memorystore) Add(name, mediaType string, content []byte) ocispec.Descriptor { +func (s *Memory) Resolver() remotes.Resolver { + return s +} + +func (s *Memory) Resolve(ctx context.Context, ref string) (name string, desc ocispec.Descriptor, err error) { + desc, ok := s.refMap[ref] + if !ok { + return "", ocispec.Descriptor{}, fmt.Errorf("unknown reference: %s", ref) + } + return ref, desc, nil +} + +func (s *Memory) Fetcher(ctx context.Context, ref string) (remotes.Fetcher, error) { + if _, ok := s.refMap[ref]; !ok { + return nil, fmt.Errorf("unknown reference: %s", ref) + } + return s, nil +} + +// Fetch get an io.ReadCloser for the specific content +func (s *Memory) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.ReadCloser, error) { + _, content, ok := s.Get(desc) + if !ok { + return nil, ErrNotFound + } + return ioutil.NopCloser(bytes.NewReader(content)), nil +} + +func (s *Memory) Pusher(ctx context.Context, ref string) (remotes.Pusher, error) { + var tag, hash string + parts := strings.SplitN(ref, "@", 2) + if len(parts) > 0 { + tag = parts[0] + } + if len(parts) > 1 { + hash = parts[1] + } + return &memoryPusher{ + store: s, + ref: tag, + hash: hash, + }, nil +} + +type memoryPusher struct { + store *Memory + ref string + hash string +} + +func (s *memoryPusher) Push(ctx context.Context, desc ocispec.Descriptor) (content.Writer, error) { + name, _ := ResolveName(desc) + now := time.Now() + // is this the root? + if desc.Digest.String() == s.hash { + s.store.refMap[s.ref] = desc + } + return &memoryWriter{ + store: s.store, + buffer: bytes.NewBuffer(nil), + desc: desc, + digester: digest.Canonical.Digester(), + status: content.Status{ + Ref: name, + Total: desc.Size, + StartedAt: now, + UpdatedAt: now, + }, + }, nil +} + +// Add adds content, generating a descriptor and returning it. +func (s *Memory) Add(name, mediaType string, content []byte) (ocispec.Descriptor, error) { var annotations map[string]string if name != "" { annotations = map[string]string{ @@ -73,52 +145,11 @@ func (s *Memorystore) Add(name, mediaType string, content []byte) ocispec.Descri } s.Set(desc, content) - return desc -} - -// ReaderAt provides contents -func (s *Memorystore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { - desc, content, ok := s.Get(desc) - if !ok { - return nil, ErrNotFound - } - - return sizeReaderAt{ - readAtCloser: nopCloser{ - ReaderAt: bytes.NewReader(content), - }, - size: desc.Size, - }, nil -} - -// Writer begins or resumes the active writer identified by desc -func (s *Memorystore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) { - var wOpts content.WriterOpts - for _, opt := range opts { - if err := opt(&wOpts); err != nil { - return nil, err - } - } - desc := wOpts.Desc - - name, _ := ResolveName(desc) - now := time.Now() - return &memoryWriter{ - store: s, - buffer: bytes.NewBuffer(nil), - desc: desc, - digester: digest.Canonical.Digester(), - status: content.Status{ - Ref: name, - Total: desc.Size, - StartedAt: now, - UpdatedAt: now, - }, - }, nil + return desc, nil } // Set adds the content to the store -func (s *Memorystore) Set(desc ocispec.Descriptor, content []byte) { +func (s *Memory) Set(desc ocispec.Descriptor, content []byte) { s.lock.Lock() defer s.lock.Unlock() @@ -131,7 +162,7 @@ func (s *Memorystore) Set(desc ocispec.Descriptor, content []byte) { } // Get finds the content from the store -func (s *Memorystore) Get(desc ocispec.Descriptor) (ocispec.Descriptor, []byte, bool) { +func (s *Memory) Get(desc ocispec.Descriptor) (ocispec.Descriptor, []byte, bool) { s.lock.Lock() defer s.lock.Unlock() @@ -144,7 +175,7 @@ func (s *Memorystore) Get(desc ocispec.Descriptor) (ocispec.Descriptor, []byte, } // GetByName finds the content from the store by name (i.e. AnnotationTitle) -func (s *Memorystore) GetByName(name string) (ocispec.Descriptor, []byte, bool) { +func (s *Memory) GetByName(name string) (ocispec.Descriptor, []byte, bool) { s.lock.Lock() defer s.lock.Unlock() @@ -156,8 +187,36 @@ func (s *Memorystore) GetByName(name string) (ocispec.Descriptor, []byte, bool) return desc, content, ok } +// StoreManifest stores a manifest linked to by the provided ref. The children of the +// manifest, such as layers and config, should already exist in the file store, either +// as files linked via Add(), or via Set(). If they do not exist, then a typical +// Fetcher that walks the manifest will hit an unresolved hash. +// +// StoreManifest does *not* validate their presence. +func (s *Memory) StoreManifest(ref string, desc ocispec.Descriptor, manifest []byte) error { + s.refMap[ref] = desc + s.Add("", desc.MediaType, manifest) + return nil +} + +func descFromBytes(b []byte, mediaType string) (ocispec.Descriptor, error) { + digest, err := digest.FromReader(bytes.NewReader(b)) + if err != nil { + return ocispec.Descriptor{}, err + } + + if mediaType == "" { + mediaType = DefaultBlobMediaType + } + return ocispec.Descriptor{ + MediaType: mediaType, + Digest: digest, + Size: int64(len(b)), + }, nil +} + type memoryWriter struct { - store *Memorystore + store *Memory buffer *bytes.Buffer desc ocispec.Descriptor digester digest.Digester diff --git a/vendor/oras.land/oras-go/pkg/content/multireader.go b/vendor/oras.land/oras-go/pkg/content/multireader.go index d2cf924a57..8dba773da8 100644 --- a/vendor/oras.land/oras-go/pkg/content/multireader.go +++ b/vendor/oras.land/oras-go/pkg/content/multireader.go @@ -18,8 +18,9 @@ package content import ( "context" "fmt" + "io" - "github.com/containerd/containerd/content" + "github.com/containerd/containerd/remotes" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) @@ -34,18 +35,18 @@ import ( // // You now can use multiStore anywhere that content.Provider is accepted type MultiReader struct { - stores []content.Provider + stores []remotes.Fetcher } // AddStore add a store to read from -func (m *MultiReader) AddStore(store ...content.Provider) { +func (m *MultiReader) AddStore(store ...remotes.Fetcher) { m.stores = append(m.stores, store...) } // ReaderAt get a reader -func (m MultiReader) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { +func (m MultiReader) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.ReadCloser, error) { for _, store := range m.stores { - r, err := store.ReaderAt(ctx, desc) + r, err := store.Fetch(ctx, desc) if r != nil && err == nil { return r, nil } diff --git a/vendor/oras.land/oras-go/pkg/content/multiwriter.go b/vendor/oras.land/oras-go/pkg/content/multiwriter.go index 2813f54e09..1e69bcdf32 100644 --- a/vendor/oras.land/oras-go/pkg/content/multiwriter.go +++ b/vendor/oras.land/oras-go/pkg/content/multiwriter.go @@ -19,6 +19,8 @@ import ( "context" ctrcontent "github.com/containerd/containerd/content" + "github.com/containerd/containerd/remotes" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) // MultiWriterIngester an ingester that can provide a single writer or multiple writers for a single @@ -29,3 +31,12 @@ type MultiWriterIngester interface { ctrcontent.Ingester Writers(ctx context.Context, opts ...ctrcontent.WriterOpt) (func(string) (ctrcontent.Writer, error), error) } + +// MultiWriterPusher a pusher that can provide a single writer or multiple writers for a single +// descriptor. Useful when the target of a descriptor can have multiple items within it, e.g. a layer +// that is a tar file with multiple files, each of which should go to a different stream, some of which +// should not be handled at all. +type MultiWriterPusher interface { + remotes.Pusher + Pushers(ctx context.Context, desc ocispec.Descriptor) (func(string) (ctrcontent.Writer, error), error) +} diff --git a/vendor/oras.land/oras-go/pkg/content/oci.go b/vendor/oras.land/oras-go/pkg/content/oci.go index 4f1b1b3267..1512449673 100644 --- a/vendor/oras.land/oras-go/pkg/content/oci.go +++ b/vendor/oras.land/oras-go/pkg/content/oci.go @@ -12,24 +12,30 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ - package content import ( + "context" "encoding/json" + "errors" + "fmt" + "io" "io/ioutil" "os" "path/filepath" + "strings" "github.com/containerd/containerd/content" "github.com/containerd/containerd/content/local" + "github.com/containerd/containerd/remotes" + "github.com/opencontainers/go-digest" specs "github.com/opencontainers/image-spec/specs-go" ocispec "github.com/opencontainers/image-spec/specs-go/v1" ) -// OCIStore provides content from the file system with the OCI-Image layout. +// OCI provides content from the file system with the OCI-Image layout. // Reference: https://github.com/opencontainers/image-spec/blob/master/image-layout.md -type OCIStore struct { +type OCI struct { content.Store root string @@ -37,14 +43,14 @@ type OCIStore struct { nameMap map[string]ocispec.Descriptor } -// NewOCIStore creates a new OCI store -func NewOCIStore(rootPath string) (*OCIStore, error) { +// NewOCI creates a new OCI store +func NewOCI(rootPath string) (*OCI, error) { fileStore, err := local.NewStore(rootPath) if err != nil { return nil, err } - store := &OCIStore{ + store := &OCI{ Store: fileStore, root: rootPath, } @@ -59,7 +65,7 @@ func NewOCIStore(rootPath string) (*OCIStore, error) { } // LoadIndex reads the index.json from the file system -func (s *OCIStore) LoadIndex() error { +func (s *OCI) LoadIndex() error { path := filepath.Join(s.root, OCIImageIndexFile) indexFile, err := os.Open(path) if err != nil { @@ -92,7 +98,17 @@ func (s *OCIStore) LoadIndex() error { } // SaveIndex writes the index.json to the file system -func (s *OCIStore) SaveIndex() error { +func (s *OCI) SaveIndex() error { + // first need to update the index + var descs []ocispec.Descriptor + for name, desc := range s.nameMap { + if desc.Annotations == nil { + desc.Annotations = map[string]string{} + } + desc.Annotations[ocispec.AnnotationRefName] = name + descs = append(descs, desc) + } + s.index.Manifests = descs indexJSON, err := json.Marshal(s.index) if err != nil { return err @@ -102,8 +118,57 @@ func (s *OCIStore) SaveIndex() error { return ioutil.WriteFile(path, indexJSON, 0644) } +func (s *OCI) Resolver() remotes.Resolver { + return s +} + +func (s *OCI) Resolve(ctx context.Context, ref string) (name string, desc ocispec.Descriptor, err error) { + if err := s.LoadIndex(); err != nil { + return "", ocispec.Descriptor{}, err + } + desc, ok := s.nameMap[ref] + if !ok { + return "", ocispec.Descriptor{}, fmt.Errorf("reference %s not in store", ref) + } + return ref, desc, nil +} + +func (s *OCI) Fetcher(ctx context.Context, ref string) (remotes.Fetcher, error) { + if err := s.LoadIndex(); err != nil { + return nil, err + } + if _, ok := s.nameMap[ref]; !ok { + return nil, fmt.Errorf("reference %s not in store", ref) + } + return s, nil +} + +// Fetch get an io.ReadCloser for the specific content +func (s *OCI) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.ReadCloser, error) { + readerAt, err := s.Store.ReaderAt(ctx, desc) + if err != nil { + return nil, err + } + // just wrap the ReaderAt with a Reader + return ioutil.NopCloser(&ReaderAtWrapper{readerAt: readerAt}), nil +} + +// Pusher get a remotes.Pusher for the given ref +func (s *OCI) Pusher(ctx context.Context, ref string) (remotes.Pusher, error) { + // separate the tag based ref from the hash + var ( + baseRef, hash string + ) + parts := strings.SplitN(ref, "@", 2) + baseRef = parts[0] + if len(parts) > 1 { + hash = parts[1] + } + return &ociPusher{oci: s, ref: baseRef, digest: hash}, nil +} + // AddReference adds or updates an reference to index. -func (s *OCIStore) AddReference(name string, desc ocispec.Descriptor) { +func (s *OCI) AddReference(name string, desc ocispec.Descriptor) { if desc.Annotations == nil { desc.Annotations = map[string]string{ ocispec.AnnotationRefName: name, @@ -133,7 +198,7 @@ func (s *OCIStore) AddReference(name string, desc ocispec.Descriptor) { } // DeleteReference deletes an reference from index. -func (s *OCIStore) DeleteReference(name string) { +func (s *OCI) DeleteReference(name string) { if _, ok := s.nameMap[name]; !ok { return } @@ -149,12 +214,12 @@ func (s *OCIStore) DeleteReference(name string) { } // ListReferences lists all references in index. -func (s *OCIStore) ListReferences() map[string]ocispec.Descriptor { +func (s *OCI) ListReferences() map[string]ocispec.Descriptor { return s.nameMap } // validateOCILayoutFile ensures the `oci-layout` file -func (s *OCIStore) validateOCILayoutFile() error { +func (s *OCI) validateOCILayoutFile() error { layoutFilePath := filepath.Join(s.root, ocispec.ImageLayoutFile) layoutFile, err := os.Open(layoutFilePath) if err != nil { @@ -185,3 +250,88 @@ func (s *OCIStore) validateOCILayoutFile() error { return nil } + +// TODO: implement (needed to create a content.Store) +// TODO: do not return empty content.Info +// Abort completely cancels the ingest operation targeted by ref. +func (s *OCI) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) { + return content.Info{}, nil +} + +// TODO: implement (needed to create a content.Store) +// Update updates mutable information related to content. +// If one or more fieldpaths are provided, only those +// fields will be updated. +// Mutable fields: +// labels.* +func (s *OCI) Update(ctx context.Context, info content.Info, fieldpaths ...string) (content.Info, error) { + return content.Info{}, errors.New("not yet implemented: Update (content.Store interface)") +} + +// TODO: implement (needed to create a content.Store) +// Walk will call fn for each item in the content store which +// match the provided filters. If no filters are given all +// items will be walked. +func (s *OCI) Walk(ctx context.Context, fn content.WalkFunc, filters ...string) error { + return errors.New("not yet implemented: Walk (content.Store interface)") +} + +// TODO: implement (needed to create a content.Store) +// Delete removes the content from the store. +func (s *OCI) Delete(ctx context.Context, dgst digest.Digest) error { + return errors.New("not yet implemented: Delete (content.Store interface)") +} + +// TODO: implement (needed to create a content.Store) +func (s *OCI) Status(ctx context.Context, ref string) (content.Status, error) { + // Status returns the status of the provided ref. + return content.Status{}, errors.New("not yet implemented: Status (content.Store interface)") +} + +// TODO: implement (needed to create a content.Store) +// ListStatuses returns the status of any active ingestions whose ref match the +// provided regular expression. If empty, all active ingestions will be +// returned. +func (s *OCI) ListStatuses(ctx context.Context, filters ...string) ([]content.Status, error) { + return []content.Status{}, errors.New("not yet implemented: ListStatuses (content.Store interface)") +} + +// TODO: implement (needed to create a content.Store) +// Abort completely cancels the ingest operation targeted by ref. +func (s *OCI) Abort(ctx context.Context, ref string) error { + return errors.New("not yet implemented: Abort (content.Store interface)") +} + +// ReaderAt provides contents +func (s *OCI) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { + return s.Store.ReaderAt(ctx, desc) +} + +// ociPusher to push content for a single referencem can handle multiple descriptors. +// Needs to be able to recognize when a root manifest is being pushed and to create the tag +// for it. +type ociPusher struct { + oci *OCI + ref string + digest string +} + +// Push get a writer for a single Descriptor +func (p *ociPusher) Push(ctx context.Context, desc ocispec.Descriptor) (content.Writer, error) { + // do we need to create a tag? + switch desc.MediaType { + case ocispec.MediaTypeImageManifest, ocispec.MediaTypeImageIndex: + // if the hash of the content matches that which was provided as the hash for the root, mark it + if p.digest != "" && p.digest == desc.Digest.String() { + if err := p.oci.LoadIndex(); err != nil { + return nil, err + } + p.oci.nameMap[p.ref] = desc + if err := p.oci.SaveIndex(); err != nil { + return nil, err + } + } + } + + return p.oci.Store.Writer(ctx, content.WithDescriptor(desc), content.WithRef(p.ref)) +} diff --git a/vendor/oras.land/oras-go/pkg/content/readerat.go b/vendor/oras.land/oras-go/pkg/content/readerat.go index 41e892ee21..7e2cb9b80e 100644 --- a/vendor/oras.land/oras-go/pkg/content/readerat.go +++ b/vendor/oras.land/oras-go/pkg/content/readerat.go @@ -12,7 +12,6 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ - package content import ( @@ -40,10 +39,30 @@ func (ra sizeReaderAt) Size() int64 { return ra.size } -type nopCloser struct { +func NopCloserAt(r io.ReaderAt) nopCloserAt { + return nopCloserAt{r} +} + +type nopCloserAt struct { io.ReaderAt } -func (nopCloser) Close() error { +func (n nopCloserAt) Close() error { return nil } + +// readerAtWrapper wraps a ReaderAt to give a Reader +type ReaderAtWrapper struct { + offset int64 + readerAt io.ReaderAt +} + +func (r *ReaderAtWrapper) Read(p []byte) (n int, err error) { + n, err = r.readerAt.ReadAt(p, r.offset) + r.offset += int64(n) + return +} + +func NewReaderAtWrapper(readerAt io.ReaderAt) *ReaderAtWrapper { + return &ReaderAtWrapper{readerAt: readerAt} +} diff --git a/vendor/oras.land/oras-go/pkg/content/registry.go b/vendor/oras.land/oras-go/pkg/content/registry.go new file mode 100644 index 0000000000..aa22567c61 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/content/registry.go @@ -0,0 +1,84 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package content + +import ( + "context" + "crypto/tls" + "fmt" + "net/http" + "os" + + auth "oras.land/oras-go/pkg/auth/docker" + + "github.com/containerd/containerd/remotes" + "github.com/containerd/containerd/remotes/docker" +) + +// RegistryOptions provide configuration options to a Registry +type RegistryOptions struct { + Configs []string + Username string + Password string + Insecure bool + PlainHTTP bool +} + +// Registry provides content from a spec-compliant registry. Create an use a new one for each +// registry with unique configuration of RegistryOptions. +type Registry struct { + remotes.Resolver +} + +// NewRegistry creates a new Registry store +func NewRegistry(opts RegistryOptions) (*Registry, error) { + return &Registry{ + Resolver: newResolver(opts.Username, opts.Password, opts.Insecure, opts.PlainHTTP, opts.Configs...), + }, nil +} + +func newResolver(username, password string, insecure bool, plainHTTP bool, configs ...string) remotes.Resolver { + + opts := docker.ResolverOptions{ + PlainHTTP: plainHTTP, + } + + client := http.DefaultClient + if insecure { + client.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: true, + }, + } + } + opts.Client = client + + if username != "" || password != "" { + opts.Credentials = func(hostName string) (string, string, error) { + return username, password, nil + } + return docker.NewResolver(opts) + } + cli, err := auth.NewClient(configs...) + if err != nil { + fmt.Fprintf(os.Stderr, "WARNING: Error loading auth file: %v\n", err) + } + resolver, err := cli.Resolver(context.Background(), client, plainHTTP) + if err != nil { + fmt.Fprintf(os.Stderr, "WARNING: Error loading resolver: %v\n", err) + resolver = docker.NewResolver(opts) + } + return resolver +} diff --git a/vendor/oras.land/oras-go/pkg/oras/BUILD.bazel b/vendor/oras.land/oras-go/pkg/oras/BUILD.bazel index 75b04bba36..d1d861dfb1 100644 --- a/vendor/oras.land/oras-go/pkg/oras/BUILD.bazel +++ b/vendor/oras.land/oras-go/pkg/oras/BUILD.bazel @@ -3,11 +3,10 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library") go_library( name = "go_default_library", srcs = [ + "copy.go", "errors.go", - "pull.go", - "pull_opts.go", - "push.go", - "push_opts.go", + "opts.go", + "provider.go", "store.go", ], importmap = "k8s.io/kops/vendor/oras.land/oras-go/pkg/oras", @@ -15,16 +14,16 @@ go_library( visibility = ["//visibility:public"], deps = [ "//vendor/github.com/containerd/containerd/content:go_default_library", + "//vendor/github.com/containerd/containerd/errdefs:go_default_library", "//vendor/github.com/containerd/containerd/images:go_default_library", "//vendor/github.com/containerd/containerd/log:go_default_library", "//vendor/github.com/containerd/containerd/remotes:go_default_library", "//vendor/github.com/opencontainers/go-digest:go_default_library", - "//vendor/github.com/opencontainers/image-spec/specs-go:go_default_library", "//vendor/github.com/opencontainers/image-spec/specs-go/v1:go_default_library", "//vendor/github.com/pkg/errors:go_default_library", "//vendor/golang.org/x/sync/errgroup:go_default_library", "//vendor/golang.org/x/sync/semaphore:go_default_library", - "//vendor/oras.land/oras-go/pkg/artifact:go_default_library", "//vendor/oras.land/oras-go/pkg/content:go_default_library", + "//vendor/oras.land/oras-go/pkg/target:go_default_library", ], ) diff --git a/vendor/oras.land/oras-go/pkg/oras/copy.go b/vendor/oras.land/oras-go/pkg/oras/copy.go new file mode 100644 index 0000000000..ebf63276cf --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/oras/copy.go @@ -0,0 +1,213 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package oras + +import ( + "bytes" + "context" + "fmt" + "sync" + + "github.com/containerd/containerd/content" + "github.com/containerd/containerd/errdefs" + "github.com/containerd/containerd/images" + "github.com/containerd/containerd/log" + "github.com/containerd/containerd/remotes" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" + "oras.land/oras-go/pkg/target" +) + +// Copy copy a ref from one target.Target to a ref in another target.Target. If toRef is blank, reuses fromRef +// Returns the root +// Descriptor of the copied item. Can use the root to retrieve child elements from target.Target. +func Copy(ctx context.Context, from target.Target, fromRef string, to target.Target, toRef string, opts ...CopyOpt) (ocispec.Descriptor, error) { + if from == nil { + return ocispec.Descriptor{}, ErrFromTargetUndefined + } + if to == nil { + return ocispec.Descriptor{}, ErrToTargetUndefined + } + // blank toRef + if toRef == "" { + toRef = fromRef + } + opt := copyOptsDefaults() + for _, o := range opts { + if err := o(opt); err != nil { + return ocispec.Descriptor{}, err + } + } + + if from == nil { + return ocispec.Descriptor{}, ErrFromResolverUndefined + } + if to == nil { + return ocispec.Descriptor{}, ErrToResolverUndefined + } + + // for the "from", we resolve the ref, then use resolver.Fetcher to fetch the various content blobs + // for the "to", we simply use resolver.Pusher to push the various content blobs + + _, desc, err := from.Resolve(ctx, fromRef) + if err != nil { + return ocispec.Descriptor{}, err + } + + fetcher, err := from.Fetcher(ctx, fromRef) + if err != nil { + return ocispec.Descriptor{}, err + } + // construct the reference we send to the pusher using the digest, so it knows what the root is + pushRef := fmt.Sprintf("%s@%s", toRef, desc.Digest.String()) + pusher, err := to.Pusher(ctx, pushRef) + if err != nil { + return ocispec.Descriptor{}, err + } + + if err := transferContent(ctx, desc, fetcher, pusher, opt); err != nil { + return ocispec.Descriptor{}, err + } + return desc, nil +} + +func transferContent(ctx context.Context, desc ocispec.Descriptor, fetcher remotes.Fetcher, pusher remotes.Pusher, opts *copyOpts) error { + var descriptors, manifests []ocispec.Descriptor + lock := &sync.Mutex{} + picker := images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { + if isAllowedMediaType(desc.MediaType, opts.allowedMediaTypes...) { + if opts.filterName(desc) { + lock.Lock() + defer lock.Unlock() + descriptors = append(descriptors, desc) + } + return nil, nil + } + return nil, nil + }) + + // we use a hybrid store - a cache wrapping the underlying pusher - for two reasons: + // 1. so that we can cache the manifests as pushing them, then retrieve them later to push in reverse order after the blobs + // 2. so that we can retrieve them to analyze and find children in the Dispatch routine + store := opts.contentProvideIngesterPusherFetcher + if store == nil { + store = newHybridStoreFromPusher(pusher, opts.cachedMediaTypes, true) + } + + // fetchHandler pushes to the *store*, which may or may not cache it + baseFetchHandler := func(p remotes.Pusher, f remotes.Fetcher) images.HandlerFunc { + return images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { + cw, err := p.Push(ctx, desc) + if err != nil { + if !errdefs.IsAlreadyExists(err) { + return nil, err + } + + return nil, nil + } + defer cw.Close() + + rc, err := f.Fetch(ctx, desc) + if err != nil { + return nil, err + } + defer rc.Close() + return nil, content.Copy(ctx, cw, rc, desc.Size, desc.Digest) + }) + } + + // track all of our manifests that will be cached + fetchHandler := images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { + if isAllowedMediaType(desc.MediaType, opts.cachedMediaTypes...) { + lock.Lock() + defer lock.Unlock() + manifests = append(manifests, desc) + } + return baseFetchHandler(store, fetcher)(ctx, desc) + }) + + handlers := []images.Handler{ + filterHandler(opts, opts.allowedMediaTypes...), + } + handlers = append(handlers, opts.baseHandlers...) + handlers = append(handlers, + fetchHandler, + picker, + images.ChildrenHandler(&ProviderWrapper{Fetcher: store}), + ) + handlers = append(handlers, opts.callbackHandlers...) + + if err := opts.dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil { + return err + } + + // we cached all of the manifests, so push those out + // Iterate in reverse order as seen, parent always uploaded after child + for i := len(manifests) - 1; i >= 0; i-- { + _, err := baseFetchHandler(pusher, store)(ctx, manifests[i]) + if err != nil { + return err + } + } + + // if the option to request the root manifest was passed, accommodate it + if opts.saveManifest != nil && len(manifests) > 0 { + rc, err := store.Fetch(ctx, manifests[0]) + if err != nil { + return fmt.Errorf("could not get root manifest to save based on CopyOpt: %v", err) + } + defer rc.Close() + buf := new(bytes.Buffer) + if _, err := buf.ReadFrom(rc); err != nil { + return fmt.Errorf("unable to read data for root manifest to save based on CopyOpt: %v", err) + } + // get the root manifest from the store + opts.saveManifest(buf.Bytes()) + } + + // if the option to request the layers was passed, accommodate it + if opts.saveLayers != nil && len(descriptors) > 0 { + opts.saveLayers(descriptors) + } + return nil +} + +func filterHandler(opts *copyOpts, allowedMediaTypes ...string) images.HandlerFunc { + return func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { + switch { + case isAllowedMediaType(desc.MediaType, ocispec.MediaTypeImageManifest, ocispec.MediaTypeImageIndex): + return nil, nil + case isAllowedMediaType(desc.MediaType, allowedMediaTypes...): + if opts.filterName(desc) { + return nil, nil + } + log.G(ctx).Warnf("blob no name: %v", desc.Digest) + default: + log.G(ctx).Warnf("unknown type: %v", desc.MediaType) + } + return nil, images.ErrStopHandler + } +} + +func isAllowedMediaType(mediaType string, allowedMediaTypes ...string) bool { + if len(allowedMediaTypes) == 0 { + return true + } + for _, allowedMediaType := range allowedMediaTypes { + if mediaType == allowedMediaType { + return true + } + } + return false +} diff --git a/vendor/oras.land/oras-go/pkg/oras/errors.go b/vendor/oras.land/oras-go/pkg/oras/errors.go index 054af76468..6c5f9f2405 100644 --- a/vendor/oras.land/oras-go/pkg/oras/errors.go +++ b/vendor/oras.land/oras-go/pkg/oras/errors.go @@ -22,7 +22,11 @@ import ( // Common errors var ( - ErrResolverUndefined = errors.New("resolver undefined") + ErrResolverUndefined = errors.New("resolver undefined") + ErrFromResolverUndefined = errors.New("from target resolver undefined") + ErrToResolverUndefined = errors.New("to target resolver undefined") + ErrFromTargetUndefined = errors.New("from target undefined") + ErrToTargetUndefined = errors.New("from target undefined") ) // Path validation related errors diff --git a/vendor/oras.land/oras-go/pkg/oras/opts.go b/vendor/oras.land/oras-go/pkg/oras/opts.go new file mode 100644 index 0000000000..042a775b05 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/oras/opts.go @@ -0,0 +1,254 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package oras + +import ( + "context" + "fmt" + "io" + "path/filepath" + "strings" + "sync" + + "github.com/containerd/containerd/images" + "github.com/opencontainers/go-digest" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" + "github.com/pkg/errors" + "golang.org/x/sync/semaphore" + orascontent "oras.land/oras-go/pkg/content" +) + +func copyOptsDefaults() *copyOpts { + return ©Opts{ + dispatch: images.Dispatch, + filterName: filterName, + cachedMediaTypes: []string{ocispec.MediaTypeImageManifest, ocispec.MediaTypeImageIndex}, + validateName: ValidateNameAsPath, + } +} + +type CopyOpt func(o *copyOpts) error + +type copyOpts struct { + allowedMediaTypes []string + dispatch func(context.Context, images.Handler, *semaphore.Weighted, ...ocispec.Descriptor) error + baseHandlers []images.Handler + callbackHandlers []images.Handler + contentProvideIngesterPusherFetcher orascontent.Store + filterName func(ocispec.Descriptor) bool + cachedMediaTypes []string + + saveManifest func([]byte) + saveLayers func([]ocispec.Descriptor) + validateName func(desc ocispec.Descriptor) error + + userAgent string +} + +// ValidateNameAsPath validates name in the descriptor as file path in order +// to generate good packages intended to be pulled using the FileStore or +// the oras cli. +// For cross-platform considerations, only unix paths are accepted. +func ValidateNameAsPath(desc ocispec.Descriptor) error { + // no empty name + path, ok := orascontent.ResolveName(desc) + if !ok || path == "" { + return orascontent.ErrNoName + } + + // path should be clean + if target := filepath.ToSlash(filepath.Clean(path)); target != path { + return errors.Wrap(ErrDirtyPath, path) + } + + // path should be slash-separated + if strings.Contains(path, "\\") { + return errors.Wrap(ErrPathNotSlashSeparated, path) + } + + // disallow absolute path: covers unix and windows format + if strings.HasPrefix(path, "/") { + return errors.Wrap(ErrAbsolutePathDisallowed, path) + } + if len(path) > 2 { + c := path[0] + if path[1] == ':' && path[2] == '/' && ('a' <= c && c <= 'z' || 'A' <= c && c <= 'Z') { + return errors.Wrap(ErrAbsolutePathDisallowed, path) + } + } + + // disallow path traversal + if strings.HasPrefix(path, "../") || path == ".." { + return errors.Wrap(ErrPathTraversalDisallowed, path) + } + + return nil +} + +// dispatchBFS behaves the same as images.Dispatch() but in sequence with breath-first search. +func dispatchBFS(ctx context.Context, handler images.Handler, weighted *semaphore.Weighted, descs ...ocispec.Descriptor) error { + for i := 0; i < len(descs); i++ { + desc := descs[i] + children, err := handler.Handle(ctx, desc) + if err != nil { + switch err := errors.Cause(err); err { + case images.ErrSkipDesc: + continue // don't traverse the children. + case ErrStopProcessing: + return nil + } + return err + } + descs = append(descs, children...) + } + return nil +} + +func filterName(desc ocispec.Descriptor) bool { + // needs to be filled in + return true +} + +// WithAdditionalCachedMediaTypes adds media types normally cached in memory when pulling. +// This does not replace the default media types, but appends to them +func WithAdditionalCachedMediaTypes(cachedMediaTypes ...string) CopyOpt { + return func(o *copyOpts) error { + o.cachedMediaTypes = append(o.cachedMediaTypes, cachedMediaTypes...) + return nil + } +} + +// WithAllowedMediaType sets the allowed media types +func WithAllowedMediaType(allowedMediaTypes ...string) CopyOpt { + return func(o *copyOpts) error { + o.allowedMediaTypes = append(o.allowedMediaTypes, allowedMediaTypes...) + return nil + } +} + +// WithAllowedMediaTypes sets the allowed media types +func WithAllowedMediaTypes(allowedMediaTypes []string) CopyOpt { + return func(o *copyOpts) error { + o.allowedMediaTypes = append(o.allowedMediaTypes, allowedMediaTypes...) + return nil + } +} + +// WithPullByBFS opt to pull in sequence with breath-first search +func WithPullByBFS(o *copyOpts) error { + o.dispatch = dispatchBFS + return nil +} + +// WithPullBaseHandler provides base handlers, which will be called before +// any pull specific handlers. +func WithPullBaseHandler(handlers ...images.Handler) CopyOpt { + return func(o *copyOpts) error { + o.baseHandlers = append(o.baseHandlers, handlers...) + return nil + } +} + +// WithPullCallbackHandler provides callback handlers, which will be called after +// any pull specific handlers. +func WithPullCallbackHandler(handlers ...images.Handler) CopyOpt { + return func(o *copyOpts) error { + o.callbackHandlers = append(o.callbackHandlers, handlers...) + return nil + } +} + +// WithContentProvideIngester opt to the provided Provider and Ingester +// for file system I/O, including caches. +func WithContentStore(store orascontent.Store) CopyOpt { + return func(o *copyOpts) error { + o.contentProvideIngesterPusherFetcher = store + return nil + } +} + +// WithPullEmptyNameAllowed allows pulling blobs with empty name. +func WithPullEmptyNameAllowed() CopyOpt { + return func(o *copyOpts) error { + o.filterName = func(ocispec.Descriptor) bool { + return true + } + return nil + } +} + +// WithPullStatusTrack report results to stdout +func WithPullStatusTrack(writer io.Writer) CopyOpt { + return WithPullCallbackHandler(pullStatusTrack(writer)) +} + +func pullStatusTrack(writer io.Writer) images.Handler { + var printLock sync.Mutex + return images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { + if name, ok := orascontent.ResolveName(desc); ok { + digestString := desc.Digest.String() + if err := desc.Digest.Validate(); err == nil { + if algo := desc.Digest.Algorithm(); algo == digest.SHA256 { + digestString = desc.Digest.Encoded()[:12] + } + } + printLock.Lock() + defer printLock.Unlock() + fmt.Fprintln(writer, "Downloaded", digestString, name) + } + return nil, nil + }) +} + +// WithNameValidation validates the image title in the descriptor. +// Pass nil to disable name validation. +func WithNameValidation(validate func(desc ocispec.Descriptor) error) CopyOpt { + return func(o *copyOpts) error { + o.validateName = validate + return nil + } +} + +// WithUserAgent set the user agent string in http communications +func WithUserAgent(agent string) CopyOpt { + return func(o *copyOpts) error { + o.userAgent = agent + return nil + } +} + +// WithLayerDescriptors passes the slice of Descriptors for layers to the +// provided func. If the passed parameter is nil, returns an error. +func WithLayerDescriptors(save func([]ocispec.Descriptor)) CopyOpt { + return func(o *copyOpts) error { + if save == nil { + return errors.New("layers save func must be non-nil") + } + o.saveLayers = save + return nil + } +} + +// WithRootManifest passes the root manifest for the artifacts to the provided +// func. If the passed parameter is nil, returns an error. +func WithRootManifest(save func(b []byte)) CopyOpt { + return func(o *copyOpts) error { + if save == nil { + return errors.New("manifest save func must be non-nil") + } + o.saveManifest = save + return nil + } +} diff --git a/vendor/oras.land/oras-go/pkg/oras/provider.go b/vendor/oras.land/oras-go/pkg/oras/provider.go new file mode 100644 index 0000000000..db16d75f2c --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/oras/provider.go @@ -0,0 +1,79 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package oras + +import ( + "context" + "errors" + "io" + + "github.com/containerd/containerd/content" + "github.com/containerd/containerd/remotes" + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +// ProviderWrapper wraps a remote.Fetcher to make a content.Provider, which is useful for things +type ProviderWrapper struct { + Fetcher remotes.Fetcher +} + +func (p *ProviderWrapper) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { + if p.Fetcher == nil { + return nil, errors.New("no Fetcher provided") + } + return &fetcherReaderAt{ + ctx: ctx, + fetcher: p.Fetcher, + desc: desc, + offset: 0, + }, nil +} + +type fetcherReaderAt struct { + ctx context.Context + fetcher remotes.Fetcher + desc ocispec.Descriptor + rc io.ReadCloser + offset int64 +} + +func (f *fetcherReaderAt) Close() error { + if f.rc == nil { + return nil + } + return f.rc.Close() +} + +func (f *fetcherReaderAt) Size() int64 { + return f.desc.Size +} + +func (f *fetcherReaderAt) ReadAt(p []byte, off int64) (n int, err error) { + // if we do not have a readcloser, get it + if f.rc == nil || f.offset != off { + rc, err := f.fetcher.Fetch(f.ctx, f.desc) + if err != nil { + return 0, err + } + f.rc = rc + } + + n, err = f.rc.Read(p) + if err != nil { + return n, err + } + f.offset += int64(n) + return n, err +} diff --git a/vendor/oras.land/oras-go/pkg/oras/pull.go b/vendor/oras.land/oras-go/pkg/oras/pull.go deleted file mode 100644 index 8fe55091ff..0000000000 --- a/vendor/oras.land/oras-go/pkg/oras/pull.go +++ /dev/null @@ -1,150 +0,0 @@ -/* -Copyright The ORAS Authors. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package oras - -import ( - "context" - "sync" - - "github.com/containerd/containerd/content" - "github.com/containerd/containerd/images" - "github.com/containerd/containerd/log" - "github.com/containerd/containerd/remotes" - ocispec "github.com/opencontainers/image-spec/specs-go/v1" - "github.com/pkg/errors" - "golang.org/x/sync/semaphore" - - orascontent "oras.land/oras-go/pkg/content" -) - -// Pull pull files from the remote -func Pull(ctx context.Context, resolver remotes.Resolver, ref string, ingester content.Ingester, opts ...PullOpt) (ocispec.Descriptor, []ocispec.Descriptor, error) { - if resolver == nil { - return ocispec.Descriptor{}, nil, ErrResolverUndefined - } - opt := pullOptsDefaults() - for _, o := range opts { - if err := o(opt); err != nil { - return ocispec.Descriptor{}, nil, err - } - } - - _, desc, err := resolver.Resolve(ctx, ref) - if err != nil { - return ocispec.Descriptor{}, nil, err - } - - fetcher, err := resolver.Fetcher(ctx, ref) - if err != nil { - return ocispec.Descriptor{}, nil, err - } - - layers, err := fetchContent(ctx, fetcher, desc, ingester, opt) - if err != nil { - return ocispec.Descriptor{}, nil, err - } - return desc, layers, nil -} - -func fetchContent(ctx context.Context, fetcher remotes.Fetcher, desc ocispec.Descriptor, ingester content.Ingester, opts *pullOpts) ([]ocispec.Descriptor, error) { - var descriptors []ocispec.Descriptor - lock := &sync.Mutex{} - picker := images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { - if isAllowedMediaType(desc.MediaType, opts.allowedMediaTypes...) { - if opts.filterName(desc) { - lock.Lock() - defer lock.Unlock() - descriptors = append(descriptors, desc) - } - return nil, nil - } - return nil, nil - }) - - store := opts.contentProvideIngester - if store == nil { - store = newHybridStoreFromIngester(ingester, opts.cachedMediaTypes) - } - handlers := []images.Handler{ - filterHandler(opts, opts.allowedMediaTypes...), - } - handlers = append(handlers, opts.baseHandlers...) - handlers = append(handlers, - remotes.FetchHandler(store, fetcher), - picker, - images.ChildrenHandler(store), - ) - handlers = append(handlers, opts.callbackHandlers...) - - if err := opts.dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil { - return nil, err - } - - return descriptors, nil -} - -func filterHandler(opts *pullOpts, allowedMediaTypes ...string) images.HandlerFunc { - return func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { - switch { - case isAllowedMediaType(desc.MediaType, ocispec.MediaTypeImageManifest, ocispec.MediaTypeImageIndex): - return nil, nil - case isAllowedMediaType(desc.MediaType, allowedMediaTypes...): - if opts.filterName(desc) { - return nil, nil - } - log.G(ctx).Warnf("blob no name: %v", desc.Digest) - default: - log.G(ctx).Warnf("unknown type: %v", desc.MediaType) - } - return nil, images.ErrStopHandler - } -} - -func isAllowedMediaType(mediaType string, allowedMediaTypes ...string) bool { - if len(allowedMediaTypes) == 0 { - return true - } - for _, allowedMediaType := range allowedMediaTypes { - if mediaType == allowedMediaType { - return true - } - } - return false -} - -// dispatchBFS behaves the same as images.Dispatch() but in sequence with breath-first search. -func dispatchBFS(ctx context.Context, handler images.Handler, weighted *semaphore.Weighted, descs ...ocispec.Descriptor) error { - for i := 0; i < len(descs); i++ { - desc := descs[i] - children, err := handler.Handle(ctx, desc) - if err != nil { - switch err := errors.Cause(err); err { - case images.ErrSkipDesc: - continue // don't traverse the children. - case ErrStopProcessing: - return nil - } - return err - } - descs = append(descs, children...) - } - return nil -} - -func filterName(desc ocispec.Descriptor) bool { - name, ok := orascontent.ResolveName(desc) - return ok && len(name) > 0 -} diff --git a/vendor/oras.land/oras-go/pkg/oras/pull_opts.go b/vendor/oras.land/oras-go/pkg/oras/pull_opts.go deleted file mode 100644 index 907c27cf06..0000000000 --- a/vendor/oras.land/oras-go/pkg/oras/pull_opts.go +++ /dev/null @@ -1,150 +0,0 @@ -/* -Copyright The ORAS Authors. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package oras - -import ( - "context" - "fmt" - "io" - "sync" - - "github.com/containerd/containerd/images" - "github.com/opencontainers/go-digest" - ocispec "github.com/opencontainers/image-spec/specs-go/v1" - "golang.org/x/sync/semaphore" - - orascontent "oras.land/oras-go/pkg/content" -) - -type pullOpts struct { - allowedMediaTypes []string - dispatch func(context.Context, images.Handler, *semaphore.Weighted, ...ocispec.Descriptor) error - baseHandlers []images.Handler - callbackHandlers []images.Handler - contentProvideIngester orascontent.ProvideIngester - filterName func(ocispec.Descriptor) bool - cachedMediaTypes []string -} - -// PullOpt allows callers to set options on the oras pull -type PullOpt func(o *pullOpts) error - -func pullOptsDefaults() *pullOpts { - return &pullOpts{ - dispatch: images.Dispatch, - filterName: filterName, - cachedMediaTypes: []string{ocispec.MediaTypeImageManifest, ocispec.MediaTypeImageIndex}, - } -} - -// WithCachedMediaTypes sets the media types normally cached in memory when pulling. -func WithCachedMediaTypes(cachedMediaTypes ...string) PullOpt { - return func(o *pullOpts) error { - o.cachedMediaTypes = cachedMediaTypes - return nil - } -} - -// WithAdditionalCachedMediaTypes adds media types normally cached in memory when pulling. -// This does not replace the default media types, but appends to them -func WithAdditionalCachedMediaTypes(cachedMediaTypes ...string) PullOpt { - return func(o *pullOpts) error { - o.cachedMediaTypes = append(o.cachedMediaTypes, cachedMediaTypes...) - return nil - } -} - -// WithAllowedMediaType sets the allowed media types -func WithAllowedMediaType(allowedMediaTypes ...string) PullOpt { - return func(o *pullOpts) error { - o.allowedMediaTypes = append(o.allowedMediaTypes, allowedMediaTypes...) - return nil - } -} - -// WithAllowedMediaTypes sets the allowed media types -func WithAllowedMediaTypes(allowedMediaTypes []string) PullOpt { - return func(o *pullOpts) error { - o.allowedMediaTypes = append(o.allowedMediaTypes, allowedMediaTypes...) - return nil - } -} - -// WithPullByBFS opt to pull in sequence with breath-first search -func WithPullByBFS(o *pullOpts) error { - o.dispatch = dispatchBFS - return nil -} - -// WithPullBaseHandler provides base handlers, which will be called before -// any pull specific handlers. -func WithPullBaseHandler(handlers ...images.Handler) PullOpt { - return func(o *pullOpts) error { - o.baseHandlers = append(o.baseHandlers, handlers...) - return nil - } -} - -// WithPullCallbackHandler provides callback handlers, which will be called after -// any pull specific handlers. -func WithPullCallbackHandler(handlers ...images.Handler) PullOpt { - return func(o *pullOpts) error { - o.callbackHandlers = append(o.callbackHandlers, handlers...) - return nil - } -} - -// WithContentProvideIngester opt to the provided Provider and Ingester -// for file system I/O, including caches. -func WithContentProvideIngester(store orascontent.ProvideIngester) PullOpt { - return func(o *pullOpts) error { - o.contentProvideIngester = store - return nil - } -} - -// WithPullEmptyNameAllowed allows pulling blobs with empty name. -func WithPullEmptyNameAllowed() PullOpt { - return func(o *pullOpts) error { - o.filterName = func(ocispec.Descriptor) bool { - return true - } - return nil - } -} - -// WithPullStatusTrack report results to stdout -func WithPullStatusTrack(writer io.Writer) PullOpt { - return WithPullCallbackHandler(pullStatusTrack(writer)) -} - -func pullStatusTrack(writer io.Writer) images.Handler { - var printLock sync.Mutex - return images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { - if name, ok := orascontent.ResolveName(desc); ok { - digestString := desc.Digest.String() - if err := desc.Digest.Validate(); err == nil { - if algo := desc.Digest.Algorithm(); algo == digest.SHA256 { - digestString = desc.Digest.Encoded()[:12] - } - } - printLock.Lock() - defer printLock.Unlock() - fmt.Fprintln(writer, "Downloaded", digestString, name) - } - return nil, nil - }) -} diff --git a/vendor/oras.land/oras-go/pkg/oras/push.go b/vendor/oras.land/oras-go/pkg/oras/push.go deleted file mode 100644 index 93542f5c1d..0000000000 --- a/vendor/oras.land/oras-go/pkg/oras/push.go +++ /dev/null @@ -1,126 +0,0 @@ -/* -Copyright The ORAS Authors. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package oras - -import ( - "context" - "encoding/json" - - "github.com/containerd/containerd/content" - "github.com/containerd/containerd/images" - "github.com/containerd/containerd/remotes" - digest "github.com/opencontainers/go-digest" - specs "github.com/opencontainers/image-spec/specs-go" - ocispec "github.com/opencontainers/image-spec/specs-go/v1" - - artifact "oras.land/oras-go/pkg/artifact" -) - -// Push pushes files to the remote -func Push(ctx context.Context, resolver remotes.Resolver, ref string, provider content.Provider, descriptors []ocispec.Descriptor, opts ...PushOpt) (ocispec.Descriptor, error) { - if resolver == nil { - return ocispec.Descriptor{}, ErrResolverUndefined - } - opt := pushOptsDefaults() - for _, o := range opts { - if err := o(opt); err != nil { - return ocispec.Descriptor{}, err - } - } - if opt.validateName != nil { - for _, desc := range descriptors { - if err := opt.validateName(desc); err != nil { - return ocispec.Descriptor{}, err - } - } - } - - pusher, err := resolver.Pusher(ctx, ref) - if err != nil { - return ocispec.Descriptor{}, err - } - - desc, store, err := pack(provider, descriptors, opt) - if err != nil { - return ocispec.Descriptor{}, err - } - - var wrapper func(images.Handler) images.Handler - if len(opt.baseHandlers) > 0 { - wrapper = func(h images.Handler) images.Handler { - return images.Handlers(append(opt.baseHandlers, h)...) - } - } - - if err := remotes.PushContent(ctx, pusher, desc, store, nil, nil, wrapper); err != nil { - return ocispec.Descriptor{}, err - } - return desc, nil -} - -//func pack(store *hybridStore, descriptors []ocispec.Descriptor, opts *pushOpts) (ocispec.Descriptor, error) { -func pack(provider content.Provider, descriptors []ocispec.Descriptor, opts *pushOpts) (ocispec.Descriptor, content.Store, error) { - store := newHybridStoreFromProvider(provider, nil) - - // Config - var config ocispec.Descriptor - if opts.config == nil { - configBytes := []byte("{}") - config = ocispec.Descriptor{ - MediaType: artifact.UnknownConfigMediaType, - Digest: digest.FromBytes(configBytes), - Size: int64(len(configBytes)), - } - store.Set(config, configBytes) - } else { - config = *opts.config - } - if opts.configAnnotations != nil { - config.Annotations = opts.configAnnotations - } - if opts.configMediaType != "" { - config.MediaType = opts.configMediaType - } - - // Manifest - if opts.manifest != nil { - return *opts.manifest, store, nil - } - - if descriptors == nil { - descriptors = []ocispec.Descriptor{} // make it an empty array to prevent potential server-side bugs - } - manifest := ocispec.Manifest{ - Versioned: specs.Versioned{ - SchemaVersion: 2, // historical value. does not pertain to OCI or docker version - }, - Config: config, - Layers: descriptors, - Annotations: opts.manifestAnnotations, - } - manifestBytes, err := json.Marshal(manifest) - if err != nil { - return ocispec.Descriptor{}, nil, err - } - manifestDescriptor := ocispec.Descriptor{ - MediaType: ocispec.MediaTypeImageManifest, - Digest: digest.FromBytes(manifestBytes), - Size: int64(len(manifestBytes)), - } - store.Set(manifestDescriptor, manifestBytes) - - return manifestDescriptor, store, nil -} diff --git a/vendor/oras.land/oras-go/pkg/oras/push_opts.go b/vendor/oras.land/oras-go/pkg/oras/push_opts.go deleted file mode 100644 index 1ae7b6381c..0000000000 --- a/vendor/oras.land/oras-go/pkg/oras/push_opts.go +++ /dev/null @@ -1,165 +0,0 @@ -/* -Copyright The ORAS Authors. -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - -http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package oras - -import ( - "context" - "fmt" - "io" - "path/filepath" - "strings" - "sync" - - "github.com/containerd/containerd/images" - ocispec "github.com/opencontainers/image-spec/specs-go/v1" - "github.com/pkg/errors" - - orascontent "oras.land/oras-go/pkg/content" -) - -type pushOpts struct { - config *ocispec.Descriptor - configMediaType string - configAnnotations map[string]string - manifest *ocispec.Descriptor - manifestAnnotations map[string]string - validateName func(desc ocispec.Descriptor) error - baseHandlers []images.Handler -} - -func pushOptsDefaults() *pushOpts { - return &pushOpts{ - validateName: ValidateNameAsPath, - } -} - -// PushOpt allows callers to set options on the oras push -type PushOpt func(o *pushOpts) error - -// WithConfig overrides the config - setting this will ignore WithConfigMediaType and WithConfigAnnotations -func WithConfig(config ocispec.Descriptor) PushOpt { - return func(o *pushOpts) error { - o.config = &config - return nil - } -} - -// WithConfigMediaType overrides the config media type -func WithConfigMediaType(mediaType string) PushOpt { - return func(o *pushOpts) error { - o.configMediaType = mediaType - return nil - } -} - -// WithConfigAnnotations overrides the config annotations -func WithConfigAnnotations(annotations map[string]string) PushOpt { - return func(o *pushOpts) error { - o.configAnnotations = annotations - return nil - } -} - -// WithManifest overrides the manifest - setting this will ignore WithManifestConfigAnnotations -func WithManifest(manifest ocispec.Descriptor) PushOpt { - return func(o *pushOpts) error { - o.manifest = &manifest - return nil - } -} - -// WithManifestAnnotations overrides the manifest annotations -func WithManifestAnnotations(annotations map[string]string) PushOpt { - return func(o *pushOpts) error { - o.manifestAnnotations = annotations - return nil - } -} - -// WithNameValidation validates the image title in the descriptor. -// Pass nil to disable name validation. -func WithNameValidation(validate func(desc ocispec.Descriptor) error) PushOpt { - return func(o *pushOpts) error { - o.validateName = validate - return nil - } -} - -// ValidateNameAsPath validates name in the descriptor as file path in order -// to generate good packages intended to be pulled using the FileStore or -// the oras cli. -// For cross-platform considerations, only unix paths are accepted. -func ValidateNameAsPath(desc ocispec.Descriptor) error { - // no empty name - path, ok := orascontent.ResolveName(desc) - if !ok || path == "" { - return orascontent.ErrNoName - } - - // path should be clean - if target := filepath.ToSlash(filepath.Clean(path)); target != path { - return errors.Wrap(ErrDirtyPath, path) - } - - // path should be slash-separated - if strings.Contains(path, "\\") { - return errors.Wrap(ErrPathNotSlashSeparated, path) - } - - // disallow absolute path: covers unix and windows format - if strings.HasPrefix(path, "/") { - return errors.Wrap(ErrAbsolutePathDisallowed, path) - } - if len(path) > 2 { - c := path[0] - if path[1] == ':' && path[2] == '/' && ('a' <= c && c <= 'z' || 'A' <= c && c <= 'Z') { - return errors.Wrap(ErrAbsolutePathDisallowed, path) - } - } - - // disallow path traversal - if strings.HasPrefix(path, "../") || path == ".." { - return errors.Wrap(ErrPathTraversalDisallowed, path) - } - - return nil -} - -// WithPushBaseHandler provides base handlers, which will be called before -// any push specific handlers. -func WithPushBaseHandler(handlers ...images.Handler) PushOpt { - return func(o *pushOpts) error { - o.baseHandlers = append(o.baseHandlers, handlers...) - return nil - } -} - -// WithPushStatusTrack report results to a provided writer -func WithPushStatusTrack(writer io.Writer) PushOpt { - return WithPushBaseHandler(pushStatusTrack(writer)) -} - -func pushStatusTrack(writer io.Writer) images.Handler { - var printLock sync.Mutex - return images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) { - if name, ok := orascontent.ResolveName(desc); ok { - printLock.Lock() - defer printLock.Unlock() - fmt.Fprintln(writer, "Uploading", desc.Digest.Encoded()[:12], name) - } - return nil, nil - }) -} diff --git a/vendor/oras.land/oras-go/pkg/oras/store.go b/vendor/oras.land/oras-go/pkg/oras/store.go index 33d87345d6..edb835625a 100644 --- a/vendor/oras.land/oras-go/pkg/oras/store.go +++ b/vendor/oras.land/oras-go/pkg/oras/store.go @@ -17,11 +17,13 @@ package oras import ( "context" - "errors" "io" + "io/ioutil" "time" "github.com/containerd/containerd/content" + "github.com/containerd/containerd/errdefs" + "github.com/containerd/containerd/remotes" "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" "golang.org/x/sync/errgroup" @@ -29,31 +31,24 @@ import ( orascontent "oras.land/oras-go/pkg/content" ) -// ensure interface -var ( - _ content.Store = &hybridStore{} -) - type hybridStore struct { - cache *orascontent.Memorystore + cache *orascontent.Memory cachedMediaTypes []string + cacheOnly bool provider content.Provider ingester content.Ingester } -func newHybridStoreFromProvider(provider content.Provider, cachedMediaTypes []string) *hybridStore { - return &hybridStore{ - cache: orascontent.NewMemoryStore(), - cachedMediaTypes: cachedMediaTypes, - provider: provider, +func newHybridStoreFromPusher(pusher remotes.Pusher, cachedMediaTypes []string, cacheOnly bool) *hybridStore { + // construct an ingester from a pusher + ingester := pusherIngester{ + pusher: pusher, } -} - -func newHybridStoreFromIngester(ingester content.Ingester, cachedMediaTypes []string) *hybridStore { return &hybridStore{ - cache: orascontent.NewMemoryStore(), + cache: orascontent.NewMemory(), cachedMediaTypes: cachedMediaTypes, ingester: ingester, + cacheOnly: cacheOnly, } } @@ -61,18 +56,22 @@ func (s *hybridStore) Set(desc ocispec.Descriptor, content []byte) { s.cache.Set(desc, content) } -// ReaderAt provides contents -func (s *hybridStore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { - readerAt, err := s.cache.ReaderAt(ctx, desc) +func (s *hybridStore) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.ReadCloser, error) { + reader, err := s.cache.Fetch(ctx, desc) if err == nil { - return readerAt, nil + return reader, err } if s.provider != nil { - return s.provider.ReaderAt(ctx, desc) + rat, err := s.provider.ReaderAt(ctx, desc) + return ioutil.NopCloser(orascontent.NewReaderAtWrapper(rat)), err } return nil, err } +func (s *hybridStore) Push(ctx context.Context, desc ocispec.Descriptor) (content.Writer, error) { + return s.Writer(ctx, content.WithDescriptor(desc)) +} + // Writer begins or resumes the active writer identified by desc func (s *hybridStore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) { var wOpts content.WriterOpts @@ -83,70 +82,30 @@ func (s *hybridStore) Writer(ctx context.Context, opts ...content.WriterOpt) (co } if isAllowedMediaType(wOpts.Desc.MediaType, s.cachedMediaTypes...) || s.ingester == nil { - cacheWriter, err := s.cache.Writer(ctx, opts...) + pusher, err := s.cache.Pusher(ctx, "") if err != nil { return nil, err } + cacheWriter, err := pusher.Push(ctx, wOpts.Desc) + if err != nil { + return nil, err + } + // if we cache it only, do not pass it through + if s.cacheOnly { + return cacheWriter, nil + } ingesterWriter, err := s.ingester.Writer(ctx, opts...) - if err != nil { - return nil, err + switch { + case err == nil: + return newTeeWriter(wOpts.Desc, cacheWriter, ingesterWriter), nil + case errdefs.IsAlreadyExists(err): + return cacheWriter, nil } - return newTeeWriter(wOpts.Desc, cacheWriter, ingesterWriter), nil + return nil, err } return s.ingester.Writer(ctx, opts...) } -// TODO: implement (needed to create a content.Store) -// TODO: do not return empty content.Info -// Abort completely cancels the ingest operation targeted by ref. -func (s *hybridStore) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) { - return content.Info{}, nil -} - -// TODO: implement (needed to create a content.Store) -// Update updates mutable information related to content. -// If one or more fieldpaths are provided, only those -// fields will be updated. -// Mutable fields: -// labels.* -func (s *hybridStore) Update(ctx context.Context, info content.Info, fieldpaths ...string) (content.Info, error) { - return content.Info{}, errors.New("not yet implemented: Update (content.Store interface)") -} - -// TODO: implement (needed to create a content.Store) -// Walk will call fn for each item in the content store which -// match the provided filters. If no filters are given all -// items will be walked. -func (s *hybridStore) Walk(ctx context.Context, fn content.WalkFunc, filters ...string) error { - return errors.New("not yet implemented: Walk (content.Store interface)") -} - -// TODO: implement (needed to create a content.Store) -// Delete removes the content from the store. -func (s *hybridStore) Delete(ctx context.Context, dgst digest.Digest) error { - return errors.New("not yet implemented: Delete (content.Store interface)") -} - -// TODO: implement (needed to create a content.Store) -func (s *hybridStore) Status(ctx context.Context, ref string) (content.Status, error) { - // Status returns the status of the provided ref. - return content.Status{}, errors.New("not yet implemented: Status (content.Store interface)") -} - -// TODO: implement (needed to create a content.Store) -// ListStatuses returns the status of any active ingestions whose ref match the -// provided regular expression. If empty, all active ingestions will be -// returned. -func (s *hybridStore) ListStatuses(ctx context.Context, filters ...string) ([]content.Status, error) { - return []content.Status{}, errors.New("not yet implemented: ListStatuses (content.Store interface)") -} - -// TODO: implement (needed to create a content.Store) -// Abort completely cancels the ingest operation targeted by ref. -func (s *hybridStore) Abort(ctx context.Context, ref string) error { - return errors.New("not yet implemented: Abort (content.Store interface)") -} - // teeWriter tees the content to one or more content.Writer type teeWriter struct { writers []content.Writer @@ -237,3 +196,18 @@ func (t *teeWriter) Truncate(size int64) error { } return g.Wait() } + +// pusherIngester simple wrapper to get an ingester from a pusher +type pusherIngester struct { + pusher remotes.Pusher +} + +func (p pusherIngester) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) { + var wOpts content.WriterOpts + for _, opt := range opts { + if err := opt(&wOpts); err != nil { + return nil, err + } + } + return p.pusher.Push(ctx, wOpts.Desc) +} diff --git a/vendor/oras.land/oras-go/pkg/registry/BUILD.bazel b/vendor/oras.land/oras-go/pkg/registry/BUILD.bazel new file mode 100644 index 0000000000..a946eb2681 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/BUILD.bazel @@ -0,0 +1,16 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "reference.go", + "repository.go", + ], + importmap = "k8s.io/kops/vendor/oras.land/oras-go/pkg/registry", + importpath = "oras.land/oras-go/pkg/registry", + visibility = ["//visibility:public"], + deps = [ + "//vendor/github.com/opencontainers/go-digest:go_default_library", + "//vendor/oras.land/oras-go/pkg/content:go_default_library", + ], +) diff --git a/vendor/oras.land/oras-go/pkg/registry/reference.go b/vendor/oras.land/oras-go/pkg/registry/reference.go new file mode 100644 index 0000000000..299651cd10 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/reference.go @@ -0,0 +1,177 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package registry + +import ( + "fmt" + "net/url" + "regexp" + "strings" + + "github.com/opencontainers/go-digest" + errdef "oras.land/oras-go/pkg/content" +) + +// regular expressions for components. +var ( + // repositoryRegexp is adapted from the distribution implementation. + // The repository name set under OCI distribution spec is a subset of the + // the docker spec. For maximum compability, the docker spec is verified at + // the client side. Further check is left to the server side. + // References: + // - https://github.com/distribution/distribution/blob/v2.7.1/reference/regexp.go#L53 + // - https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pulling-manifests + repositoryRegexp = regexp.MustCompile(`^[a-z0-9]+(?:(?:[._]|__|[-]*)[a-z0-9]+)*(?:/[a-z0-9]+(?:(?:[._]|__|[-]*)[a-z0-9]+)*)*$`) + + // tagRegexp checks the tag name. + // The docker and OCI spec have the same regular expression. + // Reference: https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pulling-manifests + tagRegexp = regexp.MustCompile(`^[\w][\w.-]{0,127}$`) +) + +// Reference references to a descriptor in the registry. +type Reference struct { + // Registry is the name of the registry. + // It is usually the domain name of the registry optionally with a port. + Registry string + + // Repository is the name of the repository. + Repository string + + // Reference is the reference of the object in the repository. + // A reference can be a tag or a digest. + Reference string +} + +// ParseReference parses a string into a artifact reference. +// If the reference contains both the tag and the digest, the tag will be +// dropped. +// Digest is recognized only if the corresponding algorithm is available. +func ParseReference(raw string) (Reference, error) { + parts := strings.SplitN(raw, "/", 2) + if len(parts) == 1 { + return Reference{}, fmt.Errorf("%w: missing repository", errdef.ErrInvalidReference) + } + registry, path := parts[0], parts[1] + var repository string + var reference string + if index := strings.Index(path, "@"); index != -1 { + // digest found + repository = path[:index] + reference = path[index+1:] + + // drop tag since the digest is present. + if index := strings.Index(repository, ":"); index != -1 { + repository = repository[:index] + } + } else if index := strings.Index(path, ":"); index != -1 { + // tag found + repository = path[:index] + reference = path[index+1:] + } else { + // empty reference + repository = path + } + res := Reference{ + Registry: registry, + Repository: repository, + Reference: reference, + } + if err := res.Validate(); err != nil { + return Reference{}, err + } + return res, nil +} + +// Validate validates the entire reference. +func (r Reference) Validate() error { + err := r.ValidateRegistry() + if err != nil { + return err + } + err = r.ValidateRepository() + if err != nil { + return err + } + return r.ValidateReference() +} + +// ValidateRegistry validates the registry. +func (r Reference) ValidateRegistry() error { + uri, err := url.ParseRequestURI("dummy://" + r.Registry) + if err != nil || uri.Host != r.Registry { + return fmt.Errorf("%w: invalid registry", errdef.ErrInvalidReference) + } + return nil +} + +// ValidateRepository validates the repository. +func (r Reference) ValidateRepository() error { + if !repositoryRegexp.MatchString(r.Repository) { + return fmt.Errorf("%w: invalid repository", errdef.ErrInvalidReference) + } + return nil +} + +// ValidateReference validates the reference. +func (r Reference) ValidateReference() error { + if r.Reference == "" { + return nil + } + if _, err := r.Digest(); err == nil { + return nil + } + if !tagRegexp.MatchString(r.Reference) { + return fmt.Errorf("%w: invalid tag", errdef.ErrInvalidReference) + } + return nil +} + +// Host returns the host name of the registry. +func (r Reference) Host() string { + if r.Registry == "docker.io" { + return "registry-1.docker.io" + } + return r.Registry +} + +// ReferenceOrDefault returns the reference or the default reference if empty. +func (r Reference) ReferenceOrDefault() string { + if r.Reference == "" { + return "latest" + } + return r.Reference +} + +// Digest returns the reference as a digest. +func (r Reference) Digest() (digest.Digest, error) { + return digest.Parse(r.Reference) +} + +// String implements `fmt.Stringer` and returns the reference string. +// The resulted string is meaningful only if the reference is valid. +func (r Reference) String() string { + if r.Repository == "" { + return r.Registry + } + ref := r.Registry + "/" + r.Repository + if r.Reference == "" { + return ref + } + if d, err := r.Digest(); err == nil { + return ref + "@" + d.String() + } + return ref + ":" + r.Reference +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/BUILD.bazel b/vendor/oras.land/oras-go/pkg/registry/remote/BUILD.bazel new file mode 100644 index 0000000000..50bb444c99 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/BUILD.bazel @@ -0,0 +1,19 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "repository.go", + "url.go", + "utils.go", + ], + importmap = "k8s.io/kops/vendor/oras.land/oras-go/pkg/registry/remote", + importpath = "oras.land/oras-go/pkg/registry/remote", + visibility = ["//visibility:public"], + deps = [ + "//vendor/oras.land/oras-go/pkg/content:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry/remote/auth:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil:go_default_library", + ], +) diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/auth/BUILD.bazel b/vendor/oras.land/oras-go/pkg/registry/remote/auth/BUILD.bazel new file mode 100644 index 0000000000..941610e809 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/auth/BUILD.bazel @@ -0,0 +1,20 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "cache.go", + "challenge.go", + "client.go", + "credential.go", + "scope.go", + ], + importmap = "k8s.io/kops/vendor/oras.land/oras-go/pkg/registry/remote/auth", + importpath = "oras.land/oras-go/pkg/registry/remote/auth", + visibility = ["//visibility:public"], + deps = [ + "//vendor/oras.land/oras-go/pkg/content:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil:go_default_library", + "//vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil:go_default_library", + ], +) diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/auth/cache.go b/vendor/oras.land/oras-go/pkg/registry/remote/auth/cache.go new file mode 100644 index 0000000000..0705883736 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/auth/cache.go @@ -0,0 +1,158 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package auth + +import ( + "context" + "strings" + "sync" + + errdef "oras.land/oras-go/pkg/content" + "oras.land/oras-go/pkg/registry/remote/internal/syncutil" +) + +// DefaultCache is the sharable cache used by DefaultClient. +var DefaultCache Cache = NewCache() + +// Cache caches the auth-scheme and auth-token for the "Authorization" header in +// accessing the remote registry. +// Precisely, the header is `Authorization: auth-scheme auth-token`. +// The `auth-token` is a generic term as `token68` in RFC 7235 section 2.1. +type Cache interface { + // GetScheme returns the auth-scheme part cached for the given registry. + // A single registry is assumed to have a consistent scheme. + // If a registry has different schemes per path, the auth client is still + // workable. However, the cache may not be effective as the cache cannot + // correctly guess the scheme. + GetScheme(ctx context.Context, registry string) (Scheme, error) + + // GetToken returns the auth-token part cached for the given registry of a + // given scheme. + // The underlying implementation MAY cache the token for all schemes for the + // given registry. + GetToken(ctx context.Context, registry string, scheme Scheme, key string) (string, error) + + // Set fetches the token using the given fetch function and caches the token + // for the given scheme with the given key for the given registry. + // The return values of the fetch function is returned by this function. + // The underlying implementation MAY combine the fetch operation if the Set + // function is invoked multiple times at the same time. + Set(ctx context.Context, registry string, scheme Scheme, key string, fetch func(context.Context) (string, error)) (string, error) +} + +// cacheEntry is a cache entry for a single registry. +type cacheEntry struct { + scheme Scheme + tokens sync.Map // map[string]string +} + +// concurrentCache is a cache suitable for concurrent invocation. +type concurrentCache struct { + status sync.Map // map[string]*syncutil.Once + cache sync.Map // map[string]*cacheEntry +} + +// NewCache creates a new go-routine safe cache instance. +func NewCache() Cache { + return &concurrentCache{} +} + +// GetScheme returns the auth-scheme part cached for the given registry. +func (cc *concurrentCache) GetScheme(ctx context.Context, registry string) (Scheme, error) { + entry, ok := cc.cache.Load(registry) + if !ok { + return SchemeUnknown, errdef.ErrNotFound + } + return entry.(*cacheEntry).scheme, nil +} + +// GetToken returns the auth-token part cached for the given registry of a given +// scheme. +func (cc *concurrentCache) GetToken(ctx context.Context, registry string, scheme Scheme, key string) (string, error) { + entryValue, ok := cc.cache.Load(registry) + if !ok { + return "", errdef.ErrNotFound + } + entry := entryValue.(*cacheEntry) + if entry.scheme != scheme { + return "", errdef.ErrNotFound + } + if token, ok := entry.tokens.Load(key); ok { + return token.(string), nil + } + return "", errdef.ErrNotFound +} + +// Set fetches the token using the given fetch function and caches the token +// for the given scheme with the given key for the given registry. +// Set combines the fetch operation if the Set is invoked multiple times at the +// same time. +func (cc *concurrentCache) Set(ctx context.Context, registry string, scheme Scheme, key string, fetch func(context.Context) (string, error)) (string, error) { + // fetch token + statusKey := strings.Join([]string{ + registry, + scheme.String(), + key, + }, " ") + statusValue, _ := cc.status.LoadOrStore(statusKey, syncutil.NewOnce()) + fetchOnce := statusValue.(*syncutil.Once) + fetchedFirst, result, err := fetchOnce.Do(ctx, func() (interface{}, error) { + return fetch(ctx) + }) + if fetchedFirst { + cc.status.Delete(statusKey) + } + if err != nil { + return "", err + } + token := result.(string) + if !fetchedFirst { + return token, nil + } + + // cache token + newEntry := &cacheEntry{ + scheme: scheme, + } + entryValue, exists := cc.cache.LoadOrStore(registry, newEntry) + entry := entryValue.(*cacheEntry) + if exists && entry.scheme != scheme { + // there is a scheme change, which is not expected in most scenarios. + // force invalidating all previous cache. + entry = newEntry + cc.cache.Store(registry, entry) + } + entry.tokens.Store(key, token) + + return token, nil +} + +// noCache is a cache implementation that does not do cache at all. +type noCache struct{} + +// GetScheme always returns not found error as it has no cache. +func (noCache) GetScheme(ctx context.Context, registry string) (Scheme, error) { + return SchemeUnknown, errdef.ErrNotFound +} + +// GetToken always returns not found error as it has no cache. +func (noCache) GetToken(ctx context.Context, registry string, scheme Scheme, key string) (string, error) { + return "", errdef.ErrNotFound +} + +// Set calls fetch directly without caching. +func (noCache) Set(ctx context.Context, registry string, scheme Scheme, key string, fetch func(context.Context) (string, error)) (string, error) { + return fetch(ctx) +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/auth/challenge.go b/vendor/oras.land/oras-go/pkg/registry/remote/auth/challenge.go new file mode 100644 index 0000000000..e2d28a11ec --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/auth/challenge.go @@ -0,0 +1,166 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package auth + +import ( + "strconv" + "strings" +) + +// Scheme define the authentication method. +type Scheme byte + +const ( + // SchemeUnknown represents unknown or unsupported schemes + SchemeUnknown Scheme = iota + + // SchemeBasic represents the "Basic" HTTP authentication scheme. + // Reference: https://tools.ietf.org/html/rfc7617 + SchemeBasic + + // SchemeBearer represents the Bearer token in OAuth 2.0. + // Reference: https://tools.ietf.org/html/rfc6750 + SchemeBearer +) + +// parseScheme parse the authentication scheme from the given string +// case-insensitively. +func parseScheme(scheme string) Scheme { + switch { + case strings.EqualFold(scheme, "basic"): + return SchemeBasic + case strings.EqualFold(scheme, "bearer"): + return SchemeBearer + } + return SchemeUnknown +} + +// String return the string for the scheme. +func (s Scheme) String() string { + switch s { + case SchemeBasic: + return "Basic" + case SchemeBearer: + return "Bearer" + } + return "Unknown" +} + +// parseChallenge parses the "WWW-Authenticate" header returned by the remote +// registry, and extracts parameters if scheme is Bearer. +// References: +// - https://docs.docker.com/registry/spec/auth/token/#how-to-authenticate +// - https://tools.ietf.org/html/rfc7235#section-2.1 +func parseChallenge(header string) (scheme Scheme, params map[string]string) { + // as defined in RFC 7235 section 2.1, we have + // challenge = auth-scheme [ 1*SP ( token68 / #auth-param ) ] + // auth-scheme = token + // auth-param = token BWS "=" BWS ( token / quoted-string ) + // + // since we focus parameters only on Bearer, we have + // challenge = auth-scheme [ 1*SP #auth-param ] + schemeString, rest := parseToken(header) + scheme = parseScheme(schemeString) + + // fast path for non bearer challenge + if scheme != SchemeBearer { + return + } + + // parse params for bearer auth. + // combining RFC 7235 section 2.1 with RFC 7230 section 7, we have + // #auth-param => auth-param *( OWS "," OWS auth-param ) + var key, value string + for { + key, rest = parseToken(skipSpace(rest)) + if key == "" { + return + } + + rest = skipSpace(rest) + if rest == "" || rest[0] != '=' { + return + } + rest = skipSpace(rest[1:]) + if rest == "" { + return + } + + if rest[0] == '"' { + prefix, err := strconv.QuotedPrefix(rest) + if err != nil { + return + } + value, err = strconv.Unquote(prefix) + if err != nil { + return + } + rest = rest[len(prefix):] + } else { + value, rest = parseToken(rest) + if value == "" { + return + } + } + if params == nil { + params = map[string]string{ + key: value, + } + } else { + params[key] = value + } + + rest = skipSpace(rest) + if rest == "" || rest[0] != ',' { + return + } + rest = rest[1:] + } +} + +// isNotTokenChar reports whether rune is not a `tchar` defined in RFC 7230 +// section 3.2.6. +func isNotTokenChar(r rune) bool { + // tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" + // / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" + // / DIGIT / ALPHA + // ; any VCHAR, except delimiters + return (r < 'A' || r > 'Z') && (r < 'a' || r > 'z') && + (r < '0' || r > '9') && !strings.ContainsRune("!#$%&'*+-.^_`|~", r) +} + +// parseToken finds the next token from the given string. If no token found, +// an empty token is returned and the whole of the input is returned in rest. +// Note: Since token = 1*tchar, empty string is not a valid token. +func parseToken(s string) (token, rest string) { + if i := strings.IndexFunc(s, isNotTokenChar); i != -1 { + return s[:i], s[i:] + } + return s, "" +} + +// skipSpace skips "bad" whitespace (BWS) defined in RFC 7230 section 3.2.3. +func skipSpace(s string) string { + // OWS = *( SP / HTAB ) + // ; optional whitespace + // BWS = OWS + // ; "bad" whitespace + if i := strings.IndexFunc(s, func(r rune) bool { + return r != ' ' && r != '\t' + }); i != -1 { + return s[i:] + } + return s +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/auth/client.go b/vendor/oras.land/oras-go/pkg/registry/remote/auth/client.go new file mode 100644 index 0000000000..ef1c9479dc --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/auth/client.go @@ -0,0 +1,367 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package auth + +import ( + "context" + "encoding/base64" + "encoding/json" + "errors" + "fmt" + "io" + "net/http" + "net/url" + "strings" + + "oras.land/oras-go/pkg/registry/remote/internal/errutil" +) + +// DefaultClient is the default auth-decorated client. +var DefaultClient = &Client{ + Header: http.Header{ + "User-Agent": {"oras-go"}, + }, + Cache: DefaultCache, +} + +// maxResponseBytes specifies the default limit on how many response bytes are +// allowed in the server's response from authorization service servers. +// A typical response message from authorization service servers is around 1 to +// 4 KiB. Since the size of a token must be smaller than the HTTP header size +// limit, which is usually 16 KiB. As specified by the distribution, the +// response may contain 2 identical tokens, that is, 16 x 2 = 32 KiB. +// Hence, 128 KiB should be sufficient. +// References: https://docs.docker.com/registry/spec/auth/token/ +var maxResponseBytes int64 = 128 * 1024 // 128 KiB + +// defaultClientID specifies the default client ID used in OAuth2. +// See also ClientID. +var defaultClientID = "oras-go" + +// Client is an auth-decorated HTTP client. +// Its zero value is a usable client that uses http.DefaultClient with no cache. +type Client struct { + // Client is the underlying HTTP client used to access the remote + // server. + // If nil, http.DefaultClient is used. + Client *http.Client + + // Header contains the custom headers to be added to each request. + Header http.Header + + // Credential specifies the function for resolving the credential for the + // given registry (i.e. host:port). + // `EmptyCredential` is a valid return value and should not be considered as + // an error. + // If nil, the credential is always resolved to `EmptyCredential`. + Credential func(context.Context, string) (Credential, error) + + // Cache caches credentials for direct accessing the remote registry. + // If nil, no cache is used. + Cache Cache + + // ClientID used in fetching OAuth2 token as a required field. + // If empty, a default client ID is used. + // Reference: https://docs.docker.com/registry/spec/auth/oauth/#getting-a-token + ClientID string + + // ForceAttemptOAuth2 controls whether to follow OAuth2 with password grant + // instead the distribution spec when authenticating using username and + // password. + // References: + // - https://docs.docker.com/registry/spec/auth/jwt/ + // - https://docs.docker.com/registry/spec/auth/oauth/ + ForceAttemptOAuth2 bool +} + +// client returns an HTTP client used to access the remote registry. +// http.DefaultClient is return if the client is not configured. +func (c *Client) client() *http.Client { + if c.Client == nil { + return http.DefaultClient + } + return c.Client +} + +// send adds headers to the request and sends the request to the remote server. +func (c *Client) send(req *http.Request) (*http.Response, error) { + for key, values := range c.Header { + req.Header[key] = append(req.Header[key], values...) + } + return c.client().Do(req) +} + +// credential resolves the credential for the given registry. +func (c *Client) credential(ctx context.Context, reg string) (Credential, error) { + if c.Credential == nil { + return EmptyCredential, nil + } + return c.Credential(ctx, reg) +} + +// cache resolves the cache. +// noCache is return if the cache is not configured. +func (c *Client) cache() Cache { + if c.Cache == nil { + return noCache{} + } + return c.Cache +} + +// SetUserAgent sets the user agent for all out-going requests. +func (c *Client) SetUserAgent(userAgent string) { + if c.Header == nil { + c.Header = http.Header{} + } + c.Header.Set("User-Agent", userAgent) +} + +// Do sends the request to the remote server with resolving authentication +// attempted. +// On authentication failure due to bad credential, +// - Do returns error if it fails to fetch token for bearer auth. +// - Do returns the registry response without error for basic auth. +func (c *Client) Do(originalReq *http.Request) (*http.Response, error) { + ctx := originalReq.Context() + req := originalReq.Clone(ctx) + + // attempt cached auth token + var attemptedKey string + cache := c.cache() + registry := originalReq.Host + scheme, err := cache.GetScheme(ctx, registry) + if err == nil { + switch scheme { + case SchemeBasic: + token, err := cache.GetToken(ctx, registry, SchemeBasic, "") + if err == nil { + req.Header.Set("Authorization", "Basic "+token) + } + case SchemeBearer: + scopes := GetScopes(ctx) + attemptedKey = strings.Join(scopes, " ") + token, err := cache.GetToken(ctx, registry, SchemeBearer, attemptedKey) + if err == nil { + req.Header.Set("Authorization", "Bearer "+token) + } + } + } + + resp, err := c.send(req) + if err != nil { + return nil, err + } + if resp.StatusCode != http.StatusUnauthorized { + return resp, nil + } + + // attempt again with credentials for recognized schemes + challenge := resp.Header.Get("Www-Authenticate") + scheme, params := parseChallenge(challenge) + switch scheme { + case SchemeBasic: + resp.Body.Close() + + token, err := cache.Set(ctx, registry, SchemeBasic, "", func(ctx context.Context) (string, error) { + return c.fetchBasicAuth(ctx, registry) + }) + if err != nil { + return nil, fmt.Errorf("%s %q: %w", resp.Request.Method, resp.Request.URL, err) + } + + req = originalReq.Clone(ctx) + req.Header.Set("Authorization", "Basic "+token) + case SchemeBearer: + resp.Body.Close() + + // merge hinted scopes with challenged scopes + scopes := GetScopes(ctx) + if scope := params["scope"]; scope != "" { + scopes = append(scopes, strings.Split(scope, " ")...) + scopes = CleanScopes(scopes) + } + key := strings.Join(scopes, " ") + + // attempt the cache again if there is a scope change + if key != attemptedKey { + if token, err := cache.GetToken(ctx, registry, SchemeBearer, key); err == nil { + req = originalReq.Clone(ctx) + req.Header.Set("Authorization", "Bearer "+token) + + resp, err := c.send(req) + if err != nil { + return nil, err + } + if resp.StatusCode != http.StatusUnauthorized { + return resp, nil + } + resp.Body.Close() + } + } + + // attempt with credentials + realm := params["realm"] + service := params["service"] + token, err := cache.Set(ctx, registry, SchemeBearer, key, func(ctx context.Context) (string, error) { + return c.fetchBearerToken(ctx, registry, realm, service, scopes) + }) + if err != nil { + return nil, fmt.Errorf("%s %q: %w", resp.Request.Method, resp.Request.URL, err) + } + + req = originalReq.Clone(ctx) + req.Header.Set("Authorization", "Bearer "+token) + default: + return resp, nil + } + + return c.send(req) +} + +// fetchBasicAuth fetches a basic auth token for the basic challenge. +func (c *Client) fetchBasicAuth(ctx context.Context, registry string) (string, error) { + cred, err := c.credential(ctx, registry) + if err != nil { + return "", fmt.Errorf("failed to resolve credential: %w", err) + } + if cred == EmptyCredential { + return "", errors.New("credential required for basic auth") + } + if cred.Username == "" || cred.Password == "" { + return "", errors.New("missing username or password for basic auth") + } + auth := cred.Username + ":" + cred.Password + return base64.StdEncoding.EncodeToString([]byte(auth)), nil +} + +// fetchBearerToken fetches an access token for the bearer challenge. +func (c *Client) fetchBearerToken(ctx context.Context, registry, realm, service string, scopes []string) (string, error) { + cred, err := c.credential(ctx, registry) + if err != nil { + return "", err + } + if cred.AccessToken != "" { + return cred.AccessToken, nil + } + if cred == EmptyCredential || (cred.RefreshToken == "" && !c.ForceAttemptOAuth2) { + return c.fetchDistributionToken(ctx, realm, service, scopes, cred.Username, cred.Password) + } + return c.fetchOAuth2Token(ctx, realm, service, scopes, cred) +} + +// fetchDistributionToken fetches an access token as defined by the distribution +// specification. +// It fetches anonymous tokens if no credential is provided. +// References: +// - https://docs.docker.com/registry/spec/auth/jwt/ +// - https://docs.docker.com/registry/spec/auth/token/ +func (c *Client) fetchDistributionToken(ctx context.Context, realm, service string, scopes []string, username, password string) (string, error) { + req, err := http.NewRequestWithContext(ctx, http.MethodGet, realm, nil) + if err != nil { + return "", err + } + if username != "" || password != "" { + req.SetBasicAuth(username, password) + } + q := req.URL.Query() + if service != "" { + q.Set("service", service) + } + for _, scope := range scopes { + q.Add("scope", scope) + } + req.URL.RawQuery = q.Encode() + + resp, err := c.send(req) + if err != nil { + return "", err + } + defer resp.Body.Close() + if resp.StatusCode != http.StatusOK { + return "", errutil.ParseErrorResponse(resp) + } + + // As specified in https://docs.docker.com/registry/spec/auth/token/ section + // "Token Response Fields", the token is either in `token` or + // `access_token`. If both present, they are identical. + var result struct { + Token string `json:"token"` + AccessToken string `json:"access_token"` + } + lr := io.LimitReader(resp.Body, maxResponseBytes) + if err := json.NewDecoder(lr).Decode(&result); err != nil { + return "", fmt.Errorf("%s %q: failed to decode response: %w", resp.Request.Method, resp.Request.URL, err) + } + if result.AccessToken != "" { + return result.AccessToken, nil + } + if result.Token != "" { + return result.Token, nil + } + return "", fmt.Errorf("%s %q: empty token returned", resp.Request.Method, resp.Request.URL) +} + +// fetchOAuth2Token fetches an OAuth2 access token. +// Reference: https://docs.docker.com/registry/spec/auth/oauth/ +func (c *Client) fetchOAuth2Token(ctx context.Context, realm, service string, scopes []string, cred Credential) (string, error) { + form := url.Values{} + if cred.RefreshToken != "" { + form.Set("grant_type", "refresh_token") + form.Set("refresh_token", cred.RefreshToken) + } else if cred.Username != "" && cred.Password != "" { + form.Set("grant_type", "password") + form.Set("username", cred.Username) + form.Set("password", cred.Password) + } else { + return "", errors.New("missing username or password for bearer auth") + } + form.Set("service", service) + clientID := c.ClientID + if clientID == "" { + clientID = defaultClientID + } + form.Set("client_id", clientID) + if len(scopes) != 0 { + form.Set("scope", strings.Join(scopes, " ")) + } + body := strings.NewReader(form.Encode()) + + req, err := http.NewRequestWithContext(ctx, http.MethodPost, realm, body) + if err != nil { + return "", err + } + req.Header.Set("Content-Type", "application/x-www-form-urlencoded") + + resp, err := c.send(req) + if err != nil { + return "", err + } + defer resp.Body.Close() + if resp.StatusCode != http.StatusOK { + return "", errutil.ParseErrorResponse(resp) + } + + var result struct { + AccessToken string `json:"access_token"` + } + lr := io.LimitReader(resp.Body, maxResponseBytes) + if err := json.NewDecoder(lr).Decode(&result); err != nil { + return "", fmt.Errorf("%s %q: failed to decode response: %w", resp.Request.Method, resp.Request.URL, err) + } + if result.AccessToken != "" { + return result.AccessToken, nil + } + return "", fmt.Errorf("%s %q: empty token returned", resp.Request.Method, resp.Request.URL) +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/auth/credential.go b/vendor/oras.land/oras-go/pkg/registry/remote/auth/credential.go new file mode 100644 index 0000000000..2cd9f774bf --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/auth/credential.go @@ -0,0 +1,39 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package auth + +// EmptyCredential represents an empty credential. +var EmptyCredential Credential + +// Credential contains authentication credentials used to access remote +// registries. +type Credential struct { + // Username is the name of the user for the remote registry. + Username string + + // Password is the secret associated with the username. + Password string + + // RefreshToken is a bearer token to be sent to the authorization service + // for fetching access tokens. + // A refresh token is often referred as an identity token. + // Reference: https://docs.docker.com/registry/spec/auth/oauth/ + RefreshToken string + + // AccessToken is a bearer token to be sent to the registry. + // An access token is often referred as a registry token. + // Reference: https://docs.docker.com/registry/spec/auth/token/ + AccessToken string +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/auth/scope.go b/vendor/oras.land/oras-go/pkg/registry/remote/auth/scope.go new file mode 100644 index 0000000000..3b865dd60f --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/auth/scope.go @@ -0,0 +1,231 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package auth + +import ( + "context" + "sort" + "strings" +) + +// Actions used in scopes. +// Reference: https://docs.docker.com/registry/spec/auth/scope/ +const ( + // ActionPull represents generic read access for resources of the repository + // type. + ActionPull = "pull" + + // ActionPush represents generic write access for resources of the + // repository type. + ActionPush = "push" + + // ActionDelete represents the delete permission for resources of the + // repository type. + ActionDelete = "delete" +) + +// ScopeRegistryCatalog is the scope for registry catalog access. +const ScopeRegistryCatalog = "registry:catalog:*" + +// ScopeRepository returns a repository scope with given actions. +// Reference: https://docs.docker.com/registry/spec/auth/scope/ +func ScopeRepository(repository string, actions ...string) string { + actions = cleanActions(actions) + if repository == "" || len(actions) == 0 { + return "" + } + return strings.Join([]string{ + "repository", + repository, + strings.Join(actions, ","), + }, ":") +} + +// scopesContextKey is the context key for scopes. +type scopesContextKey struct{} + +// WithScopes returns a context with scopes added. Scopes are de-duplicated. +// Scopes are used as hints for the auth client to fetch bearer tokens with +// larger scopes. +// For example, uploading blob to the repository "hello-world" does HEAD request +// first then POST and PUT. The HEAD request will return a challenge for scope +// `repository:hello-world:pull`, and the auth client will fetch a token for +// that challenge. Later, the POST request will return a challenge for scope +// `repository:hello-world:push`, and the auth client will fetch a token for +// that challenge again. By invoking `WithScopes()` with the scope +// `repository:hello-world:pull,push`, the auth client with cache is hinted to +// fetch a token via a single token fetch request for all the HEAD, POST, PUT +// requests. +// Passing an empty list of scopes will virtually remove the scope hints in the +// context. +// Reference: https://docs.docker.com/registry/spec/auth/scope/ +func WithScopes(ctx context.Context, scopes ...string) context.Context { + scopes = CleanScopes(scopes) + return context.WithValue(ctx, scopesContextKey{}, scopes) +} + +// AppendScopes appends additional scopes to the existing scopes in the context +// and returns a new context. The resulted scopes are de-duplicated. +// The append operation does modify the existing scope in the context passed in. +func AppendScopes(ctx context.Context, scopes ...string) context.Context { + if len(scopes) == 0 { + return ctx + } + return WithScopes(ctx, append(GetScopes(ctx), scopes...)...) +} + +// GetScopes returns the scopes in the context. +func GetScopes(ctx context.Context) []string { + if scopes, ok := ctx.Value(scopesContextKey{}).([]string); ok { + return append([]string(nil), scopes...) + } + return nil +} + +// CleanScopes merges and sort the actions in ascending order if the scopes have +// the same resource type and name. The final scopes are sorted in ascending +// order. In other words, the scopes passed in are de-duplicated and sorted. +// Therefore, the output of this function is deterministic. +// If there is a wildcard `*` in the action, other actions in the same resource +// type and name are ignored. +func CleanScopes(scopes []string) []string { + // fast paths + switch len(scopes) { + case 0: + return nil + case 1: + scope := scopes[0] + i := strings.LastIndex(scope, ":") + if i == -1 { + return []string{scope} + } + actionList := strings.Split(scope[i+1:], ",") + actionList = cleanActions(actionList) + if len(actionList) == 0 { + return nil + } + actions := strings.Join(actionList, ",") + scope = scope[:i+1] + actions + return []string{scope} + } + + // slow path + var result []string + + // merge recognizable scopes + resourceTypes := make(map[string]map[string]map[string]struct{}) + for _, scope := range scopes { + // extract resource type + i := strings.Index(scope, ":") + if i == -1 { + result = append(result, scope) + continue + } + resourceType := scope[:i] + + // extract resource name and actions + rest := scope[i+1:] + i = strings.LastIndex(rest, ":") + if i == -1 { + result = append(result, scope) + continue + } + resourceName := rest[:i] + actions := rest[i+1:] + if actions == "" { + // drop scope since no action found + continue + } + + // add to the intermediate map for de-duplication + namedActions := resourceTypes[resourceType] + if namedActions == nil { + namedActions = make(map[string]map[string]struct{}) + resourceTypes[resourceType] = namedActions + } + actionSet := namedActions[resourceName] + if actionSet == nil { + actionSet = make(map[string]struct{}) + namedActions[resourceName] = actionSet + } + for _, action := range strings.Split(actions, ",") { + if action != "" { + actionSet[action] = struct{}{} + } + } + } + + // reconstruct scopes + for resourceType, namedActions := range resourceTypes { + for resourceName, actionSet := range namedActions { + if len(actionSet) == 0 { + continue + } + var actions []string + for action := range actionSet { + if action == "*" { + actions = []string{"*"} + break + } + actions = append(actions, action) + } + sort.Strings(actions) + scope := resourceType + ":" + resourceName + ":" + strings.Join(actions, ",") + result = append(result, scope) + } + } + + // sort and return + sort.Strings(result) + return result +} + +// cleanActions removes the duplicated actions and sort in ascending order. +// If there is a wildcard `*` in the action, other actions are ignored. +func cleanActions(actions []string) []string { + // fast paths + switch len(actions) { + case 0: + return nil + case 1: + if actions[0] == "" { + return nil + } + return actions + } + + // slow path + sort.Strings(actions) + n := 0 + for i := 0; i < len(actions); i++ { + if actions[i] == "*" { + return []string{"*"} + } + if actions[i] != actions[n] { + n++ + if n != i { + actions[n] = actions[i] + } + } + } + n++ + if actions[0] == "" { + if n == 1 { + return nil + } + return actions[1:n] + } + return actions[:n] +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/BUILD.bazel b/vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/BUILD.bazel new file mode 100644 index 0000000000..94ad4d5972 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/BUILD.bazel @@ -0,0 +1,9 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["errors.go"], + importmap = "k8s.io/kops/vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil", + importpath = "oras.land/oras-go/pkg/registry/remote/internal/errutil", + visibility = ["//vendor/oras.land/oras-go/pkg/registry/remote:__subpackages__"], +) diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/errors.go b/vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/errors.go new file mode 100644 index 0000000000..201ecce89f --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/internal/errutil/errors.go @@ -0,0 +1,83 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package errutil + +import ( + "encoding/json" + "fmt" + "io" + "net/http" + "strings" + "unicode" +) + +// maxErrorBytes specifies the default limit on how many response bytes are +// allowed in the server's error response. +// A typical error message is around 200 bytes. Hence, 8 KiB should be +// sufficient. +var maxErrorBytes int64 = 8 * 1024 // 8 KiB + +// requestError contains a single error. +type requestError struct { + Code string `json:"code"` + Message string `json:"message"` +} + +// Error returns a error string describing the error. +func (e requestError) Error() string { + code := strings.Map(func(r rune) rune { + if r == '_' { + return ' ' + } + return unicode.ToLower(r) + }, e.Code) + if e.Message == "" { + return code + } + return fmt.Sprintf("%s: %s", code, e.Message) +} + +// requestErrors is a bundle of requestError. +type requestErrors []requestError + +// Error returns a error string describing the error. +func (errs requestErrors) Error() string { + switch len(errs) { + case 0: + return "" + case 1: + return errs[0].Error() + } + var errmsgs []string + for _, err := range errs { + errmsgs = append(errmsgs, err.Error()) + } + return strings.Join(errmsgs, "; ") +} + +// ParseErrorResponse parses the error returned by the remote registry. +func ParseErrorResponse(resp *http.Response) error { + var errmsg string + var body struct { + Errors requestErrors `json:"errors"` + } + lr := io.LimitReader(resp.Body, maxErrorBytes) + if err := json.NewDecoder(lr).Decode(&body); err == nil && len(body.Errors) > 0 { + errmsg = body.Errors.Error() + } else { + errmsg = http.StatusText(resp.StatusCode) + } + return fmt.Errorf("%s %q: unexpected status code %d: %s", resp.Request.Method, resp.Request.URL, resp.StatusCode, errmsg) +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/BUILD.bazel b/vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/BUILD.bazel new file mode 100644 index 0000000000..3aaeaa30d7 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/BUILD.bazel @@ -0,0 +1,9 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["once.go"], + importmap = "k8s.io/kops/vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil", + importpath = "oras.land/oras-go/pkg/registry/remote/internal/syncutil", + visibility = ["//vendor/oras.land/oras-go/pkg/registry/remote:__subpackages__"], +) diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/once.go b/vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/once.go new file mode 100644 index 0000000000..a685360b6e --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/internal/syncutil/once.go @@ -0,0 +1,69 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package syncutil + +import "context" + +// Once is an object that will perform exactly one action. +// Unlike sync.Once, this Once allowes the action to have return values. +type Once struct { + result interface{} + err error + status chan bool +} + +// NewOnce creates a new Once instance. +func NewOnce() *Once { + status := make(chan bool, 1) + status <- true + return &Once{ + status: status, + } +} + +// Do calls the function f if and only if Do is being called first time or all +// previous function calls are cancelled, deadline exceeded, or panicking. +// When `once.Do(ctx, f)` is called multiple times, the return value of the +// first call of the function f is stored, and is directly returned for other +// calls. +// Besides the return value of the function f, including the error, Do returns +// true if the function f passed is called first and is not cancelled, deadline +// exceeded, or panicking. Otherwise, returns false. +func (o *Once) Do(ctx context.Context, f func() (interface{}, error)) (bool, interface{}, error) { + defer func() { + if r := recover(); r != nil { + o.status <- true + panic(r) + } + }() + for { + select { + case inProgress := <-o.status: + if !inProgress { + return false, o.result, o.err + } + result, err := f() + if err == context.Canceled || err == context.DeadlineExceeded { + o.status <- true + return false, nil, err + } + o.result, o.err = result, err + close(o.status) + return true, result, err + case <-ctx.Done(): + return false, nil, ctx.Err() + } + } +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/repository.go b/vendor/oras.land/oras-go/pkg/registry/remote/repository.go new file mode 100644 index 0000000000..0fbd37b663 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/repository.go @@ -0,0 +1,171 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package remote + +import ( + "context" + "encoding/json" + "fmt" + "net/http" + "strconv" + + errdef "oras.land/oras-go/pkg/content" + "oras.land/oras-go/pkg/registry" + "oras.land/oras-go/pkg/registry/remote/auth" + "oras.land/oras-go/pkg/registry/remote/internal/errutil" +) + +// Client is an interface for a HTTP client. +type Client interface { + // Do sends an HTTP request and returns an HTTP response. + // + // Unlike http.RoundTripper, Client can attempt to interpret the response + // and handle higher-level protocol details such as redirects and + // authentication. + // + // Like http.RoundTripper, Client should not modify the request, and must + // always close the request body. + Do(*http.Request) (*http.Response, error) +} + +// Repository is an HTTP client to a remote repository. +type Repository struct { + // Client is the underlying HTTP client used to access the remote registry. + // If nil, auth.DefaultClient is used. + Client Client + + // Reference references the remote repository. + Reference registry.Reference + + // PlainHTTP signals the transport to access the remote repository via HTTP + // instead of HTTPS. + PlainHTTP bool + + // ManifestMediaTypes is used in `Accept` header for resolving manifests from + // references. It is also used in identifying manifests and blobs from + // descriptors. + // If an empty list is present, default manifest media types are used. + ManifestMediaTypes []string + + // TagListPageSize specifies the page size when invoking the tag list API. + // If zero, the page size is determined by the remote registry. + // Reference: https://docs.docker.com/registry/spec/api/#tags + TagListPageSize int + + // ReferrerListPageSize specifies the page size when invoking the Referrers + // API. + // If zero, the page size is determined by the remote registry. + // Reference: https://github.com/oras-project/artifacts-spec/blob/main/manifest-referrers-api.md + ReferrerListPageSize int + + // MaxMetadataBytes specifies a limit on how many response bytes are allowed + // in the server's response to the metadata APIs, such as catalog list, tag + // list, and referrers list. + // If zero, a default (currently 4MiB) is used. + MaxMetadataBytes int64 +} + +// NewRepository creates a client to the remote repository identified by a +// reference. +// Example: localhost:5000/hello-world +func NewRepository(reference string) (*Repository, error) { + ref, err := registry.ParseReference(reference) + if err != nil { + return nil, err + } + return &Repository{ + Reference: ref, + }, nil +} + +// client returns an HTTP client used to access the remote repository. +// A default HTTP client is return if the client is not configured. +func (r *Repository) client() Client { + if r.Client == nil { + return auth.DefaultClient + } + return r.Client +} + +// parseReference validates the reference. +// Both simplified or fully qualified references are accepted as input. +// A fully qualified reference is returned on success. +func (r *Repository) parseReference(reference string) (registry.Reference, error) { + ref, err := registry.ParseReference(reference) + if err != nil { + ref = registry.Reference{ + Registry: r.Reference.Registry, + Repository: r.Reference.Repository, + Reference: reference, + } + if err = ref.ValidateReference(); err != nil { + return registry.Reference{}, err + } + return ref, nil + } + if ref.Registry == r.Reference.Registry && ref.Repository == r.Reference.Repository { + return ref, nil + } + return registry.Reference{}, fmt.Errorf("%w %q: expect %q", errdef.ErrInvalidReference, ref, r.Reference) +} + +// Tags lists the tags available in the repository. +func (r *Repository) Tags(ctx context.Context, fn func(tags []string) error) error { + ctx = withScopeHint(ctx, r.Reference, auth.ActionPull) + url := buildRepositoryTagListURL(r.PlainHTTP, r.Reference) + var err error + for err == nil { + url, err = r.tags(ctx, fn, url) + } + if err != errNoLink { + return err + } + return nil +} + +// tags returns a single page of tag list with the next link. +func (r *Repository) tags(ctx context.Context, fn func(tags []string) error, url string) (string, error) { + req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil) + if err != nil { + return "", err + } + if r.TagListPageSize > 0 { + q := req.URL.Query() + q.Set("n", strconv.Itoa(r.TagListPageSize)) + req.URL.RawQuery = q.Encode() + } + + resp, err := r.client().Do(req) + if err != nil { + return "", err + } + defer resp.Body.Close() + + if resp.StatusCode != http.StatusOK { + return "", errutil.ParseErrorResponse(resp) + } + var page struct { + Tags []string `json:"tags"` + } + lr := limitReader(resp.Body, r.MaxMetadataBytes) + if err := json.NewDecoder(lr).Decode(&page); err != nil { + return "", fmt.Errorf("%s %q: failed to decode response: %w", resp.Request.Method, resp.Request.URL, err) + } + if err := fn(page.Tags); err != nil { + return "", err + } + + return parseLink(resp) +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/url.go b/vendor/oras.land/oras-go/pkg/registry/remote/url.go new file mode 100644 index 0000000000..f01752020f --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/url.go @@ -0,0 +1,42 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package remote + +import ( + "fmt" + + "oras.land/oras-go/pkg/registry" +) + +// buildScheme returns HTTP scheme used to access the remote registry. +func buildScheme(plainHTTP bool) string { + if plainHTTP { + return "http" + } + return "https" +} + +// buildRepositoryBaseURL builds the base endpoint of the remote repository. +// Format: :///v2/ +func buildRepositoryBaseURL(plainHTTP bool, ref registry.Reference) string { + return fmt.Sprintf("%s://%s/v2/%s", buildScheme(plainHTTP), ref.Host(), ref.Repository) +} + +// buildRepositoryTagListURL builds the URL for accessing the tag list API. +// Format: :///v2//tags/list +// Reference: https://docs.docker.com/registry/spec/api/#tags +func buildRepositoryTagListURL(plainHTTP bool, ref registry.Reference) string { + return buildRepositoryBaseURL(plainHTTP, ref) + "/tags/list" +} diff --git a/vendor/oras.land/oras-go/pkg/registry/remote/utils.go b/vendor/oras.land/oras-go/pkg/registry/remote/utils.go new file mode 100644 index 0000000000..eaa84f0f40 --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/remote/utils.go @@ -0,0 +1,72 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package remote + +import ( + "context" + "errors" + "fmt" + "io" + "net/http" + "strings" + + "oras.land/oras-go/pkg/registry" + "oras.land/oras-go/pkg/registry/remote/auth" +) + +// defaultMaxMetadataBytes specifies the default limit on how many response +// bytes are allowed in the server's response to the metadata APIs. +// See also: Repository.MaxMetadataBytes +var defaultMaxMetadataBytes int64 = 4 * 1024 * 1024 // 4 MiB + +// errNoLink is returned by parseLink() when no Link header is present. +var errNoLink = errors.New("no Link header in response") + +// parseLink returns the URL of the response's "Link" header, if present. +func parseLink(resp *http.Response) (string, error) { + link := resp.Header.Get("Link") + if link == "" { + return "", errNoLink + } + if link[0] != '<' { + return "", fmt.Errorf("invalid next link %q: missing '<'", link) + } + if i := strings.IndexByte(link, '>'); i == -1 { + return "", fmt.Errorf("invalid next link %q: missing '>'", link) + } else { + link = link[1:i] + } + + linkURL, err := resp.Request.URL.Parse(link) + if err != nil { + return "", err + } + return linkURL.String(), nil +} + +// limitReader returns a Reader that reads from r but stops with EOF after n +// bytes. If n is zero, defaultMaxMetadataBytes is used. +func limitReader(r io.Reader, n int64) io.Reader { + if n == 0 { + n = defaultMaxMetadataBytes + } + return io.LimitReader(r, n) +} + +// withScopeHint adds a hinted scope to the context. +func withScopeHint(ctx context.Context, ref registry.Reference, actions ...string) context.Context { + scope := auth.ScopeRepository(ref.Repository, actions...) + return auth.AppendScopes(ctx, scope) +} diff --git a/vendor/oras.land/oras-go/pkg/registry/repository.go b/vendor/oras.land/oras-go/pkg/registry/repository.go new file mode 100644 index 0000000000..bcffbe8d2c --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/registry/repository.go @@ -0,0 +1,57 @@ +/* +Copyright The ORAS Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package registry + +import ( + "context" +) + +// Repository is an ORAS target and an union of the blob and the manifest CASs. +// As specified by https://docs.docker.com/registry/spec/api/, it is natural to +// assume that content.Resolver interface only works for manifests. Tagging a +// blob may be resulted in an `ErrUnsupported` error. However, this interface +// does not restrict tagging blobs. +// Since a repository is an union of the blob and the manifest CASs, all +// operations defined in the `BlobStore` are executed depending on the media +// type of the given descriptor accordingly. +// Furthurmore, this interface also provides the ability to enforce the +// separation of the blob and the manifests CASs. +type Repository interface { + + // Tags lists the tags available in the repository. + // Since the returned tag list may be paginated by the underlying + // implementation, a function should be passed in to process the paginated + // tag list. + // Note: When implemented by a remote registry, the tags API is called. + // However, not all registries supports pagination or conforms the + // specification. + // References: + // - https://github.com/opencontainers/distribution-spec/blob/main/spec.md#content-discovery + // - https://docs.docker.com/registry/spec/api/#tags + // See also `Tags()` in this package. + Tags(ctx context.Context, fn func(tags []string) error) error +} + +// Tags lists the tags available in the repository. +func Tags(ctx context.Context, repo Repository) ([]string, error) { + var res []string + if err := repo.Tags(ctx, func(tags []string) error { + res = append(res, tags...) + return nil + }); err != nil { + return nil, err + } + return res, nil +} diff --git a/vendor/oras.land/oras-go/pkg/target/BUILD.bazel b/vendor/oras.land/oras-go/pkg/target/BUILD.bazel new file mode 100644 index 0000000000..287eca0e2c --- /dev/null +++ b/vendor/oras.land/oras-go/pkg/target/BUILD.bazel @@ -0,0 +1,10 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = ["target.go"], + importmap = "k8s.io/kops/vendor/oras.land/oras-go/pkg/target", + importpath = "oras.land/oras-go/pkg/target", + visibility = ["//visibility:public"], + deps = ["//vendor/github.com/containerd/containerd/remotes:go_default_library"], +) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/const.go b/vendor/oras.land/oras-go/pkg/target/target.go similarity index 56% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/const.go rename to vendor/oras.land/oras-go/pkg/target/target.go index ec9ad4dc22..4398f14eb0 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/acme/v1beta1/const.go +++ b/vendor/oras.land/oras-go/pkg/target/target.go @@ -1,11 +1,10 @@ /* -Copyright 2020 The cert-manager Authors. - +Copyright The ORAS Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at - http://www.apache.org/licenses/LICENSE-2.0 +http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, @@ -13,9 +12,15 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ +package target -package v1beta1 - -const ( - ACMEFinalizer = "finalizer.acme.cert-manager.io" +import ( + "github.com/containerd/containerd/remotes" ) + +// Target represents a place to which one can send/push or retrieve/pull artifacts. +// Anything that implements the Target interface can be used as a place to send or +// retrieve artifacts. +type Target interface { + remotes.Resolver +} diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go b/vendor/sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go index 07f2f1261f..2eb68e840a 100644 --- a/vendor/sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go +++ b/vendor/sigs.k8s.io/controller-runtime/pkg/cache/internal/informers_map.go @@ -409,41 +409,31 @@ func createMetadataListWatch(gvk schema.GroupVersionKind, ip *specificInformersM }, nil } -type gvkFixupWatcher struct { - watcher watch.Interface - ch chan watch.Event - gvk schema.GroupVersionKind - wg sync.WaitGroup -} - +// newGVKFixupWatcher adds a wrapper that preserves the GVK information when +// events come in. +// +// This works around a bug where GVK information is not passed into mapping +// functions when using the OnlyMetadata option in the builder. +// This issue is most likely caused by kubernetes/kubernetes#80609. +// See kubernetes-sigs/controller-runtime#1484. +// +// This was originally implemented as a cache.ResourceEventHandler wrapper but +// that contained a data race which was resolved by setting the GVK in a watch +// wrapper, before the objects are written to the cache. +// See kubernetes-sigs/controller-runtime#1650. +// +// The original watch wrapper was found to be incompatible with +// k8s.io/client-go/tools/cache.Reflector so it has been re-implemented as a +// watch.Filter which is compatible. +// See kubernetes-sigs/controller-runtime#1789. func newGVKFixupWatcher(gvk schema.GroupVersionKind, watcher watch.Interface) watch.Interface { - ch := make(chan watch.Event) - w := &gvkFixupWatcher{ - gvk: gvk, - watcher: watcher, - ch: ch, - } - w.wg.Add(1) - go w.run() - return w -} - -func (w *gvkFixupWatcher) run() { - for e := range w.watcher.ResultChan() { - e.Object.GetObjectKind().SetGroupVersionKind(w.gvk) - w.ch <- e - } - w.wg.Done() -} - -func (w *gvkFixupWatcher) Stop() { - w.watcher.Stop() - w.wg.Wait() - close(w.ch) -} - -func (w *gvkFixupWatcher) ResultChan() <-chan watch.Event { - return w.ch + return watch.Filter( + watcher, + func(in watch.Event) (watch.Event, bool) { + in.Object.GetObjectKind().SetGroupVersionKind(gvk) + return in, true + }, + ) } // resyncPeriod returns a function which generates a duration each time it is diff --git a/vendor/sigs.k8s.io/gateway-api/LICENSE b/vendor/sigs.k8s.io/gateway-api/LICENSE new file mode 100644 index 0000000000..a5949bd7a2 --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2020 The Kubernetes Authors + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/BUILD.bazel b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/BUILD.bazel new file mode 100644 index 0000000000..102482446f --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/BUILD.bazel @@ -0,0 +1,28 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "doc.go", + "gateway_types.go", + "gatewayclass_types.go", + "httproute_types.go", + "object_reference_types.go", + "policy_types.go", + "referencepolicy_types.go", + "shared_types.go", + "tcproute_types.go", + "tlsroute_types.go", + "udproute_types.go", + "zz_generated.deepcopy.go", + "zz_generated.register.go", + ], + importmap = "k8s.io/kops/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2", + importpath = "sigs.k8s.io/gateway-api/apis/v1alpha2", + visibility = ["//visibility:public"], + deps = [ + "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library", + ], +) diff --git a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/doc.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/doc.go similarity index 71% rename from vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/doc.go rename to vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/doc.go index f4c515e6e1..0fcba7318c 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/client/clientset/versioned/typed/acme/v1alpha2/doc.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/doc.go @@ -1,5 +1,5 @@ /* -Copyright The cert-manager Authors. +Copyright 2020 The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -14,7 +14,8 @@ See the License for the specific language governing permissions and limitations under the License. */ -// Code generated by client-gen. DO NOT EDIT. - -// This package has the automatically generated typed clients. +// Package v1alpha2 contains API Schema definitions for the +// gateway.networking.k8s.io API group. +// +kubebuilder:object:generate=true +// +groupName=gateway.networking.k8s.io package v1alpha2 diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gateway_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gateway_types.go new file mode 100644 index 0000000000..064fded34f --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gateway_types.go @@ -0,0 +1,838 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +kubebuilder:object:root=true +// +kubebuilder:resource:categories=gateway-api,shortName=gtw +// +kubebuilder:subresource:status +// +kubebuilder:storageversion +// +kubebuilder:printcolumn:name="Class",type=string,JSONPath=`.spec.gatewayClassName` +// +kubebuilder:printcolumn:name="Address",type=string,JSONPath=`.status.addresses[*].value` +// +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=`.status.conditions[?(@.type=="Ready")].status` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` + +// Gateway represents an instance of a service-traffic handling infrastructure +// by binding Listeners to a set of IP addresses. +type Gateway struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the desired state of Gateway. + Spec GatewaySpec `json:"spec"` + + // Status defines the current state of Gateway. + // + // +kubebuilder:default={conditions: {{type: "Scheduled", status: "Unknown", reason:"NotReconciled", message:"Waiting for controller", lastTransitionTime: "1970-01-01T00:00:00Z"}}} + Status GatewayStatus `json:"status,omitempty"` +} + +// +kubebuilder:object:root=true + +// GatewayList contains a list of Gateways. +type GatewayList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []Gateway `json:"items"` +} + +// GatewaySpec defines the desired state of Gateway. +// +// Not all possible combinations of options specified in the Spec are +// valid. Some invalid configurations can be caught synchronously via a +// webhook, but there are many cases that will require asynchronous +// signaling via the GatewayStatus block. +type GatewaySpec struct { + // GatewayClassName used for this Gateway. This is the name of a + // GatewayClass resource. + GatewayClassName ObjectName `json:"gatewayClassName"` + + // Listeners associated with this Gateway. Listeners define + // logical endpoints that are bound on this Gateway's addresses. + // At least one Listener MUST be specified. + // + // Each listener in a Gateway must have a unique combination of Hostname, + // Port, and Protocol. + // + // An implementation MAY group Listeners by Port and then collapse each + // group of Listeners into a single Listener if the implementation + // determines that the Listeners in the group are "compatible". An + // implementation MAY also group together and collapse compatible + // Listeners belonging to different Gateways. + // + // For example, an implementation might consider Listeners to be + // compatible with each other if all of the following conditions are + // met: + // + // 1. Either each Listener within the group specifies the "HTTP" + // Protocol or each Listener within the group specifies either + // the "HTTPS" or "TLS" Protocol. + // + // 2. Each Listener within the group specifies a Hostname that is unique + // within the group. + // + // 3. As a special case, one Listener within a group may omit Hostname, + // in which case this Listener matches when no other Listener + // matches. + // + // If the implementation does collapse compatible Listeners, the + // hostname provided in the incoming client request MUST be + // matched to a Listener to find the correct set of Routes. + // The incoming hostname MUST be matched using the Hostname + // field for each Listener in order of most to least specific. + // That is, exact matches must be processed before wildcard + // matches. + // + // If this field specifies multiple Listeners that have the same + // Port value but are not compatible, the implementation must raise + // a "Conflicted" condition in the Listener status. + // + // Support: Core + // + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=64 + Listeners []Listener `json:"listeners"` + + // Addresses requested for this Gateway. This is optional and behavior can + // depend on the implementation. If a value is set in the spec and the + // requested address is invalid or unavailable, the implementation MUST + // indicate this in the associated entry in GatewayStatus.Addresses. + // + // The Addresses field represents a request for the address(es) on the + // "outside of the Gateway", that traffic bound for this Gateway will use. + // This could be the IP address or hostname of an external load balancer or + // other networking infrastructure, or some other address that traffic will + // be sent to. + // + // The .listener.hostname field is used to route traffic that has already + // arrived at the Gateway to the correct in-cluster destination. + // + // If no Addresses are specified, the implementation MAY schedule the + // Gateway in an implementation-specific manner, assigning an appropriate + // set of Addresses. + // + // The implementation MUST bind all Listeners to every GatewayAddress that + // it assigns to the Gateway and add a corresponding entry in + // GatewayStatus.Addresses. + // + // Support: Core + // + // +optional + // +kubebuilder:validation:MaxItems=16 + Addresses []GatewayAddress `json:"addresses,omitempty"` +} + +// Listener embodies the concept of a logical endpoint where a Gateway accepts +// network connections. +type Listener struct { + // Name is the name of the Listener. + // + // Support: Core + Name SectionName `json:"name"` + + // Hostname specifies the virtual hostname to match for protocol types that + // define this concept. When unspecified, all hostnames are matched. This + // field is ignored for protocols that don't require hostname based + // matching. + // + // Implementations MUST apply Hostname matching appropriately for each of + // the following protocols: + // + // * TLS: The Listener Hostname MUST match the SNI. + // * HTTP: The Listener Hostname MUST match the Host header of the request. + // * HTTPS: The Listener Hostname SHOULD match at both the TLS and HTTP + // protocol layers as described above. If an implementation does not + // ensure that both the SNI and Host header match the Listener hostname, + // it MUST clearly document that. + // + // For HTTPRoute and TLSRoute resources, there is an interaction with the + // `spec.hostnames` array. When both listener and route specify hostnames, + // there MUST be an intersection between the values for a Route to be + // accepted. For more information, refer to the Route specific Hostnames + // documentation. + // + // Support: Core + // + // +optional + Hostname *Hostname `json:"hostname,omitempty"` + + // Port is the network port. Multiple listeners may use the + // same port, subject to the Listener compatibility rules. + // + // Support: Core + Port PortNumber `json:"port"` + + // Protocol specifies the network protocol this listener expects to receive. + // + // Support: Core + Protocol ProtocolType `json:"protocol"` + + // TLS is the TLS configuration for the Listener. This field is required if + // the Protocol field is "HTTPS" or "TLS". It is invalid to set this field + // if the Protocol field is "HTTP", "TCP", or "UDP". + // + // The association of SNIs to Certificate defined in GatewayTLSConfig is + // defined based on the Hostname field for this listener. + // + // The GatewayClass MUST use the longest matching SNI out of all + // available certificates for any TLS handshake. + // + // Support: Core + // + // +optional + TLS *GatewayTLSConfig `json:"tls,omitempty"` + + // AllowedRoutes defines the types of routes that MAY be attached to a + // Listener and the trusted namespaces where those Route resources MAY be + // present. + // + // Although a client request may match multiple route rules, only one rule + // may ultimately receive the request. Matching precedence MUST be + // determined in order of the following criteria: + // + // * The most specific match as defined by the Route type. + // * The oldest Route based on creation timestamp. For example, a Route with + // a creation timestamp of "2020-09-08 01:02:03" is given precedence over + // a Route with a creation timestamp of "2020-09-08 01:02:04". + // * If everything else is equivalent, the Route appearing first in + // alphabetical order (namespace/name) should be given precedence. For + // example, foo/bar is given precedence over foo/baz. + // + // All valid rules within a Route attached to this Listener should be + // implemented. Invalid Route rules can be ignored (sometimes that will mean + // the full Route). If a Route rule transitions from valid to invalid, + // support for that Route rule should be dropped to ensure consistency. For + // example, even if a filter specified by a Route rule is invalid, the rest + // of the rules within that Route should still be supported. + // + // Support: Core + // +kubebuilder:default={namespaces:{from: Same}} + // +optional + AllowedRoutes *AllowedRoutes `json:"allowedRoutes,omitempty"` +} + +// ProtocolType defines the application protocol accepted by a Listener. +// Implementations are not required to accept all the defined protocols. +// If an implementation does not support a specified protocol, it +// should raise a "Detached" condition for the affected Listener with +// a reason of "UnsupportedProtocol". +// +// Core ProtocolType values are listed in the table below. +// +// Implementations can define their own protocols if a core ProtocolType does not +// exist. Such definitions must use prefixed name, such as +// `mycompany.com/my-custom-protocol`. Un-prefixed names are reserved for core +// protocols. Any protocol defined by implementations will fall under custom +// conformance. +// +// Valid values include: +// +// * "HTTP" - Core support +// * "example.com/bar" - Implementation-specific support +// +// Invalid values include: +// +// * "example.com" - must include path if domain is used +// * "foo.example.com" - must include path if domain is used +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=255 +// +kubebuilder:validation:Pattern=`^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$` +type ProtocolType string + +const ( + // Accepts cleartext HTTP/1.1 sessions over TCP. Implementations MAY also + // support HTTP/2 over cleartext. If implementations support HTTP/2 over + // cleartext on "HTTP" listeners, that MUST be clearly documented by the + // implementation. + HTTPProtocolType ProtocolType = "HTTP" + + // Accepts HTTP/1.1 or HTTP/2 sessions over TLS. + HTTPSProtocolType ProtocolType = "HTTPS" + + // Accepts TLS sessions over TCP. + TLSProtocolType ProtocolType = "TLS" + + // Accepts TCP sessions. + TCPProtocolType ProtocolType = "TCP" + + // Accepts UDP packets. + UDPProtocolType ProtocolType = "UDP" +) + +// GatewayTLSConfig describes a TLS configuration. +type GatewayTLSConfig struct { + // Mode defines the TLS behavior for the TLS session initiated by the client. + // There are two possible modes: + // + // - Terminate: The TLS session between the downstream client + // and the Gateway is terminated at the Gateway. This mode requires + // certificateRefs to be set and contain at least one element. + // - Passthrough: The TLS session is NOT terminated by the Gateway. This + // implies that the Gateway can't decipher the TLS stream except for + // the ClientHello message of the TLS protocol. + // CertificateRefs field is ignored in this mode. + // + // Support: Core + // + // +optional + // +kubebuilder:default=Terminate + Mode *TLSModeType `json:"mode,omitempty"` + + // CertificateRefs contains a series of references to Kubernetes objects that + // contains TLS certificates and private keys. These certificates are used to + // establish a TLS handshake for requests that match the hostname of the + // associated listener. + // + // A single CertificateRef to a Kubernetes Secret has "Core" support. + // Implementations MAY choose to support attaching multiple certificates to + // a Listener, but this behavior is implementation-specific. + // + // References to a resource in different namespace are invalid UNLESS there + // is a ReferencePolicy in the target namespace that allows the certificate + // to be attached. If a ReferencePolicy does not allow this reference, the + // "ResolvedRefs" condition MUST be set to False for this listener with the + // "InvalidCertificateRef" reason. + // + // This field is required to have at least one element when the mode is set + // to "Terminate" (default) and is optional otherwise. + // + // CertificateRefs can reference to standard Kubernetes resources, i.e. + // Secret, or implementation-specific custom resources. + // + // Support: Core - A single reference to a Kubernetes Secret + // + // Support: Implementation-specific (More than one reference or other resource types) + // + // +optional + // +kubebuilder:validation:MaxItems=64 + CertificateRefs []*SecretObjectReference `json:"certificateRefs,omitempty"` + + // Options are a list of key/value pairs to enable extended TLS + // configuration for each implementation. For example, configuring the + // minimum TLS version or supported cipher suites. + // + // A set of common keys MAY be defined by the API in the future. To avoid + // any ambiguity, implementation-specific definitions MUST use + // domain-prefixed names, such as `example.com/my-custom-option`. + // Un-prefixed names are reserved for key names defined by Gateway API. + // + // Support: Implementation-specific + // + // +optional + // +kubebuilder:validation:MaxProperties=16 + Options map[AnnotationKey]AnnotationValue `json:"options,omitempty"` +} + +// TLSModeType type defines how a Gateway handles TLS sessions. +// +// +kubebuilder:validation:Enum=Terminate;Passthrough +type TLSModeType string + +const ( + // In this mode, TLS session between the downstream client + // and the Gateway is terminated at the Gateway. + TLSModeTerminate TLSModeType = "Terminate" + + // In this mode, the TLS session is NOT terminated by the Gateway. This + // implies that the Gateway can't decipher the TLS stream except for + // the ClientHello message of the TLS protocol. + // + // Note that SSL passthrough is only supported by TLSRoute. + TLSModePassthrough TLSModeType = "Passthrough" +) + +// AllowedRoutes defines which Routes may be attached to this Listener. +type AllowedRoutes struct { + // Namespaces indicates namespaces from which Routes may be attached to this + // Listener. This is restricted to the namespace of this Gateway by default. + // + // Support: Core + // + // +optional + // +kubebuilder:default={from: Same} + Namespaces *RouteNamespaces `json:"namespaces,omitempty"` + + // Kinds specifies the groups and kinds of Routes that are allowed to bind + // to this Gateway Listener. When unspecified or empty, the kinds of Routes + // selected are determined using the Listener protocol. + // + // A RouteGroupKind MUST correspond to kinds of Routes that are compatible + // with the application protocol specified in the Listener's Protocol field. + // If an implementation does not support or recognize this resource type, it + // MUST set the "ResolvedRefs" condition to False for this Listener with the + // "InvalidRoutesRef" reason. + // + // Support: Core + // + // +optional + // +kubebuilder:validation:MaxItems=8 + Kinds []RouteGroupKind `json:"kinds,omitempty"` +} + +// FromNamespaces specifies namespace from which Routes may be attached to a +// Gateway. +// +// +kubebuilder:validation:Enum=All;Selector;Same +type FromNamespaces string + +const ( + // Routes in all namespaces may be attached to this Gateway. + NamespacesFromAll FromNamespaces = "All" + // Only Routes in namespaces selected by the selector may be attached to + // this Gateway. + NamespacesFromSelector FromNamespaces = "Selector" + // Only Routes in the same namespace as the Gateway may be attached to this + // Gateway. + NamespacesFromSame FromNamespaces = "Same" +) + +// RouteNamespaces indicate which namespaces Routes should be selected from. +type RouteNamespaces struct { + // From indicates where Routes will be selected for this Gateway. Possible + // values are: + // * All: Routes in all namespaces may be used by this Gateway. + // * Selector: Routes in namespaces selected by the selector may be used by + // this Gateway. + // * Same: Only Routes in the same namespace may be used by this Gateway. + // + // Support: Core + // + // +optional + // +kubebuilder:default=Same + From *FromNamespaces `json:"from,omitempty"` + + // Selector must be specified when From is set to "Selector". In that case, + // only Routes in Namespaces matching this Selector will be selected by this + // Gateway. This field is ignored for other values of "From". + // + // Support: Core + // + // +optional + Selector *metav1.LabelSelector `json:"selector,omitempty"` +} + +// RouteGroupKind indicates the group and kind of a Route resource. +type RouteGroupKind struct { + // Group is the group of the Route. + // + // +optional + // +kubebuilder:default=gateway.networking.k8s.io + Group *Group `json:"group,omitempty"` + + // Kind is the kind of the Route. + Kind Kind `json:"kind"` +} + +// GatewayAddress describes an address that can be bound to a Gateway. +type GatewayAddress struct { + // Type of the address. + // + // +optional + // +kubebuilder:default=IPAddress + Type *AddressType `json:"type,omitempty"` + + // Value of the address. The validity of the values will depend + // on the type and support by the controller. + // + // Examples: `1.2.3.4`, `128::1`, `my-ip-address`. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + Value string `json:"value"` +} + +// AddressType defines how a network address is represented as a text string. +// +// If the requested address is unsupported, the controller +// should raise the "Detached" listener status condition on +// the Gateway with the "UnsupportedAddress" reason. +// +// +kubebuilder:validation:Enum=IPAddress;Hostname;NamedAddress +type AddressType string + +const ( + // A textual representation of a numeric IP address. IPv4 + // addresses must be in dotted-decimal form. IPv6 addresses + // must be in a standard IPv6 text representation + // (see [RFC 5952](https://tools.ietf.org/html/rfc5952)). + // + // Support: Extended + IPAddressType AddressType = "IPAddress" + + // A Hostname represents a DNS based ingress point. This is similar to the + // corresponding hostname field in Kubernetes load balancer status. For + // example, this concept may be used for cloud load balancers where a DNS + // name is used to expose a load balancer. + // + // Support: Extended + HostnameAddressType AddressType = "Hostname" + + // A NamedAddress provides a way to reference a specific IP address by name. + // For example, this may be a name or other unique identifier that refers + // to a resource on a cloud provider such as a static IP. + // + // Support: Implementation-Specific + NamedAddressType AddressType = "NamedAddress" +) + +// GatewayStatus defines the observed state of Gateway. +type GatewayStatus struct { + // Addresses lists the IP addresses that have actually been + // bound to the Gateway. These addresses may differ from the + // addresses in the Spec, e.g. if the Gateway automatically + // assigns an address from a reserved pool. + // + // +optional + // +kubebuilder:validation:MaxItems=16 + Addresses []GatewayAddress `json:"addresses,omitempty"` + + // Conditions describe the current conditions of the Gateway. + // + // Implementations should prefer to express Gateway conditions + // using the `GatewayConditionType` and `GatewayConditionReason` + // constants so that operators and tools can converge on a common + // vocabulary to describe Gateway state. + // + // Known condition types are: + // + // * "Scheduled" + // * "Ready" + // + // +optional + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:default={{type: "Scheduled", status: "Unknown", reason:"NotReconciled", message:"Waiting for controller", lastTransitionTime: "1970-01-01T00:00:00Z"}} + Conditions []metav1.Condition `json:"conditions,omitempty"` + + // Listeners provide status for each unique listener port defined in the Spec. + // + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=64 + Listeners []ListenerStatus `json:"listeners,omitempty"` +} + +// GatewayConditionType is a type of condition associated with a +// Gateway. This type should be used with the GatewayStatus.Conditions +// field. +type GatewayConditionType string + +// GatewayConditionReason defines the set of reasons that explain why a +// particular Gateway condition type has been raised. +type GatewayConditionReason string + +const ( + // This condition is true when the controller managing the + // Gateway has scheduled the Gateway to the underlying network + // infrastructure. + // + // Possible reasons for this condition to be true are: + // + // * "Scheduled" + // + // Possible reasons for this condition to be False are: + // + // * "NotReconciled" + // * "NoResources" + // + // Controllers may raise this condition with other reasons, + // but should prefer to use the reasons listed above to improve + // interoperability. + GatewayConditionScheduled GatewayConditionType = "Scheduled" + + // This reason is used with the "Scheduled" condition when the condition is + // true. + GatewayReasonScheduled GatewayConditionReason = "Scheduled" + + // This reason is used with the "Scheduled" condition when no controller has + // reconciled the Gateway. + GatewayReasonNotReconciled GatewayConditionReason = "NotReconciled" + + // This reason is used with the "Scheduled" condition when the + // Gateway is not scheduled because insufficient infrastructure + // resources are available. + GatewayReasonNoResources GatewayConditionReason = "NoResources" +) + +const ( + // This condition is true when the Gateway is expected to be able + // to serve traffic. Note that this does not indicate that the + // Gateway configuration is current or even complete (e.g. the + // controller may still not have reconciled the latest version, + // or some parts of the configuration could be missing). + // + // If both the "ListenersNotValid" and "ListenersNotReady" + // reasons are true, the Gateway controller should prefer the + // "ListenersNotValid" reason. + // + // Possible reasons for this condition to be true are: + // + // * "Ready" + // + // Possible reasons for this condition to be False are: + // + // * "ListenersNotValid" + // * "ListenersNotReady" + // * "AddressNotAssigned" + // + // Controllers may raise this condition with other reasons, + // but should prefer to use the reasons listed above to improve + // interoperability. + GatewayConditionReady GatewayConditionType = "Ready" + + // This reason is used with the "Ready" condition when the condition is + // true. + GatewayReasonReady GatewayConditionReason = "Ready" + + // This reason is used with the "Ready" condition when one or + // more Listeners have an invalid or unsupported configuration + // and cannot be configured on the Gateway. + GatewayReasonListenersNotValid GatewayConditionReason = "ListenersNotValid" + + // This reason is used with the "Ready" condition when one or + // more Listeners are not ready to serve traffic. + GatewayReasonListenersNotReady GatewayConditionReason = "ListenersNotReady" + + // This reason is used with the "Ready" condition when none of the requested + // addresses have been assigned to the Gateway. This reason can be used to + // express a range of circumstances, including (but not limited to) IPAM + // address exhaustion, invalid or unsupported address requests, or a named + // address not being found. + GatewayReasonAddressNotAssigned GatewayConditionReason = "AddressNotAssigned" +) + +// ListenerStatus is the status associated with a Listener. +type ListenerStatus struct { + // Name is the name of the Listener that this status corresponds to. + Name SectionName `json:"name"` + + // SupportedKinds is the list indicating the Kinds supported by this + // listener. This MUST represent the kinds an implementation supports for + // that Listener configuration. + // + // If kinds are specified in Spec that are not supported, they MUST NOT + // appear in this list and an implementation MUST set the "ResolvedRefs" + // condition to "False" with the "InvalidRouteKinds" reason. If both valid + // and invalid Route kinds are specified, the implementation MUST + // reference the valid Route kinds that have been specified. + // + // +kubebuilder:validation:MaxItems=8 + SupportedKinds []RouteGroupKind `json:"supportedKinds"` + + // AttachedRoutes represents the total number of Routes that have been + // successfully attached to this Listener. + AttachedRoutes int32 `json:"attachedRoutes"` + + // Conditions describe the current condition of this listener. + // + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MaxItems=8 + Conditions []metav1.Condition `json:"conditions"` +} + +// ListenerConditionType is a type of condition associated with the +// listener. This type should be used with the ListenerStatus.Conditions +// field. +type ListenerConditionType string + +// ListenerConditionReason defines the set of reasons that explain +// why a particular Listener condition type has been raised. +type ListenerConditionReason string + +const ( + // This condition indicates that the controller was unable to resolve + // conflicting specification requirements for this Listener. If a + // Listener is conflicted, its network port should not be configured + // on any network elements. + // + // Possible reasons for this condition to be true are: + // + // * "HostnameConflict" + // * "ProtocolConflict" + // * "RouteConflict" + // + // Possible reasons for this condition to be False are: + // + // * "NoConflicts" + // + // Controllers may raise this condition with other reasons, + // but should prefer to use the reasons listed above to improve + // interoperability. + ListenerConditionConflicted ListenerConditionType = "Conflicted" + + // This reason is used with the "Conflicted" condition when + // the Listener conflicts with hostnames in other Listeners. For + // example, this reason would be used when multiple Listeners on + // the same port use `example.com` in the hostname field. + ListenerReasonHostnameConflict ListenerConditionReason = "HostnameConflict" + + // This reason is used with the "Conflicted" condition when + // multiple Listeners are specified with the same Listener port + // number, but have conflicting protocol specifications. + ListenerReasonProtocolConflict ListenerConditionReason = "ProtocolConflict" + + // This reason is used with the "Conflicted" condition when the route + // resources selected for this Listener conflict with other + // specified properties of the Listener (e.g. Protocol). + // For example, a Listener that specifies "UDP" as the protocol + // but a route selector that resolves "TCPRoute" objects. + ListenerReasonRouteConflict ListenerConditionReason = "RouteConflict" + + // This reason is used with the "Conflicted" condition when the condition + // is False. + ListenerReasonNoConflicts ListenerConditionReason = "NoConflicts" +) + +const ( + // This condition indicates that, even though the listener is + // syntactically and semantically valid, the controller is not able + // to configure it on the underlying Gateway infrastructure. + // + // A Listener is specified as a logical requirement, but needs to be + // configured on a network endpoint (i.e. address and port) by a + // controller. The controller may be unable to attach the Listener + // if it specifies an unsupported requirement, or prerequisite + // resources are not available. + // + // Possible reasons for this condition to be true are: + // + // * "PortUnavailable" + // * "UnsupportedExtension" + // * "UnsupportedProtocol" + // * "UnsupportedAddress" + // + // Possible reasons for this condition to be False are: + // + // * "Attached" + // + // Controllers may raise this condition with other reasons, + // but should prefer to use the reasons listed above to improve + // interoperability. + ListenerConditionDetached ListenerConditionType = "Detached" + + // This reason is used with the "Detached" condition when the Listener + // requests a port that cannot be used on the Gateway. This reason could be + // used in a number of instances, including: + // + // * The port is already in use. + // * The port is not supported by the implementation. + ListenerReasonPortUnavailable ListenerConditionReason = "PortUnavailable" + + // This reason is used with the "Detached" condition when the + // controller detects that an implementation-specific Listener + // extension is being requested, but is not able to support + // the extension. + ListenerReasonUnsupportedExtension ListenerConditionReason = "UnsupportedExtension" + + // This reason is used with the "Detached" condition when the + // Listener could not be attached to be Gateway because its + // protocol type is not supported. + ListenerReasonUnsupportedProtocol ListenerConditionReason = "UnsupportedProtocol" + + // This reason is used with the "Detached" condition when the Listener could + // not be attached to the Gateway because the requested address is not + // supported. This reason could be used in a number of instances, including: + // + // * The address is already in use. + // * The type of address is not supported by the implementation. + ListenerReasonUnsupportedAddress ListenerConditionReason = "UnsupportedAddress" + + // This reason is used with the "Detached" condition when the condition is + // False. + ListenerReasonAttached ListenerConditionReason = "Attached" +) + +const ( + // This condition indicates whether the controller was able to + // resolve all the object references for the Listener. + // + // Possible reasons for this condition to be true are: + // + // * "ResolvedRefs" + // + // Possible reasons for this condition to be False are: + // + // * "InvalidCertificateRef" + // * "InvalidRouteKinds" + // * "RefNotPermitted" + // + // Controllers may raise this condition with other reasons, + // but should prefer to use the reasons listed above to improve + // interoperability. + ListenerConditionResolvedRefs ListenerConditionType = "ResolvedRefs" + + // This reason is used with the "ResolvedRefs" condition when the condition + // is true. + ListenerReasonResolvedRefs ListenerConditionReason = "ResolvedRefs" + + // This reason is used with the "ResolvedRefs" condition when the + // Listener has a TLS configuration with at least one TLS CertificateRef + // that is invalid or cannot be resolved. + ListenerReasonInvalidCertificateRef ListenerConditionReason = "InvalidCertificateRef" + + // This reason is used with the "ResolvedRefs" condition when an invalid or + // unsupported Route kind is specified by the Listener. + ListenerReasonInvalidRouteKinds ListenerConditionReason = "InvalidRouteKinds" + + // This reason is used with the "ResolvedRefs" condition when + // one of the Listener's Routes has a BackendRef to an object in + // another namespace, where the object in the other namespace does + // not have a ReferencePolicy explicitly allowing the reference. + ListenerReasonRefNotPermitted ListenerConditionReason = "RefNotPermitted" +) + +const ( + // This condition indicates whether the Listener has been + // configured on the Gateway. + // + // Possible reasons for this condition to be true are: + // + // * "Ready" + // + // Possible reasons for this condition to be False are: + // + // * "Invalid" + // * "Pending" + // + // Controllers may raise this condition with other reasons, + // but should prefer to use the reasons listed above to improve + // interoperability. + ListenerConditionReady ListenerConditionType = "Ready" + + // This reason is used with the "Ready" condition when the condition is + // true. + ListenerReasonReady ListenerConditionReason = "Ready" + + // This reason is used with the "Ready" condition when the + // Listener is syntactically or semantically invalid. + ListenerReasonInvalid ListenerConditionReason = "Invalid" + + // This reason is used with the "Ready" condition when the + // Listener is not yet not online and ready to accept client + // traffic. + ListenerReasonPending ListenerConditionReason = "Pending" +) diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go new file mode 100644 index 0000000000..699bc78c8a --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go @@ -0,0 +1,200 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +genclient:nonNamespaced +// +kubebuilder:object:root=true +// +kubebuilder:resource:categories=gateway-api,scope=Cluster,shortName=gc +// +kubebuilder:subresource:status +// +kubebuilder:storageversion +// +kubebuilder:printcolumn:name="Controller",type=string,JSONPath=`.spec.controllerName` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +// +kubebuilder:printcolumn:name="Description",type=string,JSONPath=`.spec.description`,priority=1 + +// GatewayClass describes a class of Gateways available to the user for creating +// Gateway resources. +// +// It is recommended that this resource be used as a template for Gateways. This +// means that a Gateway is based on the state of the GatewayClass at the time it +// was created and changes to the GatewayClass or associated parameters are not +// propagated down to existing Gateways. This recommendation is intended to +// limit the blast radius of changes to GatewayClass or associated parameters. +// If implementations choose to propagate GatewayClass changes to existing +// Gateways, that MUST be clearly documented by the implementation. +// +// Whenever one or more Gateways are using a GatewayClass, implementations MUST +// add the `gateway-exists-finalizer.gateway.networking.k8s.io` finalizer on the +// associated GatewayClass. This ensures that a GatewayClass associated with a +// Gateway is not deleted while in use. +// +// GatewayClass is a Cluster level resource. +type GatewayClass struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the desired state of GatewayClass. + Spec GatewayClassSpec `json:"spec"` + + // Status defines the current state of GatewayClass. + // + // +kubebuilder:default={conditions: {{type: "Accepted", status: "Unknown", message: "Waiting for controller", reason: "Waiting", lastTransitionTime: "1970-01-01T00:00:00Z"}}} + Status GatewayClassStatus `json:"status,omitempty"` +} + +const ( + // GatewayClassFinalizerGatewaysExist should be added as a finalizer to the + // GatewayClass whenever there are provisioned Gateways using a + // GatewayClass. + GatewayClassFinalizerGatewaysExist = "gateway-exists-finalizer.gateway.networking.k8s.io" +) + +// GatewayClassSpec reflects the configuration of a class of Gateways. +type GatewayClassSpec struct { + // ControllerName is the name of the controller that is managing Gateways of + // this class. The value of this field MUST be a domain prefixed path. + // + // Example: "example.net/gateway-controller". + // + // This field is not mutable and cannot be empty. + // + // Support: Core + ControllerName GatewayController `json:"controllerName"` + + // ParametersRef is a reference to a resource that contains the configuration + // parameters corresponding to the GatewayClass. This is optional if the + // controller does not require any additional configuration. + // + // ParametersRef can reference a standard Kubernetes resource, i.e. ConfigMap, + // or an implementation-specific custom resource. The resource can be + // cluster-scoped or namespace-scoped. + // + // If the referent cannot be found, the GatewayClass's "InvalidParameters" + // status condition will be true. + // + // Support: Custom + // + // +optional + ParametersRef *ParametersReference `json:"parametersRef,omitempty"` + + // Description helps describe a GatewayClass with more details. + // + // +kubebuilder:validation:MaxLength=64 + // +optional + Description *string `json:"description,omitempty"` +} + +// ParametersReference identifies an API object containing controller-specific +// configuration resource within the cluster. +type ParametersReference struct { + // Group is the group of the referent. + Group Group `json:"group"` + + // Kind is kind of the referent. + Kind Kind `json:"kind"` + + // Name is the name of the referent. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + Name string `json:"name"` + + // Namespace is the namespace of the referent. + // This field is required when referring to a Namespace-scoped resource and + // MUST be unset when referring to a Cluster-scoped resource. + // + // +optional + Namespace *Namespace `json:"namespace,omitempty"` +} + +// GatewayClassConditionType is the type for status conditions on +// Gateway resources. This type should be used with the +// GatewayClassStatus.Conditions field. +type GatewayClassConditionType string + +// GatewayClassConditionReason defines the set of reasons that explain why a +// particular GatewayClass condition type has been raised. +type GatewayClassConditionReason string + +const ( + // This condition indicates whether the GatewayClass has been accepted by + // the controller requested in the `spec.controller` field. + // + // This condition defaults to Unknown, and MUST be set by a controller when + // it sees a GatewayClass using its controller string. The status of this + // condition MUST be set to True if the controller will support provisioning + // Gateways using this class. Otherwise, this status MUST be set to False. + // If the status is set to False, the controller SHOULD set a Message and + // Reason as an explanation. + // + // Possible reasons for this condition to be true are: + // + // * "Accepted" + // + // Possible reasons for this condition to be False are: + // + // * "InvalidParameters" + // * "Waiting" + // + // Controllers should prefer to use the values of GatewayClassConditionReason + // for the corresponding Reason, where appropriate. + GatewayClassConditionStatusAccepted GatewayClassConditionType = "Accepted" + + // This reason is used with the "Accepted" condition when the condition is + // true. + GatewayClassReasonAccepted GatewayClassConditionReason = "Accepted" + + // This reason is used with the "Accepted" condition when the + // GatewayClass was not accepted because the parametersRef field + // was invalid, with more detail in the message. + GatewayClassReasonInvalidParameters GatewayClassConditionReason = "InvalidParameters" + + // This reason is used with the "Accepted" condition when the + // requested controller has not yet made a decision about whether + // to admit the GatewayClass. It is the default Reason on a new + // GatewayClass. + GatewayClassReasonWaiting GatewayClassConditionReason = "Waiting" +) + +// GatewayClassStatus is the current status for the GatewayClass. +type GatewayClassStatus struct { + // Conditions is the current status from the controller for + // this GatewayClass. + // + // Controllers should prefer to publish conditions using values + // of GatewayClassConditionType for the type of each Condition. + // + // +optional + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:default={{type: "Accepted", status: "Unknown", message: "Waiting for controller", reason: "Waiting", lastTransitionTime: "1970-01-01T00:00:00Z"}} + Conditions []metav1.Condition `json:"conditions,omitempty"` +} + +// +kubebuilder:object:root=true + +// GatewayClassList contains a list of GatewayClass +type GatewayClassList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []GatewayClass `json:"items"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go new file mode 100644 index 0000000000..4d18183122 --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go @@ -0,0 +1,767 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +kubebuilder:object:root=true +// +kubebuilder:resource:categories=gateway-api +// +kubebuilder:subresource:status +// +kubebuilder:storageversion +// +kubebuilder:printcolumn:name="Hostnames",type=string,JSONPath=`.spec.hostnames` +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` + +// HTTPRoute provides a way to route HTTP requests. This includes the capability +// to match requests by hostname, path, header, or query param. Filters can be +// used to specify additional processing steps. Backends specify where matching +// requests should be routed. +type HTTPRoute struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the desired state of HTTPRoute. + Spec HTTPRouteSpec `json:"spec"` + + // Status defines the current state of HTTPRoute. + Status HTTPRouteStatus `json:"status,omitempty"` +} + +// +kubebuilder:object:root=true + +// HTTPRouteList contains a list of HTTPRoute. +type HTTPRouteList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []HTTPRoute `json:"items"` +} + +// HTTPRouteSpec defines the desired state of HTTPRoute +type HTTPRouteSpec struct { + CommonRouteSpec `json:",inline"` + + // Hostnames defines a set of hostname that should match against the HTTP + // Host header to select a HTTPRoute to process the request. This matches + // the RFC 1123 definition of a hostname with 2 notable exceptions: + // + // 1. IPs are not allowed. + // 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard + // label must appear by itself as the first label. + // + // If a hostname is specified by both the Listener and HTTPRoute, there + // must be at least one intersecting hostname for the HTTPRoute to be + // attached to the Listener. For example: + // + // * A Listener with `test.example.com` as the hostname matches HTTPRoutes + // that have either not specified any hostnames, or have specified at + // least one of `test.example.com` or `*.example.com`. + // * A Listener with `*.example.com` as the hostname matches HTTPRoutes + // that have either not specified any hostnames or have specified at least + // one hostname that matches the Listener hostname. For example, + // `test.example.com` and `*.example.com` would both match. On the other + // hand, `example.com` and `test.example.net` would not match. + // + // If both the Listener and HTTPRoute have specified hostnames, any + // HTTPRoute hostnames that do not match the Listener hostname MUST be + // ignored. For example, if a Listener specified `*.example.com`, and the + // HTTPRoute specified `test.example.com` and `test.example.net`, + // `test.example.net` must not be considered for a match. + // + // If both the Listener and HTTPRoute have specified hostnames, and none + // match with the criteria above, then the HTTPRoute is not accepted. The + // implementation must raise an 'Accepted' Condition with a status of + // `False` in the corresponding RouteParentStatus. + // + // Support: Core + // + // +optional + // +kubebuilder:validation:MaxItems=16 + Hostnames []Hostname `json:"hostnames,omitempty"` + + // Rules are a list of HTTP matchers, filters and actions. + // + // +optional + // +kubebuilder:validation:MaxItems=16 + // +kubebuilder:default={{matches: {{path: {type: "PathPrefix", value: "/"}}}}} + Rules []HTTPRouteRule `json:"rules,omitempty"` +} + +// HTTPRouteRule defines semantics for matching an HTTP request based on +// conditions (matches), processing it (filters), and forwarding the request to +// an API object (backendRefs). +type HTTPRouteRule struct { + // Matches define conditions used for matching the rule against incoming + // HTTP requests. Each match is independent, i.e. this rule will be matched + // if **any** one of the matches is satisfied. + // + // For example, take the following matches configuration: + // + // ``` + // matches: + // - path: + // value: "/foo" + // headers: + // - name: "version" + // value: "v2" + // - path: + // value: "/v2/foo" + // ``` + // + // For a request to match against this rule, a request must satisfy + // EITHER of the two conditions: + // + // - path prefixed with `/foo` AND contains the header `version: v2` + // - path prefix of `/v2/foo` + // + // See the documentation for HTTPRouteMatch on how to specify multiple + // match conditions that should be ANDed together. + // + // If no matches are specified, the default is a prefix + // path match on "/", which has the effect of matching every + // HTTP request. + // + // Proxy or Load Balancer routing configuration generated from HTTPRoutes + // MUST prioritize rules based on the following criteria, continuing on + // ties. Precedence must be given to the the Rule with the largest number + // of: + // + // * Characters in a matching non-wildcard hostname. + // * Characters in a matching hostname. + // * Characters in a matching path. + // * Header matches. + // * Query param matches. + // + // If ties still exist across multiple Routes, matching precedence MUST be + // determined in order of the following criteria, continuing on ties: + // + // * The oldest Route based on creation timestamp. + // * The Route appearing first in alphabetical order by + // "/". + // + // If ties still exist within the Route that has been given precedence, + // matching precedence MUST be granted to the first matching rule meeting + // the above criteria. + // + // +optional + // +kubebuilder:validation:MaxItems=8 + // +kubebuilder:default={{path:{ type: "PathPrefix", value: "/"}}} + Matches []HTTPRouteMatch `json:"matches,omitempty"` + + // Filters define the filters that are applied to requests that match + // this rule. + // + // The effects of ordering of multiple behaviors are currently unspecified. + // This can change in the future based on feedback during the alpha stage. + // + // Conformance-levels at this level are defined based on the type of filter: + // + // - ALL core filters MUST be supported by all implementations. + // - Implementers are encouraged to support extended filters. + // - Implementation-specific custom filters have no API guarantees across + // implementations. + // + // Specifying a core filter multiple times has unspecified or custom + // conformance. + // + // Support: Core + // + // +optional + // +kubebuilder:validation:MaxItems=16 + Filters []HTTPRouteFilter `json:"filters,omitempty"` + + // BackendRefs defines the backend(s) where matching requests should be + // sent. + + // If unspecified or invalid (refers to a non-existent resource or a Service + // with no endpoints), the rule performs no forwarding. If there are also no + // filters specified that would result in a response being sent, a HTTP 503 + // status code is returned. 503 responses must be sent so that the overall + // weight is respected; if an invalid backend is requested to have 80% of + // requests, then 80% of requests must get a 503 instead. + // + // Support: Core for Kubernetes Service + // Support: Custom for any other resource + // + // Support for weight: Core + // + // +optional + // +kubebuilder:validation:MaxItems=16 + BackendRefs []HTTPBackendRef `json:"backendRefs,omitempty"` +} + +// PathMatchType specifies the semantics of how HTTP paths should be compared. +// Valid PathMatchType values are: +// +// * "Exact" +// * "PathPrefix" +// * "RegularExpression" +// +// PathPrefix and Exact paths must be syntactically valid: +// +// - Must begin with the `/` character +// - Must not contain consecutive `/` characters (e.g. `/foo///`, `//`). +// +// +kubebuilder:validation:Enum=Exact;PathPrefix;RegularExpression +type PathMatchType string + +const ( + // Matches the URL path exactly and with case sensitivity. + PathMatchExact PathMatchType = "Exact" + + // Matches based on a URL path prefix split by `/`. Matching is + // case sensitive and done on a path element by element basis. A + // path element refers to the list of labels in the path split by + // the `/` separator. A request is a match for path _p_ if every + // _p_ is an element-wise prefix of the request path. + // + // For example, `/abc`, `/abc/` and `/abc/def` match the prefix + // `/abc`, but `/abcd` does not. + // + // "PathPrefix" is semantically equivalent to the "Prefix" path type in the + // Kubernetes Ingress API. + PathMatchPathPrefix PathMatchType = "PathPrefix" + + // Matches if the URL path matches the given regular expression with + // case sensitivity. + // + // Since `"RegularExpression"` has custom conformance, implementations + // can support POSIX, PCRE, RE2 or any other regular expression dialect. + // Please read the implementation's documentation to determine the supported + // dialect. + PathMatchRegularExpression PathMatchType = "RegularExpression" +) + +// HTTPPathMatch describes how to select a HTTP route by matching the HTTP request path. +type HTTPPathMatch struct { + // Type specifies how to match against the path Value. + // + // Support: Core (Exact, PathPrefix) + // + // Support: Custom (RegularExpression) + // + // +optional + // +kubebuilder:default=PathPrefix + Type *PathMatchType `json:"type,omitempty"` + + // Value of the HTTP path to match against. + // + // +optional + // +kubebuilder:default="/" + // +kubebuilder:validation:MaxLength=1024 + Value *string `json:"value,omitempty"` +} + +// HeaderMatchType specifies the semantics of how HTTP header values should be +// compared. Valid HeaderMatchType values are: +// +// * "Exact" +// * "RegularExpression" +// +// +kubebuilder:validation:Enum=Exact;RegularExpression +type HeaderMatchType string + +// HeaderMatchType constants. +const ( + HeaderMatchExact HeaderMatchType = "Exact" + HeaderMatchRegularExpression HeaderMatchType = "RegularExpression" +) + +// HTTPHeaderName is the name of an HTTP header. +// +// Valid values include: +// +// * "Authorization" +// * "Set-Cookie" +// +// Invalid values include: +// +// * ":method" - ":" is an invalid character. This means that HTTP/2 pseudo +// headers are not currently supported by this type. +// * "/invalid" - "/" is an invalid character +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=256 +// +kubebuilder:validation:Pattern=`^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$` +type HTTPHeaderName string + +// HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request +// headers. +type HTTPHeaderMatch struct { + // Type specifies how to match against the value of the header. + // + // Support: Core (Exact) + // + // Support: Custom (RegularExpression) + // + // Since RegularExpression HeaderMatchType has custom conformance, + // implementations can support POSIX, PCRE or any other dialects of regular + // expressions. Please read the implementation's documentation to determine + // the supported dialect. + // + // +optional + // +kubebuilder:default=Exact + Type *HeaderMatchType `json:"type,omitempty"` + + // Name is the name of the HTTP Header to be matched. Name matching MUST be + // case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + // + // If multiple entries specify equivalent header names, only the first + // entry with an equivalent name MUST be considered for a match. Subsequent + // entries with an equivalent header name MUST be ignored. Due to the + // case-insensitivity of header names, "foo" and "Foo" are considered + // equivalent. + // + // When a header is repeated in an HTTP request, it is + // implementation-specific behavior as to how this is represented. + // Generally, proxies should follow the guidance from the RFC: + // https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 regarding + // processing a repeated header, with special handling for "Set-Cookie". + Name HTTPHeaderName `json:"name"` + + // Value is the value of HTTP Header to be matched. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + Value string `json:"value"` +} + +// QueryParamMatchType specifies the semantics of how HTTP query parameter +// values should be compared. Valid QueryParamMatchType values are: +// +// * "Exact" +// * "RegularExpression" +// +// +kubebuilder:validation:Enum=Exact;RegularExpression +type QueryParamMatchType string + +// QueryParamMatchType constants. +const ( + QueryParamMatchExact QueryParamMatchType = "Exact" + QueryParamMatchRegularExpression QueryParamMatchType = "RegularExpression" +) + +// HTTPQueryParamMatch describes how to select a HTTP route by matching HTTP +// query parameters. +type HTTPQueryParamMatch struct { + // Type specifies how to match against the value of the query parameter. + // + // Support: Extended (Exact) + // + // Support: Custom (RegularExpression) + // + // Since RegularExpression QueryParamMatchType has custom conformance, + // implementations can support POSIX, PCRE or any other dialects of regular + // expressions. Please read the implementation's documentation to determine + // the supported dialect. + // + // +optional + // +kubebuilder:default=Exact + Type *QueryParamMatchType `json:"type,omitempty"` + + // Name is the name of the HTTP query param to be matched. This must be an + // exact string match. (See + // https://tools.ietf.org/html/rfc7230#section-2.7.3). + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=256 + Name string `json:"name"` + + // Value is the value of HTTP query param to be matched. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=1024 + Value string `json:"value"` +} + +// HTTPMethod describes how to select a HTTP route by matching the HTTP +// method as defined by +// [RFC 7231](https://datatracker.ietf.org/doc/html/rfc7231#section-4) and +// [RFC 5789](https://datatracker.ietf.org/doc/html/rfc5789#section-2). +// The value is expected in upper case. +// +kubebuilder:validation:Enum=GET;HEAD;POST;PUT;DELETE;CONNECT;OPTIONS;TRACE;PATCH +type HTTPMethod string + +const ( + HTTPMethodGet HTTPMethod = "GET" + HTTPMethodHead HTTPMethod = "HEAD" + HTTPMethodPost HTTPMethod = "POST" + HTTPMethodPut HTTPMethod = "PUT" + HTTPMethodDelete HTTPMethod = "DELETE" + HTTPMethodConnect HTTPMethod = "CONNECT" + HTTPMethodOptions HTTPMethod = "OPTIONS" + HTTPMethodTrace HTTPMethod = "TRACE" + HTTPMethodPatch HTTPMethod = "PATCH" +) + +// HTTPRouteMatch defines the predicate used to match requests to a given +// action. Multiple match types are ANDed together, i.e. the match will +// evaluate to true only if all conditions are satisfied. +// +// For example, the match below will match a HTTP request only if its path +// starts with `/foo` AND it contains the `version: v1` header: +// +// ``` +// match: +// path: +// value: "/foo" +// headers: +// - name: "version" +// value "v1" +// ``` +type HTTPRouteMatch struct { + // Path specifies a HTTP request path matcher. If this field is not + // specified, a default prefix match on the "/" path is provided. + // + // +optional + // +kubebuilder:default={type: "PathPrefix", value: "/"} + Path *HTTPPathMatch `json:"path,omitempty"` + + // Headers specifies HTTP request header matchers. Multiple match values are + // ANDed together, meaning, a request must match all the specified headers + // to select the route. + // + // +listType=map + // +listMapKey=name + // +optional + // +kubebuilder:validation:MaxItems=16 + Headers []HTTPHeaderMatch `json:"headers,omitempty"` + + // QueryParams specifies HTTP query parameter matchers. Multiple match + // values are ANDed together, meaning, a request must match all the + // specified query parameters to select the route. + // + // +listType=map + // +listMapKey=name + // +optional + // +kubebuilder:validation:MaxItems=16 + QueryParams []HTTPQueryParamMatch `json:"queryParams,omitempty"` + + // Method specifies HTTP method matcher. + // When specified, this route will be matched only if the request has the + // specified method. + // + // Support: Extended + // + // +optional + Method *HTTPMethod `json:"method,omitempty"` +} + +// HTTPRouteFilter defines processing steps that must be completed during the +// request or response lifecycle. HTTPRouteFilters are meant as an extension +// point to express processing that may be done in Gateway implementations. Some +// examples include request or response modification, implementing +// authentication strategies, rate-limiting, and traffic shaping. API +// guarantee/conformance is defined based on the type of the filter. +type HTTPRouteFilter struct { + // Type identifies the type of filter to apply. As with other API fields, + // types are classified into three conformance levels: + // + // - Core: Filter types and their corresponding configuration defined by + // "Support: Core" in this package, e.g. "RequestHeaderModifier". All + // implementations must support core filters. + // + // - Extended: Filter types and their corresponding configuration defined by + // "Support: Extended" in this package, e.g. "RequestMirror". Implementers + // are encouraged to support extended filters. + // + // - Custom: Filters that are defined and supported by specific vendors. + // In the future, filters showing convergence in behavior across multiple + // implementations will be considered for inclusion in extended or core + // conformance levels. Filter-specific configuration for such filters + // is specified using the ExtensionRef field. `Type` should be set to + // "ExtensionRef" for custom filters. + // + // Implementers are encouraged to define custom implementation types to + // extend the core API with implementation-specific behavior. + // + // If a reference to a custom filter type cannot be resolved, the filter + // MUST NOT be skipped. Instead, requests that would have been processed by + // that filter MUST receive a HTTP error response. + // + // +unionDiscriminator + Type HTTPRouteFilterType `json:"type"` + + // RequestHeaderModifier defines a schema for a filter that modifies request + // headers. + // + // Support: Core + // + // +optional + RequestHeaderModifier *HTTPRequestHeaderFilter `json:"requestHeaderModifier,omitempty"` + + // RequestMirror defines a schema for a filter that mirrors requests. + // Requests are sent to the specified destination, but responses from + // that destination are ignored. + // + // Support: Extended + // + // +optional + RequestMirror *HTTPRequestMirrorFilter `json:"requestMirror,omitempty"` + + // RequestRedirect defines a schema for a filter that responds to the + // request with an HTTP redirection. + // + // Support: Core + // + // +optional + RequestRedirect *HTTPRequestRedirectFilter `json:"requestRedirect,omitempty"` + + // ExtensionRef is an optional, implementation-specific extension to the + // "filter" behavior. For example, resource "myroutefilter" in group + // "networking.example.net"). ExtensionRef MUST NOT be used for core and + // extended filters. + // + // Support: Implementation-specific + // + // +optional + ExtensionRef *LocalObjectReference `json:"extensionRef,omitempty"` +} + +// HTTPRouteFilterType identifies a type of HTTPRoute filter. +// +kubebuilder:validation:Enum=RequestHeaderModifier;RequestMirror;RequestRedirect;ExtensionRef +type HTTPRouteFilterType string + +const ( + // HTTPRouteFilterRequestHeaderModifier can be used to add or remove an HTTP + // header from an HTTP request before it is sent to the upstream target. + // + // Support in HTTPRouteRule: Core + // + // Support in HTTPBackendRef: Extended + HTTPRouteFilterRequestHeaderModifier HTTPRouteFilterType = "RequestHeaderModifier" + + // HTTPRouteFilterRequestRedirect can be used to redirect a request to + // another location. This filter can also be used for HTTP to HTTPS + // redirects. + // + // Support in HTTPRouteRule: Core + // + // Support in HTTPBackendRef: Extended + HTTPRouteFilterRequestRedirect HTTPRouteFilterType = "RequestRedirect" + + // HTTPRouteFilterRequestMirror can be used to mirror HTTP requests to a + // different backend. The responses from this backend MUST be ignored by + // the Gateway. + // + // Support in HTTPRouteRule: Extended + // + // Support in HTTPBackendRef: Extended + HTTPRouteFilterRequestMirror HTTPRouteFilterType = "RequestMirror" + + // HTTPRouteFilterExtensionRef should be used for configuring custom + // HTTP filters. + // + // Support in HTTPRouteRule: Custom + // + // Support in HTTPBackendRef: Custom + HTTPRouteFilterExtensionRef HTTPRouteFilterType = "ExtensionRef" +) + +// HTTPHeader represents an HTTP Header name and value as defined by RFC 7230. +type HTTPHeader struct { + // Name is the name of the HTTP Header to be matched. Name matching MUST be + // case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). + // + // If multiple entries specify equivalent header names, the first entry with + // an equivalent name MUST be considered for a match. Subsequent entries + // with an equivalent header name MUST be ignored. Due to the + // case-insensitivity of header names, "foo" and "Foo" are considered + // equivalent. + Name HTTPHeaderName `json:"name"` + + // Value is the value of HTTP Header to be matched. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=4096 + Value string `json:"value"` +} + +// HTTPRequestHeaderFilter defines configuration for the RequestHeaderModifier +// filter. +type HTTPRequestHeaderFilter struct { + // Set overwrites the request with the given header (name, value) + // before the action. + // + // Input: + // GET /foo HTTP/1.1 + // my-header: foo + // + // Config: + // set: + // - name: "my-header" + // value: "bar" + // + // Output: + // GET /foo HTTP/1.1 + // my-header: bar + // + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=16 + Set []HTTPHeader `json:"set,omitempty"` + + // Add adds the given header(s) (name, value) to the request + // before the action. It appends to any existing values associated + // with the header name. + // + // Input: + // GET /foo HTTP/1.1 + // my-header: foo + // + // Config: + // add: + // - name: "my-header" + // value: "bar" + // + // Output: + // GET /foo HTTP/1.1 + // my-header: foo + // my-header: bar + // + // +optional + // +listType=map + // +listMapKey=name + // +kubebuilder:validation:MaxItems=16 + Add []HTTPHeader `json:"add,omitempty"` + + // Remove the given header(s) from the HTTP request before the action. The + // value of Remove is a list of HTTP header names. Note that the header + // names are case-insensitive (see + // https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). + // + // Input: + // GET /foo HTTP/1.1 + // my-header1: foo + // my-header2: bar + // my-header3: baz + // + // Config: + // remove: ["my-header1", "my-header3"] + // + // Output: + // GET /foo HTTP/1.1 + // my-header2: bar + // + // +optional + // +kubebuilder:validation:MaxItems=16 + Remove []string `json:"remove,omitempty"` +} + +// HTTPRequestRedirectFilter defines configuration for the RequestRedirect filter. +type HTTPRequestRedirectFilter struct { + // Scheme is the scheme to be used in the value of the `Location` + // header in the response. + // When empty, the scheme of the request is used. + // + // Support: Extended + // + // +optional + // +kubebuilder:validation:Enum=http;https + Scheme *string `json:"scheme,omitempty"` + + // Hostname is the hostname to be used in the value of the `Location` + // header in the response. + // When empty, the hostname of the request is used. + // + // Support: Core + // + // +optional + Hostname *PreciseHostname `json:"hostname,omitempty"` + + // Port is the port to be used in the value of the `Location` + // header in the response. + // When empty, port (if specified) of the request is used. + // + // Support: Extended + // + // +optional + Port *PortNumber `json:"port,omitempty"` + + // StatusCode is the HTTP status code to be used in response. + // + // Support: Core + // + // +optional + // +kubebuilder:default=302 + // +kubebuilder:validation:Enum=301;302 + StatusCode *int `json:"statusCode,omitempty"` +} + +// HTTPRequestMirrorFilter defines configuration for the RequestMirror filter. +type HTTPRequestMirrorFilter struct { + // BackendRef references a resource where mirrored requests are sent. + // + // If the referent cannot be found, this BackendRef is invalid and must be + // dropped from the Gateway. The controller must ensure the "ResolvedRefs" + // condition on the Route status is set to `status: False` and not configure + // this backend in the underlying implementation. + // + // If there is a cross-namespace reference to an *existing* object + // that is not allowed by a ReferencePolicy, the controller must ensure the + // "ResolvedRefs" condition on the Route is set to `status: False`, + // with the "RefNotPermitted" reason and not configure this backend in the + // underlying implementation. + // + // In either error case, the Message of the `ResolvedRefs` Condition + // should be used to provide more detail about the problem. + // + // Support: Extended for Kubernetes Service + // Support: Custom for any other resource + BackendRef BackendObjectReference `json:"backendRef"` +} + +// HTTPBackendRef defines how a HTTPRoute should forward an HTTP request. +type HTTPBackendRef struct { + // BackendRef is a reference to a backend to forward matched requests to. + // + // If the referent cannot be found, this HTTPBackendRef is invalid and must + // be dropped from the Gateway. The controller must ensure the + // "ResolvedRefs" condition on the Route is set to `status: False` and not + // configure this backend in the underlying implementation. + // + // If there is a cross-namespace reference to an *existing* object + // that is not covered by a ReferencePolicy, the controller must ensure the + // "ResolvedRefs" condition on the Route is set to `status: true`, + // with the "RefNotPermitted" reason and not configure this backend in the + // underlying implementation. + // + // In either error case, the Message of the `ResolvedRefs` Condition + // should be used to provide more detail about the problem. + // + // Support: Custom + // + // +optional + BackendRef `json:",inline"` + + // Filters defined at this level should be executed if and only if the + // request is being forwarded to the backend defined here. + // + // Support: Custom (For broader support of filters, use the Filters field + // in HTTPRouteRule.) + // + // +optional + // +kubebuilder:validation:MaxItems=16 + Filters []HTTPRouteFilter `json:"filters,omitempty"` +} + +// HTTPRouteStatus defines the observed state of HTTPRoute. +type HTTPRouteStatus struct { + RouteStatus `json:",inline"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go new file mode 100644 index 0000000000..12730b9ed6 --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go @@ -0,0 +1,131 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +// LocalObjectReference identifies an API object within the namespace of the +// referrer. +// The API object must be valid in the cluster; the Group and Kind must +// be registered in the cluster for this reference to be valid. +// +// References to objects with invalid Group and Kind are not valid, and must +// be rejected by the implementation, with appropriate Conditions set +// on the containing object. +type LocalObjectReference struct { + // Group is the group of the referent. For example, "networking.k8s.io". + // When unspecified (empty string), core API group is inferred. + Group Group `json:"group"` + + // Kind is kind of the referent. For example "HTTPRoute" or "Service". + Kind Kind `json:"kind"` + + // Name is the name of the referent. + Name ObjectName `json:"name"` +} + +// SecretObjectReference identifies an API object including its namespace, +// defaulting to Secret. +// +// The API object must be valid in the cluster; the Group and Kind must +// be registered in the cluster for this reference to be valid. +// +// References to objects with invalid Group and Kind are not valid, and must +// be rejected by the implementation, with appropriate Conditions set +// on the containing object. +type SecretObjectReference struct { + // Group is the group of the referent. For example, "networking.k8s.io". + // When unspecified (empty string), core API group is inferred. + // + // +optional + // +kubebuilder:default="" + Group *Group `json:"group"` + + // Kind is kind of the referent. For example "HTTPRoute" or "Service". + // + // +optional + // +kubebuilder:default=Secret + Kind *Kind `json:"kind"` + + // Name is the name of the referent. + Name ObjectName `json:"name"` + + // Namespace is the namespace of the backend. When unspecified, the local + // namespace is inferred. + // + // Note that when a namespace is specified, a ReferencePolicy object + // is required in the referent namespace to allow that namespace's + // owner to accept the reference. See the ReferencePolicy documentation + // for details. + // + // Support: Core + // + // +optional + Namespace *Namespace `json:"namespace,omitempty"` +} + +// BackendObjectReference defines how an ObjectReference that is +// specific to BackendRef. It includes a few additional fields and features +// than a regular ObjectReference. +// +// Note that when a namespace is specified, a ReferencePolicy object +// is required in the referent namespace to allow that namespace's +// owner to accept the reference. See the ReferencePolicy documentation +// for details. +// +// The API object must be valid in the cluster; the Group and Kind must +// be registered in the cluster for this reference to be valid. +// +// References to objects with invalid Group and Kind are not valid, and must +// be rejected by the implementation, with appropriate Conditions set +// on the containing object. +type BackendObjectReference struct { + // Group is the group of the referent. For example, "networking.k8s.io". + // When unspecified (empty string), core API group is inferred. + // + // +optional + // +kubebuilder:default="" + Group *Group `json:"group,omitempty"` + + // Kind is kind of the referent. For example "HTTPRoute" or "Service". + // + // +optional + // +kubebuilder:default=Service + Kind *Kind `json:"kind,omitempty"` + + // Name is the name of the referent. + Name ObjectName `json:"name"` + + // Namespace is the namespace of the backend. When unspecified, the local + // namespace is inferred. + // + // Note that when a namespace is specified, a ReferencePolicy object + // is required in the referent namespace to allow that namespace's + // owner to accept the reference. See the ReferencePolicy documentation + // for details. + // + // Support: Core + // + // +optional + Namespace *Namespace `json:"namespace,omitempty"` + + // Port specifies the destination port number to use for this resource. + // Port is required when the referent is a Kubernetes Service. + // For other resources, destination port might be derived from the referent + // resource or this field. + // + // +optional + Port *PortNumber `json:"port,omitempty"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/policy_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/policy_types.go new file mode 100644 index 0000000000..cbf96ed31a --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/policy_types.go @@ -0,0 +1,41 @@ +/* +Copyright 2021 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +// PolicyTargetReference identifies an API object to apply policy to. This +// should be used as part of Policy resources that can target Gateway API +// resources. For more information on how this policy attachment model works, +// and a sample Policy resource, refer to the policy attachment documentation +// for Gateway API. +type PolicyTargetReference struct { + // Group is the group of the target resource. + Group Group `json:"group"` + + // Kind is kind of the target resource. + Kind Kind `json:"kind"` + + // Name is the name of the target resource. + Name ObjectName `json:"name"` + + // Namespace is the namespace of the referent. When unspecified, the local + // namespace is inferred. Even when policy targets a resource in a different + // namespace, it MUST only apply to traffic originating from the same + // namespace as the policy. + // + // +optional + Namespace *Namespace `json:"namespace,omitempty"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/referencepolicy_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/referencepolicy_types.go new file mode 100644 index 0000000000..aac24b1b92 --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/referencepolicy_types.go @@ -0,0 +1,132 @@ +/* +Copyright 2021 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + +// +genclient +// +kubebuilder:object:root=true +// +kubebuilder:resource:categories=gateway-api,shortName=refpol +// +kubebuilder:storageversion +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` + +// ReferencePolicy identifies kinds of resources in other namespaces that are +// trusted to reference the specified kinds of resources in the same namespace +// as the policy. +// +// Each ReferencePolicy can be used to represent a unique trust relationship. +// Additional Reference Policies can be used to add to the set of trusted +// sources of inbound references for the namespace they are defined within. +// +// All cross-namespace references in Gateway API (with the exception of cross-namespace +// Gateway-route attachment) require a ReferencePolicy. +// +// Support: Core +// +type ReferencePolicy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the desired state of ReferencePolicy. + Spec ReferencePolicySpec `json:"spec,omitempty"` + + // Note that `Status` sub-resource has been excluded at the + // moment as it was difficult to work out the design. + // `Status` sub-resource may be added in future. +} + +// +kubebuilder:object:root=true +// ReferencePolicyList contains a list of ReferencePolicy. +type ReferencePolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []ReferencePolicy `json:"items"` +} + +// ReferencePolicySpec identifies a cross namespace relationship that is trusted +// for Gateway API. +type ReferencePolicySpec struct { + // From describes the trusted namespaces and kinds that can reference the + // resources described in "To". Each entry in this list must be considered + // to be an additional place that references can be valid from, or to put + // this another way, entries must be combined using OR. + // + // Support: Core + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + From []ReferencePolicyFrom `json:"from"` + + // To describes the resources that may be referenced by the resources + // described in "From". Each entry in this list must be considered to be an + // additional place that references can be valid to, or to put this another + // way, entries must be combined using OR. + // + // Support: Core + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + To []ReferencePolicyTo `json:"to"` +} + +// ReferencePolicyFrom describes trusted namespaces and kinds. +type ReferencePolicyFrom struct { + // Group is the group of the referent. + // When empty, the Kubernetes core API group is inferred. + // + // Support: Core + Group Group `json:"group"` + + // Kind is the kind of the referent. Although implementations may support + // additional resources, the following Route types are part of the "Core" + // support level for this field: + // + // * HTTPRoute + // * TCPRoute + // * TLSRoute + // * UDPRoute + Kind Kind `json:"kind"` + + // Namespace is the namespace of the referent. + // + // Support: Core + Namespace Namespace `json:"namespace"` +} + +// ReferencePolicyTo describes what Kinds are allowed as targets of the +// references. +type ReferencePolicyTo struct { + // Group is the group of the referent. + // When empty, the Kubernetes core API group is inferred. + // + // Support: Core + Group Group `json:"group"` + + // Kind is the kind of the referent. Although implementations may support + // additional resources, the following types are part of the "Core" + // support level for this field: + // + // * Service + Kind Kind `json:"kind"` + + // Name is the name of the referent. When unspecified or empty, this policy + // refers to all resources of the specified Group and Kind in the local + // namespace. + // + // +optional + Name *ObjectName `json:"name,omitempty"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go new file mode 100644 index 0000000000..f1c0069a1d --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go @@ -0,0 +1,403 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// ParentRef identifies an API object (usually a Gateway) that can be considered +// a parent of this resource (usually a route). The only kind of parent resource +// with "Core" support is Gateway. This API may be extended in the future to +// support additional kinds of parent resources, such as HTTPRoute. +// +// The API object must be valid in the cluster; the Group and Kind must +// be registered in the cluster for this reference to be valid. +// +// References to objects with invalid Group and Kind are not valid, and must +// be rejected by the implementation, with appropriate Conditions set +// on the containing object. +type ParentRef struct { + // Group is the group of the referent. + // + // Support: Core + // + // +kubebuilder:default=gateway.networking.k8s.io + // +optional + Group *Group `json:"group,omitempty"` + + // Kind is kind of the referent. + // + // Support: Core (Gateway) + // Support: Custom (Other Resources) + // + // +kubebuilder:default=Gateway + // +optional + Kind *Kind `json:"kind,omitempty"` + + // Namespace is the namespace of the referent. When unspecified (or empty + // string), this refers to the local namespace of the Route. + // + // Support: Core + // + // +optional + Namespace *Namespace `json:"namespace,omitempty"` + + // Name is the name of the referent. + // + // Support: Core + Name ObjectName `json:"name"` + + // SectionName is the name of a section within the target resource. In the + // following resources, SectionName is interpreted as the following: + // + // * Gateway: Listener Name + // + // Implementations MAY choose to support attaching Routes to other resources. + // If that is the case, they MUST clearly document how SectionName is + // interpreted. + // + // When unspecified (empty string), this will reference the entire resource. + // For the purpose of status, an attachment is considered successful if at + // least one section in the parent resource accepts it. For example, Gateway + // listeners can restrict which Routes can attach to them by Route kind, + // namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + // the referencing Route, the Route MUST be considered successfully + // attached. If no Gateway listeners accept attachment from this Route, the + // Route MUST be considered detached from the Gateway. + // + // Support: Core + // + // +optional + SectionName *SectionName `json:"sectionName,omitempty"` +} + +// CommonRouteSpec defines the common attributes that all Routes MUST include +// within their spec. +type CommonRouteSpec struct { + // ParentRefs references the resources (usually Gateways) that a Route wants + // to be attached to. Note that the referenced parent resource needs to + // allow this for the attachment to be complete. For Gateways, that means + // the Gateway needs to allow attachment from Routes of this kind and + // namespace. + // + // The only kind of parent resource with "Core" support is Gateway. This API + // may be extended in the future to support additional kinds of parent + // resources such as one of the route kinds. + // + // It is invalid to reference an identical parent more than once. It is + // valid to reference multiple distinct sections within the same parent + // resource, such as 2 Listeners within a Gateway. + // + // It is possible to separately reference multiple distinct objects that may + // be collapsed by an implementation. For example, some implementations may + // choose to merge compatible Gateway Listeners together. If that is the + // case, the list of routes attached to those resources should also be + // merged. + // + // +optional + // +kubebuilder:validation:MaxItems=32 + ParentRefs []ParentRef `json:"parentRefs,omitempty"` +} + +// PortNumber defines a network port. +// +// +kubebuilder:validation:Minimum=1 +// +kubebuilder:validation:Maximum=65535 +type PortNumber int32 + +// BackendRef defines how a Route should forward a request to a Kubernetes +// resource. +// +// Note that when a namespace is specified, a ReferencePolicy object +// is required in the referent namespace to allow that namespace's +// owner to accept the reference. See the ReferencePolicy documentation +// for details. +type BackendRef struct { + // BackendObjectReference references a Kubernetes object. + BackendObjectReference `json:",inline"` + + // Weight specifies the proportion of requests forwarded to the referenced + // backend. This is computed as weight/(sum of all weights in this + // BackendRefs list). For non-zero values, there may be some epsilon from + // the exact proportion defined here depending on the precision an + // implementation supports. Weight is not a percentage and the sum of + // weights does not need to equal 100. + // + // If only one backend is specified and it has a weight greater than 0, 100% + // of the traffic is forwarded to that backend. If weight is set to 0, no + // traffic should be forwarded for this entry. If unspecified, weight + // defaults to 1. + // + // Support for this field varies based on the context where used. + // + // +optional + // +kubebuilder:default=1 + // +kubebuilder:validation:Minimum=0 + // +kubebuilder:validation:Maximum=1000000 + Weight *int32 `json:"weight,omitempty"` +} + +// RouteConditionType is a type of condition for a route. +type RouteConditionType string + +const ( + // This condition indicates whether the route has been accepted or rejected + // by a Gateway, and why. + ConditionRouteAccepted RouteConditionType = "Accepted" + + // This condition indicates whether the controller was able to resolve all + // the object references for the Route. + ConditionRouteResolvedRefs RouteConditionType = "ResolvedRefs" +) + +// RouteParentStatus describes the status of a route with respect to an +// associated Parent. +type RouteParentStatus struct { + // ParentRef corresponds with a ParentRef in the spec that this + // RouteParentStatus struct describes the status of. + ParentRef ParentRef `json:"parentRef"` + + // ControllerName is a domain/path string that indicates the name of the + // controller that wrote this status. This corresponds with the + // controllerName field on GatewayClass. + // + // Example: "example.net/gateway-controller". + // + // The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are + // valid Kubernetes names + // (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). + ControllerName GatewayController `json:"controllerName"` + + // Conditions describes the status of the route with respect to the Gateway. + // Note that the route's availability is also subject to the Gateway's own + // status conditions and listener status. + // + // If the Route's ParentRef specifies an existing Gateway that supports + // Routes of this kind AND that Gateway's controller has sufficient access, + // then that Gateway's controller MUST set the "Accepted" condition on the + // Route, to indicate whether the route has been accepted or rejected by the + // Gateway, and why. + // + // A Route MUST be considered "Accepted" if at least one of the Route's + // rules is implemented by the Gateway. + // + // There are a number of cases where the "Accepted" condition may not be set + // due to lack of controller visibility, that includes when: + // + // * The Route refers to a non-existent parent. + // * The Route is of a type that the controller does not support. + // * The Route is in a namespace the the controller does not have access to. + // + // +listType=map + // +listMapKey=type + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=8 + Conditions []metav1.Condition `json:"conditions,omitempty"` +} + +// RouteStatus defines the common attributes that all Routes MUST include within +// their status. +type RouteStatus struct { + // Parents is a list of parent resources (usually Gateways) that are + // associated with the route, and the status of the route with respect to + // each parent. When this route attaches to a parent, the controller that + // manages the parent must add an entry to this list when the controller + // first sees the route and should update the entry as appropriate when the + // route or gateway is modified. + // + // Note that parent references that cannot be resolved by an implementation + // of this API will not be added to this list. Implementations of this API + // can only populate Route status for the Gateways/parent resources they are + // responsible for. + // + // A maximum of 32 Gateways will be represented in this list. An empty list + // means the route has not been attached to any Gateway. + // + // +kubebuilder:validation:MaxItems=32 + Parents []RouteParentStatus `json:"parents"` +} + +// Hostname is the fully qualified domain name of a network host. This matches +// the RFC 1123 definition of a hostname with 2 notable exceptions: +// +// 1. IPs are not allowed. +// 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard +// label must appear by itself as the first label. +// +// Hostname can be "precise" which is a domain name without the terminating +// dot of a network host (e.g. "foo.example.com") or "wildcard", which is a +// domain name prefixed with a single wildcard label (e.g. `*.example.com`). +// +// Note that as per RFC1035 and RFC1123, a *label* must consist of lower case +// alphanumeric characters or '-', and must start and end with an alphanumeric +// character. No other punctuation is allowed. +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$` +type Hostname string + +// PreciseHostname is the fully qualified domain name of a network host. This matches +// the RFC 1123 definition of a hostname with 2 notable exceptions: +// +// 1. IPs are not allowed. +// 2. A hostname may not be prefixed with a wildcard label (`*.`). +// +// Hostname can be "precise" which is a domain name without the terminating +// dot of a network host (e.g. "foo.example.com"). +// +// Note that as per RFC1035 and RFC1123, a *label* must consist of lower case +// alphanumeric characters or '-', and must start and end with an alphanumeric +// character. No other punctuation is allowed. +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$` +type PreciseHostname string + +// Group refers to a Kubernetes Group. It must either be an empty string or a +// RFC 1123 subdomain. +// +// This validation is based off of the corresponding Kubernetes validation: +// https://github.com/kubernetes/apimachinery/blob/02cfb53916346d085a6c6c7c66f882e3c6b0eca6/pkg/util/validation/validation.go#L208 +// +// Valid values include: +// +// * "" - empty string implies core Kubernetes API group +// * "networking.k8s.io" +// * "foo.example.com" +// +// Invalid values include: +// +// * "example.com/bar" - "/" is an invalid character +// +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$` +type Group string + +// Kind refers to a Kubernetes Kind. +// +// Valid values include: +// +// * "Service" +// * "HTTPRoute" +// +// Invalid values include: +// +// * "invalid/kind" - "/" is an invalid character +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=63 +// +kubebuilder:validation:Pattern=`^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$` +type Kind string + +// ObjectName refers to the name of a Kubernetes object. +// Object names can have a variety of forms, including RFC1123 subdomains, +// RFC 1123 labels, or RFC 1035 labels. +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +type ObjectName string + +// Namespace refers to a Kubernetes namespace. It must be a RFC 1123 label. +// +// This validation is based off of the corresponding Kubernetes validation: +// https://github.com/kubernetes/apimachinery/blob/02cfb53916346d085a6c6c7c66f882e3c6b0eca6/pkg/util/validation/validation.go#L187 +// +// This is used for Namespace name validation here: +// https://github.com/kubernetes/apimachinery/blob/02cfb53916346d085a6c6c7c66f882e3c6b0eca6/pkg/api/validation/generic.go#L63 +// +// Valid values include: +// +// * "example" +// +// Invalid values include: +// +// * "example.com" - "." is an invalid character +// +// +kubebuilder:validation:Pattern=`^[a-z0-9]([-a-z0-9]*[a-z0-9])?$` +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=63 +type Namespace string + +// SectionName is the name of a section in a Kubernetes resource. +// +// This validation is based off of the corresponding Kubernetes validation: +// https://github.com/kubernetes/apimachinery/blob/02cfb53916346d085a6c6c7c66f882e3c6b0eca6/pkg/util/validation/validation.go#L208 +// +// Valid values include: +// +// * "example.com" +// * "foo.example.com" +// +// Invalid values include: +// +// * "example.com/bar" - "/" is an invalid character +// +// +kubebuilder:validation:Pattern=`^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$` +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +type SectionName string + +// GatewayController is the name of a Gateway API controller. It must be a +// domain prefixed path. +// +// Valid values include: +// +// * "example.com/bar" +// +// Invalid values include: +// +// * "example.com" - must include path +// * "foo.example.com" - must include path +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$` +type GatewayController string + +// AnnotationKey is the key of an annotation in Gateway API. This is used for +// validation of maps such as TLS options. This matches the Kubernetes +// "qualified name" validation that is used for annotations and other common +// values. +// +// Valid values include: +// +// * example +// * example.com +// * example.com/path +// * example.com/path.html +// +// Invalid values include: +// +// * example~ - "~" is an invalid character +// * example.com. - can not start or end with "." +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9]/?)*$` +type AnnotationKey string + +// AnnotationValue is the value of an annotation in Gateway API. This is used +// for validation of maps such as TLS options. This roughly matches Kubernetes +// annotation validation, although the length validation in that case is based +// on the entire size of the annotations struct. +// +// +kubebuilder:validation:MinLength=0 +// +kubebuilder:validation:MaxLength=4096 +type AnnotationValue string diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go new file mode 100644 index 0000000000..60d805787d --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go @@ -0,0 +1,86 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +kubebuilder:object:root=true +// +kubebuilder:resource:categories=gateway-api +// +kubebuilder:subresource:status +// +kubebuilder:storageversion +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` + +// TCPRoute provides a way to route TCP requests. When combined with a Gateway +// listener, it can be used to forward connections on the port specified by the +// listener to a set of backends specified by the TCPRoute. +type TCPRoute struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the desired state of TCPRoute. + Spec TCPRouteSpec `json:"spec"` + + // Status defines the current state of TCPRoute. + Status TCPRouteStatus `json:"status,omitempty"` +} + +// TCPRouteSpec defines the desired state of TCPRoute +type TCPRouteSpec struct { + CommonRouteSpec `json:",inline"` + + // Rules are a list of TCP matchers and actions. + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Rules []TCPRouteRule `json:"rules"` +} + +// TCPRouteStatus defines the observed state of TCPRoute +type TCPRouteStatus struct { + RouteStatus `json:",inline"` +} + +// TCPRouteRule is the configuration for a given rule. +type TCPRouteRule struct { + // BackendRefs defines the backend(s) where matching requests should be + // sent. If unspecified or invalid (refers to a non-existent resource or a + // Service with no endpoints), the underlying implementation MUST actively + // reject connection attempts to this backend. Connection rejections must + // respect weight; if an invalid backend is requested to have 80% of + // connections, then 80% of connections must be rejected instead. + // + // Support: Core for Kubernetes Service + // Support: Custom for any other resource + // + // Support for weight: Extended + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + BackendRefs []BackendRef `json:"backendRefs,omitempty"` +} + +// +kubebuilder:object:root=true + +// TCPRouteList contains a list of TCPRoute +type TCPRouteList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []TCPRoute `json:"items"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go new file mode 100644 index 0000000000..e8f3faa7f1 --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go @@ -0,0 +1,130 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +kubebuilder:object:root=true +// +kubebuilder:resource:categories=gateway-api +// +kubebuilder:subresource:status +// +kubebuilder:storageversion +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` + +// The TLSRoute resource is similar to TCPRoute, but can be configured +// to match against TLS-specific metadata. This allows more flexibility +// in matching streams for a given TLS listener. +// +// If you need to forward traffic to a single target for a TLS listener, you +// could choose to use a TCPRoute with a TLS listener. +type TLSRoute struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the desired state of TLSRoute. + Spec TLSRouteSpec `json:"spec"` + + // Status defines the current state of TLSRoute. + Status TLSRouteStatus `json:"status,omitempty"` +} + +// TLSRouteSpec defines the desired state of a TLSRoute resource. +type TLSRouteSpec struct { + CommonRouteSpec `json:",inline"` + + // Hostnames defines a set of SNI names that should match against the + // SNI attribute of TLS ClientHello message in TLS handshake. This matches + // the RFC 1123 definition of a hostname with 2 notable exceptions: + // + // 1. IPs are not allowed in SNI names per RFC 6066. + // 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard + // label must appear by itself as the first label. + // + // If a hostname is specified by both the Listener and TLSRoute, there + // must be at least one intersecting hostname for the TLSRoute to be + // attached to the Listener. For example: + // + // * A Listener with `test.example.com` as the hostname matches TLSRoutes + // that have either not specified any hostnames, or have specified at + // least one of `test.example.com` or `*.example.com`. + // * A Listener with `*.example.com` as the hostname matches TLSRoutes + // that have either not specified any hostnames or have specified at least + // one hostname that matches the Listener hostname. For example, + // `test.example.com` and `*.example.com` would both match. On the other + // hand, `example.com` and `test.example.net` would not match. + // + // If both the Listener and TLSRoute have specified hostnames, any + // TLSRoute hostnames that do not match the Listener hostname MUST be + // ignored. For example, if a Listener specified `*.example.com`, and the + // TLSRoute specified `test.example.com` and `test.example.net`, + // `test.example.net` must not be considered for a match. + // + // If both the Listener and TLSRoute have specified hostnames, and none + // match with the criteria above, then the TLSRoute is not accepted. The + // implementation must raise an 'Accepted' Condition with a status of + // `False` in the corresponding RouteParentStatus. + // + // Support: Core + // + // +optional + // +kubebuilder:validation:MaxItems=16 + Hostnames []Hostname `json:"hostnames,omitempty"` + + // Rules are a list of TLS matchers and actions. + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Rules []TLSRouteRule `json:"rules"` +} + +// TLSRouteStatus defines the observed state of TLSRoute +type TLSRouteStatus struct { + RouteStatus `json:",inline"` +} + +// TLSRouteRule is the configuration for a given rule. +type TLSRouteRule struct { + // BackendRefs defines the backend(s) where matching requests should be + // sent. If unspecified or invalid (refers to a non-existent resource or + // a Service with no endpoints), the rule performs no forwarding; if no + // filters are specified that would result in a response being sent, the + // underlying implementation must actively reject request attempts to this + // backend, by rejecting the connection or returning a 503 status code. + // Request rejections must respect weight; if an invalid backend is + // requested to have 80% of requests, then 80% of requests must be rejected + // instead. + // + // Support: Core for Kubernetes Service + // Support: Custom for any other resource + // + // Support for weight: Extended + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + BackendRefs []BackendRef `json:"backendRefs,omitempty"` +} + +// +kubebuilder:object:root=true + +// TLSRouteList contains a list of TLSRoute +type TLSRouteList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []TLSRoute `json:"items"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go new file mode 100644 index 0000000000..361713afb2 --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go @@ -0,0 +1,86 @@ +/* +Copyright 2020 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +kubebuilder:object:root=true +// +kubebuilder:resource:categories=gateway-api +// +kubebuilder:subresource:status +// +kubebuilder:storageversion +// +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` + +// UDPRoute provides a way to route UDP traffic. When combined with a Gateway +// listener, it can be used to forward traffic on the port specified by the +// listener to a set of backends specified by the UDPRoute. +type UDPRoute struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the desired state of UDPRoute. + Spec UDPRouteSpec `json:"spec"` + + // Status defines the current state of UDPRoute. + Status UDPRouteStatus `json:"status,omitempty"` +} + +// UDPRouteSpec defines the desired state of UDPRoute. +type UDPRouteSpec struct { + CommonRouteSpec `json:",inline"` + + // Rules are a list of UDP matchers and actions. + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + Rules []UDPRouteRule `json:"rules"` +} + +// UDPRouteStatus defines the observed state of UDPRoute. +type UDPRouteStatus struct { + RouteStatus `json:",inline"` +} + +// UDPRouteRule is the configuration for a given rule. +type UDPRouteRule struct { + // BackendRefs defines the backend(s) where matching requests should be + // sent. If unspecified or invalid (refers to a non-existent resource or a + // Service with no endpoints), the underlying implementation MUST actively + // reject connection attempts to this backend. Packet drops must + // respect weight; if an invalid backend is requested to have 80% of + // the packets, then 80% of packets must be dropped instead. + // + // Support: Core for Kubernetes Service + // Support: Custom for any other resource + // + // Support for weight: Extended + // + // +kubebuilder:validation:MinItems=1 + // +kubebuilder:validation:MaxItems=16 + BackendRefs []BackendRef `json:"backendRefs,omitempty"` +} + +// +kubebuilder:object:root=true + +// UDPRouteList contains a list of UDPRoute +type UDPRouteList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []UDPRoute `json:"items"` +} diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.deepcopy.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.deepcopy.go new file mode 100644 index 0000000000..84204a2634 --- /dev/null +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.deepcopy.go @@ -0,0 +1,1571 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* +Copyright The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AllowedRoutes) DeepCopyInto(out *AllowedRoutes) { + *out = *in + if in.Namespaces != nil { + in, out := &in.Namespaces, &out.Namespaces + *out = new(RouteNamespaces) + (*in).DeepCopyInto(*out) + } + if in.Kinds != nil { + in, out := &in.Kinds, &out.Kinds + *out = make([]RouteGroupKind, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedRoutes. +func (in *AllowedRoutes) DeepCopy() *AllowedRoutes { + if in == nil { + return nil + } + out := new(AllowedRoutes) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BackendObjectReference) DeepCopyInto(out *BackendObjectReference) { + *out = *in + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = new(Group) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(Kind) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(Namespace) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(PortNumber) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendObjectReference. +func (in *BackendObjectReference) DeepCopy() *BackendObjectReference { + if in == nil { + return nil + } + out := new(BackendObjectReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *BackendRef) DeepCopyInto(out *BackendRef) { + *out = *in + in.BackendObjectReference.DeepCopyInto(&out.BackendObjectReference) + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(int32) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackendRef. +func (in *BackendRef) DeepCopy() *BackendRef { + if in == nil { + return nil + } + out := new(BackendRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CommonRouteSpec) DeepCopyInto(out *CommonRouteSpec) { + *out = *in + if in.ParentRefs != nil { + in, out := &in.ParentRefs, &out.ParentRefs + *out = make([]ParentRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CommonRouteSpec. +func (in *CommonRouteSpec) DeepCopy() *CommonRouteSpec { + if in == nil { + return nil + } + out := new(CommonRouteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Gateway) DeepCopyInto(out *Gateway) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Gateway. +func (in *Gateway) DeepCopy() *Gateway { + if in == nil { + return nil + } + out := new(Gateway) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Gateway) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayAddress) DeepCopyInto(out *GatewayAddress) { + *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(AddressType) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayAddress. +func (in *GatewayAddress) DeepCopy() *GatewayAddress { + if in == nil { + return nil + } + out := new(GatewayAddress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayClass) DeepCopyInto(out *GatewayClass) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayClass. +func (in *GatewayClass) DeepCopy() *GatewayClass { + if in == nil { + return nil + } + out := new(GatewayClass) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GatewayClass) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayClassList) DeepCopyInto(out *GatewayClassList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]GatewayClass, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayClassList. +func (in *GatewayClassList) DeepCopy() *GatewayClassList { + if in == nil { + return nil + } + out := new(GatewayClassList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GatewayClassList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayClassSpec) DeepCopyInto(out *GatewayClassSpec) { + *out = *in + if in.ParametersRef != nil { + in, out := &in.ParametersRef, &out.ParametersRef + *out = new(ParametersReference) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayClassSpec. +func (in *GatewayClassSpec) DeepCopy() *GatewayClassSpec { + if in == nil { + return nil + } + out := new(GatewayClassSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayClassStatus) DeepCopyInto(out *GatewayClassStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayClassStatus. +func (in *GatewayClassStatus) DeepCopy() *GatewayClassStatus { + if in == nil { + return nil + } + out := new(GatewayClassStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayList) DeepCopyInto(out *GatewayList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Gateway, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayList. +func (in *GatewayList) DeepCopy() *GatewayList { + if in == nil { + return nil + } + out := new(GatewayList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GatewayList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewaySpec) DeepCopyInto(out *GatewaySpec) { + *out = *in + if in.Listeners != nil { + in, out := &in.Listeners, &out.Listeners + *out = make([]Listener, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Addresses != nil { + in, out := &in.Addresses, &out.Addresses + *out = make([]GatewayAddress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewaySpec. +func (in *GatewaySpec) DeepCopy() *GatewaySpec { + if in == nil { + return nil + } + out := new(GatewaySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayStatus) DeepCopyInto(out *GatewayStatus) { + *out = *in + if in.Addresses != nil { + in, out := &in.Addresses, &out.Addresses + *out = make([]GatewayAddress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Listeners != nil { + in, out := &in.Listeners, &out.Listeners + *out = make([]ListenerStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayStatus. +func (in *GatewayStatus) DeepCopy() *GatewayStatus { + if in == nil { + return nil + } + out := new(GatewayStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayTLSConfig) DeepCopyInto(out *GatewayTLSConfig) { + *out = *in + if in.Mode != nil { + in, out := &in.Mode, &out.Mode + *out = new(TLSModeType) + **out = **in + } + if in.CertificateRefs != nil { + in, out := &in.CertificateRefs, &out.CertificateRefs + *out = make([]*SecretObjectReference, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(SecretObjectReference) + (*in).DeepCopyInto(*out) + } + } + } + if in.Options != nil { + in, out := &in.Options, &out.Options + *out = make(map[AnnotationKey]AnnotationValue, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayTLSConfig. +func (in *GatewayTLSConfig) DeepCopy() *GatewayTLSConfig { + if in == nil { + return nil + } + out := new(GatewayTLSConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPBackendRef) DeepCopyInto(out *HTTPBackendRef) { + *out = *in + in.BackendRef.DeepCopyInto(&out.BackendRef) + if in.Filters != nil { + in, out := &in.Filters, &out.Filters + *out = make([]HTTPRouteFilter, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPBackendRef. +func (in *HTTPBackendRef) DeepCopy() *HTTPBackendRef { + if in == nil { + return nil + } + out := new(HTTPBackendRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPHeader) DeepCopyInto(out *HTTPHeader) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPHeader. +func (in *HTTPHeader) DeepCopy() *HTTPHeader { + if in == nil { + return nil + } + out := new(HTTPHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPHeaderMatch) DeepCopyInto(out *HTTPHeaderMatch) { + *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(HeaderMatchType) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPHeaderMatch. +func (in *HTTPHeaderMatch) DeepCopy() *HTTPHeaderMatch { + if in == nil { + return nil + } + out := new(HTTPHeaderMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPPathMatch) DeepCopyInto(out *HTTPPathMatch) { + *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(PathMatchType) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPPathMatch. +func (in *HTTPPathMatch) DeepCopy() *HTTPPathMatch { + if in == nil { + return nil + } + out := new(HTTPPathMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPQueryParamMatch) DeepCopyInto(out *HTTPQueryParamMatch) { + *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(QueryParamMatchType) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPQueryParamMatch. +func (in *HTTPQueryParamMatch) DeepCopy() *HTTPQueryParamMatch { + if in == nil { + return nil + } + out := new(HTTPQueryParamMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRequestHeaderFilter) DeepCopyInto(out *HTTPRequestHeaderFilter) { + *out = *in + if in.Set != nil { + in, out := &in.Set, &out.Set + *out = make([]HTTPHeader, len(*in)) + copy(*out, *in) + } + if in.Add != nil { + in, out := &in.Add, &out.Add + *out = make([]HTTPHeader, len(*in)) + copy(*out, *in) + } + if in.Remove != nil { + in, out := &in.Remove, &out.Remove + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRequestHeaderFilter. +func (in *HTTPRequestHeaderFilter) DeepCopy() *HTTPRequestHeaderFilter { + if in == nil { + return nil + } + out := new(HTTPRequestHeaderFilter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRequestMirrorFilter) DeepCopyInto(out *HTTPRequestMirrorFilter) { + *out = *in + in.BackendRef.DeepCopyInto(&out.BackendRef) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRequestMirrorFilter. +func (in *HTTPRequestMirrorFilter) DeepCopy() *HTTPRequestMirrorFilter { + if in == nil { + return nil + } + out := new(HTTPRequestMirrorFilter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRequestRedirectFilter) DeepCopyInto(out *HTTPRequestRedirectFilter) { + *out = *in + if in.Scheme != nil { + in, out := &in.Scheme, &out.Scheme + *out = new(string) + **out = **in + } + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(PreciseHostname) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(PortNumber) + **out = **in + } + if in.StatusCode != nil { + in, out := &in.StatusCode, &out.StatusCode + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRequestRedirectFilter. +func (in *HTTPRequestRedirectFilter) DeepCopy() *HTTPRequestRedirectFilter { + if in == nil { + return nil + } + out := new(HTTPRequestRedirectFilter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRoute) DeepCopyInto(out *HTTPRoute) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRoute. +func (in *HTTPRoute) DeepCopy() *HTTPRoute { + if in == nil { + return nil + } + out := new(HTTPRoute) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *HTTPRoute) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteFilter) DeepCopyInto(out *HTTPRouteFilter) { + *out = *in + if in.RequestHeaderModifier != nil { + in, out := &in.RequestHeaderModifier, &out.RequestHeaderModifier + *out = new(HTTPRequestHeaderFilter) + (*in).DeepCopyInto(*out) + } + if in.RequestMirror != nil { + in, out := &in.RequestMirror, &out.RequestMirror + *out = new(HTTPRequestMirrorFilter) + (*in).DeepCopyInto(*out) + } + if in.RequestRedirect != nil { + in, out := &in.RequestRedirect, &out.RequestRedirect + *out = new(HTTPRequestRedirectFilter) + (*in).DeepCopyInto(*out) + } + if in.ExtensionRef != nil { + in, out := &in.ExtensionRef, &out.ExtensionRef + *out = new(LocalObjectReference) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteFilter. +func (in *HTTPRouteFilter) DeepCopy() *HTTPRouteFilter { + if in == nil { + return nil + } + out := new(HTTPRouteFilter) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteList) DeepCopyInto(out *HTTPRouteList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]HTTPRoute, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteList. +func (in *HTTPRouteList) DeepCopy() *HTTPRouteList { + if in == nil { + return nil + } + out := new(HTTPRouteList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *HTTPRouteList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteMatch) DeepCopyInto(out *HTTPRouteMatch) { + *out = *in + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(HTTPPathMatch) + (*in).DeepCopyInto(*out) + } + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]HTTPHeaderMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.QueryParams != nil { + in, out := &in.QueryParams, &out.QueryParams + *out = make([]HTTPQueryParamMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Method != nil { + in, out := &in.Method, &out.Method + *out = new(HTTPMethod) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteMatch. +func (in *HTTPRouteMatch) DeepCopy() *HTTPRouteMatch { + if in == nil { + return nil + } + out := new(HTTPRouteMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteRule) DeepCopyInto(out *HTTPRouteRule) { + *out = *in + if in.Matches != nil { + in, out := &in.Matches, &out.Matches + *out = make([]HTTPRouteMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Filters != nil { + in, out := &in.Filters, &out.Filters + *out = make([]HTTPRouteFilter, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.BackendRefs != nil { + in, out := &in.BackendRefs, &out.BackendRefs + *out = make([]HTTPBackendRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteRule. +func (in *HTTPRouteRule) DeepCopy() *HTTPRouteRule { + if in == nil { + return nil + } + out := new(HTTPRouteRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteSpec) DeepCopyInto(out *HTTPRouteSpec) { + *out = *in + in.CommonRouteSpec.DeepCopyInto(&out.CommonRouteSpec) + if in.Hostnames != nil { + in, out := &in.Hostnames, &out.Hostnames + *out = make([]Hostname, len(*in)) + copy(*out, *in) + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]HTTPRouteRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteSpec. +func (in *HTTPRouteSpec) DeepCopy() *HTTPRouteSpec { + if in == nil { + return nil + } + out := new(HTTPRouteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteStatus) DeepCopyInto(out *HTTPRouteStatus) { + *out = *in + in.RouteStatus.DeepCopyInto(&out.RouteStatus) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteStatus. +func (in *HTTPRouteStatus) DeepCopy() *HTTPRouteStatus { + if in == nil { + return nil + } + out := new(HTTPRouteStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Listener) DeepCopyInto(out *Listener) { + *out = *in + if in.Hostname != nil { + in, out := &in.Hostname, &out.Hostname + *out = new(Hostname) + **out = **in + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(GatewayTLSConfig) + (*in).DeepCopyInto(*out) + } + if in.AllowedRoutes != nil { + in, out := &in.AllowedRoutes, &out.AllowedRoutes + *out = new(AllowedRoutes) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Listener. +func (in *Listener) DeepCopy() *Listener { + if in == nil { + return nil + } + out := new(Listener) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ListenerStatus) DeepCopyInto(out *ListenerStatus) { + *out = *in + if in.SupportedKinds != nil { + in, out := &in.SupportedKinds, &out.SupportedKinds + *out = make([]RouteGroupKind, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListenerStatus. +func (in *ListenerStatus) DeepCopy() *ListenerStatus { + if in == nil { + return nil + } + out := new(ListenerStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LocalObjectReference) DeepCopyInto(out *LocalObjectReference) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalObjectReference. +func (in *LocalObjectReference) DeepCopy() *LocalObjectReference { + if in == nil { + return nil + } + out := new(LocalObjectReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ParametersReference) DeepCopyInto(out *ParametersReference) { + *out = *in + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(Namespace) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParametersReference. +func (in *ParametersReference) DeepCopy() *ParametersReference { + if in == nil { + return nil + } + out := new(ParametersReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ParentRef) DeepCopyInto(out *ParentRef) { + *out = *in + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = new(Group) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(Kind) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(Namespace) + **out = **in + } + if in.SectionName != nil { + in, out := &in.SectionName, &out.SectionName + *out = new(SectionName) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParentRef. +func (in *ParentRef) DeepCopy() *ParentRef { + if in == nil { + return nil + } + out := new(ParentRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyTargetReference) DeepCopyInto(out *PolicyTargetReference) { + *out = *in + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(Namespace) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyTargetReference. +func (in *PolicyTargetReference) DeepCopy() *PolicyTargetReference { + if in == nil { + return nil + } + out := new(PolicyTargetReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReferencePolicy) DeepCopyInto(out *ReferencePolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReferencePolicy. +func (in *ReferencePolicy) DeepCopy() *ReferencePolicy { + if in == nil { + return nil + } + out := new(ReferencePolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ReferencePolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReferencePolicyFrom) DeepCopyInto(out *ReferencePolicyFrom) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReferencePolicyFrom. +func (in *ReferencePolicyFrom) DeepCopy() *ReferencePolicyFrom { + if in == nil { + return nil + } + out := new(ReferencePolicyFrom) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReferencePolicyList) DeepCopyInto(out *ReferencePolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ReferencePolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReferencePolicyList. +func (in *ReferencePolicyList) DeepCopy() *ReferencePolicyList { + if in == nil { + return nil + } + out := new(ReferencePolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ReferencePolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReferencePolicySpec) DeepCopyInto(out *ReferencePolicySpec) { + *out = *in + if in.From != nil { + in, out := &in.From, &out.From + *out = make([]ReferencePolicyFrom, len(*in)) + copy(*out, *in) + } + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]ReferencePolicyTo, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReferencePolicySpec. +func (in *ReferencePolicySpec) DeepCopy() *ReferencePolicySpec { + if in == nil { + return nil + } + out := new(ReferencePolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ReferencePolicyTo) DeepCopyInto(out *ReferencePolicyTo) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(ObjectName) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReferencePolicyTo. +func (in *ReferencePolicyTo) DeepCopy() *ReferencePolicyTo { + if in == nil { + return nil + } + out := new(ReferencePolicyTo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RouteGroupKind) DeepCopyInto(out *RouteGroupKind) { + *out = *in + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = new(Group) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteGroupKind. +func (in *RouteGroupKind) DeepCopy() *RouteGroupKind { + if in == nil { + return nil + } + out := new(RouteGroupKind) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RouteNamespaces) DeepCopyInto(out *RouteNamespaces) { + *out = *in + if in.From != nil { + in, out := &in.From, &out.From + *out = new(FromNamespaces) + **out = **in + } + if in.Selector != nil { + in, out := &in.Selector, &out.Selector + *out = new(v1.LabelSelector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteNamespaces. +func (in *RouteNamespaces) DeepCopy() *RouteNamespaces { + if in == nil { + return nil + } + out := new(RouteNamespaces) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RouteParentStatus) DeepCopyInto(out *RouteParentStatus) { + *out = *in + in.ParentRef.DeepCopyInto(&out.ParentRef) + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteParentStatus. +func (in *RouteParentStatus) DeepCopy() *RouteParentStatus { + if in == nil { + return nil + } + out := new(RouteParentStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RouteStatus) DeepCopyInto(out *RouteStatus) { + *out = *in + if in.Parents != nil { + in, out := &in.Parents, &out.Parents + *out = make([]RouteParentStatus, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RouteStatus. +func (in *RouteStatus) DeepCopy() *RouteStatus { + if in == nil { + return nil + } + out := new(RouteStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SecretObjectReference) DeepCopyInto(out *SecretObjectReference) { + *out = *in + if in.Group != nil { + in, out := &in.Group, &out.Group + *out = new(Group) + **out = **in + } + if in.Kind != nil { + in, out := &in.Kind, &out.Kind + *out = new(Kind) + **out = **in + } + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(Namespace) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretObjectReference. +func (in *SecretObjectReference) DeepCopy() *SecretObjectReference { + if in == nil { + return nil + } + out := new(SecretObjectReference) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPRoute) DeepCopyInto(out *TCPRoute) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPRoute. +func (in *TCPRoute) DeepCopy() *TCPRoute { + if in == nil { + return nil + } + out := new(TCPRoute) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TCPRoute) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPRouteList) DeepCopyInto(out *TCPRouteList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TCPRoute, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPRouteList. +func (in *TCPRouteList) DeepCopy() *TCPRouteList { + if in == nil { + return nil + } + out := new(TCPRouteList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TCPRouteList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPRouteRule) DeepCopyInto(out *TCPRouteRule) { + *out = *in + if in.BackendRefs != nil { + in, out := &in.BackendRefs, &out.BackendRefs + *out = make([]BackendRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPRouteRule. +func (in *TCPRouteRule) DeepCopy() *TCPRouteRule { + if in == nil { + return nil + } + out := new(TCPRouteRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPRouteSpec) DeepCopyInto(out *TCPRouteSpec) { + *out = *in + in.CommonRouteSpec.DeepCopyInto(&out.CommonRouteSpec) + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]TCPRouteRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPRouteSpec. +func (in *TCPRouteSpec) DeepCopy() *TCPRouteSpec { + if in == nil { + return nil + } + out := new(TCPRouteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPRouteStatus) DeepCopyInto(out *TCPRouteStatus) { + *out = *in + in.RouteStatus.DeepCopyInto(&out.RouteStatus) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPRouteStatus. +func (in *TCPRouteStatus) DeepCopy() *TCPRouteStatus { + if in == nil { + return nil + } + out := new(TCPRouteStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSRoute) DeepCopyInto(out *TLSRoute) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSRoute. +func (in *TLSRoute) DeepCopy() *TLSRoute { + if in == nil { + return nil + } + out := new(TLSRoute) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TLSRoute) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSRouteList) DeepCopyInto(out *TLSRouteList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TLSRoute, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSRouteList. +func (in *TLSRouteList) DeepCopy() *TLSRouteList { + if in == nil { + return nil + } + out := new(TLSRouteList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TLSRouteList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSRouteRule) DeepCopyInto(out *TLSRouteRule) { + *out = *in + if in.BackendRefs != nil { + in, out := &in.BackendRefs, &out.BackendRefs + *out = make([]BackendRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSRouteRule. +func (in *TLSRouteRule) DeepCopy() *TLSRouteRule { + if in == nil { + return nil + } + out := new(TLSRouteRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSRouteSpec) DeepCopyInto(out *TLSRouteSpec) { + *out = *in + in.CommonRouteSpec.DeepCopyInto(&out.CommonRouteSpec) + if in.Hostnames != nil { + in, out := &in.Hostnames, &out.Hostnames + *out = make([]Hostname, len(*in)) + copy(*out, *in) + } + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]TLSRouteRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSRouteSpec. +func (in *TLSRouteSpec) DeepCopy() *TLSRouteSpec { + if in == nil { + return nil + } + out := new(TLSRouteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSRouteStatus) DeepCopyInto(out *TLSRouteStatus) { + *out = *in + in.RouteStatus.DeepCopyInto(&out.RouteStatus) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSRouteStatus. +func (in *TLSRouteStatus) DeepCopy() *TLSRouteStatus { + if in == nil { + return nil + } + out := new(TLSRouteStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UDPRoute) DeepCopyInto(out *UDPRoute) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPRoute. +func (in *UDPRoute) DeepCopy() *UDPRoute { + if in == nil { + return nil + } + out := new(UDPRoute) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *UDPRoute) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UDPRouteList) DeepCopyInto(out *UDPRouteList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]UDPRoute, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPRouteList. +func (in *UDPRouteList) DeepCopy() *UDPRouteList { + if in == nil { + return nil + } + out := new(UDPRouteList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *UDPRouteList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UDPRouteRule) DeepCopyInto(out *UDPRouteRule) { + *out = *in + if in.BackendRefs != nil { + in, out := &in.BackendRefs, &out.BackendRefs + *out = make([]BackendRef, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPRouteRule. +func (in *UDPRouteRule) DeepCopy() *UDPRouteRule { + if in == nil { + return nil + } + out := new(UDPRouteRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UDPRouteSpec) DeepCopyInto(out *UDPRouteSpec) { + *out = *in + in.CommonRouteSpec.DeepCopyInto(&out.CommonRouteSpec) + if in.Rules != nil { + in, out := &in.Rules, &out.Rules + *out = make([]UDPRouteRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPRouteSpec. +func (in *UDPRouteSpec) DeepCopy() *UDPRouteSpec { + if in == nil { + return nil + } + out := new(UDPRouteSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UDPRouteStatus) DeepCopyInto(out *UDPRouteStatus) { + *out = *in + in.RouteStatus.DeepCopyInto(&out.RouteStatus) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPRouteStatus. +func (in *UDPRouteStatus) DeepCopy() *UDPRouteStatus { + if in == nil { + return nil + } + out := new(UDPRouteStatus) + in.DeepCopyInto(out) + return out +} diff --git a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/register.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.register.go similarity index 54% rename from vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/register.go rename to vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.register.go index 40987ae47e..94dc2ff41b 100644 --- a/vendor/github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2/register.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/zz_generated.register.go @@ -1,5 +1,5 @@ /* -Copyright 2020 The cert-manager Authors. +Copyright The Kubernetes Authors. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -14,18 +14,25 @@ See the License for the specific language governing permissions and limitations under the License. */ +// Code generated by register-gen. DO NOT EDIT. + package v1alpha2 import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - - "github.com/jetstack/cert-manager/pkg/apis/certmanager" ) +// GroupName specifies the group name used to register the objects. +const GroupName = "gateway.networking.k8s.io" + +// GroupVersion specifies the group and the version used to register the objects. +var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha2"} + // SchemeGroupVersion is group version used to register these objects -var SchemeGroupVersion = schema.GroupVersion{Group: certmanager.GroupName, Version: "v1alpha2"} +// Deprecated: use GroupVersion instead. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha2"} // Resource takes an unqualified resource and returns a Group qualified GroupResource func Resource(resource string) schema.GroupResource { @@ -33,9 +40,12 @@ func Resource(resource string) schema.GroupResource { } var ( + // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder localSchemeBuilder = &SchemeBuilder - AddToScheme = localSchemeBuilder.AddToScheme + // Depreciated: use Install instead + AddToScheme = localSchemeBuilder.AddToScheme + Install = localSchemeBuilder.AddToScheme ) func init() { @@ -45,18 +55,25 @@ func init() { localSchemeBuilder.Register(addKnownTypes) } -// Adds the list of known types to api.Scheme. +// Adds the list of known types to Scheme. func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, - &Certificate{}, - &CertificateList{}, - &Issuer{}, - &IssuerList{}, - &ClusterIssuer{}, - &ClusterIssuerList{}, - &CertificateRequest{}, - &CertificateRequestList{}, + &Gateway{}, + &GatewayClass{}, + &GatewayClassList{}, + &GatewayList{}, + &HTTPRoute{}, + &HTTPRouteList{}, + &ReferencePolicy{}, + &ReferencePolicyList{}, + &TCPRoute{}, + &TCPRouteList{}, + &TLSRoute{}, + &TLSRouteList{}, + &UDPRoute{}, + &UDPRouteList{}, ) - metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + // AddToGroupVersion allows the serialization of client types like ListOptions. + v1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil }