particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

build(deps): bump the go-deps group across 1 directory with 11 updates

Browse source 
---
updated-dependencies:
- dependency-name: cloud.google.com/go/compute
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/openshift-online/ocm-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/osbuild/images
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/vmware/govmomi
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot] 2024-05-21 04:58:46 +00:00 committed by Achilleas Koutsou
parent 295dddca37
commit c1d56a50c2
178 changed files with 52314 additions and 45955 deletions
Download patch file Download diff file Expand all files Collapse all files

48
go.mod
View file

@ -5,8 +5,8 @@ go 1.20
exclude github.com/mattn/go-sqlite3 v2.0.3+incompatible
require (
cloud.google.com/go/compute v1.26.0
cloud.google.com/go/storage v1.40.0
cloud.google.com/go/compute v1.27.0
cloud.google.com/go/storage v1.41.0
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 v5.7.0
@ -16,7 +16,7 @@ require (
github.com/Azure/go-autorest/autorest v0.11.29
github.com/Azure/go-autorest/autorest/azure/auth v0.5.12
github.com/BurntSushi/toml v1.3.2
github.com/aws/aws-sdk-go v1.52.1
github.com/aws/aws-sdk-go v1.53.6
github.com/coreos/go-semver v0.3.1
github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf
github.com/deepmap/oapi-codegen v1.8.2
@ -27,38 +27,38 @@ require (
github.com/google/go-cmp v0.6.0
github.com/google/uuid v1.6.0
github.com/gophercloud/gophercloud v1.11.0
github.com/hashicorp/go-retryablehttp v0.7.5
github.com/hashicorp/go-retryablehttp v0.7.6
github.com/jackc/pgtype v1.14.3
github.com/jackc/pgx/v4 v4.18.3
github.com/julienschmidt/httprouter v1.3.0
github.com/kolo/xmlrpc v0.0.0-20201022064351-38db28db192b
github.com/labstack/echo/v4 v4.12.0
github.com/labstack/gommon v0.4.2
github.com/openshift-online/ocm-sdk-go v0.1.418
github.com/openshift-online/ocm-sdk-go v0.1.420
github.com/oracle/oci-go-sdk/v54 v54.0.0
github.com/osbuild/images v0.59.0
github.com/osbuild/images v0.62.0
github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20231117174845-e969a9dc3cd1
github.com/osbuild/pulp-client v0.1.0
github.com/prometheus/client_golang v1.19.0
github.com/prometheus/client_golang v1.19.1
github.com/segmentio/ksuid v1.0.4
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.8.0
github.com/stretchr/testify v1.9.0
github.com/ubccr/kerby v0.0.0-20170626144437-201a958fc453
github.com/vmware/govmomi v0.37.1
github.com/vmware/govmomi v0.37.2
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225
golang.org/x/oauth2 v0.19.0
golang.org/x/oauth2 v0.20.0
golang.org/x/sync v0.7.0
golang.org/x/sys v0.19.0
google.golang.org/api v0.177.0
golang.org/x/sys v0.20.0
google.golang.org/api v0.181.0
)
require (
cloud.google.com/go v0.112.2 // indirect
cloud.google.com/go/auth v0.3.0 // indirect
cloud.google.com/go v0.113.0 // indirect
cloud.google.com/go/auth v0.4.1 // indirect
cloud.google.com/go/auth/oauth2adapt v0.2.2 // indirect
cloud.google.com/go/compute/metadata v0.3.0 // indirect
cloud.google.com/go/iam v1.1.7 // indirect
cloud.google.com/go/iam v1.1.8 // indirect
dario.cat/mergo v1.0.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect
github.com/Azure/azure-sdk-for-go/sdk/internal v1.6.0 // indirect
@ -83,8 +83,8 @@ require (
github.com/containerd/cgroups/v3 v3.0.2 // indirect
github.com/containerd/errdefs v0.1.0 // indirect
github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
github.com/containers/common v0.58.2 // indirect
github.com/containers/image/v5 v5.30.0 // indirect
github.com/containers/common v0.58.3 // indirect
github.com/containers/image/v5 v5.30.1 // indirect
github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect
github.com/containers/ocicrypt v1.1.9 // indirect
github.com/containers/storage v1.53.0 // indirect
@ -124,7 +124,7 @@ require (
github.com/google/go-intervals v0.0.2 // indirect
github.com/google/s2a-go v0.1.7 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
github.com/googleapis/gax-go/v2 v2.12.3 // indirect
github.com/googleapis/gax-go/v2 v2.12.4 // indirect
github.com/gorilla/css v1.0.0 // indirect
github.com/gorilla/mux v1.8.1 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
@ -201,18 +201,18 @@ require (
go.opentelemetry.io/otel v1.24.0 // indirect
go.opentelemetry.io/otel/metric v1.24.0 // indirect
go.opentelemetry.io/otel/trace v1.24.0 // indirect
golang.org/x/crypto v0.22.0 // indirect
golang.org/x/crypto v0.23.0 // indirect
golang.org/x/mod v0.15.0 // indirect
golang.org/x/net v0.24.0 // indirect
golang.org/x/term v0.19.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/net v0.25.0 // indirect
golang.org/x/term v0.20.0 // indirect
golang.org/x/text v0.15.0 // indirect
golang.org/x/time v0.5.0 // indirect
golang.org/x/tools v0.18.0 // indirect
google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240429193739-8cf5692501f6 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240513163218-0867130af1f8 // indirect
google.golang.org/grpc v1.63.2 // indirect
google.golang.org/protobuf v1.34.0 // indirect
google.golang.org/protobuf v1.34.1 // indirect
gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect

102
go.sum
View file

@ -1,18 +1,18 @@
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.112.2 h1:ZaGT6LiG7dBzi6zNOvVZwacaXlmf3lRqnC4DQzqyRQw=
cloud.google.com/go v0.112.2/go.mod h1:iEqjp//KquGIJV/m+Pk3xecgKNhV+ry+vVTsy4TbDms=
cloud.google.com/go/auth v0.3.0 h1:PRyzEpGfx/Z9e8+lHsbkoUVXD0gnu4MNmm7Gp8TQNIs=
cloud.google.com/go/auth v0.3.0/go.mod h1:lBv6NKTWp8E3LPzmO1TbiiRKc4drLOfHsgmlH9ogv5w=
cloud.google.com/go v0.113.0 h1:g3C70mn3lWfckKBiCVsAshabrDg01pQ0pnX1MNtnMkA=
cloud.google.com/go v0.113.0/go.mod h1:glEqlogERKYeePz6ZdkcLJ28Q2I6aERgDDErBg9GzO8=
cloud.google.com/go/auth v0.4.1 h1:Z7YNIhlWRtrnKlZke7z3GMqzvuYzdc2z98F9D1NV5Hg=
cloud.google.com/go/auth v0.4.1/go.mod h1:QVBuVEKpCn4Zp58hzRGvL0tjRGU0YqdRTdCHM1IHnro=
cloud.google.com/go/auth/oauth2adapt v0.2.2 h1:+TTV8aXpjeChS9M+aTtN/TjdQnzJvmzKFt//oWu7HX4=
cloud.google.com/go/auth/oauth2adapt v0.2.2/go.mod h1:wcYjgpZI9+Yu7LyYBg4pqSiaRkfEK3GQcpb7C/uyF1Q=
cloud.google.com/go/compute v1.26.0 h1:uHf0NN2nvxl1Gh4QO83yRCOdMK4zivtMS5gv0dEX0hg=
cloud.google.com/go/compute v1.26.0/go.mod h1:T9RIRap4pVHCGUkVFRJ9hygT3KCXjip41X1GgWtBBII=
cloud.google.com/go/compute v1.27.0 h1:EGawh2RUnfHT5g8f/FX3Ds6KZuIBC77hZoDrBvEZw94=
cloud.google.com/go/compute v1.27.0/go.mod h1:LG5HwRmWFKM2C5XxHRiNzkLLXW48WwvyVC0mfWsYPOM=
cloud.google.com/go/compute/metadata v0.3.0 h1:Tz+eQXMEqDIKRsmY3cHTL6FVaynIjX2QxYC4trgAKZc=
cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k=
cloud.google.com/go/iam v1.1.7 h1:z4VHOhwKLF/+UYXAJDFwGtNF0b6gjsW1Pk9Ml0U/IoM=
cloud.google.com/go/iam v1.1.7/go.mod h1:J4PMPg8TtyurAUvSmPj8FF3EDgY1SPRZxcUGrn7WXGA=
cloud.google.com/go/storage v1.40.0 h1:VEpDQV5CJxFmJ6ueWNsKxcr1QAYOXEgxDa+sBbJahPw=
cloud.google.com/go/storage v1.40.0/go.mod h1:Rrj7/hKlG87BLqDJYtwR0fbPld8uJPbQ2ucUMY7Ir0g=
cloud.google.com/go/iam v1.1.8 h1:r7umDwhj+BQyz0ScZMp4QrGXjSTI3ZINnpgU2nlB/K0=
cloud.google.com/go/iam v1.1.8/go.mod h1:GvE6lyMmfxXauzNq8NbgJbeVQNspG+tcdL/W8QO1+zE=
cloud.google.com/go/storage v1.41.0 h1:RusiwatSu6lHeEXe3kglxakAmAbfV+rhtPqA6i8RBx0=
cloud.google.com/go/storage v1.41.0/go.mod h1:J1WCa/Z2FcgdEDuPUY8DxT5I+d9mFKsCepp5vR6Sq80=
dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
github.com/14rcole/gopopulate v0.0.0-20180821133914-b175b219e774 h1:SCbEWT58NSt7d2mcFdvxC9uyrdcTfvBbPLThhkDmXzg=
@ -80,8 +80,8 @@ github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat6
github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
github.com/aws/aws-sdk-go v1.52.1 h1:pYpPIuvVsawYDR0Nt3VrceizUAbtpTN3Z7xBzcZWwfI=
github.com/aws/aws-sdk-go v1.52.1/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
github.com/aws/aws-sdk-go v1.53.6 h1:1/MYh/VmxdJu7v2bwvDA2JS30UI7bg62QYgQ7KxMa/Q=
github.com/aws/aws-sdk-go v1.53.6/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@ -102,10 +102,10 @@ github.com/containerd/errdefs v0.1.0/go.mod h1:YgWiiHtLmSeBrvpw+UfPijzbLaB77mEG1
github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G/ZW/0kEe2oEKCdS/ZxIyoCU=
github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk=
github.com/containers/common v0.58.2 h1:5nu9lQz4QNSgovNk7NRk33SkqkVNKYoXh7L6gXmACow=
github.com/containers/common v0.58.2/go.mod h1:l3vMqanJGj7tZ3W/i76gEJ128VXgFUO1tLaohJXPvdk=
github.com/containers/image/v5 v5.30.0 h1:CmHeSwI6W2kTRWnUsxATDFY5TEX4b58gPkaQcEyrLIA=
github.com/containers/image/v5 v5.30.0/go.mod h1:gSD8MVOyqBspc0ynLsuiMR9qmt8UQ4jpVImjmK0uXfk=
github.com/containers/common v0.58.3 h1:Iy/CdYjluEK926QT+ejonz7YvoRHazeW7BAiLIkmUQ4=
github.com/containers/common v0.58.3/go.mod h1:p4V1SNk+WOISgp01m+axuqCUxaDP3WSZPPzvnJnS/cQ=
github.com/containers/image/v5 v5.30.1 h1:AKrQMgOKI1oKx5FW5eoU2xoNyzACajHGx1O3qxobvFM=
github.com/containers/image/v5 v5.30.1/go.mod h1:gSD8MVOyqBspc0ynLsuiMR9qmt8UQ4jpVImjmK0uXfk=
github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA=
github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY=
github.com/containers/ocicrypt v1.1.9 h1:2Csfba4jse85Raxk5HIyEk8OwZNjRvfkhEGijOjIdEM=
@ -156,7 +156,7 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww=
github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/getkin/kin-openapi v0.61.0/go.mod h1:7Yn5whZr5kJi6t+kShccXS8ae1APpYTW6yheSwk8Yi4=
@ -292,7 +292,7 @@ github.com/google/go-containerregistry v0.19.0/go.mod h1:u0qB2l7mvtWVR5kNcbFIhFY
github.com/google/go-intervals v0.0.2 h1:FGrVEiUnTRKR8yE04qzXYaJMtnIYqobR5QbblK3ixcM=
github.com/google/go-intervals v0.0.2/go.mod h1:MkaR3LNRfeKLPmqgJYs4E66z5InYjmCjbbr4TQlcT6Y=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/martian/v3 v3.3.2 h1:IqNFLAmvJOgVlpdEBiQbDc2EwKW77amAycfTuWKdfvw=
github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
github.com/google/pprof v0.0.0-20230323073829-e72429f035bd h1:r8yyd+DJDmsUhGrRBxH5Pj7KeFK5l+Y3FsgT8keqKtk=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o=
@ -304,8 +304,8 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfFxPRy3Bf7vr3h0cechB90XaQs=
github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0=
github.com/googleapis/gax-go/v2 v2.12.3 h1:5/zPPDvw8Q1SuXjrqrZslrqT7dL/uJT2CQii/cLCKqA=
github.com/googleapis/gax-go/v2 v2.12.3/go.mod h1:AKloxT6GtNbaLm8QTNSidHUVsHYcBHwWRvkNFJUQcS4=
github.com/googleapis/gax-go/v2 v2.12.4 h1:9gWcmF85Wvq4ryPFvGFaOgPIs1AQX0d0bcbGw4Z96qg=
github.com/googleapis/gax-go/v2 v2.12.4/go.mod h1:KYEYLorsnIGDi/rPC8b5TdlB9kbKoFubselGIoBMCwI=
github.com/gophercloud/gophercloud v1.11.0 h1:ls0O747DIq1D8SUHc7r2vI8BFbMLeLFuENaAIfEx7OM=
github.com/gophercloud/gophercloud v1.11.0/go.mod h1:aAVqcocTSXh2vYFZ1JTvx4EQmfgzxRcNupUfxZbBNDM=
github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=
@ -319,12 +319,11 @@ github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
github.com/hashicorp/go-hclog v1.2.0 h1:La19f8d7WIlm4ogzNHB0JGqs5AUDAZ2UfCY4sJXcJdM=
github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
github.com/hashicorp/go-retryablehttp v0.7.6 h1:TwRYfx2z2C4cLbXmT8I5PgP/xmuqASDyiVuGYfs9GZM=
github.com/hashicorp/go-retryablehttp v0.7.6/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk=
github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek=
github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
@ -497,12 +496,12 @@ github.com/opencontainers/runtime-spec v1.2.0 h1:z97+pHb3uELt/yiAWD691HNHQIF07bE
github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU=
github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec=
github.com/openshift-online/ocm-sdk-go v0.1.418 h1:UgMcx16YOS0cs6c0b0ZXbffnjciiuvAp2fE63tnLwLI=
github.com/openshift-online/ocm-sdk-go v0.1.418/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y=
github.com/openshift-online/ocm-sdk-go v0.1.420 h1:zC/TboLemC09T5qxSdF5IZR20wnn43dxcizCHta6STk=
github.com/openshift-online/ocm-sdk-go v0.1.420/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y=
github.com/oracle/oci-go-sdk/v54 v54.0.0 h1:CDLjeSejv2aDpElAJrhKpi6zvT/zhZCZuXchUUZ+LS4=
github.com/oracle/oci-go-sdk/v54 v54.0.0/go.mod h1:+t+yvcFGVp+3ZnztnyxqXfQDsMlq8U25faBLa+mqCMc=
github.com/osbuild/images v0.59.0 h1:6TmPP58/OWKz53fPeuJTQTv4gVzghPgAnYfxNh3frTU=
github.com/osbuild/images v0.59.0/go.mod h1:wXimLIwsSsTFH8JyZOqwLNOPseCgzOH52DNGexJnL64=
github.com/osbuild/images v0.62.0 h1:SFISmpEDjvhV9GEsRkRdw7WwTHJWvSoB7zwqxqdM7Dw=
github.com/osbuild/images v0.62.0/go.mod h1:kkiJNrd0XkVfwBxrJ8wWt6/d0+Eb+tG+zZVnw/xXE/8=
github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20231117174845-e969a9dc3cd1 h1:UFEJIcPa46W8gtWgOYzriRKYyy1t6SWL0BI7fPTuVvc=
github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20231117174845-e969a9dc3cd1/go.mod h1:z+WA+dX6qMwc7fqY5jCzESDIlg4WR2sBQezxsoXv9Ik=
github.com/osbuild/pulp-client v0.1.0 h1:L0C4ezBJGTamN3BKdv+rKLuq/WxXJbsFwz/Hj7aEmJ8=
@ -522,8 +521,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/proglottis/gpgme v0.1.3 h1:Crxx0oz4LKB3QXc5Ea0J19K/3ICfy3ftr5exgUK1AU0=
github.com/proglottis/gpgme v0.1.3/go.mod h1:fPbW/EZ0LvwQtH8Hy7eixhp1eF3G39dtx7GUN+0Gmy0=
github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU=
github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k=
github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE=
github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho=
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
@ -615,8 +614,8 @@ github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinC
github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk=
github.com/vbauerster/mpb/v8 v8.7.2 h1:SMJtxhNho1MV3OuFgS1DAzhANN1Ejc5Ct+0iSaIkB14=
github.com/vbauerster/mpb/v8 v8.7.2/go.mod h1:ZFnrjzspgDHoxYLGvxIruiNk73GNTPG4YHgVNpR10VY=
github.com/vmware/govmomi v0.37.1 h1:SpI+Ofq+lC1zsLcJ9szLSb7fL4TypReVvUoWIgk2b6U=
github.com/vmware/govmomi v0.37.1/go.mod h1:mtGWtM+YhTADHlCgJBiskSRPOZRsN9MSjPzaZLte/oQ=
github.com/vmware/govmomi v0.37.2 h1:5ANLoaTxWv600ZnoosJ2zXbM3A+EaxqGheEZbRN8YVE=
github.com/vmware/govmomi v0.37.2/go.mod h1:mtGWtM+YhTADHlCgJBiskSRPOZRsN9MSjPzaZLte/oQ=
github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs=
github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g=
@ -686,8 +685,8 @@ golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0
golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=
golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
@ -722,11 +721,11 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w=
golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg=
golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8=
golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo=
golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -769,16 +768,16 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q=
golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw=
golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@ -788,8 +787,9 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
@ -824,8 +824,8 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 h1:+cNy6SZtPcJQH3LJVLOSmiC7MMxXNOb3PU/VUEz+EhU=
google.golang.org/api v0.177.0 h1:8a0p/BbPa65GlqGWtUKxot4p0TV8OGOfyTjtmkXNXmk=
google.golang.org/api v0.177.0/go.mod h1:srbhue4MLjkjbkux5p3dw/ocYOSZTaIEvf7bCOnFQDw=
google.golang.org/api v0.181.0 h1:rPdjwnWgiPPOJx3IcSAQ2III5aX5tCer6wMpa/xmZi4=
google.golang.org/api v0.181.0/go.mod h1:MnQ+M0CFsfUwA5beZ+g/vCBCPXvtmZwRz2qzZk8ih1k=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
@ -833,10 +833,10 @@ google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda h1:wu/KJm9KJwpfHWhkkZGohVC6KRrc1oJNr4jwtQMOQXw=
google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda/go.mod h1:g2LLCvCeCSir/JJSWosk19BR4NVxGqHUC6rxIRsd7Aw=
google.golang.org/genproto/googleapis/api v0.0.0-20240429193739-8cf5692501f6 h1:DTJM0R8LECCgFeUwApvcEJHz85HLagW8uRENYxHh1ww=
google.golang.org/genproto/googleapis/api v0.0.0-20240429193739-8cf5692501f6/go.mod h1:10yRODfgim2/T8csjQsMPgZOMvtytXKTDRzH6HRGzRw=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6 h1:DujSIu+2tC9Ht0aPNA7jgj23Iq8Ewi5sgkQ++wdvonE=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240429193739-8cf5692501f6/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY=
google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8 h1:W5Xj/70xIA4x60O/IFyXivR5MGqblAb8R3w26pnD6No=
google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8/go.mod h1:vPrPUTsDCYxXWjP7clS81mZ6/803D8K4iM9Ma27VKas=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240513163218-0867130af1f8 h1:mxSlqyb8ZAHsYDCfiXN1EDdNTdvjUJSLY+OnAUtYNYA=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240513163218-0867130af1f8/go.mod h1:I7Y+G38R2bu5j1aLzfFmQfTcU/WnFuqDwLZAbvKTKpM=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
@ -853,8 +853,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.34.0 h1:Qo/qEd2RZPCf2nKuorzksSknv0d3ERwp1vFG38gSmH4=
google.golang.org/protobuf v1.34.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

19
vendor/cloud.google.com/go/auth/CHANGES.md generated vendored
View file

@ -1,5 +1,24 @@
# Changelog
## [0.4.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.4.0...auth/v0.4.1) (2024-05-09)
### Bug Fixes
* **auth:** Don't try to detect default creds it opt configured ([#10143](https://github.com/googleapis/google-cloud-go/issues/10143)) ([804632e](https://github.com/googleapis/google-cloud-go/commit/804632e7c5b0b85ff522f7951114485e256eb5bc))
## [0.4.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.3.0...auth/v0.4.0) (2024-05-07)
### Features
* **auth:** Enable client certificates by default ([#10102](https://github.com/googleapis/google-cloud-go/issues/10102)) ([9013e52](https://github.com/googleapis/google-cloud-go/commit/9013e5200a6ec0f178ed91acb255481ffb073a2c))
### Bug Fixes
* **auth:** Get s2a logic up to date ([#10093](https://github.com/googleapis/google-cloud-go/issues/10093)) ([4fe9ae4](https://github.com/googleapis/google-cloud-go/commit/4fe9ae4b7101af2a5221d6d6b2e77b479305bb06))
## [0.3.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.2.2...auth/v0.3.0) (2024-04-23)

14
vendor/cloud.google.com/go/auth/grpctransport/grpctransport.go generated vendored
View file

@ -196,6 +196,8 @@ func dial(ctx context.Context, secure bool, opts *Options) (*grpc.ClientConn, er
if io := opts.InternalOptions; io != nil {
tOpts.DefaultEndpointTemplate = io.DefaultEndpointTemplate
tOpts.DefaultMTLSEndpoint = io.DefaultMTLSEndpoint
tOpts.EnableDirectPath = io.EnableDirectPath
tOpts.EnableDirectPathXds = io.EnableDirectPathXds
}
transportCreds, endpoint, err := transport.GetGRPCTransportCredsAndEndpoint(tOpts)
if err != nil {
@ -214,12 +216,16 @@ func dial(ctx context.Context, secure bool, opts *Options) (*grpc.ClientConn, er
// Authentication can only be sent when communicating over a secure connection.
if !opts.DisableAuthentication {
metadata := opts.Metadata
creds, err := credentials.DetectDefault(opts.resolveDetectOptions())
if err != nil {
return nil, err
}
var creds *auth.Credentials
if opts.Credentials != nil {
creds = opts.Credentials
} else {
var err error
creds, err = credentials.DetectDefault(opts.resolveDetectOptions())
if err != nil {
return nil, err
}
}
qp, err := creds.QuotaProjectID(ctx)

16
vendor/cloud.google.com/go/auth/httptransport/transport.go generated vendored
View file

@ -58,9 +58,15 @@ func newTransport(base http.RoundTripper, opts *Options) (http.RoundTripper, err
Key: opts.APIKey,
}
default:
creds, err := credentials.DetectDefault(opts.resolveDetectOptions())
if err != nil {
return nil, err
var creds *auth.Credentials
if opts.Credentials != nil {
creds = opts.Credentials
} else {
var err error
creds, err = credentials.DetectDefault(opts.resolveDetectOptions())
if err != nil {
return nil, err
}
}
qp, err := creds.QuotaProjectID(context.Background())
if err != nil {
@ -72,10 +78,6 @@ func newTransport(base http.RoundTripper, opts *Options) (http.RoundTripper, err
}
headers.Set(quotaProjectHeaderKey, qp)
}
if opts.Credentials != nil {
creds = opts.Credentials
}
creds.TokenProvider = auth.NewCachedTokenProvider(creds.TokenProvider, nil)
trans = &authTransport{
base: trans,

22
vendor/cloud.google.com/go/auth/internal/transport/cba.go generated vendored
View file

@ -61,6 +61,8 @@ type Options struct {
ClientCertProvider cert.Provider
Client *http.Client
UniverseDomain string
EnableDirectPath bool
EnableDirectPathXds bool
}
// getUniverseDomain returns the default service domain for a given Cloud
@ -195,10 +197,7 @@ func getTransportConfig(opts *Options) (*transportConfig, error) {
}
s2aMTLSEndpoint := opts.DefaultMTLSEndpoint
// If there is endpoint override, honor it.
if opts.Endpoint != "" {
s2aMTLSEndpoint = endpoint
}
s2aAddress := GetS2AAddress()
if s2aAddress == "" {
return &defaultTransportConfig, nil
@ -217,10 +216,6 @@ func getTransportConfig(opts *Options) (*transportConfig, error) {
// A nil default source can be returned if the source does not exist. Any exceptions
// encountered while initializing the default source will be reported as client
// error (ex. corrupt metadata file).
//
// Important Note: For now, the environment variable GOOGLE_API_USE_CLIENT_CERTIFICATE
// must be set to "true" to allow certificate to be used (including user provided
// certificates). For details, see AIP-4114.
func getClientCertificateSource(opts *Options) (cert.Provider, error) {
if !isClientCertificateEnabled() {
return nil, nil
@ -231,11 +226,14 @@ func getClientCertificateSource(opts *Options) (cert.Provider, error) {
}
// isClientCertificateEnabled returns true by default, unless explicitly set to false via env var.
func isClientCertificateEnabled() bool {
// TODO(andyrzhao): Update default to return "true" after DCA feature is fully released.
// error as false is a good default
b, _ := strconv.ParseBool(os.Getenv(googleAPIUseCertSource))
return b
if value, ok := os.LookupEnv(googleAPIUseCertSource); ok {
// error as false is OK
b, _ := strconv.ParseBool(value)
return b
}
return true
}
type transportConfig struct {

17
vendor/cloud.google.com/go/auth/internal/transport/s2a.go generated vendored
View file

@ -34,12 +34,6 @@ var (
// The period an MTLS config can be reused before needing refresh.
configExpiry = time.Hour
// mtlsEndpointEnabledForS2A checks if the endpoint is indeed MTLS-enabled, so that we can use S2A for MTLS connection.
mtlsEndpointEnabledForS2A = func() bool {
// TODO(xmenxk): determine this via discovery config.
return true
}
// mdsMTLSAutoConfigSource is an instance of reuseMTLSConfigSource, with metadataMTLSAutoConfig as its config source.
mtlsOnce sync.Once
)
@ -165,19 +159,16 @@ func shouldUseS2A(clientCertSource cert.Provider, opts *Options) bool {
if !isGoogleS2AEnabled() {
return false
}
// If DefaultMTLSEndpoint is not set and no endpoint override, skip S2A.
if opts.DefaultMTLSEndpoint == "" && opts.Endpoint == "" {
return false
}
// If MTLS is not enabled for this endpoint, skip S2A.
if !mtlsEndpointEnabledForS2A() {
// If DefaultMTLSEndpoint is not set or has endpoint override, skip S2A.
if opts.DefaultMTLSEndpoint == "" || opts.Endpoint != "" {
return false
}
// If custom HTTP client is provided, skip S2A.
if opts.Client != nil {
return false
}
return true
// If directPath is enabled, skip S2A.
return !opts.EnableDirectPath && !opts.EnableDirectPathXds
}
func isGoogleS2AEnabled() bool {

81965
vendor/cloud.google.com/go/compute/apiv1/computepb/compute.pb.go generated vendored
View file

File diff suppressed because it is too large Load diff

2
vendor/cloud.google.com/go/compute/internal/version.go generated vendored
View file

@ -15,4 +15,4 @@
package internal
// Version is the current tagged release of the library.
const Version = "1.26.0"
const Version = "1.27.0"

7
vendor/cloud.google.com/go/iam/CHANGES.md generated vendored
View file

@ -1,6 +1,13 @@
# Changes
## [1.1.8](https://github.com/googleapis/google-cloud-go/compare/iam/v1.1.7...iam/v1.1.8) (2024-05-01)
### Bug Fixes
* **iam:** Bump x/net to v0.24.0 ([ba31ed5](https://github.com/googleapis/google-cloud-go/commit/ba31ed5fda2c9664f2e1cf972469295e63deb5b4))
## [1.1.7](https://github.com/googleapis/google-cloud-go/compare/iam/v1.1.6...iam/v1.1.7) (2024-03-14)

4
vendor/cloud.google.com/go/iam/apiv1/iampb/iam_policy.pb.go generated vendored
View file

@ -14,8 +14,8 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.32.0
// protoc v4.25.2
// protoc-gen-go v1.33.0
// protoc v4.25.3
// source: google/iam/v1/iam_policy.proto
package iampb

4
vendor/cloud.google.com/go/iam/apiv1/iampb/options.pb.go generated vendored
View file

@ -14,8 +14,8 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.32.0
// protoc v4.25.2
// protoc-gen-go v1.33.0
// protoc v4.25.3
// source: google/iam/v1/options.proto
package iampb

4
vendor/cloud.google.com/go/iam/apiv1/iampb/policy.pb.go generated vendored
View file

@ -14,8 +14,8 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.32.0
// protoc v4.25.2
// protoc-gen-go v1.33.0
// protoc v4.25.3
// source: google/iam/v1/policy.proto
package iampb

112
vendor/cloud.google.com/go/internal/.repo-metadata-full.json generated vendored
View file

@ -339,6 +339,16 @@
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/backupdr/apiv1": {
"api_shortname": "backupdr",
"distribution_name": "cloud.google.com/go/backupdr/apiv1",
"description": "Backup and DR Service API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/backupdr/latest/apiv1",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/baremetalsolution/apiv2": {
"api_shortname": "baremetalsolution",
"distribution_name": "cloud.google.com/go/baremetalsolution/apiv2",
@ -649,6 +659,16 @@
"release_level": "stable",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/chat/apiv1": {
"api_shortname": "chat",
"distribution_name": "cloud.google.com/go/chat/apiv1",
"description": "Google Chat API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/chat/latest/apiv1",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/cloudbuild/apiv1/v2": {
"api_shortname": "cloudbuild",
"distribution_name": "cloud.google.com/go/cloudbuild/apiv1/v2",
@ -1369,6 +1389,16 @@
"release_level": "stable",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/identitytoolkit/apiv2": {
"api_shortname": "identitytoolkit",
"distribution_name": "cloud.google.com/go/identitytoolkit/apiv2",
"description": "Identity Toolkit API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/identitytoolkit/latest/apiv2",
"release_level": "stable",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/ids/apiv1": {
"api_shortname": "ids",
"distribution_name": "cloud.google.com/go/ids/apiv1",
@ -1539,6 +1569,16 @@
"release_level": "stable",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/maps/routeoptimization/apiv1": {
"api_shortname": "routeoptimization",
"distribution_name": "cloud.google.com/go/maps/routeoptimization/apiv1",
"description": "Route Optimization API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/maps/latest/routeoptimization/apiv1",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/maps/routing/apiv2": {
"api_shortname": "routes",
"distribution_name": "cloud.google.com/go/maps/routing/apiv2",
@ -1549,6 +1589,16 @@
"release_level": "stable",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/maps/solar/apiv1": {
"api_shortname": "solar",
"distribution_name": "cloud.google.com/go/maps/solar/apiv1",
"description": "Solar API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/maps/latest/solar/apiv1",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/mediatranslation/apiv1beta1": {
"api_shortname": "mediatranslation",
"distribution_name": "cloud.google.com/go/mediatranslation/apiv1beta1",
@ -2329,6 +2379,16 @@
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/shopping/merchant/conversions/apiv1beta": {
"api_shortname": "merchantapi",
"distribution_name": "cloud.google.com/go/shopping/merchant/conversions/apiv1beta",
"description": "Merchant API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/shopping/latest/merchant/conversions/apiv1beta",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/shopping/merchant/inventories/apiv1beta": {
"api_shortname": "merchantapi",
"distribution_name": "cloud.google.com/go/shopping/merchant/inventories/apiv1beta",
@ -2339,6 +2399,46 @@
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/shopping/merchant/lfp/apiv1beta": {
"api_shortname": "merchantapi",
"distribution_name": "cloud.google.com/go/shopping/merchant/lfp/apiv1beta",
"description": "Merchant API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/shopping/latest/merchant/lfp/apiv1beta",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/shopping/merchant/notifications/apiv1beta": {
"api_shortname": "merchantapi",
"distribution_name": "cloud.google.com/go/shopping/merchant/notifications/apiv1beta",
"description": "Merchant API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/shopping/latest/merchant/notifications/apiv1beta",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/shopping/merchant/quota/apiv1beta": {
"api_shortname": "merchantapi",
"distribution_name": "cloud.google.com/go/shopping/merchant/quota/apiv1beta",
"description": "Merchant API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/shopping/latest/merchant/quota/apiv1beta",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/shopping/merchant/reports/apiv1beta": {
"api_shortname": "merchantapi",
"distribution_name": "cloud.google.com/go/shopping/merchant/reports/apiv1beta",
"description": "Merchant API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/shopping/latest/merchant/reports/apiv1beta",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/spanner": {
"api_shortname": "spanner",
"distribution_name": "cloud.google.com/go/spanner",
@ -2432,7 +2532,7 @@
"cloud.google.com/go/storage/control/apiv2": {
"api_shortname": "storage",
"distribution_name": "cloud.google.com/go/storage/control/apiv2",
"description": "Cloud Storage API",
"description": "Storage Control API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/storage/latest/control/apiv2",
@ -2469,6 +2569,16 @@
"release_level": "stable",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/streetview/publish/apiv1": {
"api_shortname": "streetviewpublish",
"distribution_name": "cloud.google.com/go/streetview/publish/apiv1",
"description": "Street View Publish API",
"language": "go",
"client_library_type": "generated",
"client_documentation": "https://cloud.google.com/go/docs/reference/cloud.google.com/go/streetview/latest/publish/apiv1",
"release_level": "preview",
"library_type": "GAPIC_AUTO"
},
"cloud.google.com/go/support/apiv2": {
"api_shortname": "cloudsupport",
"distribution_name": "cloud.google.com/go/support/apiv2",

24
vendor/cloud.google.com/go/storage/CHANGES.md generated vendored
View file

@ -1,6 +1,30 @@
# Changes
## [1.41.0](https://github.com/googleapis/google-cloud-go/compare/storage/v1.40.0...storage/v1.41.0) (2024-05-13)
### Features
* **storage/control:** Make Managed Folders operations public ([264a6dc](https://github.com/googleapis/google-cloud-go/commit/264a6dcddbffaec987dce1dc00f6550c263d2df7))
* **storage:** Support for soft delete policies and restore ([#9520](https://github.com/googleapis/google-cloud-go/issues/9520)) ([985deb2](https://github.com/googleapis/google-cloud-go/commit/985deb2bdd1c79944cdd960bd3fbfa38cbfa1c91))
### Bug Fixes
* **storage/control:** An existing resource pattern value `projects/{project}/buckets/{bucket}/managedFolders/{managedFolder=**}` to resource definition `storage.googleapis.com/ManagedFolder` is removed ([3e25053](https://github.com/googleapis/google-cloud-go/commit/3e250530567ee81ed4f51a3856c5940dbec35289))
* **storage:** Add internaloption.WithDefaultEndpointTemplate ([3b41408](https://github.com/googleapis/google-cloud-go/commit/3b414084450a5764a0248756e95e13383a645f90))
* **storage:** Bump x/net to v0.24.0 ([ba31ed5](https://github.com/googleapis/google-cloud-go/commit/ba31ed5fda2c9664f2e1cf972469295e63deb5b4))
* **storage:** Disable gax retries for gRPC ([#9747](https://github.com/googleapis/google-cloud-go/issues/9747)) ([bbfc0ac](https://github.com/googleapis/google-cloud-go/commit/bbfc0acc272f21bf1f558ea23648183d5a11cda5))
* **storage:** More strongly match regex ([#9706](https://github.com/googleapis/google-cloud-go/issues/9706)) ([3cfc8eb](https://github.com/googleapis/google-cloud-go/commit/3cfc8eb418e064d734bf3d8708162062dbbe988f)), refs [#9705](https://github.com/googleapis/google-cloud-go/issues/9705)
* **storage:** Retry net.OpError on connection reset ([#10154](https://github.com/googleapis/google-cloud-go/issues/10154)) ([54fab10](https://github.com/googleapis/google-cloud-go/commit/54fab107f98b4f79c9df2959a05b981be0a613c1)), refs [#9478](https://github.com/googleapis/google-cloud-go/issues/9478)
* **storage:** Wrap error when MaxAttempts is hit ([#9767](https://github.com/googleapis/google-cloud-go/issues/9767)) ([9cb262b](https://github.com/googleapis/google-cloud-go/commit/9cb262bb65a162665bfb8bed0022615131bae1f2)), refs [#9720](https://github.com/googleapis/google-cloud-go/issues/9720)
### Documentation
* **storage/control:** Update storage control documentation and add PHP for publishing ([1d757c6](https://github.com/googleapis/google-cloud-go/commit/1d757c66478963d6cbbef13fee939632c742759c))
## [1.40.0](https://github.com/googleapis/google-cloud-go/compare/storage/v1.39.1...storage/v1.40.0) (2024-03-29)

83
vendor/cloud.google.com/go/storage/bucket.go generated vendored
View file

@ -479,6 +479,13 @@ type BucketAttrs struct {
// cannot be modified once the bucket is created.
// ObjectRetention cannot be configured or reported through the gRPC API.
ObjectRetentionMode string
// SoftDeletePolicy contains the bucket's soft delete policy, which defines
// the period of time that soft-deleted objects will be retained, and cannot
// be permanently deleted. By default, new buckets will be created with a
// 7 day retention duration. In order to fully disable soft delete, you need
// to set a policy with a RetentionDuration of 0.
SoftDeletePolicy *SoftDeletePolicy
}
// BucketPolicyOnly is an alias for UniformBucketLevelAccess.
@ -766,6 +773,19 @@ type Autoclass struct {
TerminalStorageClassUpdateTime time.Time
}
// SoftDeletePolicy contains the bucket's soft delete policy, which defines the
// period of time that soft-deleted objects will be retained, and cannot be
// permanently deleted.
type SoftDeletePolicy struct {
// EffectiveTime indicates the time from which the policy, or one with a
// greater retention, was effective. This field is read-only.
EffectiveTime time.Time
// RetentionDuration is the amount of time that soft-deleted objects in the
// bucket will be retained and cannot be permanently deleted.
RetentionDuration time.Duration
}
func newBucket(b *raw.Bucket) (*BucketAttrs, error) {
if b == nil {
return nil, nil
@ -803,6 +823,7 @@ func newBucket(b *raw.Bucket) (*BucketAttrs, error) {
RPO: toRPO(b),
CustomPlacementConfig: customPlacementFromRaw(b.CustomPlacementConfig),
Autoclass: toAutoclassFromRaw(b.Autoclass),
SoftDeletePolicy: toSoftDeletePolicyFromRaw(b.SoftDeletePolicy),
}, nil
}
@ -836,6 +857,7 @@ func newBucketFromProto(b *storagepb.Bucket) *BucketAttrs {
CustomPlacementConfig: customPlacementFromProto(b.GetCustomPlacementConfig()),
ProjectNumber: parseProjectNumber(b.GetProject()), // this can return 0 the project resource name is ID based
Autoclass: toAutoclassFromProto(b.GetAutoclass()),
SoftDeletePolicy: toSoftDeletePolicyFromProto(b.SoftDeletePolicy),
}
}
@ -891,6 +913,7 @@ func (b *BucketAttrs) toRawBucket() *raw.Bucket {
Rpo: b.RPO.String(),
CustomPlacementConfig: b.CustomPlacementConfig.toRawCustomPlacement(),
Autoclass: b.Autoclass.toRawAutoclass(),
SoftDeletePolicy: b.SoftDeletePolicy.toRawSoftDeletePolicy(),
}
}
@ -951,6 +974,7 @@ func (b *BucketAttrs) toProtoBucket() *storagepb.Bucket {
Rpo: b.RPO.String(),
CustomPlacementConfig: b.CustomPlacementConfig.toProtoCustomPlacement(),
Autoclass: b.Autoclass.toProtoAutoclass(),
SoftDeletePolicy: b.SoftDeletePolicy.toProtoSoftDeletePolicy(),
}
}
@ -1032,6 +1056,7 @@ func (ua *BucketAttrsToUpdate) toProtoBucket() *storagepb.Bucket {
IamConfig: bktIAM,
Rpo: ua.RPO.String(),
Autoclass: ua.Autoclass.toProtoAutoclass(),
SoftDeletePolicy: ua.SoftDeletePolicy.toProtoSoftDeletePolicy(),
Labels: ua.setLabels,
}
}
@ -1152,6 +1177,9 @@ type BucketAttrsToUpdate struct {
// See https://cloud.google.com/storage/docs/using-autoclass for more information.
Autoclass *Autoclass
// If set, updates the soft delete policy of the bucket.
SoftDeletePolicy *SoftDeletePolicy
// acl is the list of access control rules on the bucket.
// It is unexported and only used internally by the gRPC client.
// Library users should use ACLHandle methods directly.
@ -1273,6 +1301,14 @@ func (ua *BucketAttrsToUpdate) toRawBucket() *raw.Bucket {
}
rb.ForceSendFields = append(rb.ForceSendFields, "Autoclass")
}
if ua.SoftDeletePolicy != nil {
if ua.SoftDeletePolicy.RetentionDuration == 0 {
rb.NullFields = append(rb.NullFields, "SoftDeletePolicy")
rb.SoftDeletePolicy = nil
} else {
rb.SoftDeletePolicy = ua.SoftDeletePolicy.toRawSoftDeletePolicy()
}
}
if ua.PredefinedACL != "" {
// Clear ACL or the call will fail.
rb.Acl = nil
@ -2053,6 +2089,53 @@ func toAutoclassFromProto(a *storagepb.Bucket_Autoclass) *Autoclass {
}
}
func (p *SoftDeletePolicy) toRawSoftDeletePolicy() *raw.BucketSoftDeletePolicy {
if p == nil {
return nil
}
// Excluding read only field EffectiveTime.
return &raw.BucketSoftDeletePolicy{
RetentionDurationSeconds: int64(p.RetentionDuration.Seconds()),
}
}
func (p *SoftDeletePolicy) toProtoSoftDeletePolicy() *storagepb.Bucket_SoftDeletePolicy {
if p == nil {
return nil
}
// Excluding read only field EffectiveTime.
return &storagepb.Bucket_SoftDeletePolicy{
RetentionDuration: durationpb.New(p.RetentionDuration),
}
}
func toSoftDeletePolicyFromRaw(p *raw.BucketSoftDeletePolicy) *SoftDeletePolicy {
if p == nil {
return nil
}
policy := &SoftDeletePolicy{
RetentionDuration: time.Duration(p.RetentionDurationSeconds) * time.Second,
}
// Return EffectiveTime only if parsed to a valid value.
if t, err := time.Parse(time.RFC3339, p.EffectiveTime); err == nil {
policy.EffectiveTime = t
}
return policy
}
func toSoftDeletePolicyFromProto(p *storagepb.Bucket_SoftDeletePolicy) *SoftDeletePolicy {
if p == nil {
return nil
}
return &SoftDeletePolicy{
EffectiveTime: p.GetEffectiveTime().AsTime(),
RetentionDuration: p.GetRetentionDuration().AsDuration(),
}
}
// Objects returns an iterator over the objects in the bucket that match the
// Query q. If q is nil, no filtering is done. Objects will be iterated over
// lexicographically by name.

29
vendor/cloud.google.com/go/storage/client.go generated vendored
View file

@ -59,8 +59,9 @@ type storageClient interface {
// Object metadata methods.
DeleteObject(ctx context.Context, bucket, object string, gen int64, conds *Conditions, opts ...storageOption) error
GetObject(ctx context.Context, bucket, object string, gen int64, encryptionKey []byte, conds *Conditions, opts ...storageOption) (*ObjectAttrs, error)
GetObject(ctx context.Context, params *getObjectParams, opts ...storageOption) (*ObjectAttrs, error)
UpdateObject(ctx context.Context, params *updateObjectParams, opts ...storageOption) (*ObjectAttrs, error)
RestoreObject(ctx context.Context, params *restoreObjectParams, opts ...storageOption) (*ObjectAttrs, error)
// Default Object ACL methods.
@ -182,16 +183,6 @@ type storageOption interface {
Apply(s *settings)
}
func withGAXOptions(opts ...gax.CallOption) storageOption {
return &gaxOption{opts}
}
type gaxOption struct {
opts []gax.CallOption
}
func (o *gaxOption) Apply(s *settings) { s.gax = o.opts }
func withRetryConfig(rc *retryConfig) storageOption {
return &retryOption{rc}
}
@ -294,6 +285,14 @@ type newRangeReaderParams struct {
readCompressed bool // Use accept-encoding: gzip. Only works for HTTP currently.
}
type getObjectParams struct {
bucket, object string
gen int64
encryptionKey []byte
conds *Conditions
softDeleted bool
}
type updateObjectParams struct {
bucket, object string
uattrs *ObjectAttrsToUpdate
@ -303,6 +302,14 @@ type updateObjectParams struct {
overrideRetention *bool
}
type restoreObjectParams struct {
bucket, object string
gen int64
encryptionKey []byte
conds *Conditions
copySourceACL bool
}
type composeObjectRequest struct {
dstBucket string
dstObject destinationObject

10
vendor/cloud.google.com/go/storage/doc.go generated vendored
View file

@ -350,7 +350,7 @@ To create a client which will use gRPC, use the alternate constructor:
// Use client as usual.
If the application is running within GCP, users may get better performance by
enabling Google Direct Access (enabling requests to skip some proxy steps). To enable,
enabling Direct Google Access (enabling requests to skip some proxy steps). To enable,
set the environment variable `GOOGLE_CLOUD_ENABLE_DIRECT_PATH_XDS=true` and add
the following side-effect imports to your application:
@ -359,6 +359,13 @@ the following side-effect imports to your application:
_ "google.golang.org/grpc/xds/googledirectpath"
)
# Storage Control API
Certain control plane and long-running operations for Cloud Storage (including Folder
and Managed Folder operations) are supported via the autogenerated Storage Control
client, which is available as a subpackage in this module. See package docs at
[cloud.google.com/go/storage/control/apiv2] or reference the [Storage Control API] docs.
[Cloud Storage IAM docs]: https://cloud.google.com/storage/docs/access-control/iam
[XML POST Object docs]: https://cloud.google.com/storage/docs/xml-api/post-object
[Cloud Storage retry docs]: https://cloud.google.com/storage/docs/retry-strategy
@ -367,5 +374,6 @@ the following side-effect imports to your application:
[impersonation enabled]: https://cloud.google.com/sdk/gcloud/reference#--impersonate-service-account
[IAM Service Account Credentials API]: https://console.developers.google.com/apis/api/iamcredentials.googleapis.com/overview
[custom audit logging]: https://cloud.google.com/storage/docs/audit-logging#add-custom-metadata
[Storage Control API]: https://cloud.google.com/storage/docs/reference/rpc/google.storage.control.v2
*/
package storage // import "cloud.google.com/go/storage"

73
vendor/cloud.google.com/go/storage/grpc_client.go generated vendored
View file

@ -28,7 +28,6 @@ import (
"cloud.google.com/go/internal/trace"
gapic "cloud.google.com/go/storage/internal/apiv2"
"cloud.google.com/go/storage/internal/apiv2/storagepb"
"github.com/golang/protobuf/proto"
"github.com/googleapis/gax-go/v2"
"google.golang.org/api/googleapi"
"google.golang.org/api/iterator"
@ -40,6 +39,7 @@ import (
"google.golang.org/grpc/metadata"
"google.golang.org/grpc/status"
"google.golang.org/protobuf/encoding/protowire"
"google.golang.org/protobuf/proto"
fieldmaskpb "google.golang.org/protobuf/types/known/fieldmaskpb"
)
@ -116,6 +116,8 @@ type grpcStorageClient struct {
func newGRPCStorageClient(ctx context.Context, opts ...storageOption) (storageClient, error) {
s := initSettings(opts...)
s.clientOption = append(defaultGRPCOptions(), s.clientOption...)
// Disable all gax-level retries in favor of retry logic in the veneer client.
s.gax = append(s.gax, gax.WithRetry(nil))
config := newStorageConfig(s.clientOption...)
if config.readAPIWasSet {
@ -365,6 +367,9 @@ func (c *grpcStorageClient) UpdateBucket(ctx context.Context, bucket string, uat
if uattrs.Autoclass != nil {
fieldMask.Paths = append(fieldMask.Paths, "autoclass")
}
if uattrs.SoftDeletePolicy != nil {
fieldMask.Paths = append(fieldMask.Paths, "soft_delete_policy")
}
for label := range uattrs.setLabels {
fieldMask.Paths = append(fieldMask.Paths, fmt.Sprintf("labels.%s", label))
@ -377,6 +382,13 @@ func (c *grpcStorageClient) UpdateBucket(ctx context.Context, bucket string, uat
req.UpdateMask = fieldMask
if len(fieldMask.Paths) < 1 {
// Nothing to update. Send a get request for current attrs instead. This
// maintains consistency with JSON bucket updates.
opts = append(opts, idempotent(true))
return c.GetBucket(ctx, bucket, conds, opts...)
}
var battrs *BucketAttrs
err := run(ctx, func(ctx context.Context) error {
res, err := c.raw.UpdateBucket(ctx, req, s.gax...)
@ -419,6 +431,7 @@ func (c *grpcStorageClient) ListObjects(ctx context.Context, bucket string, q *Q
IncludeTrailingDelimiter: it.query.IncludeTrailingDelimiter,
MatchGlob: it.query.MatchGlob,
ReadMask: q.toFieldMask(), // a nil Query still results in a "*" FieldMask
SoftDeleted: it.query.SoftDeleted,
}
if s.userProject != "" {
ctx = setUserProjectMetadata(ctx, s.userProject)
@ -488,22 +501,25 @@ func (c *grpcStorageClient) DeleteObject(ctx context.Context, bucket, object str
return err
}
func (c *grpcStorageClient) GetObject(ctx context.Context, bucket, object string, gen int64, encryptionKey []byte, conds *Conditions, opts ...storageOption) (*ObjectAttrs, error) {
func (c *grpcStorageClient) GetObject(ctx context.Context, params *getObjectParams, opts ...storageOption) (*ObjectAttrs, error) {
s := callSettings(c.settings, opts...)
req := &storagepb.GetObjectRequest{
Bucket: bucketResourceName(globalProjectAlias, bucket),
Object: object,
Bucket: bucketResourceName(globalProjectAlias, params.bucket),
Object: params.object,
// ProjectionFull by default.
ReadMask: &fieldmaskpb.FieldMask{Paths: []string{"*"}},
}
if err := applyCondsProto("grpcStorageClient.GetObject", gen, conds, req); err != nil {
if err := applyCondsProto("grpcStorageClient.GetObject", params.gen, params.conds, req); err != nil {
return nil, err
}
if s.userProject != "" {
ctx = setUserProjectMetadata(ctx, s.userProject)
}
if encryptionKey != nil {
req.CommonObjectRequestParams = toProtoCommonObjectRequestParams(encryptionKey)
if params.encryptionKey != nil {
req.CommonObjectRequestParams = toProtoCommonObjectRequestParams(params.encryptionKey)
}
if params.softDeleted {
req.SoftDeleted = &params.softDeleted
}
var attrs *ObjectAttrs
@ -593,6 +609,17 @@ func (c *grpcStorageClient) UpdateObject(ctx context.Context, params *updateObje
req.UpdateMask = fieldMask
if len(fieldMask.Paths) < 1 {
// Nothing to update. To maintain consistency with JSON, we must still
// update the object because metageneration and other fields are
// updated even on an empty update.
// gRPC will fail if the fieldmask is empty, so instead we add an
// output-only field to the update mask. Output-only fields are (and must
// be - see AIP 161) ignored, but allow us to send an empty update because
// any mask that is valid for read (as this one is) must be valid for write.
fieldMask.Paths = append(fieldMask.Paths, "create_time")
}
var attrs *ObjectAttrs
err := run(ctx, func(ctx context.Context) error {
res, err := c.raw.UpdateObject(ctx, req, s.gax...)
@ -606,6 +633,32 @@ func (c *grpcStorageClient) UpdateObject(ctx context.Context, params *updateObje
return attrs, err
}
func (c *grpcStorageClient) RestoreObject(ctx context.Context, params *restoreObjectParams, opts ...storageOption) (*ObjectAttrs, error) {
s := callSettings(c.settings, opts...)
req := &storagepb.RestoreObjectRequest{
Bucket: bucketResourceName(globalProjectAlias, params.bucket),
Object: params.object,
CopySourceAcl: &params.copySourceACL,
}
if err := applyCondsProto("grpcStorageClient.RestoreObject", params.gen, params.conds, req); err != nil {
return nil, err
}
if s.userProject != "" {
ctx = setUserProjectMetadata(ctx, s.userProject)
}
var attrs *ObjectAttrs
err := run(ctx, func(ctx context.Context) error {
res, err := c.raw.RestoreObject(ctx, req, s.gax...)
attrs = newObjectFromProto(res)
return err
}, s.retry, s.idempotent)
if s, ok := status.FromError(err); ok && s.Code() == codes.NotFound {
return nil, ErrObjectNotExist
}
return attrs, err
}
// Default Object ACL methods.
func (c *grpcStorageClient) DeleteDefaultObjectACL(ctx context.Context, bucket string, entity ACLEntity, opts ...storageOption) error {
@ -735,7 +788,7 @@ func (c *grpcStorageClient) UpdateBucketACL(ctx context.Context, bucket string,
func (c *grpcStorageClient) DeleteObjectACL(ctx context.Context, bucket, object string, entity ACLEntity, opts ...storageOption) error {
// There is no separate API for PATCH in gRPC.
// Make a GET call first to retrieve ObjectAttrs.
attrs, err := c.GetObject(ctx, bucket, object, defaultGen, nil, nil, opts...)
attrs, err := c.GetObject(ctx, &getObjectParams{bucket, object, defaultGen, nil, nil, false}, opts...)
if err != nil {
return err
}
@ -768,7 +821,7 @@ func (c *grpcStorageClient) DeleteObjectACL(ctx context.Context, bucket, object
// ListObjectACLs retrieves object ACL entries. By default, it operates on the latest generation of this object.
// Selecting a specific generation of this object is not currently supported by the client.
func (c *grpcStorageClient) ListObjectACLs(ctx context.Context, bucket, object string, opts ...storageOption) ([]ACLRule, error) {
o, err := c.GetObject(ctx, bucket, object, defaultGen, nil, nil, opts...)
o, err := c.GetObject(ctx, &getObjectParams{bucket, object, defaultGen, nil, nil, false}, opts...)
if err != nil {
return nil, err
}
@ -778,7 +831,7 @@ func (c *grpcStorageClient) ListObjectACLs(ctx context.Context, bucket, object s
func (c *grpcStorageClient) UpdateObjectACL(ctx context.Context, bucket, object string, entity ACLEntity, role ACLRole, opts ...storageOption) error {
// There is no separate API for PATCH in gRPC.
// Make a GET call first to retrieve ObjectAttrs.
attrs, err := c.GetObject(ctx, bucket, object, defaultGen, nil, nil, opts...)
attrs, err := c.GetObject(ctx, &getObjectParams{bucket, object, defaultGen, nil, nil, false}, opts...)
if err != nil {
return err
}

46
vendor/cloud.google.com/go/storage/http_client.go generated vendored
View file

@ -107,12 +107,12 @@ func newHTTPStorageClient(ctx context.Context, opts ...storageOption) (storageCl
// Append the emulator host as default endpoint for the user
o = append([]option.ClientOption{option.WithoutAuthentication()}, o...)
o = append(o, internaloption.WithDefaultEndpoint(endpoint))
o = append(o, internaloption.WithDefaultEndpointTemplate(endpoint))
o = append(o, internaloption.WithDefaultMTLSEndpoint(endpoint))
}
s.clientOption = o
// htransport selects the correct endpoint among WithEndpoint (user override), WithDefaultEndpoint, and WithDefaultMTLSEndpoint.
// htransport selects the correct endpoint among WithEndpoint (user override), WithDefaultEndpointTemplate, and WithDefaultMTLSEndpoint.
hc, ep, err := htransport.NewClient(ctx, s.clientOption...)
if err != nil {
return nil, fmt.Errorf("dialing: %w", err)
@ -337,6 +337,9 @@ func (c *httpStorageClient) ListObjects(ctx context.Context, bucket string, q *Q
}
fetch := func(pageSize int, pageToken string) (string, error) {
req := c.raw.Objects.List(bucket)
if it.query.SoftDeleted {
req.SoftDeleted(it.query.SoftDeleted)
}
setClientHeader(req.Header())
projection := it.query.Projection
if projection == ProjectionDefault {
@ -409,18 +412,22 @@ func (c *httpStorageClient) DeleteObject(ctx context.Context, bucket, object str
return err
}
func (c *httpStorageClient) GetObject(ctx context.Context, bucket, object string, gen int64, encryptionKey []byte, conds *Conditions, opts ...storageOption) (*ObjectAttrs, error) {
func (c *httpStorageClient) GetObject(ctx context.Context, params *getObjectParams, opts ...storageOption) (*ObjectAttrs, error) {
s := callSettings(c.settings, opts...)
req := c.raw.Objects.Get(bucket, object).Projection("full").Context(ctx)
if err := applyConds("Attrs", gen, conds, req); err != nil {
req := c.raw.Objects.Get(params.bucket, params.object).Projection("full").Context(ctx)
if err := applyConds("Attrs", params.gen, params.conds, req); err != nil {
return nil, err
}
if s.userProject != "" {
req.UserProject(s.userProject)
}
if err := setEncryptionHeaders(req.Header(), encryptionKey, false); err != nil {
if err := setEncryptionHeaders(req.Header(), params.encryptionKey, false); err != nil {
return nil, err
}
if params.softDeleted {
req.SoftDeleted(params.softDeleted)
}
var obj *raw.Object
var err error
err = run(ctx, func(ctx context.Context) error {
@ -547,6 +554,33 @@ func (c *httpStorageClient) UpdateObject(ctx context.Context, params *updateObje
return newObject(obj), nil
}
func (c *httpStorageClient) RestoreObject(ctx context.Context, params *restoreObjectParams, opts ...storageOption) (*ObjectAttrs, error) {
s := callSettings(c.settings, opts...)
req := c.raw.Objects.Restore(params.bucket, params.object, params.gen).Context(ctx)
// Do not set the generation here since it's not an optional condition; it gets set above.
if err := applyConds("RestoreObject", defaultGen, params.conds, req); err != nil {
return nil, err
}
if s.userProject != "" {
req.UserProject(s.userProject)
}
if params.copySourceACL {
req.CopySourceAcl(params.copySourceACL)
}
if err := setEncryptionHeaders(req.Header(), params.encryptionKey, false); err != nil {
return nil, err
}
var obj *raw.Object
var err error
err = run(ctx, func(ctx context.Context) error { obj, err = req.Context(ctx).Do(); return err }, s.retry, s.idempotent)
var e *googleapi.Error
if ok := errors.As(err, &e); ok && e.Code == http.StatusNotFound {
return nil, ErrObjectNotExist
}
return newObject(obj), err
}
// Default Object ACL methods.
func (c *httpStorageClient) DeleteDefaultObjectACL(ctx context.Context, bucket string, entity ACLEntity, opts ...storageOption) error {

4
vendor/cloud.google.com/go/storage/internal/apiv2/storagepb/storage.pb.go generated vendored
View file

@ -14,8 +14,8 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.32.0
// protoc v4.25.2
// protoc-gen-go v1.33.0
// protoc v4.25.3
// source: google/storage/v2/storage.proto
package storagepb

2
vendor/cloud.google.com/go/storage/internal/version.go generated vendored
View file

@ -15,4 +15,4 @@
package internal
// Version is the current tagged release of the library.
const Version = "1.40.0"
const Version = "1.41.0"

14
vendor/cloud.google.com/go/storage/invoke.go generated vendored
View file

@ -70,8 +70,8 @@ func run(ctx context.Context, call func(ctx context.Context) error, retry *retry
return internal.Retry(ctx, bo, func() (stop bool, err error) {
ctxWithHeaders := setInvocationHeaders(ctx, invocationID, attempts)
err = call(ctxWithHeaders)
if retry.maxAttempts != nil && attempts >= *retry.maxAttempts {
return true, err
if err != nil && retry.maxAttempts != nil && attempts >= *retry.maxAttempts {
return true, fmt.Errorf("storage: retry failed after %v attempts; last error: %w", *retry.maxAttempts, err)
}
attempts++
return !errorFunc(err), err
@ -105,18 +105,16 @@ func ShouldRetry(err error) bool {
if errors.Is(err, io.ErrUnexpectedEOF) {
return true
}
if errors.Is(err, net.ErrClosed) {
return true
}
switch e := err.(type) {
case *net.OpError:
if strings.Contains(e.Error(), "use of closed network connection") {
// TODO: check against net.ErrClosed (go 1.16+) instead of string
return true
}
case *googleapi.Error:
// Retry on 408, 429, and 5xx, according to
// https://cloud.google.com/storage/docs/exponential-backoff.
return e.Code == 408 || e.Code == 429 || (e.Code >= 500 && e.Code < 600)
case *url.Error:
case *net.OpError, *url.Error:
// Retry socket-level errors ECONNREFUSED and ECONNRESET (from syscall).
// Unfortunately the error type is unexported, so we resort to string
// matching.

2
vendor/cloud.google.com/go/storage/notifications.go generated vendored
View file

@ -116,7 +116,7 @@ func toProtoNotification(n *Notification) *storagepb.NotificationConfig {
}
}
var topicRE = regexp.MustCompile("^//pubsub.googleapis.com/projects/([^/]+)/topics/([^/]+)")
var topicRE = regexp.MustCompile(`^//pubsub\.googleapis\.com/projects/([^/]+)/topics/([^/]+)`)
// parseNotificationTopic extracts the project and topic IDs from from the full
// resource name returned by the service. If the name is malformed, it returns

80
vendor/cloud.google.com/go/storage/storage.go generated vendored
View file

@ -180,12 +180,12 @@ func NewClient(ctx context.Context, opts ...option.ClientOption) (*Client, error
opts = append([]option.ClientOption{
option.WithoutAuthentication(),
internaloption.SkipDialSettingsValidation(),
internaloption.WithDefaultEndpoint(endpoint),
internaloption.WithDefaultEndpointTemplate(endpoint),
internaloption.WithDefaultMTLSEndpoint(endpoint),
}, opts...)
}
// htransport selects the correct endpoint among WithEndpoint (user override), WithDefaultEndpoint, and WithDefaultMTLSEndpoint.
// htransport selects the correct endpoint among WithEndpoint (user override), WithDefaultEndpointTemplate, and WithDefaultMTLSEndpoint.
hc, ep, err := htransport.NewClient(ctx, opts...)
if err != nil {
return nil, fmt.Errorf("dialing: %w", err)
@ -232,7 +232,6 @@ func NewClient(ctx context.Context, opts ...option.ClientOption) (*Client, error
// You may configure the client by passing in options from the [google.golang.org/api/option]
// package.
func NewGRPCClient(ctx context.Context, opts ...option.ClientOption) (*Client, error) {
opts = append(defaultGRPCOptions(), opts...)
tc, err := newGRPCStorageClient(ctx, withClientOptions(opts...))
if err != nil {
return nil, err
@ -898,6 +897,7 @@ type ObjectHandle struct {
readCompressed bool // Accept-Encoding: gzip
retry *retryConfig
overrideRetention *bool
softDeleted bool
}
// ACL provides access to the object's access control list.
@ -952,7 +952,7 @@ func (o *ObjectHandle) Attrs(ctx context.Context) (attrs *ObjectAttrs, err error
return nil, err
}
opts := makeStorageOpts(true, o.retry, o.userProject)
return o.c.tc.GetObject(ctx, o.bucket, o.object, o.gen, o.encryptionKey, o.conds, opts...)
return o.c.tc.GetObject(ctx, &getObjectParams{o.bucket, o.object, o.gen, o.encryptionKey, o.conds, o.softDeleted}, opts...)
}
// Update updates an object with the provided attributes. See
@ -1057,6 +1057,50 @@ func (o *ObjectHandle) OverrideUnlockedRetention(override bool) *ObjectHandle {
return &o2
}
// SoftDeleted returns an object handle that can be used to get an object that
// has been soft deleted. To get a soft deleted object, the generation must be
// set on the object using ObjectHandle.Generation.
// Note that an error will be returned if a live object is queried using this.
func (o *ObjectHandle) SoftDeleted() *ObjectHandle {
o2 := *o
o2.softDeleted = true
return &o2
}
// RestoreOptions allows you to set options when restoring an object.
type RestoreOptions struct {
/// CopySourceACL indicates whether the restored object should copy the
// access controls of the source object. Only valid for buckets with
// fine-grained access. If uniform bucket-level access is enabled, setting
// CopySourceACL will cause an error.
CopySourceACL bool
}
// Restore will restore a soft-deleted object to a live object.
// Note that you must specify a generation to use this method.
func (o *ObjectHandle) Restore(ctx context.Context, opts *RestoreOptions) (*ObjectAttrs, error) {
if err := o.validate(); err != nil {
return nil, err
}
// Since the generation is required by restore calls, we set the default to
// 0 instead of a negative value, which returns a more descriptive error.
gen := o.gen
if o.gen == defaultGen {
gen = 0
}
// Restore is always idempotent because Generation is a required param.
sOpts := makeStorageOpts(true, o.retry, o.userProject)
return o.c.tc.RestoreObject(ctx, &restoreObjectParams{
bucket: o.bucket,
object: o.object,
gen: gen,
conds: o.conds,
copySourceACL: opts.CopySourceACL,
}, sOpts...)
}
// NewWriter returns a storage Writer that writes to the GCS object
// associated with this ObjectHandle.
//
@ -1390,6 +1434,21 @@ type ObjectAttrs struct {
// Retention contains the retention configuration for this object.
// ObjectRetention cannot be configured or reported through the gRPC API.
Retention *ObjectRetention
// SoftDeleteTime is the time when the object became soft-deleted.
// Soft-deleted objects are only accessible on an object handle returned by
// ObjectHandle.SoftDeleted; if ObjectHandle.SoftDeleted has not been set,
// ObjectHandle.Attrs will return ErrObjectNotExist if the object is soft-deleted.
// This field is read-only.
SoftDeleteTime time.Time
// HardDeleteTime is the time when the object will be permanently deleted.
// Only set when an object becomes soft-deleted with a soft delete policy.
// Soft-deleted objects are only accessible on an object handle returned by
// ObjectHandle.SoftDeleted; if ObjectHandle.SoftDeleted has not been set,
// ObjectHandle.Attrs will return ErrObjectNotExist if the object is soft-deleted.
// This field is read-only.
HardDeleteTime time.Time
}
// ObjectRetention contains the retention configuration for this object.
@ -1494,6 +1553,8 @@ func newObject(o *raw.Object) *ObjectAttrs {
CustomTime: convertTime(o.CustomTime),
ComponentCount: o.ComponentCount,
Retention: toObjectRetention(o.Retention),
SoftDeleteTime: convertTime(o.SoftDeleteTime),
HardDeleteTime: convertTime(o.HardDeleteTime),
}
}
@ -1529,6 +1590,8 @@ func newObjectFromProto(o *storagepb.Object) *ObjectAttrs {
Updated: convertProtoTime(o.GetUpdateTime()),
CustomTime: convertProtoTime(o.GetCustomTime()),
ComponentCount: int64(o.ComponentCount),
SoftDeleteTime: convertProtoTime(o.GetSoftDeleteTime()),
HardDeleteTime: convertProtoTime(o.GetHardDeleteTime()),
}
}
@ -1637,6 +1700,11 @@ type Query struct {
// prefixes returned by the query. Only applicable if Delimiter is set to /.
// IncludeFoldersAsPrefixes is not yet implemented in the gRPC API.
IncludeFoldersAsPrefixes bool
// SoftDeleted indicates whether to list soft-deleted objects.
// If true, only objects that have been soft-deleted will be listed.
// By default, soft-deleted objects are not listed.
SoftDeleted bool
}
// attrToFieldMap maps the field names of ObjectAttrs to the underlying field
@ -1672,6 +1740,8 @@ var attrToFieldMap = map[string]string{
"CustomTime": "customTime",
"ComponentCount": "componentCount",
"Retention": "retention",
"HardDeleteTime": "hardDeleteTime",
"SoftDeleteTime": "softDeleteTime",
}
// attrToProtoFieldMap maps the field names of ObjectAttrs to the underlying field
@ -1704,6 +1774,8 @@ var attrToProtoFieldMap = map[string]string{
"CustomerKeySHA256": "customer_encryption",
"CustomTime": "custom_time",
"ComponentCount": "component_count",
"HardDeleteTime": "hard_delete_time",
"SoftDeleteTime": "soft_delete_time",
// MediaLink was explicitly excluded from the proto as it is an HTTP-ism.
// "MediaLink": "mediaLink",
// TODO: add object retention - b/308194853

210
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go generated vendored
View file

@ -298,6 +298,12 @@ var awsPartition = partition{
endpointKey{
Region: "ca-west-1",
}: endpoint{},
endpointKey{
Region: "ca-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "access-analyzer-fips.ca-west-1.amazonaws.com",
},
endpointKey{
Region: "eu-central-1",
}: endpoint{},
@ -331,6 +337,15 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-ca-west-1",
}: endpoint{
Hostname: "access-analyzer-fips.ca-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-us-east-1",
}: endpoint{
@ -807,6 +822,12 @@ var awsPartition = partition{
},
"airflow": service{
Endpoints: serviceEndpoints{
endpointKey{
Region: "af-south-1",
}: endpoint{},
endpointKey{
Region: "ap-east-1",
}: endpoint{},
endpointKey{
Region: "ap-northeast-1",
}: endpoint{},
@ -831,6 +852,9 @@ var awsPartition = partition{
endpointKey{
Region: "eu-north-1",
}: endpoint{},
endpointKey{
Region: "eu-south-1",
}: endpoint{},
endpointKey{
Region: "eu-west-1",
}: endpoint{},
@ -840,6 +864,9 @@ var awsPartition = partition{
endpointKey{
Region: "eu-west-3",
}: endpoint{},
endpointKey{
Region: "me-south-1",
}: endpoint{},
endpointKey{
Region: "sa-east-1",
}: endpoint{},
@ -849,6 +876,9 @@ var awsPartition = partition{
endpointKey{
Region: "us-east-2",
}: endpoint{},
endpointKey{
Region: "us-west-1",
}: endpoint{},
endpointKey{
Region: "us-west-2",
}: endpoint{},
@ -1045,6 +1075,9 @@ var awsPartition = partition{
endpointKey{
Region: "ap-northeast-1",
}: endpoint{},
endpointKey{
Region: "ap-south-1",
}: endpoint{},
endpointKey{
Region: "ap-southeast-1",
}: endpoint{},
@ -1057,6 +1090,12 @@ var awsPartition = partition{
endpointKey{
Region: "eu-west-1",
}: endpoint{},
endpointKey{
Region: "eu-west-2",
}: endpoint{},
endpointKey{
Region: "eu-west-3",
}: endpoint{},
endpointKey{
Region: "us-east-1",
}: endpoint{},
@ -8010,6 +8049,24 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "ca-west-1",
}: endpoint{},
endpointKey{
Region: "ca-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "controltower-fips.ca-west-1.amazonaws.com",
},
endpointKey{
Region: "ca-west-1-fips",
}: endpoint{
Hostname: "controltower-fips.ca-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "eu-central-1",
}: endpoint{},
@ -13645,6 +13702,15 @@ var awsPartition = partition{
}: endpoint{
Hostname: "fms-fips.ca-central-1.amazonaws.com",
},
endpointKey{
Region: "ca-west-1",
}: endpoint{},
endpointKey{
Region: "ca-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "fms-fips.ca-west-1.amazonaws.com",
},
endpointKey{
Region: "eu-central-1",
}: endpoint{},
@ -13771,6 +13837,15 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-ca-west-1",
}: endpoint{
Hostname: "fms-fips.ca-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-eu-central-1",
}: endpoint{
@ -14156,6 +14231,15 @@ var awsPartition = partition{
}: endpoint{
Hostname: "fsx-fips.ca-central-1.amazonaws.com",
},
endpointKey{
Region: "ca-west-1",
}: endpoint{},
endpointKey{
Region: "ca-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "fsx-fips.ca-west-1.amazonaws.com",
},
endpointKey{
Region: "eu-central-1",
}: endpoint{},
@ -14189,6 +14273,15 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-ca-west-1",
}: endpoint{
Hostname: "fsx-fips.ca-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-prod-ca-central-1",
}: endpoint{
@ -14198,6 +14291,15 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-prod-ca-west-1",
}: endpoint{
Hostname: "fsx-fips.ca-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-prod-us-east-1",
}: endpoint{
@ -14297,6 +14399,24 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "prod-ca-west-1",
}: endpoint{
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "prod-ca-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "fsx-fips.ca-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "prod-us-east-1",
}: endpoint{
@ -19235,6 +19355,9 @@ var awsPartition = partition{
endpointKey{
Region: "ca-central-1",
}: endpoint{},
endpointKey{
Region: "ca-west-1",
}: endpoint{},
endpointKey{
Region: "eu-central-1",
}: endpoint{},
@ -30442,6 +30565,9 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "il-central-1",
}: endpoint{},
endpointKey{
Region: "me-central-1",
}: endpoint{},
@ -32999,6 +33125,15 @@ var awsPartition = partition{
}: endpoint{
Hostname: "transfer-fips.ca-central-1.amazonaws.com",
},
endpointKey{
Region: "ca-west-1",
}: endpoint{},
endpointKey{
Region: "ca-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "transfer-fips.ca-west-1.amazonaws.com",
},
endpointKey{
Region: "eu-central-1",
}: endpoint{},
@ -33032,6 +33167,15 @@ var awsPartition = partition{
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-ca-west-1",
}: endpoint{
Hostname: "transfer-fips.ca-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "ca-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-us-east-1",
}: endpoint{
@ -33558,6 +33702,12 @@ var awsPartition = partition{
endpointKey{
Region: "ap-northeast-1",
}: endpoint{},
endpointKey{
Region: "ap-northeast-2",
}: endpoint{},
endpointKey{
Region: "ap-south-1",
}: endpoint{},
endpointKey{
Region: "ap-southeast-1",
}: endpoint{},
@ -40343,22 +40493,82 @@ var awsusgovPartition = partition{
},
"emr-containers": service{
Endpoints: serviceEndpoints{
endpointKey{
Region: "fips-us-gov-east-1",
}: endpoint{
Hostname: "emr-containers.us-gov-east-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "us-gov-east-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-us-gov-west-1",
}: endpoint{
Hostname: "emr-containers.us-gov-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "us-gov-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "us-gov-east-1",
}: endpoint{},
endpointKey{
Region: "us-gov-east-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "emr-containers.us-gov-east-1.amazonaws.com",
},
endpointKey{
Region: "us-gov-west-1",
}: endpoint{},
endpointKey{
Region: "us-gov-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "emr-containers.us-gov-west-1.amazonaws.com",
},
},
},
"emr-serverless": service{
Endpoints: serviceEndpoints{
endpointKey{
Region: "fips-us-gov-east-1",
}: endpoint{
Hostname: "emr-serverless.us-gov-east-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "us-gov-east-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "fips-us-gov-west-1",
}: endpoint{
Hostname: "emr-serverless.us-gov-west-1.amazonaws.com",
CredentialScope: credentialScope{
Region: "us-gov-west-1",
},
Deprecated: boxedTrue,
},
endpointKey{
Region: "us-gov-east-1",
}: endpoint{},
endpointKey{
Region: "us-gov-east-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "emr-serverless.us-gov-east-1.amazonaws.com",
},
endpointKey{
Region: "us-gov-west-1",
}: endpoint{},
endpointKey{
Region: "us-gov-west-1",
Variant: fipsVariant,
}: endpoint{
Hostname: "emr-serverless.us-gov-west-1.amazonaws.com",
},
},
},
"es": service{

2
vendor/github.com/aws/aws-sdk-go/aws/version.go generated vendored
View file

@ -5,4 +5,4 @@ package aws
const SDKName = "aws-sdk-go"
// SDKVersion is the version of this SDK
const SDKVersion = "1.52.1"
const SDKVersion = "1.53.6"

26
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go generated vendored
View file

@ -139307,6 +139307,10 @@ type InstanceTypeInfo struct {
// Indicates whether NitroTPM is supported.
NitroTpmSupport *string `locationName:"nitroTpmSupport" type:"string" enum:"NitroTpmSupport"`
// Indicates whether a local Precision Time Protocol (PTP) hardware clock (PHC)
// is supported.
PhcSupport *string `locationName:"phcSupport" type:"string" enum:"PhcSupport"`
// Describes the placement group settings for the instance type.
PlacementGroupInfo *PlacementGroupInfo `locationName:"placementGroupInfo" type:"structure"`
@ -139480,6 +139484,12 @@ func (s *InstanceTypeInfo) SetNitroTpmSupport(v string) *InstanceTypeInfo {
return s
}
// SetPhcSupport sets the PhcSupport field's value.
func (s *InstanceTypeInfo) SetPhcSupport(v string) *InstanceTypeInfo {
s.PhcSupport = &v
return s
}
// SetPlacementGroupInfo sets the PlacementGroupInfo field's value.
func (s *InstanceTypeInfo) SetPlacementGroupInfo(v *PlacementGroupInfo) *InstanceTypeInfo {
s.PlacementGroupInfo = v
@ -199146,6 +199156,22 @@ func PermissionGroup_Values() []string {
}
}
const (
// PhcSupportUnsupported is a PhcSupport enum value
PhcSupportUnsupported = "unsupported"
// PhcSupportSupported is a PhcSupport enum value
PhcSupportSupported = "supported"
)
// PhcSupport_Values returns all elements of the PhcSupport enum
func PhcSupport_Values() []string {
return []string{
PhcSupportUnsupported,
PhcSupportSupported,
}
}
const (
// PlacementGroupStatePending is a PlacementGroupState enum value
PlacementGroupStatePending = "pending"

162
vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go generated vendored
View file

@ -179,8 +179,8 @@ func (c *SSOOIDC) CreateTokenWithIAMRequest(input *CreateTokenWithIAMInput) (req
//
// Creates and returns access and refresh tokens for clients and applications
// that are authenticated using IAM entities. The access token can be used to
// fetch short-term credentials for the assigned AWS accounts or to access application
// APIs using bearer authentication.
// fetch short-term credentials for the assigned Amazon Web Services accounts
// or to access application APIs using bearer authentication.
//
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
// with awserr.Error's Code and Message methods to get detailed information about
@ -331,6 +331,13 @@ func (c *SSOOIDC) RegisterClientRequest(input *RegisterClientInput) (req *reques
// Indicates that an error from the service occurred while trying to process
// a request.
//
// - InvalidRedirectUriException
// Indicates that one or more redirect URI in the request is not supported for
// this operation.
//
// - UnsupportedGrantTypeException
// Indicates that the grant type in the request is not supported by the service.
//
// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient
func (c *SSOOIDC) RegisterClient(input *RegisterClientInput) (*RegisterClientOutput, error) {
req, out := c.RegisterClientRequest(input)
@ -619,6 +626,15 @@ type CreateTokenInput struct {
// type is currently unsupported for the CreateToken API.
Code *string `locationName:"code" type:"string"`
// Used only when calling this API for the Authorization Code grant type. This
// value is generated by the client and presented to validate the original code
// challenge value the client passed at authorization time.
//
// CodeVerifier is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CreateTokenInput's
// String and GoString methods.
CodeVerifier *string `locationName:"codeVerifier" type:"string" sensitive:"true"`
// Used only when calling this API for the Device Code grant type. This short-term
// code is used to identify this authorization request. This comes from the
// result of the StartDeviceAuthorization API.
@ -718,6 +734,12 @@ func (s *CreateTokenInput) SetCode(v string) *CreateTokenInput {
return s
}
// SetCodeVerifier sets the CodeVerifier field's value.
func (s *CreateTokenInput) SetCodeVerifier(v string) *CreateTokenInput {
s.CodeVerifier = &v
return s
}
// SetDeviceCode sets the DeviceCode field's value.
func (s *CreateTokenInput) SetDeviceCode(v string) *CreateTokenInput {
s.DeviceCode = &v
@ -751,7 +773,8 @@ func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput {
type CreateTokenOutput struct {
_ struct{} `type:"structure"`
// A bearer token to access AWS accounts and applications assigned to a user.
// A bearer token to access Amazon Web Services accounts and applications assigned
// to a user.
//
// AccessToken is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CreateTokenOutput's
@ -863,6 +886,15 @@ type CreateTokenWithIAMInput struct {
// persisted in the Authorization Code GrantOptions for the application.
Code *string `locationName:"code" type:"string"`
// Used only when calling this API for the Authorization Code grant type. This
// value is generated by the client and presented to validate the original code
// challenge value the client passed at authorization time.
//
// CodeVerifier is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CreateTokenWithIAMInput's
// String and GoString methods.
CodeVerifier *string `locationName:"codeVerifier" type:"string" sensitive:"true"`
// Supports the following OAuth grant types: Authorization Code, Refresh Token,
// JWT Bearer, and Token Exchange. Specify one of the following values, depending
// on the grant type that you want:
@ -982,6 +1014,12 @@ func (s *CreateTokenWithIAMInput) SetCode(v string) *CreateTokenWithIAMInput {
return s
}
// SetCodeVerifier sets the CodeVerifier field's value.
func (s *CreateTokenWithIAMInput) SetCodeVerifier(v string) *CreateTokenWithIAMInput {
s.CodeVerifier = &v
return s
}
// SetGrantType sets the GrantType field's value.
func (s *CreateTokenWithIAMInput) SetGrantType(v string) *CreateTokenWithIAMInput {
s.GrantType = &v
@ -1027,7 +1065,8 @@ func (s *CreateTokenWithIAMInput) SetSubjectTokenType(v string) *CreateTokenWith
type CreateTokenWithIAMOutput struct {
_ struct{} `type:"structure"`
// A bearer token to access AWS accounts and applications assigned to a user.
// A bearer token to access Amazon Web Services accounts and applications assigned
// to a user.
//
// AccessToken is a sensitive parameter and its value will be
// replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's
@ -1495,6 +1534,78 @@ func (s *InvalidGrantException) RequestID() string {
return s.RespMetadata.RequestID
}
// Indicates that one or more redirect URI in the request is not supported for
// this operation.
type InvalidRedirectUriException struct {
_ struct{} `type:"structure"`
RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"`
// Single error code. For this exception the value will be invalid_redirect_uri.
Error_ *string `locationName:"error" type:"string"`
// Human-readable text providing additional information, used to assist the
// client developer in understanding the error that occurred.
Error_description *string `locationName:"error_description" type:"string"`
Message_ *string `locationName:"message" type:"string"`
}
// String returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidRedirectUriException) String() string {
return awsutil.Prettify(s)
}
// GoString returns the string representation.
//
// API parameter values that are decorated as "sensitive" in the API will not
// be included in the string output. The member name will be present, but the
// value will be replaced with "sensitive".
func (s InvalidRedirectUriException) GoString() string {
return s.String()
}
func newErrorInvalidRedirectUriException(v protocol.ResponseMetadata) error {
return &InvalidRedirectUriException{
RespMetadata: v,
}
}
// Code returns the exception type name.
func (s *InvalidRedirectUriException) Code() string {
return "InvalidRedirectUriException"
}
// Message returns the exception's message.
func (s *InvalidRedirectUriException) Message() string {
if s.Message_ != nil {
return *s.Message_
}
return ""
}
// OrigErr always returns nil, satisfies awserr.Error interface.
func (s *InvalidRedirectUriException) OrigErr() error {
return nil
}
func (s *InvalidRedirectUriException) Error() string {
return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String())
}
// Status code returns the HTTP status code for the request's response error.
func (s *InvalidRedirectUriException) StatusCode() int {
return s.RespMetadata.StatusCode
}
// RequestID returns the service's response RequestID for request.
func (s *InvalidRedirectUriException) RequestID() string {
return s.RespMetadata.RequestID
}
// Indicates that something is wrong with the input to the request. For example,
// a required parameter might be missing or out of range.
type InvalidRequestException struct {
@ -1731,6 +1842,25 @@ type RegisterClientInput struct {
// ClientType is a required field
ClientType *string `locationName:"clientType" type:"string" required:"true"`
// This IAM Identity Center application ARN is used to define administrator-managed
// configuration for public client access to resources. At authorization, the
// scopes, grants, and redirect URI available to this client will be restricted
// by this application resource.
EntitledApplicationArn *string `locationName:"entitledApplicationArn" type:"string"`
// The list of OAuth 2.0 grant types that are defined by the client. This list
// is used to restrict the token granting flows available to the client.
GrantTypes []*string `locationName:"grantTypes" type:"list"`
// The IAM Identity Center Issuer URL associated with an instance of IAM Identity
// Center. This value is needed for user access to resources through the client.
IssuerUrl *string `locationName:"issuerUrl" type:"string"`
// The list of redirect URI that are defined by the client. At completion of
// authorization, this list is used to restrict what locations the user agent
// can be redirected back to.
RedirectUris []*string `locationName:"redirectUris" type:"list"`
// The list of scopes that are defined by the client. Upon authorization, this
// list is used to restrict permissions when granting an access token.
Scopes []*string `locationName:"scopes" type:"list"`
@ -1782,6 +1912,30 @@ func (s *RegisterClientInput) SetClientType(v string) *RegisterClientInput {
return s
}
// SetEntitledApplicationArn sets the EntitledApplicationArn field's value.
func (s *RegisterClientInput) SetEntitledApplicationArn(v string) *RegisterClientInput {
s.EntitledApplicationArn = &v
return s
}
// SetGrantTypes sets the GrantTypes field's value.
func (s *RegisterClientInput) SetGrantTypes(v []*string) *RegisterClientInput {
s.GrantTypes = v
return s
}
// SetIssuerUrl sets the IssuerUrl field's value.
func (s *RegisterClientInput) SetIssuerUrl(v string) *RegisterClientInput {
s.IssuerUrl = &v
return s
}
// SetRedirectUris sets the RedirectUris field's value.
func (s *RegisterClientInput) SetRedirectUris(v []*string) *RegisterClientInput {
s.RedirectUris = v
return s
}
// SetScopes sets the Scopes field's value.
func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput {
s.Scopes = v

8
vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go generated vendored
View file

@ -57,6 +57,13 @@ const (
// makes a CreateToken request with an invalid grant type.
ErrCodeInvalidGrantException = "InvalidGrantException"
// ErrCodeInvalidRedirectUriException for service response error code
// "InvalidRedirectUriException".
//
// Indicates that one or more redirect URI in the request is not supported for
// this operation.
ErrCodeInvalidRedirectUriException = "InvalidRedirectUriException"
// ErrCodeInvalidRequestException for service response error code
// "InvalidRequestException".
//
@ -106,6 +113,7 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{
"InvalidClientException": newErrorInvalidClientException,
"InvalidClientMetadataException": newErrorInvalidClientMetadataException,
"InvalidGrantException": newErrorInvalidGrantException,
"InvalidRedirectUriException": newErrorInvalidRedirectUriException,
"InvalidRequestException": newErrorInvalidRequestException,
"InvalidRequestRegionException": newErrorInvalidRequestRegionException,
"InvalidScopeException": newErrorInvalidScopeException,

7
vendor/github.com/containers/image/v5/copy/progress_bars.go generated vendored
View file

@ -49,10 +49,13 @@ type progressBar struct {
// As a convention, most users of progress bars should call mark100PercentComplete on full success;
// by convention, we don't leave progress bars in partial state when fully done
// (even if we copied much less data than anticipated).
func (c *copier) createProgressBar(pool *mpb.Progress, partial bool, info types.BlobInfo, kind string, onComplete string) *progressBar {
func (c *copier) createProgressBar(pool *mpb.Progress, partial bool, info types.BlobInfo, kind string, onComplete string) (*progressBar, error) {
// shortDigestLen is the length of the digest used for blobs.
const shortDigestLen = 12
if err := info.Digest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, so validate explicitly.
return nil, err
}
prefix := fmt.Sprintf("Copying %s %s", kind, info.Digest.Encoded())
// Truncate the prefix (chopping of some part of the digest) to make all progress bars aligned in a column.
maxPrefixLen := len("Copying blob ") + shortDigestLen
@ -105,7 +108,7 @@ func (c *copier) createProgressBar(pool *mpb.Progress, partial bool, info types.
return &progressBar{
Bar: bar,
originalSize: info.Size,
}
}, nil
}
// printCopyInfo prints a "Copying ..." message on the copier if the output is

39
vendor/github.com/containers/image/v5/copy/single.go generated vendored
View file

@ -606,7 +606,10 @@ func (ic *imageCopier) copyConfig(ctx context.Context, src types.Image) error {
destInfo, err := func() (types.BlobInfo, error) { // A scope for defer
progressPool := ic.c.newProgressPool()
defer progressPool.Wait()
bar := ic.c.createProgressBar(progressPool, false, srcInfo, "config", "done")
bar, err := ic.c.createProgressBar(progressPool, false, srcInfo, "config", "done")
if err != nil {
return types.BlobInfo{}, err
}
defer bar.Abort(false)
ic.c.printCopyInfo("config", srcInfo)
@ -738,15 +741,21 @@ func (ic *imageCopier) copyLayer(ctx context.Context, srcInfo types.BlobInfo, to
}
if reused {
logrus.Debugf("Skipping blob %s (already present):", srcInfo.Digest)
func() { // A scope for defer
if err := func() error { // A scope for defer
label := "skipped: already exists"
if reusedBlob.MatchedByTOCDigest {
label = "skipped: already exists (found by TOC)"
}
bar := ic.c.createProgressBar(pool, false, types.BlobInfo{Digest: reusedBlob.Digest, Size: 0}, "blob", label)
bar, err := ic.c.createProgressBar(pool, false, types.BlobInfo{Digest: reusedBlob.Digest, Size: 0}, "blob", label)
if err != nil {
return err
}
defer bar.Abort(false)
bar.mark100PercentComplete()
}()
return nil
}(); err != nil {
return types.BlobInfo{}, "", err
}
// Throw an event that the layer has been skipped
if ic.c.options.Progress != nil && ic.c.options.ProgressInterval > 0 {
@ -765,8 +774,11 @@ func (ic *imageCopier) copyLayer(ctx context.Context, srcInfo types.BlobInfo, to
// Attempt a partial only when the source allows to retrieve a blob partially and
// the destination has support for it.
if canAvoidProcessingCompleteLayer && ic.c.rawSource.SupportsGetBlobAt() && ic.c.dest.SupportsPutBlobPartial() {
if reused, blobInfo := func() (bool, types.BlobInfo) { // A scope for defer
bar := ic.c.createProgressBar(pool, true, srcInfo, "blob", "done")
reused, blobInfo, err := func() (bool, types.BlobInfo, error) { // A scope for defer
bar, err := ic.c.createProgressBar(pool, true, srcInfo, "blob", "done")
if err != nil {
return false, types.BlobInfo{}, err
}
hideProgressBar := true
defer func() { // Note that this is not the same as defer bar.Abort(hideProgressBar); we need hideProgressBar to be evaluated lazily.
bar.Abort(hideProgressBar)
@ -789,18 +801,25 @@ func (ic *imageCopier) copyLayer(ctx context.Context, srcInfo types.BlobInfo, to
bar.mark100PercentComplete()
hideProgressBar = false
logrus.Debugf("Retrieved partial blob %v", srcInfo.Digest)
return true, updatedBlobInfoFromUpload(srcInfo, uploadedBlob)
return true, updatedBlobInfoFromUpload(srcInfo, uploadedBlob), nil
}
logrus.Debugf("Failed to retrieve partial blob: %v", err)
return false, types.BlobInfo{}
}(); reused {
return false, types.BlobInfo{}, nil
}()
if err != nil {
return types.BlobInfo{}, "", err
}
if reused {
return blobInfo, cachedDiffID, nil
}
}
// Fallback: copy the layer, computing the diffID if we need to do so
return func() (types.BlobInfo, digest.Digest, error) { // A scope for defer
bar := ic.c.createProgressBar(pool, false, srcInfo, "blob", "done")
bar, err := ic.c.createProgressBar(pool, false, srcInfo, "blob", "done")
if err != nil {
return types.BlobInfo{}, "", err
}
defer bar.Abort(false)
srcStream, srcBlobSize, err := ic.c.rawSource.GetBlob(ctx, srcInfo, ic.c.blobInfoCache)

22
vendor/github.com/containers/image/v5/directory/directory_dest.go generated vendored
View file

@ -173,7 +173,10 @@ func (d *dirImageDestination) PutBlobWithOptions(ctx context.Context, stream io.
}
}
blobPath := d.ref.layerPath(blobDigest)
blobPath, err := d.ref.layerPath(blobDigest)
if err != nil {
return private.UploadedBlob{}, err
}
// need to explicitly close the file, since a rename won't otherwise not work on Windows
blobFile.Close()
explicitClosed = true
@ -196,7 +199,10 @@ func (d *dirImageDestination) TryReusingBlobWithOptions(ctx context.Context, inf
if info.Digest == "" {
return false, private.ReusedBlob{}, fmt.Errorf("Can not check for a blob with unknown digest")
}
blobPath := d.ref.layerPath(info.Digest)
blobPath, err := d.ref.layerPath(info.Digest)
if err != nil {
return false, private.ReusedBlob{}, err
}
finfo, err := os.Stat(blobPath)
if err != nil && os.IsNotExist(err) {
return false, private.ReusedBlob{}, nil
@ -216,7 +222,11 @@ func (d *dirImageDestination) TryReusingBlobWithOptions(ctx context.Context, inf
// If the destination is in principle available, refuses this manifest type (e.g. it does not recognize the schema),
// but may accept a different manifest type, the returned error must be an ManifestTypeRejectedError.
func (d *dirImageDestination) PutManifest(ctx context.Context, manifest []byte, instanceDigest *digest.Digest) error {
return os.WriteFile(d.ref.manifestPath(instanceDigest), manifest, 0644)
path, err := d.ref.manifestPath(instanceDigest)
if err != nil {
return err
}
return os.WriteFile(path, manifest, 0644)
}
// PutSignaturesWithFormat writes a set of signatures to the destination.
@ -229,7 +239,11 @@ func (d *dirImageDestination) PutSignaturesWithFormat(ctx context.Context, signa
if err != nil {
return err
}
if err := os.WriteFile(d.ref.signaturePath(i, instanceDigest), blob, 0644); err != nil {
path, err := d.ref.signaturePath(i, instanceDigest)
if err != nil {
return err
}
if err := os.WriteFile(path, blob, 0644); err != nil {
return err
}
}

17
vendor/github.com/containers/image/v5/directory/directory_src.go generated vendored
View file

@ -55,7 +55,11 @@ func (s *dirImageSource) Close() error {
// If instanceDigest is not nil, it contains a digest of the specific manifest instance to retrieve (when the primary manifest is a manifest list);
// this never happens if the primary manifest is not a manifest list (e.g. if the source never returns manifest lists).
func (s *dirImageSource) GetManifest(ctx context.Context, instanceDigest *digest.Digest) ([]byte, string, error) {
m, err := os.ReadFile(s.ref.manifestPath(instanceDigest))
path, err := s.ref.manifestPath(instanceDigest)
if err != nil {
return nil, "", err
}
m, err := os.ReadFile(path)
if err != nil {
return nil, "", err
}
@ -66,7 +70,11 @@ func (s *dirImageSource) GetManifest(ctx context.Context, instanceDigest *digest
// The Digest field in BlobInfo is guaranteed to be provided, Size may be -1 and MediaType may be optionally provided.
// May update BlobInfoCache, preferably after it knows for certain that a blob truly exists at a specific location.
func (s *dirImageSource) GetBlob(ctx context.Context, info types.BlobInfo, cache types.BlobInfoCache) (io.ReadCloser, int64, error) {
r, err := os.Open(s.ref.layerPath(info.Digest))
path, err := s.ref.layerPath(info.Digest)
if err != nil {
return nil, -1, err
}
r, err := os.Open(path)
if err != nil {
return nil, -1, err
}
@ -84,7 +92,10 @@ func (s *dirImageSource) GetBlob(ctx context.Context, info types.BlobInfo, cache
func (s *dirImageSource) GetSignaturesWithFormat(ctx context.Context, instanceDigest *digest.Digest) ([]signature.Signature, error) {
signatures := []signature.Signature{}
for i := 0; ; i++ {
path := s.ref.signaturePath(i, instanceDigest)
path, err := s.ref.signaturePath(i, instanceDigest)
if err != nil {
return nil, err
}
sigBlob, err := os.ReadFile(path)
if err != nil {
if os.IsNotExist(err) {

25
vendor/github.com/containers/image/v5/directory/directory_transport.go generated vendored
View file

@ -161,25 +161,34 @@ func (ref dirReference) DeleteImage(ctx context.Context, sys *types.SystemContex
}
// manifestPath returns a path for the manifest within a directory using our conventions.
func (ref dirReference) manifestPath(instanceDigest *digest.Digest) string {
func (ref dirReference) manifestPath(instanceDigest *digest.Digest) (string, error) {
if instanceDigest != nil {
return filepath.Join(ref.path, instanceDigest.Encoded()+".manifest.json")
if err := instanceDigest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, and could possibly result in a path with ../, so validate explicitly.
return "", err
}
return filepath.Join(ref.path, instanceDigest.Encoded()+".manifest.json"), nil
}
return filepath.Join(ref.path, "manifest.json")
return filepath.Join(ref.path, "manifest.json"), nil
}
// layerPath returns a path for a layer tarball within a directory using our conventions.
func (ref dirReference) layerPath(digest digest.Digest) string {
func (ref dirReference) layerPath(digest digest.Digest) (string, error) {
if err := digest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, and could possibly result in a path with ../, so validate explicitly.
return "", err
}
// FIXME: Should we keep the digest identification?
return filepath.Join(ref.path, digest.Encoded())
return filepath.Join(ref.path, digest.Encoded()), nil
}
// signaturePath returns a path for a signature within a directory using our conventions.
func (ref dirReference) signaturePath(index int, instanceDigest *digest.Digest) string {
func (ref dirReference) signaturePath(index int, instanceDigest *digest.Digest) (string, error) {
if instanceDigest != nil {
return filepath.Join(ref.path, fmt.Sprintf(instanceDigest.Encoded()+".signature-%d", index+1))
if err := instanceDigest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, and could possibly result in a path with ../, so validate explicitly.
return "", err
}
return filepath.Join(ref.path, fmt.Sprintf(instanceDigest.Encoded()+".signature-%d", index+1)), nil
}
return filepath.Join(ref.path, fmt.Sprintf("signature-%d", index+1))
return filepath.Join(ref.path, fmt.Sprintf("signature-%d", index+1)), nil
}
// versionPath returns a path for the version file within a directory using our conventions.

20
vendor/github.com/containers/image/v5/docker/docker_client.go generated vendored
View file

@ -952,6 +952,8 @@ func (c *dockerClient) detectProperties(ctx context.Context) error {
return c.detectPropertiesError
}
// fetchManifest fetches a manifest for (the repo of ref) + tagOrDigest.
// The caller is responsible for ensuring tagOrDigest uses the expected format.
func (c *dockerClient) fetchManifest(ctx context.Context, ref dockerReference, tagOrDigest string) ([]byte, string, error) {
path := fmt.Sprintf(manifestPath, reference.Path(ref.ref), tagOrDigest)
headers := map[string][]string{
@ -1035,6 +1037,9 @@ func (c *dockerClient) getBlob(ctx context.Context, ref dockerReference, info ty
}
}
if err := info.Digest.Validate(); err != nil { // Make sure info.Digest.String() does not contain any unexpected characters
return nil, 0, err
}
path := fmt.Sprintf(blobsPath, reference.Path(ref.ref), info.Digest.String())
logrus.Debugf("Downloading %s", path)
res, err := c.makeRequest(ctx, http.MethodGet, path, nil, nil, v2Auth, nil)
@ -1098,7 +1103,10 @@ func isManifestUnknownError(err error) bool {
// digest in ref.
// It returns (nil, nil) if the manifest does not exist.
func (c *dockerClient) getSigstoreAttachmentManifest(ctx context.Context, ref dockerReference, digest digest.Digest) (*manifest.OCI1, error) {
tag := sigstoreAttachmentTag(digest)
tag, err := sigstoreAttachmentTag(digest)
if err != nil {
return nil, err
}
sigstoreRef, err := reference.WithTag(reference.TrimNamed(ref.ref), tag)
if err != nil {
return nil, err
@ -1131,6 +1139,9 @@ func (c *dockerClient) getSigstoreAttachmentManifest(ctx context.Context, ref do
// getExtensionsSignatures returns signatures from the X-Registry-Supports-Signatures API extension,
// using the original data structures.
func (c *dockerClient) getExtensionsSignatures(ctx context.Context, ref dockerReference, manifestDigest digest.Digest) (*extensionSignatureList, error) {
if err := manifestDigest.Validate(); err != nil { // Make sure manifestDigest.String() does not contain any unexpected characters
return nil, err
}
path := fmt.Sprintf(extensionsSignaturePath, reference.Path(ref.ref), manifestDigest)
res, err := c.makeRequest(ctx, http.MethodGet, path, nil, nil, v2Auth, nil)
if err != nil {
@ -1154,8 +1165,11 @@ func (c *dockerClient) getExtensionsSignatures(ctx context.Context, ref dockerRe
}
// sigstoreAttachmentTag returns a sigstore attachment tag for the specified digest.
func sigstoreAttachmentTag(d digest.Digest) string {
return strings.Replace(d.String(), ":", "-", 1) + ".sig"
func sigstoreAttachmentTag(d digest.Digest) (string, error) {
if err := d.Validate(); err != nil { // Make sure d.String() doesnt contain any unexpected characters
return "", err
}
return strings.Replace(d.String(), ":", "-", 1) + ".sig", nil
}
// Close removes resources associated with an initialized dockerClient, if any.

7
vendor/github.com/containers/image/v5/docker/docker_image.go generated vendored
View file

@ -88,7 +88,12 @@ func GetRepositoryTags(ctx context.Context, sys *types.SystemContext, ref types.
if err = json.NewDecoder(res.Body).Decode(&tagsHolder); err != nil {
return nil, err
}
tags = append(tags, tagsHolder.Tags...)
for _, tag := range tagsHolder.Tags {
if _, err := reference.WithTag(dr.ref, tag); err != nil { // Ensure the tag does not contain unexpected values
return nil, fmt.Errorf("registry returned invalid tag %q: %w", tag, err)
}
tags = append(tags, tag)
}
link := res.Header.Get("Link")
if link == "" {

22
vendor/github.com/containers/image/v5/docker/docker_image_dest.go generated vendored
View file

@ -230,6 +230,9 @@ func (d *dockerImageDestination) PutBlobWithOptions(ctx context.Context, stream
// If the destination does not contain the blob, or it is unknown, blobExists ordinarily returns (false, -1, nil);
// it returns a non-nil error only on an unexpected failure.
func (d *dockerImageDestination) blobExists(ctx context.Context, repo reference.Named, digest digest.Digest, extraScope *authScope) (bool, int64, error) {
if err := digest.Validate(); err != nil { // Make sure digest.String() does not contain any unexpected characters
return false, -1, err
}
checkPath := fmt.Sprintf(blobsPath, reference.Path(repo), digest.String())
logrus.Debugf("Checking %s", checkPath)
res, err := d.c.makeRequest(ctx, http.MethodHead, checkPath, nil, nil, v2Auth, extraScope)
@ -469,6 +472,7 @@ func (d *dockerImageDestination) PutManifest(ctx context.Context, m []byte, inst
// particular instance.
refTail = instanceDigest.String()
// Double-check that the manifest we've been given matches the digest we've been given.
// This also validates the format of instanceDigest.
matches, err := manifest.MatchesDigest(m, *instanceDigest)
if err != nil {
return fmt.Errorf("digesting manifest in PutManifest: %w", err)
@ -635,11 +639,13 @@ func (d *dockerImageDestination) putSignaturesToLookaside(signatures []signature
// NOTE: Keep this in sync with docs/signature-protocols.md!
for i, signature := range signatures {
sigURL := lookasideStorageURL(d.c.signatureBase, manifestDigest, i)
err := d.putOneSignature(sigURL, signature)
sigURL, err := lookasideStorageURL(d.c.signatureBase, manifestDigest, i)
if err != nil {
return err
}
if err := d.putOneSignature(sigURL, signature); err != nil {
return err
}
}
// Remove any other signatures, if present.
// We stop at the first missing signature; if a previous deleting loop aborted
@ -647,7 +653,10 @@ func (d *dockerImageDestination) putSignaturesToLookaside(signatures []signature
// is enough for dockerImageSource to stop looking for other signatures, so that
// is sufficient.
for i := len(signatures); ; i++ {
sigURL := lookasideStorageURL(d.c.signatureBase, manifestDigest, i)
sigURL, err := lookasideStorageURL(d.c.signatureBase, manifestDigest, i)
if err != nil {
return err
}
missing, err := d.c.deleteOneSignature(sigURL)
if err != nil {
return err
@ -778,8 +787,12 @@ func (d *dockerImageDestination) putSignaturesToSigstoreAttachments(ctx context.
if err != nil {
return err
}
attachmentTag, err := sigstoreAttachmentTag(manifestDigest)
if err != nil {
return err
}
logrus.Debugf("Uploading sigstore attachment manifest")
return d.uploadManifest(ctx, manifestBlob, sigstoreAttachmentTag(manifestDigest))
return d.uploadManifest(ctx, manifestBlob, attachmentTag)
}
func layerMatchesSigstoreSignature(layer imgspecv1.Descriptor, mimeType string,
@ -895,6 +908,7 @@ func (d *dockerImageDestination) putSignaturesToAPIExtension(ctx context.Context
return err
}
// manifestDigest is known to be valid because it was not rejected by getExtensionsSignatures above.
path := fmt.Sprintf(extensionsSignaturePath, reference.Path(d.ref.ref), manifestDigest.String())
res, err := d.c.makeRequest(ctx, http.MethodPut, path, nil, bytes.NewReader(body), v2Auth, nil)
if err != nil {

18
vendor/github.com/containers/image/v5/docker/docker_image_src.go generated vendored
View file

@ -194,6 +194,9 @@ func simplifyContentType(contentType string) string {
// this never happens if the primary manifest is not a manifest list (e.g. if the source never returns manifest lists).
func (s *dockerImageSource) GetManifest(ctx context.Context, instanceDigest *digest.Digest) ([]byte, string, error) {
if instanceDigest != nil {
if err := instanceDigest.Validate(); err != nil { // Make sure instanceDigest.String() does not contain any unexpected characters
return nil, "", err
}
return s.fetchManifest(ctx, instanceDigest.String())
}
err := s.ensureManifestIsLoaded(ctx)
@ -203,6 +206,8 @@ func (s *dockerImageSource) GetManifest(ctx context.Context, instanceDigest *dig
return s.cachedManifest, s.cachedManifestMIMEType, nil
}
// fetchManifest fetches a manifest for tagOrDigest.
// The caller is responsible for ensuring tagOrDigest uses the expected format.
func (s *dockerImageSource) fetchManifest(ctx context.Context, tagOrDigest string) ([]byte, string, error) {
return s.c.fetchManifest(ctx, s.physicalRef, tagOrDigest)
}
@ -352,6 +357,9 @@ func (s *dockerImageSource) GetBlobAt(ctx context.Context, info types.BlobInfo,
return nil, nil, fmt.Errorf("external URLs not supported with GetBlobAt")
}
if err := info.Digest.Validate(); err != nil { // Make sure info.Digest.String() does not contain any unexpected characters
return nil, nil, err
}
path := fmt.Sprintf(blobsPath, reference.Path(s.physicalRef.ref), info.Digest.String())
logrus.Debugf("Downloading %s", path)
res, err := s.c.makeRequest(ctx, http.MethodGet, path, headers, nil, v2Auth, nil)
@ -462,7 +470,10 @@ func (s *dockerImageSource) getSignaturesFromLookaside(ctx context.Context, inst
return nil, fmt.Errorf("server provided %d signatures, assuming that's unreasonable and a server error", maxLookasideSignatures)
}
sigURL := lookasideStorageURL(s.c.signatureBase, manifestDigest, i)
sigURL, err := lookasideStorageURL(s.c.signatureBase, manifestDigest, i)
if err != nil {
return nil, err
}
signature, missing, err := s.getOneSignature(ctx, sigURL)
if err != nil {
return nil, err
@ -660,7 +671,10 @@ func deleteImage(ctx context.Context, sys *types.SystemContext, ref dockerRefere
}
for i := 0; ; i++ {
sigURL := lookasideStorageURL(c.signatureBase, manifestDigest, i)
sigURL, err := lookasideStorageURL(c.signatureBase, manifestDigest, i)
if err != nil {
return err
}
missing, err := c.deleteOneSignature(sigURL)
if err != nil {
return err

12
vendor/github.com/containers/image/v5/docker/internal/tarfile/dest.go generated vendored
View file

@ -111,11 +111,19 @@ func (d *Destination) PutBlobWithOptions(ctx context.Context, stream io.Reader,
return private.UploadedBlob{}, fmt.Errorf("reading Config file stream: %w", err)
}
d.config = buf
if err := d.archive.sendFileLocked(d.archive.configPath(inputInfo.Digest), inputInfo.Size, bytes.NewReader(buf)); err != nil {
configPath, err := d.archive.configPath(inputInfo.Digest)
if err != nil {
return private.UploadedBlob{}, err
}
if err := d.archive.sendFileLocked(configPath, inputInfo.Size, bytes.NewReader(buf)); err != nil {
return private.UploadedBlob{}, fmt.Errorf("writing Config file: %w", err)
}
} else {
if err := d.archive.sendFileLocked(d.archive.physicalLayerPath(inputInfo.Digest), inputInfo.Size, stream); err != nil {
layerPath, err := d.archive.physicalLayerPath(inputInfo.Digest)
if err != nil {
return private.UploadedBlob{}, err
}
if err := d.archive.sendFileLocked(layerPath, inputInfo.Size, stream); err != nil {
return private.UploadedBlob{}, err
}
}

34
vendor/github.com/containers/image/v5/docker/internal/tarfile/writer.go generated vendored
View file

@ -95,7 +95,10 @@ func (w *Writer) ensureSingleLegacyLayerLocked(layerID string, layerDigest diges
if !w.legacyLayers.Contains(layerID) {
// Create a symlink for the legacy format, where there is one subdirectory per layer ("image").
// See also the comment in physicalLayerPath.
physicalLayerPath := w.physicalLayerPath(layerDigest)
physicalLayerPath, err := w.physicalLayerPath(layerDigest)
if err != nil {
return err
}
if err := w.sendSymlinkLocked(filepath.Join(layerID, legacyLayerFileName), filepath.Join("..", physicalLayerPath)); err != nil {
return fmt.Errorf("creating layer symbolic link: %w", err)
}
@ -139,6 +142,9 @@ func (w *Writer) writeLegacyMetadataLocked(layerDescriptors []manifest.Schema2De
}
// This chainID value matches the computation in docker/docker/layer.CreateChainID …
if err := l.Digest.Validate(); err != nil { // This should never fail on this code path, still: make sure the chainID computation is unambiguous.
return err
}
if chainID == "" {
chainID = l.Digest
} else {
@ -204,12 +210,20 @@ func checkManifestItemsMatch(a, b *ManifestItem) error {
func (w *Writer) ensureManifestItemLocked(layerDescriptors []manifest.Schema2Descriptor, configDigest digest.Digest, repoTags []reference.NamedTagged) error {
layerPaths := []string{}
for _, l := range layerDescriptors {
layerPaths = append(layerPaths, w.physicalLayerPath(l.Digest))
p, err := w.physicalLayerPath(l.Digest)
if err != nil {
return err
}
layerPaths = append(layerPaths, p)
}
var item *ManifestItem
configPath, err := w.configPath(configDigest)
if err != nil {
return err
}
newItem := ManifestItem{
Config: w.configPath(configDigest),
Config: configPath,
RepoTags: []string{},
Layers: layerPaths,
Parent: "", // We dont have this information
@ -294,21 +308,27 @@ func (w *Writer) Close() error {
// configPath returns a path we choose for storing a config with the specified digest.
// NOTE: This is an internal implementation detail, not a format property, and can change
// any time.
func (w *Writer) configPath(configDigest digest.Digest) string {
return configDigest.Hex() + ".json"
func (w *Writer) configPath(configDigest digest.Digest) (string, error) {
if err := configDigest.Validate(); err != nil { // digest.Digest.Hex() panics on failure, and could possibly result in unexpected paths, so validate explicitly.
return "", err
}
return configDigest.Hex() + ".json", nil
}
// physicalLayerPath returns a path we choose for storing a layer with the specified digest
// (the actual path, i.e. a regular file, not a symlink that may be used in the legacy format).
// NOTE: This is an internal implementation detail, not a format property, and can change
// any time.
func (w *Writer) physicalLayerPath(layerDigest digest.Digest) string {
func (w *Writer) physicalLayerPath(layerDigest digest.Digest) (string, error) {
if err := layerDigest.Validate(); err != nil { // digest.Digest.Hex() panics on failure, and could possibly result in unexpected paths, so validate explicitly.
return "", err
}
// Note that this can't be e.g. filepath.Join(l.Digest.Hex(), legacyLayerFileName); due to the way
// writeLegacyMetadata constructs layer IDs differently from inputinfo.Digest values (as described
// inside it), most of the layers would end up in subdirectories alone without any metadata; (docker load)
// tries to load every subdirectory as an image and fails if the config is missing. So, keep the layers
// in the root of the tarball.
return layerDigest.Hex() + ".tar"
return layerDigest.Hex() + ".tar", nil
}
type tarFI struct {

7
vendor/github.com/containers/image/v5/docker/registries_d.go generated vendored
View file

@ -286,8 +286,11 @@ func (ns registryNamespace) signatureTopLevel(write bool) string {
// lookasideStorageURL returns an URL usable for accessing signature index in base with known manifestDigest.
// base is not nil from the caller
// NOTE: Keep this in sync with docs/signature-protocols.md!
func lookasideStorageURL(base lookasideStorageBase, manifestDigest digest.Digest, index int) *url.URL {
func lookasideStorageURL(base lookasideStorageBase, manifestDigest digest.Digest, index int) (*url.URL, error) {
if err := manifestDigest.Validate(); err != nil { // digest.Digest.Hex() panics on failure, and could possibly result in a path with ../, so validate explicitly.
return nil, err
}
sigURL := *base
sigURL.Path = fmt.Sprintf("%s@%s=%s/signature-%d", sigURL.Path, manifestDigest.Algorithm(), manifestDigest.Hex(), index+1)
return &sigURL
return &sigURL, nil
}

3
vendor/github.com/containers/image/v5/openshift/openshift_src.go generated vendored
View file

@ -109,6 +109,9 @@ func (s *openshiftImageSource) GetSignaturesWithFormat(ctx context.Context, inst
}
imageStreamImageName = s.imageStreamImageName
} else {
if err := instanceDigest.Validate(); err != nil { // Make sure instanceDigest.String() does not contain any unexpected characters
return nil, err
}
imageStreamImageName = instanceDigest.String()
}
image, err := s.client.getImage(ctx, imageStreamImageName)

10
vendor/github.com/containers/image/v5/ostree/ostree_dest.go generated vendored
View file

@ -345,6 +345,10 @@ func (d *ostreeImageDestination) TryReusingBlobWithOptions(ctx context.Context,
}
d.repo = repo
}
if err := info.Digest.Validate(); err != nil { // digest.Digest.Hex() panics on failure, so validate explicitly.
return false, private.ReusedBlob{}, err
}
branch := fmt.Sprintf("ociimage/%s", info.Digest.Hex())
found, data, err := readMetadata(d.repo, branch, "docker.uncompressed_digest")
@ -470,12 +474,18 @@ func (d *ostreeImageDestination) Commit(context.Context, types.UnparsedImage) er
return nil
}
for _, layer := range d.schema.LayersDescriptors {
if err := layer.Digest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, so validate explicitly.
return err
}
hash := layer.Digest.Hex()
if err = checkLayer(hash); err != nil {
return err
}
}
for _, layer := range d.schema.FSLayers {
if err := layer.BlobSum.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, so validate explicitly.
return err
}
hash := layer.BlobSum.Hex()
if err = checkLayer(hash); err != nil {
return err

4
vendor/github.com/containers/image/v5/ostree/ostree_src.go generated vendored
View file

@ -286,7 +286,9 @@ func (s *ostreeImageSource) readSingleFile(commit, path string) (io.ReadCloser,
// The Digest field in BlobInfo is guaranteed to be provided, Size may be -1 and MediaType may be optionally provided.
// May update BlobInfoCache, preferably after it knows for certain that a blob truly exists at a specific location.
func (s *ostreeImageSource) GetBlob(ctx context.Context, info types.BlobInfo, cache types.BlobInfoCache) (io.ReadCloser, int64, error) {
if err := info.Digest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, so validate explicitly.
return nil, -1, err
}
blob := info.Digest.Hex()
// Ensure s.compressed is initialized. It is build by LayerInfosForCopy.

42
vendor/github.com/containers/image/v5/storage/storage_dest.go generated vendored
View file

@ -361,6 +361,18 @@ func (s *storageImageDestination) TryReusingBlobWithOptions(ctx context.Context,
// tryReusingBlobAsPending implements TryReusingBlobWithOptions for (blobDigest, size or -1), filling s.blobDiffIDs and other metadata.
// The caller must arrange the blob to be eventually committed using s.commitLayer().
func (s *storageImageDestination) tryReusingBlobAsPending(blobDigest digest.Digest, size int64, options *private.TryReusingBlobOptions) (bool, private.ReusedBlob, error) {
if blobDigest == "" {
return false, private.ReusedBlob{}, errors.New(`Can not check for a blob with unknown digest`)
}
if err := blobDigest.Validate(); err != nil {
return false, private.ReusedBlob{}, fmt.Errorf("Can not check for a blob with invalid digest: %w", err)
}
if options.TOCDigest != "" {
if err := options.TOCDigest.Validate(); err != nil {
return false, private.ReusedBlob{}, fmt.Errorf("Can not check for a blob with invalid digest: %w", err)
}
}
// lock the entire method as it executes fairly quickly
s.lock.Lock()
defer s.lock.Unlock()
@ -380,18 +392,6 @@ func (s *storageImageDestination) tryReusingBlobAsPending(blobDigest digest.Dige
}
}
if blobDigest == "" {
return false, private.ReusedBlob{}, errors.New(`Can not check for a blob with unknown digest`)
}
if err := blobDigest.Validate(); err != nil {
return false, private.ReusedBlob{}, fmt.Errorf("Can not check for a blob with invalid digest: %w", err)
}
if options.TOCDigest != "" {
if err := options.TOCDigest.Validate(); err != nil {
return false, private.ReusedBlob{}, fmt.Errorf("Can not check for a blob with invalid digest: %w", err)
}
}
// Check if we have a wasn't-compressed layer in storage that's based on that blob.
// Check if we've already cached it in a file.
@ -1070,8 +1070,12 @@ func (s *storageImageDestination) Commit(ctx context.Context, unparsedToplevel t
if err != nil {
return fmt.Errorf("digesting top-level manifest: %w", err)
}
key, err := manifestBigDataKey(manifestDigest)
if err != nil {
return err
}
options.BigData = append(options.BigData, storage.ImageBigDataOption{
Key: manifestBigDataKey(manifestDigest),
Key: key,
Data: toplevelManifest,
Digest: manifestDigest,
})
@ -1079,8 +1083,12 @@ func (s *storageImageDestination) Commit(ctx context.Context, unparsedToplevel t
// Set up to save the image's manifest. Allow looking it up by digest by using the key convention defined by the Store.
// Record the manifest twice: using a digest-specific key to allow references to that specific digest instance,
// and using storage.ImageDigestBigDataKey for future users that dont specify any digest and for compatibility with older readers.
key, err := manifestBigDataKey(s.manifestDigest)
if err != nil {
return err
}
options.BigData = append(options.BigData, storage.ImageBigDataOption{
Key: manifestBigDataKey(s.manifestDigest),
Key: key,
Data: s.manifest,
Digest: s.manifestDigest,
})
@ -1098,8 +1106,12 @@ func (s *storageImageDestination) Commit(ctx context.Context, unparsedToplevel t
})
}
for instanceDigest, signatures := range s.signatureses {
key, err := signatureBigDataKey(instanceDigest)
if err != nil {
return err
}
options.BigData = append(options.BigData, storage.ImageBigDataOption{
Key: signatureBigDataKey(instanceDigest),
Key: key,
Data: signatures,
Digest: digest.Canonical.FromBytes(signatures),
})

14
vendor/github.com/containers/image/v5/storage/storage_image.go generated vendored
View file

@ -21,14 +21,20 @@ var (
// manifestBigDataKey returns a key suitable for recording a manifest with the specified digest using storage.Store.ImageBigData and related functions.
// If a specific manifest digest is explicitly requested by the user, the key returned by this function should be used preferably;
// for compatibility, if a manifest is not available under this key, check also storage.ImageDigestBigDataKey
func manifestBigDataKey(digest digest.Digest) string {
return storage.ImageDigestManifestBigDataNamePrefix + "-" + digest.String()
func manifestBigDataKey(digest digest.Digest) (string, error) {
if err := digest.Validate(); err != nil { // Make sure info.Digest.String() uses the expected format and does not collide with other BigData keys.
return "", err
}
return storage.ImageDigestManifestBigDataNamePrefix + "-" + digest.String(), nil
}
// signatureBigDataKey returns a key suitable for recording the signatures associated with the manifest with the specified digest using storage.Store.ImageBigData and related functions.
// If a specific manifest digest is explicitly requested by the user, the key returned by this function should be used preferably;
func signatureBigDataKey(digest digest.Digest) string {
return "signature-" + digest.Encoded()
func signatureBigDataKey(digest digest.Digest) (string, error) {
if err := digest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, so validate explicitly.
return "", err
}
return "signature-" + digest.Encoded(), nil
}
// storageImageMetadata is stored, as JSON, in storage.Image.Metadata

10
vendor/github.com/containers/image/v5/storage/storage_reference.go generated vendored
View file

@ -73,7 +73,10 @@ func multiArchImageMatchesSystemContext(store storage.Store, img *storage.Image,
// We don't need to care about storage.ImageDigestBigDataKey because
// manifests lists are only stored into storage by c/image versions
// that know about manifestBigDataKey, and only using that key.
key := manifestBigDataKey(manifestDigest)
key, err := manifestBigDataKey(manifestDigest)
if err != nil {
return false // This should never happen, manifestDigest comes from a reference.Digested, and that validates the format.
}
manifestBytes, err := store.ImageBigData(img.ID, key)
if err != nil {
return false
@ -95,7 +98,10 @@ func multiArchImageMatchesSystemContext(store storage.Store, img *storage.Image,
if err != nil {
return false
}
key = manifestBigDataKey(chosenInstance)
key, err = manifestBigDataKey(chosenInstance)
if err != nil {
return false
}
_, err = store.ImageBigData(img.ID, key)
return err == nil // true if img.ID is based on chosenInstance.
}

19
vendor/github.com/containers/image/v5/storage/storage_src.go generated vendored
View file

@ -237,7 +237,10 @@ func (s *storageImageSource) getBlobAndLayerID(digest digest.Digest, layers []st
// GetManifest() reads the image's manifest.
func (s *storageImageSource) GetManifest(ctx context.Context, instanceDigest *digest.Digest) (manifestBlob []byte, mimeType string, err error) {
if instanceDigest != nil {
key := manifestBigDataKey(*instanceDigest)
key, err := manifestBigDataKey(*instanceDigest)
if err != nil {
return nil, "", err
}
blob, err := s.imageRef.transport.store.ImageBigData(s.image.ID, key)
if err != nil {
return nil, "", fmt.Errorf("reading manifest for image instance %q: %w", *instanceDigest, err)
@ -249,7 +252,10 @@ func (s *storageImageSource) GetManifest(ctx context.Context, instanceDigest *di
// Prefer the manifest corresponding to the user-specified digest, if available.
if s.imageRef.named != nil {
if digested, ok := s.imageRef.named.(reference.Digested); ok {
key := manifestBigDataKey(digested.Digest())
key, err := manifestBigDataKey(digested.Digest())
if err != nil {
return nil, "", err
}
blob, err := s.imageRef.transport.store.ImageBigData(s.image.ID, key)
if err != nil && !os.IsNotExist(err) { // os.IsNotExist is true if the image exists but there is no data corresponding to key
return nil, "", err
@ -385,7 +391,14 @@ func (s *storageImageSource) GetSignaturesWithFormat(ctx context.Context, instan
instance := "default instance"
if instanceDigest != nil {
signatureSizes = s.metadata.SignaturesSizes[*instanceDigest]
key = signatureBigDataKey(*instanceDigest)
k, err := signatureBigDataKey(*instanceDigest)
if err != nil {
return nil, err
}
key = k
if err := instanceDigest.Validate(); err != nil { // digest.Digest.Encoded() panics on failure, so validate explicitly.
return nil, err
}
instance = instanceDigest.Encoded()
}
if len(signatureSizes) > 0 {

2
vendor/github.com/containers/image/v5/version/version.go generated vendored
View file

@ -8,7 +8,7 @@ const (
// VersionMinor is for functionality in a backwards-compatible manner
VersionMinor = 30
// VersionPatch is for backwards-compatible bug fixes
VersionPatch = 0
VersionPatch = 1
// VersionDev indicates development branch. Releases will be empty string.
VersionDev = ""

2
vendor/github.com/googleapis/gax-go/v2/.release-please-manifest.json generated vendored
View file

@ -1,3 +1,3 @@
{
"v2": "2.12.3"
"v2": "2.12.4"
}

7
vendor/github.com/googleapis/gax-go/v2/CHANGES.md generated vendored
View file

@ -1,5 +1,12 @@
# Changelog
## [2.12.4](https://github.com/googleapis/gax-go/compare/v2.12.3...v2.12.4) (2024-05-03)
### Bug Fixes
* provide unmarshal options for streams ([#343](https://github.com/googleapis/gax-go/issues/343)) ([ddf9a90](https://github.com/googleapis/gax-go/commit/ddf9a90bf180295d49875e15cb80b2136a49dbaf))
## [2.12.3](https://github.com/googleapis/gax-go/compare/v2.12.2...v2.12.3) (2024-03-14)

2
vendor/github.com/googleapis/gax-go/v2/internal/version.go generated vendored
View file

@ -30,4 +30,4 @@
package internal
// Version is the current tagged release of the library.
const Version = "2.12.3"
const Version = "2.12.4"

3
vendor/github.com/googleapis/gax-go/v2/proto_json_stream.go generated vendored
View file

@ -111,7 +111,8 @@ func (s *ProtoJSONStream) Recv() (proto.Message, error) {
// Initialize a new instance of the protobuf message to unmarshal the
// raw data into.
m := s.typ.New().Interface()
err := protojson.Unmarshal(raw, m)
unm := protojson.UnmarshalOptions{AllowPartial: true, DiscardUnknown: true}
err := unm.Unmarshal(raw, m)
return m, err
}

1
vendor/github.com/hashicorp/go-retryablehttp/.go-version generated vendored Normal file
View file

@ -0,0 +1 @@
1.22.2

20
vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md generated vendored
View file

@ -1,14 +1,26 @@
## 0.7.6 (May 9, 2024)
ENHANCEMENTS:
- client: support a `RetryPrepare` function for modifying the request before retrying (#216)
- client: support HTTP-date values for `Retry-After` header value (#138)
- client: avoid reading entire body when the body is a `*bytes.Reader` (#197)
BUG FIXES:
- client: fix a broken check for invalid server certificate in go 1.20+ (#210)
## 0.7.5 (Nov 8, 2023)
BUG FIXES
BUG FIXES:
- client: fixes an issue where the request body is not preserved on temporary redirects or re-established HTTP/2 connections [GH-207]
- client: fixes an issue where the request body is not preserved on temporary redirects or re-established HTTP/2 connections (#207)
## 0.7.4 (Jun 6, 2023)
BUG FIXES
BUG FIXES:
- client: fixing an issue where the Content-Type header wouldn't be sent with an empty payload when using HTTP/2 [GH-194]
- client: fixing an issue where the Content-Type header wouldn't be sent with an empty payload when using HTTP/2 (#194)
## 0.7.3 (May 15, 2023)

2
vendor/github.com/hashicorp/go-retryablehttp/CODEOWNERS generated vendored
View file

@ -1 +1 @@
* @hashicorp/release-engineering
* @hashicorp/go-retryablehttp-maintainers

2
vendor/github.com/hashicorp/go-retryablehttp/Makefile generated vendored
View file

@ -2,7 +2,7 @@ default: test
test:
go vet ./...
go test -race ./...
go test -v -race ./...
updatedeps:
go get -f -t -u ./...

2
vendor/github.com/hashicorp/go-retryablehttp/README.md generated vendored
View file

@ -59,4 +59,4 @@ standardClient := retryClient.StandardClient() // *http.Client
```
For more usage and examples see the
[godoc](http://godoc.org/github.com/hashicorp/go-retryablehttp).
[pkg.go.dev](https://pkg.go.dev/github.com/hashicorp/go-retryablehttp).

14
vendor/github.com/hashicorp/go-retryablehttp/cert_error_go119.go generated vendored Normal file
View file

@ -0,0 +1,14 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
//go:build !go1.20
// +build !go1.20
package retryablehttp
import "crypto/x509"
func isCertError(err error) bool {
_, ok := err.(x509.UnknownAuthorityError)
return ok
}

14
vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go generated vendored Normal file
View file

@ -0,0 +1,14 @@
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
//go:build go1.20
// +build go1.20
package retryablehttp
import "crypto/tls"
func isCertError(err error) bool {
_, ok := err.(*tls.CertificateVerificationError)
return ok
}

104
vendor/github.com/hashicorp/go-retryablehttp/client.go generated vendored
View file

@ -27,10 +27,8 @@ package retryablehttp
import (
"bytes"
"context"
"crypto/x509"
"fmt"
"io"
"io/ioutil"
"log"
"math"
"math/rand"
@ -63,6 +61,10 @@ var (
// limit the size we consume to respReadLimit.
respReadLimit = int64(4096)
// timeNow sets the function that returns the current time.
// This defaults to time.Now. Changes to this should only be done in tests.
timeNow = time.Now
// A regular expression to match the error returned by net/http when the
// configured number of redirects is exhausted. This error isn't typed
// specifically so we resort to matching on the error string.
@ -73,6 +75,11 @@ var (
// specifically so we resort to matching on the error string.
schemeErrorRe = regexp.MustCompile(`unsupported protocol scheme`)
// A regular expression to match the error returned by net/http when a
// request header or value is invalid. This error isn't typed
// specifically so we resort to matching on the error string.
invalidHeaderErrorRe = regexp.MustCompile(`invalid header`)
// A regular expression to match the error returned by net/http when the
// TLS certificate is not trusted. This error isn't typed
// specifically so we resort to matching on the error string.
@ -248,21 +255,19 @@ func getBodyReaderAndContentLength(rawBody interface{}) (ReaderFunc, int64, erro
// deal with it seeking so want it to match here instead of the
// io.ReadSeeker case.
case *bytes.Reader:
buf, err := ioutil.ReadAll(body)
if err != nil {
return nil, 0, err
}
snapshot := *body
bodyReader = func() (io.Reader, error) {
return bytes.NewReader(buf), nil
r := snapshot
return &r, nil
}
contentLength = int64(len(buf))
contentLength = int64(body.Len())
// Compat case
case io.ReadSeeker:
raw := body
bodyReader = func() (io.Reader, error) {
_, err := raw.Seek(0, 0)
return ioutil.NopCloser(raw), err
return io.NopCloser(raw), err
}
if lr, ok := raw.(LenReader); ok {
contentLength = int64(lr.Len())
@ -270,7 +275,7 @@ func getBodyReaderAndContentLength(rawBody interface{}) (ReaderFunc, int64, erro
// Read all in so we can reset
case io.Reader:
buf, err := ioutil.ReadAll(body)
buf, err := io.ReadAll(body)
if err != nil {
return nil, 0, err
}
@ -393,6 +398,9 @@ type Backoff func(min, max time.Duration, attemptNum int, resp *http.Response) t
// attempted. If overriding this, be sure to close the body if needed.
type ErrorHandler func(resp *http.Response, err error, numTries int) (*http.Response, error)
// PrepareRetry is called before retry operation. It can be used for example to re-sign the request
type PrepareRetry func(req *http.Request) error
// Client is used to make HTTP requests. It adds additional functionality
// like automatic retries to tolerate minor outages.
type Client struct {
@ -421,6 +429,9 @@ type Client struct {
// ErrorHandler specifies the custom error handler to use, if any
ErrorHandler ErrorHandler
// PrepareRetry can prepare the request for retry operation, for example re-sign it
PrepareRetry PrepareRetry
loggerInit sync.Once
clientInit sync.Once
}
@ -494,11 +505,16 @@ func baseRetryPolicy(resp *http.Response, err error) (bool, error) {
return false, v
}
// Don't retry if the error was due to an invalid header.
if invalidHeaderErrorRe.MatchString(v.Error()) {
return false, v
}
// Don't retry if the error was due to TLS cert verification failure.
if notTrustedErrorRe.MatchString(v.Error()) {
return false, v
}
if _, ok := v.Err.(x509.UnknownAuthorityError); ok {
if isCertError(v.Err) {
return false, v
}
}
@ -535,10 +551,8 @@ func baseRetryPolicy(resp *http.Response, err error) (bool, error) {
func DefaultBackoff(min, max time.Duration, attemptNum int, resp *http.Response) time.Duration {
if resp != nil {
if resp.StatusCode == http.StatusTooManyRequests || resp.StatusCode == http.StatusServiceUnavailable {
if s, ok := resp.Header["Retry-After"]; ok {
if sleep, err := strconv.ParseInt(s[0], 10, 64); err == nil {
return time.Second * time.Duration(sleep)
}
if sleep, ok := parseRetryAfterHeader(resp.Header["Retry-After"]); ok {
return sleep
}
}
}
@ -551,6 +565,41 @@ func DefaultBackoff(min, max time.Duration, attemptNum int, resp *http.Response)
return sleep
}
// parseRetryAfterHeader parses the Retry-After header and returns the
// delay duration according to the spec: https://httpwg.org/specs/rfc7231.html#header.retry-after
// The bool returned will be true if the header was successfully parsed.
// Otherwise, the header was either not present, or was not parseable according to the spec.
//
// Retry-After headers come in two flavors: Seconds or HTTP-Date
//
// Examples:
// * Retry-After: Fri, 31 Dec 1999 23:59:59 GMT
// * Retry-After: 120
func parseRetryAfterHeader(headers []string) (time.Duration, bool) {
if len(headers) == 0 || headers[0] == "" {
return 0, false
}
header := headers[0]
// Retry-After: 120
if sleep, err := strconv.ParseInt(header, 10, 64); err == nil {
if sleep < 0 { // a negative sleep doesn't make sense
return 0, false
}
return time.Second * time.Duration(sleep), true
}
// Retry-After: Fri, 31 Dec 1999 23:59:59 GMT
retryTime, err := time.Parse(time.RFC1123, header)
if err != nil {
return 0, false
}
if until := retryTime.Sub(timeNow()); until > 0 {
return until, true
}
// date is in the past
return 0, true
}
// LinearJitterBackoff provides a callback for Client.Backoff which will
// perform linear backoff based on the attempt number and with jitter to
// prevent a thundering herd.
@ -578,13 +627,13 @@ func LinearJitterBackoff(min, max time.Duration, attemptNum int, resp *http.Resp
}
// Seed rand; doing this every time is fine
rand := rand.New(rand.NewSource(int64(time.Now().Nanosecond())))
source := rand.New(rand.NewSource(int64(time.Now().Nanosecond())))
// Pick a random number that lies somewhere between the min and max and
// multiply by the attemptNum. attemptNum starts at zero so we always
// increment here. We first get a random percentage, then apply that to the
// difference between min and max, and add to min.
jitter := rand.Float64() * float64(max-min)
jitter := source.Float64() * float64(max-min)
jitterMin := int64(jitter) + int64(min)
return time.Duration(jitterMin * int64(attemptNum))
}
@ -618,10 +667,10 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
var resp *http.Response
var attempt int
var shouldRetry bool
var doErr, respErr, checkErr error
var doErr, respErr, checkErr, prepareErr error
for i := 0; ; i++ {
doErr, respErr = nil, nil
doErr, respErr, prepareErr = nil, nil, nil
attempt++
// Always rewind the request body when non-nil.
@ -634,7 +683,7 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
if c, ok := body.(io.ReadCloser); ok {
req.Body = c
} else {
req.Body = ioutil.NopCloser(body)
req.Body = io.NopCloser(body)
}
}
@ -728,17 +777,26 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
// without racing against the closeBody call in persistConn.writeLoop.
httpreq := *req.Request
req.Request = &httpreq
if c.PrepareRetry != nil {
if err := c.PrepareRetry(req.Request); err != nil {
prepareErr = err
break
}
}
}
// this is the closest we have to success criteria
if doErr == nil && respErr == nil && checkErr == nil && !shouldRetry {
if doErr == nil && respErr == nil && checkErr == nil && prepareErr == nil && !shouldRetry {
return resp, nil
}
defer c.HTTPClient.CloseIdleConnections()
var err error
if checkErr != nil {
if prepareErr != nil {
err = prepareErr
} else if checkErr != nil {
err = checkErr
} else if respErr != nil {
err = respErr
@ -770,7 +828,7 @@ func (c *Client) Do(req *Request) (*http.Response, error) {
// Try to read the response body so we can reuse this connection.
func (c *Client) drainBody(body io.ReadCloser) {
defer body.Close()
_, err := io.Copy(ioutil.Discard, io.LimitReader(body, respReadLimit))
_, err := io.Copy(io.Discard, io.LimitReader(body, respReadLimit))
if err != nil {
if c.logger() != nil {
switch v := c.logger().(type) {

18
vendor/github.com/osbuild/images/pkg/blueprint/customizations.go generated vendored
View file

@ -387,9 +387,21 @@ func (c *Customizations) GetContainerStorage() *ContainerStorageCustomization {
return c.ContainersStorage
}
func (c *Customizations) GetInstaller() *InstallerCustomization {
func (c *Customizations) GetInstaller() (*InstallerCustomization, error) {
if c == nil || c.Installer == nil {
return nil
return nil, nil
}
return c.Installer
// Validate conflicting customizations: Installer options aren't supported
// when the user adds their own kickstart content
if c.Installer.Kickstart != nil && len(c.Installer.Kickstart.Contents) > 0 {
if c.Installer.Unattended {
return nil, fmt.Errorf("installer.unattended is not allowed when adding custom kickstart contents")
}
if len(c.Installer.SudoNopasswd) > 0 {
return nil, fmt.Errorf("installer.sudo-nopasswd is not allowed when adding custom kickstart contents")
}
}
return c.Installer, nil
}

9
vendor/github.com/osbuild/images/pkg/blueprint/installer_customizations.go generated vendored
View file

@ -1,6 +1,11 @@
package blueprint
type InstallerCustomization struct {
Unattended bool `json:"unattended,omitempty" toml:"unattended,omitempty"`
SudoNopasswd []string `json:"sudo-nopasswd,omitempty" toml:"sudo-nopasswd,omitempty"`
Unattended bool `json:"unattended,omitempty" toml:"unattended,omitempty"`
SudoNopasswd []string `json:"sudo-nopasswd,omitempty" toml:"sudo-nopasswd,omitempty"`
Kickstart *Kickstart `json:"kickstart,omitempty" toml:"kickstart,omitempty"`
}
type Kickstart struct {
Contents string `json:"contents" toml:"contents"`
}

12
vendor/github.com/osbuild/images/pkg/customizations/bootc/bootc.go generated vendored Normal file
View file

@ -0,0 +1,12 @@
package bootc
type Config struct {
// Name of the config file
Filename string
// Filesystem type for the root partition
RootFilesystemType string
// Extra kernel args to append
KernelArgs []string
}

93
vendor/github.com/osbuild/images/pkg/customizations/kickstart/kickstart.go generated vendored Normal file
View file

@ -0,0 +1,93 @@
package kickstart
import (
"fmt"
"github.com/osbuild/images/pkg/blueprint"
"github.com/osbuild/images/pkg/customizations/users"
)
type File struct {
Contents string
}
type OSTree struct {
OSName string
Remote string
}
type Options struct {
// Path where the kickstart file will be created
Path string
// Add kickstart options to make the installation fully unattended
Unattended bool
// Create a sudoers drop-in file for each user or group to enable the
// NOPASSWD option
SudoNopasswd []string
// Kernel options that will be appended to the installed system
// (not the iso)
KernelOptionsAppend []string
// Enable networking on on boot in the installed system
NetworkOnBoot bool
Language *string
Keyboard *string
Timezone *string
// Users to create during installation
Users []users.User
// Groups to create during installation
Groups []users.Group
// ostree-related kickstart options
OSTree *OSTree
// User-defined kickstart files that will be added to the ISO
UserFile *File
}
func New(customizations *blueprint.Customizations) (*Options, error) {
options := &Options{
Users: users.UsersFromBP(customizations.GetUsers()),
Groups: users.GroupsFromBP(customizations.GetGroups()),
}
instCust, err := customizations.GetInstaller()
if err != nil {
return nil, err
}
if instCust != nil {
options.SudoNopasswd = instCust.SudoNopasswd
options.Unattended = instCust.Unattended
if instCust.Kickstart != nil {
options.UserFile = &File{Contents: instCust.Kickstart.Contents}
}
}
if err := options.Validate(); err != nil {
return nil, err
}
return options, nil
}
func (options Options) Validate() error {
if options.UserFile != nil {
// users, groups, and other kickstart options are not allowed when
// users add their own kickstarts
if options.Unattended {
return fmt.Errorf("kickstart unattended options are not compatible with user-supplied kickstart content")
}
if len(options.SudoNopasswd) > 0 {
return fmt.Errorf("kickstart sudo nopasswd drop-in file creation is not compatible with user-supplied kickstart content")
}
if len(options.Users)+len(options.Groups) > 0 {
return fmt.Errorf("kickstart users and/or groups are not compatible with user-supplied kickstart content")
}
}
return nil
}

48
vendor/github.com/osbuild/images/pkg/distro/fedora/images.go generated vendored
View file

@ -8,9 +8,11 @@ import (
"github.com/osbuild/images/internal/workload"
"github.com/osbuild/images/pkg/blueprint"
"github.com/osbuild/images/pkg/container"
"github.com/osbuild/images/pkg/customizations/bootc"
"github.com/osbuild/images/pkg/customizations/fdo"
"github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/customizations/ignition"
"github.com/osbuild/images/pkg/customizations/kickstart"
"github.com/osbuild/images/pkg/customizations/oscap"
"github.com/osbuild/images/pkg/customizations/users"
"github.com/osbuild/images/pkg/distro"
@ -414,7 +416,6 @@ func liveInstallerImage(workload workload.Workload,
d := t.arch.distro
img.Product = d.product
img.OSName = "fedora"
img.Variant = "Workstation"
img.OSVersion = d.osVersion
img.Release = fmt.Sprintf("%s %s", d.product, d.osVersion)
@ -443,12 +444,16 @@ func imageInstallerImage(workload workload.Workload,
img := image.NewAnacondaTarInstaller()
if instCust := customizations.GetInstaller(); instCust != nil {
img.NoPasswd = instCust.SudoNopasswd
img.UnattendedKickstart = instCust.Unattended
var err error
img.Kickstart, err = kickstart.New(customizations)
if err != nil {
return nil, err
}
img.Kickstart.Language = &img.OSCustomizations.Language
img.Kickstart.Keyboard = img.OSCustomizations.Keyboard
img.Kickstart.Timezone = &img.OSCustomizations.Timezone
if img.UnattendedKickstart {
if img.Kickstart.Unattended {
// NOTE: this is not supported right now because the
// image-installer on Fedora isn't working when unattended.
// These options are probably necessary but could change.
@ -461,15 +466,12 @@ func imageInstallerImage(workload workload.Workload,
img.Platform = t.platform
img.Workload = workload
var err error
img.OSCustomizations, err = osCustomizations(t, packageSets[osPkgsKey], containers, bp.Customizations)
if err != nil {
return nil, err
}
img.ExtraBasePackages = packageSets[installerPkgsKey]
img.Users = users.UsersFromBP(customizations.GetUsers())
img.Groups = users.GroupsFromBP(customizations.GetGroups())
img.SquashfsCompression = "lz4"
@ -480,8 +482,6 @@ func imageInstallerImage(workload workload.Workload,
// We don't know the variant that goes into the OS pipeline that gets installed
img.Variant = "Unknown"
img.OSName = "fedora"
img.OSVersion = d.osVersion
img.Release = fmt.Sprintf("%s %s", d.product, d.osVersion)
@ -572,6 +572,10 @@ func bootableContainerImage(workload workload.Workload,
img.Filename = t.Filename()
img.InstallWeakDeps = false
img.BootContainer = true
img.BootcConfig = &bootc.Config{
Filename: "20-fedora.toml",
RootFilesystemType: "ext4",
}
return img, nil
}
@ -643,13 +647,20 @@ func iotInstallerImage(workload workload.Workload,
img.FIPS = customizations.GetFIPS()
img.Platform = t.platform
img.ExtraBasePackages = packageSets[installerPkgsKey]
img.Users = users.UsersFromBP(customizations.GetUsers())
img.Groups = users.GroupsFromBP(customizations.GetGroups())
img.Language, img.Keyboard = customizations.GetPrimaryLocale()
img.Kickstart, err = kickstart.New(customizations)
if err != nil {
return nil, err
}
img.Kickstart.OSTree = &kickstart.OSTree{
OSName: "fedora-iot",
Remote: "fedora-iot",
}
img.Kickstart.Path = osbuild.KickstartPathOSBuild
img.Kickstart.Language, img.Kickstart.Keyboard = customizations.GetPrimaryLocale()
// ignore ntp servers - we don't currently support setting these in the
// kickstart though kickstart does support setting them
img.Timezone, _ = customizations.GetTimezoneSettings()
img.Kickstart.Timezone, _ = customizations.GetTimezoneSettings()
img.AdditionalAnacondaModules = []string{
"org.fedoraproject.Anaconda.Modules.Timezone",
@ -657,17 +668,10 @@ func iotInstallerImage(workload workload.Workload,
"org.fedoraproject.Anaconda.Modules.Users",
}
if instCust := customizations.GetInstaller(); instCust != nil {
img.NoPasswd = instCust.SudoNopasswd
img.UnattendedKickstart = instCust.Unattended
}
img.SquashfsCompression = "lz4"
img.Product = d.product
img.Variant = "IoT"
img.OSName = "fedora-iot"
img.Remote = "fedora-iot"
img.OSVersion = d.osVersion
img.Release = fmt.Sprintf("%s %s", d.product, d.osVersion)
img.Preview = common.VersionGreaterThanOrEqual(img.OSVersion, VERSION_BRANCHED)
@ -780,6 +784,8 @@ func iotSimplifiedInstallerImage(workload workload.Workload,
}
}
img.AdditionalDracutModules = append(img.AdditionalDracutModules, "dbus-broker")
d := t.arch.distro
img.Product = d.product
img.Variant = "IoT"

19
vendor/github.com/osbuild/images/pkg/distro/fedora/imagetype.go generated vendored
View file

@ -418,10 +418,25 @@ func (t *imageType) checkOptions(bp *blueprint.Blueprint, options distro.ImageOp
return []string{w}, nil
}
if customizations.GetInstaller() != nil {
instCust, err := customizations.GetInstaller()
if err != nil {
return nil, err
}
if instCust != nil {
// only supported by the Anaconda installer
if slices.Index([]string{"iot-installer"}, t.name) == -1 {
return nil, fmt.Errorf("installer customizations are not supported for %q", t.name)
return nil, fmt.Errorf("installer customizations are not supported for %q", t.Name())
}
// NOTE: the image type check is redundant with the check above, but
// let's keep it explicit in case one of the two changes.
// The kickstart contents is incompatible with the users and groups
// customization only for the iot-installer.
if t.Name() == "iot-installer" &&
instCust.Kickstart != nil &&
len(instCust.Kickstart.Contents) > 0 &&
(customizations.GetUsers() != nil || customizations.GetGroups() != nil) {
return nil, fmt.Errorf("iot-installer installer.kickstart.contents are not supported in combination with users or groups")
}
}

38
vendor/github.com/osbuild/images/pkg/distro/rhel/images.go generated vendored
View file

@ -10,6 +10,7 @@ import (
"github.com/osbuild/images/pkg/customizations/fdo"
"github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/customizations/ignition"
"github.com/osbuild/images/pkg/customizations/kickstart"
"github.com/osbuild/images/pkg/customizations/oscap"
"github.com/osbuild/images/pkg/customizations/users"
"github.com/osbuild/images/pkg/distro"
@ -487,18 +488,19 @@ func EdgeInstallerImage(workload workload.Workload,
img.Platform = t.platform
img.ExtraBasePackages = packageSets[InstallerPkgsKey]
img.Users = users.UsersFromBP(customizations.GetUsers())
img.Groups = users.GroupsFromBP(customizations.GetGroups())
img.Language, img.Keyboard = customizations.GetPrimaryLocale()
img.Kickstart, err = kickstart.New(customizations)
if err != nil {
return nil, err
}
img.Kickstart.OSTree = &kickstart.OSTree{
OSName: "rhel-edge",
}
img.Kickstart.Path = osbuild.KickstartPathOSBuild
img.Kickstart.Language, img.Kickstart.Keyboard = customizations.GetPrimaryLocale()
// ignore ntp servers - we don't currently support setting these in the
// kickstart though kickstart does support setting them
img.Timezone, _ = customizations.GetTimezoneSettings()
if instCust := customizations.GetInstaller(); instCust != nil {
img.NoPasswd = instCust.SudoNopasswd
img.UnattendedKickstart = instCust.Unattended
}
img.Kickstart.Timezone, _ = customizations.GetTimezoneSettings()
img.SquashfsCompression = "xz"
@ -512,7 +514,7 @@ func EdgeInstallerImage(workload workload.Workload,
img.AdditionalDrivers = installerConfig.AdditionalDrivers
}
if len(img.Users)+len(img.Groups) > 0 {
if len(img.Kickstart.Users)+len(img.Kickstart.Groups) > 0 {
// only enable the users module if needed
img.AdditionalAnacondaModules = []string{"org.fedoraproject.Anaconda.Modules.Users"}
}
@ -524,7 +526,6 @@ func EdgeInstallerImage(workload workload.Workload,
img.Product = t.Arch().Distro().Product()
img.Variant = "edge"
img.OSName = "rhel-edge"
img.OSVersion = t.Arch().Distro().OsVersion()
img.Release = fmt.Sprintf("%s %s", t.Arch().Distro().Product(), t.Arch().Distro().OsVersion())
img.FIPS = customizations.GetFIPS()
@ -676,8 +677,14 @@ func ImageInstallerImage(workload workload.Workload,
}
img.ExtraBasePackages = packageSets[InstallerPkgsKey]
img.Users = users.UsersFromBP(customizations.GetUsers())
img.Groups = users.GroupsFromBP(customizations.GetGroups())
img.Kickstart, err = kickstart.New(customizations)
if err != nil {
return nil, err
}
img.Kickstart.Language = &img.OSCustomizations.Language
img.Kickstart.Keyboard = img.OSCustomizations.Keyboard
img.Kickstart.Timezone = &img.OSCustomizations.Timezone
installerConfig, err := t.getDefaultInstallerConfig()
if err != nil {
@ -691,11 +698,6 @@ func ImageInstallerImage(workload workload.Workload,
img.AdditionalAnacondaModules = []string{"org.fedoraproject.Anaconda.Modules.Users"}
if instCust := customizations.GetInstaller(); instCust != nil {
img.NoPasswd = instCust.SudoNopasswd
img.UnattendedKickstart = instCust.Unattended
}
img.SquashfsCompression = "xz"
// put the kickstart file in the root of the iso

2
vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/ami.go generated vendored
View file

@ -173,7 +173,7 @@ func ec2CommonPackageSet(t *rhel.ImageType) rpmmd.PackageSet {
"chrony",
"cloud-init",
"cloud-utils-growpart",
"dhcp-client",
"dhcpcd",
"yum-utils",
"dracut-config-generic",
"gdisk",

6
vendor/github.com/osbuild/images/pkg/distro/rhel/rhel10/options.go generated vendored
View file

@ -81,7 +81,11 @@ func checkOptions(t *rhel.ImageType, bp *blueprint.Blueprint, options distro.Ima
warnings = append(warnings, w)
}
if customizations.GetInstaller() != nil {
instCust, err := customizations.GetInstaller()
if err != nil {
return warnings, err
}
if instCust != nil {
// only supported by the Anaconda installer
if slices.Index([]string{"image-installer", "edge-installer", "live-installer"}, t.Name()) == -1 {
return warnings, fmt.Errorf("installer customizations are not supported for %q", t.Name())

13
vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/options.go generated vendored
View file

@ -175,11 +175,22 @@ func checkOptions(t *rhel.ImageType, bp *blueprint.Blueprint, options distro.Ima
warnings = append(warnings, w)
}
if customizations.GetInstaller() != nil {
instCust, err := customizations.GetInstaller()
if err != nil {
return warnings, err
}
if instCust != nil {
// only supported by the Anaconda installer
if slices.Index([]string{"image-installer", "edge-installer", "live-installer"}, t.Name()) == -1 {
return warnings, fmt.Errorf("installer customizations are not supported for %q", t.Name())
}
if t.Name() == "edge-installer" &&
instCust.Kickstart != nil &&
len(instCust.Kickstart.Contents) > 0 &&
(customizations.GetUsers() != nil || customizations.GetGroups() != nil) {
return warnings, fmt.Errorf("edge-installer installer.kickstart.contents are not supported in combination with users or groups")
}
}
return warnings, nil

13
vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/options.go generated vendored
View file

@ -194,11 +194,22 @@ func checkOptions(t *rhel.ImageType, bp *blueprint.Blueprint, options distro.Ima
warnings = append(warnings, w)
}
if customizations.GetInstaller() != nil {
instCust, err := customizations.GetInstaller()
if err != nil {
return warnings, err
}
if instCust != nil {
// only supported by the Anaconda installer
if slices.Index([]string{"image-installer", "edge-installer", "live-installer"}, t.Name()) == -1 {
return warnings, fmt.Errorf("installer customizations are not supported for %q", t.Name())
}
if t.Name() == "edge-installer" &&
instCust.Kickstart != nil &&
len(instCust.Kickstart.Contents) > 0 &&
(customizations.GetUsers() != nil || customizations.GetGroups() != nil) {
return warnings, fmt.Errorf("edge-installer installer.kickstart.contents are not supported in combination with users or groups")
}
}
return warnings, nil

38
vendor/github.com/osbuild/images/pkg/image/anaconda_container_installer.go generated vendored
View file

@ -8,7 +8,7 @@ import (
"github.com/osbuild/images/pkg/arch"
"github.com/osbuild/images/pkg/artifact"
"github.com/osbuild/images/pkg/container"
"github.com/osbuild/images/pkg/customizations/users"
"github.com/osbuild/images/pkg/customizations/kickstart"
"github.com/osbuild/images/pkg/manifest"
"github.com/osbuild/images/pkg/osbuild"
"github.com/osbuild/images/pkg/platform"
@ -20,15 +20,12 @@ type AnacondaContainerInstaller struct {
Base
Platform platform.Platform
ExtraBasePackages rpmmd.PackageSet
Users []users.User
Groups []users.Group
SquashfsCompression string
ISOLabel string
Product string
Variant string
OSName string
Ref string
OSVersion string
Release string
@ -43,11 +40,9 @@ type AnacondaContainerInstaller struct {
AdditionalDrivers []string
FIPS bool
// Kernel options that will be apended to the installed system
// (not the iso)
KickstartKernelOptionsAppend []string
// Enable networking on on boot in the installed system
KickstartNetworkOnBoot bool
Kickstart *kickstart.Options
UseRHELLoraxTemplates bool
}
func NewAnacondaContainerInstaller(container container.SourceSpec, ref string) *AnacondaContainerInstaller {
@ -76,14 +71,16 @@ func (img *AnacondaContainerInstaller) InstantiateManifest(m *manifest.Manifest,
img.Preview,
)
// This is only built with ELN for now
anacondaPipeline.UseRHELLoraxTemplates = true
anacondaPipeline.UseRHELLoraxTemplates = img.UseRHELLoraxTemplates
anacondaPipeline.ExtraPackages = img.ExtraBasePackages.Include
anacondaPipeline.ExcludePackages = img.ExtraBasePackages.Exclude
anacondaPipeline.ExtraRepos = img.ExtraBasePackages.Repositories
anacondaPipeline.Users = img.Users
anacondaPipeline.Groups = img.Groups
anacondaPipeline.InteractiveDefaultsKickstart = &kickstart.Options{
Users: img.Kickstart.Users,
Groups: img.Kickstart.Groups,
Path: osbuild.KickstartPathOSBuild,
}
anacondaPipeline.Variant = img.Variant
anacondaPipeline.Biosdevname = (img.Platform.GetArch() == arch.ARCH_X86_64)
anacondaPipeline.Checkpoint()
@ -105,8 +102,11 @@ func (img *AnacondaContainerInstaller) InstantiateManifest(m *manifest.Manifest,
bootTreePipeline.UEFIVendor = img.Platform.GetUEFIVendor()
bootTreePipeline.ISOLabel = img.ISOLabel
kspath := osbuild.KickstartPathOSBuild
bootTreePipeline.KernelOpts = []string{fmt.Sprintf("inst.stage2=hd:LABEL=%s", img.ISOLabel), fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", img.ISOLabel, kspath)}
ksPath := osbuild.KickstartPathOSBuild
if img.Kickstart != nil && img.Kickstart.Path != "" {
ksPath = img.Kickstart.Path
}
bootTreePipeline.KernelOpts = []string{fmt.Sprintf("inst.stage2=hd:LABEL=%s", img.ISOLabel), fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", img.ISOLabel, ksPath)}
if img.FIPS {
bootTreePipeline.KernelOpts = append(bootTreePipeline.KernelOpts, "fips=1")
}
@ -117,17 +117,11 @@ func (img *AnacondaContainerInstaller) InstantiateManifest(m *manifest.Manifest,
isoTreePipeline := manifest.NewAnacondaInstallerISOTree(buildPipeline, anacondaPipeline, rootfsImagePipeline, bootTreePipeline)
isoTreePipeline.PartitionTable = efiBootPartitionTable(rng)
isoTreePipeline.Release = img.Release
isoTreePipeline.OSName = img.OSName
isoTreePipeline.Users = img.Users
isoTreePipeline.Groups = img.Groups
isoTreePipeline.KickstartKernelOptionsAppend = img.KickstartKernelOptionsAppend
isoTreePipeline.KickstartNetworkOnBoot = img.KickstartNetworkOnBoot
isoTreePipeline.Kickstart = img.Kickstart
isoTreePipeline.SquashfsCompression = img.SquashfsCompression
// For ostree installers, always put the kickstart file in the root of the ISO
isoTreePipeline.KSPath = kspath
isoTreePipeline.PayloadPath = "/container"
isoTreePipeline.ContainerSource = &img.ContainerSource

2
vendor/github.com/osbuild/images/pkg/image/anaconda_live_installer.go generated vendored
View file

@ -26,7 +26,6 @@ type AnacondaLiveInstaller struct {
ISOLabel string
Product string
Variant string
OSName string
OSVersion string
Release string
Preview bool
@ -93,7 +92,6 @@ func (img *AnacondaLiveInstaller) InstantiateManifest(m *manifest.Manifest,
isoTreePipeline := manifest.NewAnacondaInstallerISOTree(buildPipeline, livePipeline, rootfsImagePipeline, bootTreePipeline)
isoTreePipeline.PartitionTable = efiBootPartitionTable(rng)
isoTreePipeline.Release = img.Release
isoTreePipeline.OSName = img.OSName
isoTreePipeline.KernelOpts = kernelOpts
isoTreePipeline.ISOLinux = isoLinuxEnabled

44
vendor/github.com/osbuild/images/pkg/image/anaconda_ostree_installer.go generated vendored
View file

@ -7,7 +7,7 @@ import (
"github.com/osbuild/images/internal/common"
"github.com/osbuild/images/pkg/arch"
"github.com/osbuild/images/pkg/artifact"
"github.com/osbuild/images/pkg/customizations/users"
"github.com/osbuild/images/pkg/customizations/kickstart"
"github.com/osbuild/images/pkg/manifest"
"github.com/osbuild/images/pkg/osbuild"
"github.com/osbuild/images/pkg/ostree"
@ -20,30 +20,17 @@ type AnacondaOSTreeInstaller struct {
Base
Platform platform.Platform
ExtraBasePackages rpmmd.PackageSet
Users []users.User
Groups []users.Group
Language *string
Keyboard *string
Timezone *string
// Create a sudoers drop-in file for each user or group to enable the
// NOPASSWD option
NoPasswd []string
// Add kickstart options to make the installation fully unattended
UnattendedKickstart bool
Kickstart *kickstart.Options
SquashfsCompression string
ISOLabel string
Product string
Variant string
OSName string
OSVersion string
Release string
Preview bool
Remote string
Commit ostree.SourceSpec
@ -82,8 +69,12 @@ func (img *AnacondaOSTreeInstaller) InstantiateManifest(m *manifest.Manifest,
anacondaPipeline.ExtraPackages = img.ExtraBasePackages.Include
anacondaPipeline.ExcludePackages = img.ExtraBasePackages.Exclude
anacondaPipeline.ExtraRepos = img.ExtraBasePackages.Repositories
anacondaPipeline.Users = img.Users
anacondaPipeline.Groups = img.Groups
if img.Kickstart != nil {
anacondaPipeline.InteractiveDefaultsKickstart = &kickstart.Options{
Users: img.Kickstart.Users,
Groups: img.Kickstart.Groups,
}
}
anacondaPipeline.Variant = img.Variant
anacondaPipeline.Biosdevname = (img.Platform.GetArch() == arch.ARCH_X86_64)
anacondaPipeline.Checkpoint()
@ -105,8 +96,11 @@ func (img *AnacondaOSTreeInstaller) InstantiateManifest(m *manifest.Manifest,
bootTreePipeline.UEFIVendor = img.Platform.GetUEFIVendor()
bootTreePipeline.ISOLabel = img.ISOLabel
kspath := osbuild.KickstartPathOSBuild
bootTreePipeline.KernelOpts = []string{fmt.Sprintf("inst.stage2=hd:LABEL=%s", img.ISOLabel), fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", img.ISOLabel, kspath)}
ksPath := osbuild.KickstartPathOSBuild
if img.Kickstart != nil && img.Kickstart.Path != "" {
ksPath = img.Kickstart.Path
}
bootTreePipeline.KernelOpts = []string{fmt.Sprintf("inst.stage2=hd:LABEL=%s", img.ISOLabel), fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", img.ISOLabel, ksPath)}
if img.FIPS {
bootTreePipeline.KernelOpts = append(bootTreePipeline.KernelOpts, "fips=1")
}
@ -117,19 +111,9 @@ func (img *AnacondaOSTreeInstaller) InstantiateManifest(m *manifest.Manifest,
isoTreePipeline := manifest.NewAnacondaInstallerISOTree(buildPipeline, anacondaPipeline, rootfsImagePipeline, bootTreePipeline)
isoTreePipeline.PartitionTable = efiBootPartitionTable(rng)
isoTreePipeline.Release = img.Release
isoTreePipeline.OSName = img.OSName
isoTreePipeline.Remote = img.Remote
isoTreePipeline.Users = img.Users
isoTreePipeline.Groups = img.Groups
isoTreePipeline.NoPasswd = img.NoPasswd
isoTreePipeline.UnattendedKickstart = img.UnattendedKickstart
isoTreePipeline.Kickstart = img.Kickstart
isoTreePipeline.SquashfsCompression = img.SquashfsCompression
isoTreePipeline.Language = img.Language
isoTreePipeline.Keyboard = img.Keyboard
isoTreePipeline.Timezone = img.Timezone
// For ostree installers, always put the kickstart file in the root of the ISO
isoTreePipeline.KSPath = kspath
isoTreePipeline.PayloadPath = "/ostree/repo"
isoTreePipeline.OSTreeCommitSource = &img.Commit

48
vendor/github.com/osbuild/images/pkg/image/anaconda_tar_installer.go generated vendored
View file

@ -10,7 +10,7 @@ import (
"github.com/osbuild/images/internal/workload"
"github.com/osbuild/images/pkg/arch"
"github.com/osbuild/images/pkg/artifact"
"github.com/osbuild/images/pkg/customizations/users"
"github.com/osbuild/images/pkg/customizations/kickstart"
"github.com/osbuild/images/pkg/disk"
"github.com/osbuild/images/pkg/manifest"
"github.com/osbuild/images/pkg/osbuild"
@ -45,8 +45,6 @@ type AnacondaTarInstaller struct {
Workload workload.Workload
ExtraBasePackages rpmmd.PackageSet
Users []users.User
Groups []users.Group
// If set, the kickstart file will be added to the bootiso-tree at the
// default path for osbuild, otherwise any kickstart options will be
@ -55,22 +53,13 @@ type AnacondaTarInstaller struct {
// because automatic installations cannot be configured using interactive
// defaults.
ISORootKickstart bool
// Create a sudoers drop-in file for each user or group to enable the
// NOPASSWD option
NoPasswd []string
// Add kickstart options to make the installation fully unattended.
// Enabling this option also automatically enables the ISORootKickstart
// option.
UnattendedKickstart bool
Kickstart *kickstart.Options
SquashfsCompression string
ISOLabel string
Product string
Variant string
OSName string
OSVersion string
Release string
Preview bool
@ -96,7 +85,7 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
buildPipeline := manifest.NewBuild(m, runner, repos, nil)
buildPipeline.Checkpoint()
if img.UnattendedKickstart {
if img.Kickstart != nil && img.Kickstart.Unattended {
// if we're building an unattended installer, override the
// ISORootKickstart option
img.ISORootKickstart = true
@ -116,8 +105,13 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
anacondaPipeline.ExtraPackages = img.ExtraBasePackages.Include
anacondaPipeline.ExcludePackages = img.ExtraBasePackages.Exclude
anacondaPipeline.ExtraRepos = img.ExtraBasePackages.Repositories
anacondaPipeline.Users = img.Users
anacondaPipeline.Groups = img.Groups
if img.Kickstart != nil {
anacondaPipeline.InteractiveDefaultsKickstart = &kickstart.Options{
Users: img.Kickstart.Users,
Groups: img.Kickstart.Groups,
Path: osbuild.KickstartPathOSBuild,
}
}
anacondaPipeline.Variant = img.Variant
anacondaPipeline.Biosdevname = (img.Platform.GetArch() == arch.ARCH_X86_64)
anacondaPipeline.AdditionalAnacondaModules = img.AdditionalAnacondaModules
@ -150,7 +144,11 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
kspath := osbuild.KickstartPathOSBuild
kernelOpts := []string{fmt.Sprintf("inst.stage2=hd:LABEL=%s", img.ISOLabel)}
if img.ISORootKickstart {
kernelOpts = append(kernelOpts, fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", img.ISOLabel, kspath))
ksPath := osbuild.KickstartPathOSBuild
if img.Kickstart != nil && img.Kickstart.Path != "" {
ksPath = img.Kickstart.Path
}
kernelOpts = append(kernelOpts, fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", img.ISOLabel, ksPath))
}
if img.OSCustomizations.FIPS {
kernelOpts = append(kernelOpts, "fips=1")
@ -170,24 +168,12 @@ func (img *AnacondaTarInstaller) InstantiateManifest(m *manifest.Manifest,
// TODO: the partition table is required - make it a ctor arg or set a default one in the pipeline
isoTreePipeline.PartitionTable = efiBootPartitionTable(rng)
isoTreePipeline.Release = img.Release
isoTreePipeline.OSName = img.OSName
isoTreePipeline.Users = img.Users
isoTreePipeline.Groups = img.Groups
isoTreePipeline.Keyboard = img.OSCustomizations.Keyboard
if img.OSCustomizations.Language != "" {
isoTreePipeline.Language = &img.OSCustomizations.Language
}
if img.OSCustomizations.Timezone != "" {
isoTreePipeline.Timezone = &img.OSCustomizations.Timezone
}
isoTreePipeline.Kickstart = img.Kickstart
isoTreePipeline.PayloadPath = tarPath
if img.ISORootKickstart {
isoTreePipeline.KSPath = kspath
isoTreePipeline.Kickstart.Path = kspath
}
isoTreePipeline.NoPasswd = img.NoPasswd
isoTreePipeline.UnattendedKickstart = img.UnattendedKickstart
isoTreePipeline.SquashfsCompression = img.SquashfsCompression
isoTreePipeline.OSPipeline = osPipeline

7
vendor/github.com/osbuild/images/pkg/image/ostree_archive.go generated vendored
View file

@ -6,6 +6,7 @@ import (
"github.com/osbuild/images/internal/environment"
"github.com/osbuild/images/internal/workload"
"github.com/osbuild/images/pkg/artifact"
"github.com/osbuild/images/pkg/customizations/bootc"
"github.com/osbuild/images/pkg/manifest"
"github.com/osbuild/images/pkg/ostree"
"github.com/osbuild/images/pkg/platform"
@ -33,6 +34,11 @@ type OSTreeArchive struct {
InstallWeakDeps bool
BootContainer bool
// bootc install config for defining the preferred filesystem type and
// kernel arguments for bootable containers.
// This is ignored if BootContainer = false.
BootcConfig *bootc.Config
}
func NewOSTreeArchive(ref string) *OSTreeArchive {
@ -64,6 +70,7 @@ func (img *OSTreeArchive) InstantiateManifest(m *manifest.Manifest,
var artifact *artifact.Artifact
if img.BootContainer {
osPipeline.Bootupd = true
osPipeline.BootcConfig = img.BootcConfig
encapsulatePipeline := manifest.NewOSTreeEncapsulate(buildPipeline, ostreeCommitPipeline, "ostree-encapsulate")
encapsulatePipeline.SetFilename(img.Filename)
artifact = encapsulatePipeline.Export()

23
vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer.go generated vendored
View file

@ -8,6 +8,7 @@ import (
"github.com/osbuild/images/pkg/arch"
"github.com/osbuild/images/pkg/container"
"github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/customizations/kickstart"
"github.com/osbuild/images/pkg/customizations/users"
"github.com/osbuild/images/pkg/osbuild"
"github.com/osbuild/images/pkg/ostree"
@ -40,11 +41,6 @@ type AnacondaInstaller struct {
// Extra repositories to install packages from
ExtraRepos []rpmmd.RepoConfig
// Users and Groups to create during installation.
// If empty, then the user can interactively create users at install time.
Users []users.User
Groups []users.Group
// Biosdevname indicates whether or not biosdevname should be used to
// name network devices when booting the installer. This may affect
// the naming of network devices on the target system.
@ -66,6 +62,11 @@ type AnacondaInstaller struct {
// will be written to /usr/share/anaconda/interactive-defaults
InteractiveDefaults *AnacondaInteractiveDefaults
// Kickstart options that will be written to the interactive defaults
// kickstart file. Currently only supports Users and Groups. Other
// properties are ignored.
InteractiveDefaultsKickstart *kickstart.Options
// Additional anaconda modules to enable
AdditionalAnacondaModules []string
@ -220,7 +221,7 @@ func (p *AnacondaInstaller) serialize() osbuild.Pipeline {
// being serialized
switch p.Type {
case AnacondaInstallerTypeLive:
if len(p.Users) != 0 || len(p.Groups) != 0 {
if p.InteractiveDefaultsKickstart != nil && (len(p.InteractiveDefaultsKickstart.Users) != 0 || len(p.InteractiveDefaultsKickstart.Groups) != 0) {
panic("anaconda installer type live does not support users and groups customization")
}
if p.InteractiveDefaults != nil {
@ -293,10 +294,16 @@ func (p *AnacondaInstaller) payloadStages() []*osbuild.Stage {
stages = append(stages, osbuild.NewSELinuxConfigStage(&osbuild.SELinuxConfigStageOptions{State: osbuild.SELinuxStatePermissive}))
if p.InteractiveDefaults != nil {
var ksUsers []users.User
var ksGroups []users.Group
if p.InteractiveDefaultsKickstart != nil {
ksUsers = p.InteractiveDefaultsKickstart.Users
ksGroups = p.InteractiveDefaultsKickstart.Groups
}
kickstartOptions, err := osbuild.NewKickstartStageOptionsWithLiveIMG(
osbuild.KickstartPathInteractiveDefaults,
p.Users,
p.Groups,
ksUsers,
ksGroups,
p.InteractiveDefaults.TarPath,
)

184
vendor/github.com/osbuild/images/pkg/manifest/anaconda_installer_iso_tree.go generated vendored
View file

@ -9,7 +9,7 @@ import (
"github.com/osbuild/images/internal/common"
"github.com/osbuild/images/pkg/container"
"github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/customizations/users"
"github.com/osbuild/images/pkg/customizations/kickstart"
"github.com/osbuild/images/pkg/disk"
"github.com/osbuild/images/pkg/osbuild"
"github.com/osbuild/images/pkg/ostree"
@ -24,28 +24,7 @@ type AnacondaInstallerISOTree struct {
Base
// TODO: review optional and mandatory fields and their meaning
OSName string
Release string
Remote string
Users []users.User
Groups []users.Group
Language *string
Keyboard *string
Timezone *string
// Kernel options that will be apended to the installed system
// (not the iso)
KickstartKernelOptionsAppend []string
// Enable networking on on boot in the installed system
KickstartNetworkOnBoot bool
// Create a sudoers drop-in file for each user or group to enable the
// NOPASSWD option
NoPasswd []string
// Add kickstart options to make the installation fully unattended
UnattendedKickstart bool
PartitionTable *disk.PartitionTable
@ -53,12 +32,6 @@ type AnacondaInstallerISOTree struct {
rootfsPipeline *ISORootfsImg
bootTreePipeline *EFIBootTree
// The location of the kickstart file, if it will be added to the
// bootiso-tree.
// Otherwise, it should be defined in the interactive defaults of the
// Anaconda pipeline.
KSPath string
// The path where the payload (tarball, ostree repo, or container) will be stored.
PayloadPath string
@ -79,6 +52,8 @@ type AnacondaInstallerISOTree struct {
// Enable ISOLinux stage
ISOLinux bool
Kickstart *kickstart.Options
Files []*fsnode.File
}
@ -223,8 +198,8 @@ func (p *AnacondaInstallerISOTree) serialize() osbuild.Pipeline {
if p.anacondaPipeline.Type == AnacondaInstallerTypePayload {
kernelOpts = append(kernelOpts, fmt.Sprintf("inst.stage2=hd:LABEL=%s", p.isoLabel))
if p.KSPath != "" {
kernelOpts = append(kernelOpts, fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", p.isoLabel, p.KSPath))
if p.Kickstart != nil && p.Kickstart.Path != "" {
kernelOpts = append(kernelOpts, fmt.Sprintf("inst.ks=hd:LABEL=%s:%s", p.isoLabel, p.Kickstart.Path))
}
}
@ -320,8 +295,7 @@ func (p *AnacondaInstallerISOTree) serialize() osbuild.Pipeline {
Size: fmt.Sprintf("%d", p.PartitionTable.Size),
}))
efibootDevice := osbuild.NewLoopbackDevice(&osbuild.LoopbackDeviceOptions{Filename: filename})
for _, stage := range osbuild.GenMkfsStages(p.PartitionTable, efibootDevice) {
for _, stage := range osbuild.GenMkfsStages(p.PartitionTable, filename) {
pipeline.AddStage(stage)
}
@ -377,15 +351,22 @@ func (p *AnacondaInstallerISOTree) ostreeCommitStages() []*osbuild.Stage {
osbuild.NewOstreePullStageInputs("org.osbuild.source", p.ostreeCommitSpec.Checksum, p.ostreeCommitSpec.Ref),
))
if p.Kickstart == nil {
panic(fmt.Sprintf("Kickstart options not set for %s pipeline", p.name))
}
if p.Kickstart.OSTree == nil {
panic(fmt.Sprintf("Kickstart ostree options not set for %s pipeline", p.name))
}
// Configure the kickstart file with the payload and any user options
kickstartOptions, err := osbuild.NewKickstartStageOptionsWithOSTreeCommit(
p.KSPath,
p.Users,
p.Groups,
p.Kickstart.Path,
p.Kickstart.Users,
p.Kickstart.Groups,
makeISORootPath(p.PayloadPath),
p.ostreeCommitSpec.Ref,
p.Remote,
p.OSName)
p.Kickstart.OSTree.Remote,
p.Kickstart.OSTree.OSName)
if err != nil {
panic(fmt.Sprintf("failed to create kickstart stage options: %v", err))
@ -415,11 +396,24 @@ func (p *AnacondaInstallerISOTree) ostreeContainerStages() []*osbuild.Stage {
image,
nil))
stages = append(stages, p.bootcInstallerKickstartStages()...)
return stages
}
// bootcInstallerKickstartStages sets up kickstart-related stages for Anaconda
// ISOs that install a bootc bootable container.
func (p *AnacondaInstallerISOTree) bootcInstallerKickstartStages() []*osbuild.Stage {
if p.Kickstart == nil {
panic(fmt.Sprintf("Kickstart options not set for %s pipeline", p.name))
}
stages := make([]*osbuild.Stage, 0)
// do what we can in our kickstart stage
kickstartOptions, err := osbuild.NewKickstartStageOptionsWithOSTreeContainer(
p.KSPath,
p.Users,
p.Groups,
p.Kickstart.Path,
p.Kickstart.Users,
p.Kickstart.Groups,
path.Join("/run/install/repo", p.PayloadPath),
"oci",
"",
@ -428,6 +422,28 @@ func (p *AnacondaInstallerISOTree) ostreeContainerStages() []*osbuild.Stage {
panic(fmt.Sprintf("failed to create kickstart stage options: %v", err))
}
// kickstart.New() already validates the options but they may have been
// modified since then, so validate them before we create the stages
if err := p.Kickstart.Validate(); err != nil {
panic(err)
}
if p.Kickstart.UserFile != nil {
// when a user defines their own kickstart, we create a kickstart that
// takes care of the installation and let the user kickstart handle
// everything else
stages = append(stages, osbuild.NewKickstartStage(kickstartOptions))
kickstartFile, err := kickstartOptions.IncludeRaw(p.Kickstart.UserFile.Contents)
if err != nil {
panic(err)
}
p.Files = []*fsnode.File{kickstartFile}
return append(stages, osbuild.GenFileNodesStages(p.Files)...)
}
// create a fully unattended/automated kickstart
// NOTE: these are similar to the unattended kickstart options in the
// other two payload configurations but partitioning is different and
// we need to add that separately, so we can't use makeKickstartStage
@ -438,13 +454,16 @@ func (p *AnacondaInstallerISOTree) ostreeContainerStages() []*osbuild.Stage {
// NOTE: These were decided somewhat arbitrarily for the BIB installer. We
// might want to drop them here and move them into the bib code as
// project-specific defaults.
// TODO: unify with other ostree variants and allow overrides from customizations
kickstartOptions.Lang = "en_US.UTF-8"
kickstartOptions.Keyboard = "us"
kickstartOptions.Timezone = "UTC"
kickstartOptions.ClearPart = &osbuild.ClearPartOptions{
All: true,
}
if len(p.KickstartKernelOptionsAppend) > 0 {
if len(p.Kickstart.KernelOptionsAppend) > 0 {
kickstartOptions.Bootloader = &osbuild.BootloaderOptions{
// We currently leaves quoting to the
// user. This is generally ok - to do better
@ -452,10 +471,10 @@ func (p *AnacondaInstallerISOTree) ostreeContainerStages() []*osbuild.Stage {
// parser, see
// https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html
// and lib/cmdline.c in the kernel source
Append: strings.Join(p.KickstartKernelOptionsAppend, " "),
Append: strings.Join(p.Kickstart.KernelOptionsAppend, " "),
}
}
if p.KickstartNetworkOnBoot {
if p.Kickstart.NetworkOnBoot {
kickstartOptions.Network = []osbuild.NetworkOptions{
{BootProto: "dhcp", Device: "link", Activate: common.ToPtr(true), OnBoot: "on"},
}
@ -491,8 +510,7 @@ bootc switch --mutate-in-place --transport %s %s
p.Files = []*fsnode.File{kickstartFile}
stages = append(stages, osbuild.GenFileNodesStages(p.Files)...)
return stages
return append(stages, osbuild.GenFileNodesStages(p.Files)...)
}
func (p *AnacondaInstallerISOTree) tarPayloadStages() []*osbuild.Stage {
@ -503,11 +521,11 @@ func (p *AnacondaInstallerISOTree) tarPayloadStages() []*osbuild.Stage {
// If the KSPath is set, we need to add the kickstart stage to this (bootiso-tree) pipeline.
// If it's not specified here, it should have been added to the InteractiveDefaults in the anaconda-tree.
if p.KSPath != "" {
if p.Kickstart != nil && p.Kickstart.Path != "" {
kickstartOptions, err := osbuild.NewKickstartStageOptionsWithLiveIMG(
p.KSPath,
p.Users,
p.Groups,
p.Kickstart.Path,
p.Kickstart.Users,
p.Kickstart.Groups,
makeISORootPath(p.PayloadPath))
if err != nil {
@ -522,47 +540,73 @@ func (p *AnacondaInstallerISOTree) tarPayloadStages() []*osbuild.Stage {
// Create the base kickstart stage with any options required for unattended
// installation if set and with any extra file insertion stage required for
// extra kickstart content.
func (p *AnacondaInstallerISOTree) makeKickstartStages(kickstartOptions *osbuild.KickstartStageOptions) []*osbuild.Stage {
func (p *AnacondaInstallerISOTree) makeKickstartStages(stageOptions *osbuild.KickstartStageOptions) []*osbuild.Stage {
kickstartOptions := p.Kickstart
if kickstartOptions == nil {
kickstartOptions = new(kickstart.Options)
}
stages := make([]*osbuild.Stage, 0)
if p.UnattendedKickstart {
// kickstart.New() already validates the options but they may have been
// modified since then, so validate them before we create the stages
if err := p.Kickstart.Validate(); err != nil {
panic(err)
}
if kickstartOptions.UserFile != nil {
stages = append(stages, osbuild.NewKickstartStage(stageOptions))
if kickstartOptions.UserFile != nil {
kickstartFile, err := stageOptions.IncludeRaw(kickstartOptions.UserFile.Contents)
if err != nil {
panic(err)
}
p.Files = []*fsnode.File{kickstartFile}
stages = append(stages, osbuild.GenFileNodesStages(p.Files)...)
}
}
if kickstartOptions.Unattended {
// set the default options for Unattended kickstart
kickstartOptions.DisplayMode = "text"
stageOptions.DisplayMode = "text"
// override options that can be configured by the image type or the user
kickstartOptions.Lang = "en_US.UTF-8"
if p.Language != nil {
kickstartOptions.Lang = *p.Language
stageOptions.Lang = "en_US.UTF-8"
if kickstartOptions.Language != nil {
stageOptions.Lang = *kickstartOptions.Language
}
kickstartOptions.Keyboard = "us"
if p.Keyboard != nil {
kickstartOptions.Keyboard = *p.Keyboard
stageOptions.Keyboard = "us"
if kickstartOptions.Keyboard != nil {
stageOptions.Keyboard = *kickstartOptions.Keyboard
}
kickstartOptions.Timezone = "UTC"
if p.Timezone != nil {
kickstartOptions.Timezone = *p.Timezone
stageOptions.Timezone = "UTC"
if kickstartOptions.Timezone != nil {
stageOptions.Timezone = *kickstartOptions.Timezone
}
kickstartOptions.Reboot = &osbuild.RebootOptions{Eject: true}
kickstartOptions.RootPassword = &osbuild.RootPasswordOptions{Lock: true}
stageOptions.Reboot = &osbuild.RebootOptions{Eject: true}
stageOptions.RootPassword = &osbuild.RootPasswordOptions{Lock: true}
kickstartOptions.ZeroMBR = true
kickstartOptions.ClearPart = &osbuild.ClearPartOptions{All: true, InitLabel: true}
kickstartOptions.AutoPart = &osbuild.AutoPartOptions{Type: "plain", FSType: "xfs", NoHome: true}
stageOptions.ZeroMBR = true
stageOptions.ClearPart = &osbuild.ClearPartOptions{All: true, InitLabel: true}
stageOptions.AutoPart = &osbuild.AutoPartOptions{Type: "plain", FSType: "xfs", NoHome: true}
kickstartOptions.Network = []osbuild.NetworkOptions{
stageOptions.Network = []osbuild.NetworkOptions{
{BootProto: "dhcp", Device: "link", Activate: common.ToPtr(true), OnBoot: "on"},
}
}
stages = append(stages, osbuild.NewKickstartStage(kickstartOptions))
stages = append(stages, osbuild.NewKickstartStage(stageOptions))
hardcodedKickstartBits := makeKickstartSudoersPost(p.NoPasswd)
hardcodedKickstartBits := makeKickstartSudoersPost(kickstartOptions.SudoNopasswd)
if hardcodedKickstartBits != "" {
// Because osbuild core only supports a subset of options,
// we append to the base here with hardcoded wheel group with NOPASSWD option
kickstartFile, err := kickstartOptions.IncludeRaw(hardcodedKickstartBits)
kickstartFile, err := stageOptions.IncludeRaw(hardcodedKickstartBits)
if err != nil {
panic(err)
}

3
vendor/github.com/osbuild/images/pkg/manifest/coi_iso_tree.go generated vendored
View file

@ -111,8 +111,7 @@ func (p *CoreOSISOTree) serialize() osbuild.Pipeline {
Size: fmt.Sprintf("%d", p.PartitionTable.Size),
}))
efibootDevice := osbuild.NewLoopbackDevice(&osbuild.LoopbackDeviceOptions{Filename: filename})
for _, stage := range osbuild.GenMkfsStages(p.PartitionTable, efibootDevice) {
for _, stage := range osbuild.GenMkfsStages(p.PartitionTable, filename) {
pipeline.AddStage(stage)
}

22
vendor/github.com/osbuild/images/pkg/manifest/os.go generated vendored
View file

@ -10,6 +10,7 @@ import (
"github.com/osbuild/images/internal/workload"
"github.com/osbuild/images/pkg/arch"
"github.com/osbuild/images/pkg/container"
"github.com/osbuild/images/pkg/customizations/bootc"
"github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/customizations/shell"
"github.com/osbuild/images/pkg/customizations/users"
@ -163,6 +164,9 @@ type OS struct {
// payload. Only works with ostree-based images.
Bootupd bool
// Add a bootc config file to the image (for bootable containers)
BootcConfig *bootc.Config
// Partition table, if nil the tree cannot be put on a partitioned disk
PartitionTable *disk.PartitionTable
@ -311,6 +315,16 @@ func (p *OS) getBuildPackages(distro Distro) []string {
packages = append(packages, "openscap-utils")
}
if p.BootcConfig != nil {
switch distro {
case DISTRO_EL8:
packages = append(packages, "python3-pytoml")
case DISTRO_EL10:
default:
packages = append(packages, "python3-toml")
}
}
return packages
}
@ -819,10 +833,18 @@ func (p *OS) serialize() osbuild.Pipeline {
if p.Bootupd {
pipeline.AddStage(osbuild.NewBootupdGenMetadataStage())
}
if cfg := p.BootcConfig; cfg != nil {
pipeline.AddStage(osbuild.NewBootcInstallConfigStage(
osbuild.GenBootcInstallOptions(cfg.Filename, cfg.RootFilesystemType),
))
}
} else {
if p.Bootupd {
panic("bootupd is only compatible with ostree-based images, this is a programming error")
}
if p.BootcConfig != nil {
panic("bootc config is only compatible with ostree-based images, this is a programming error")
}
}
return pipeline

51
vendor/github.com/osbuild/images/pkg/osbuild/bootc_install_config_stage.go generated vendored Normal file
View file

@ -0,0 +1,51 @@
package osbuild
type BootcInstallConfigStageOptions struct {
Filename string `json:"filename"`
Config BootcInstallConfig `json:"config"`
}
func (BootcInstallConfigStageOptions) isStageOptions() {}
type BootcInstallConfig struct {
Install *BootcInstallConfigInstall `json:"install,omitempty"`
KernelArgs []string `json:"kargs,omitempty"`
Block []string `json:"block,omitempty"`
}
type BootcInstallConfigInstall struct {
Filesystem BootcInstallConfigFilesystem `json:"filesystem"`
}
type BootcInstallConfigFilesystem struct {
Root BootcInstallConfigFilesystemRoot `json:"root"`
}
type BootcInstallConfigFilesystemRoot struct {
Type string `json:"type"`
}
// GenBootcInstallOptions is a helper function for creating stage options for
// org.osbuild.bootc.install.config with just the filename and root filesystem
// type set.
func GenBootcInstallOptions(filename, rootType string) *BootcInstallConfigStageOptions {
return &BootcInstallConfigStageOptions{
Filename: filename,
Config: BootcInstallConfig{
Install: &BootcInstallConfigInstall{
Filesystem: BootcInstallConfigFilesystem{
Root: BootcInstallConfigFilesystemRoot{
Type: rootType,
},
},
},
},
}
}
func NewBootcInstallConfigStage(options *BootcInstallConfigStageOptions) *Stage {
return &Stage{
Type: "org.osbuild.bootc.install.config",
Options: options,
}
}

24
vendor/github.com/osbuild/images/pkg/osbuild/bootupd_stage.go generated vendored
View file

@ -4,6 +4,7 @@ import (
"fmt"
"sort"
"github.com/osbuild/images/internal/common"
"github.com/osbuild/images/pkg/disk"
)
@ -85,20 +86,19 @@ func genMountsForBootupd(source string, pt *disk.PartitionTable) ([]Mount, error
if part.Payload == nil {
continue
}
// TODO: support things like LVM here via supporting "disk.Container"
mnt, ok := part.Payload.(disk.Mountable)
if !ok {
return nil, fmt.Errorf("type %v not supported by bootupd handling yet", mnt)
}
partNum := idx + 1
name := fmt.Sprintf("part%v", partNum)
mount, err := genOsbuildMount(name, source, mnt)
if err != nil {
return nil, err
// TODO: support things like LVM here via supporting "disk.Container"
switch payload := part.Payload.(type) {
case disk.Mountable:
mount, err := genOsbuildMount(source, payload)
if err != nil {
return nil, err
}
mount.Partition = common.ToPtr(idx + 1)
mounts = append(mounts, *mount)
default:
return nil, fmt.Errorf("type %T not supported by bootupd handling yet", part.Payload)
}
mount.Partition = &partNum
mounts = append(mounts, *mount)
}
// this must be sorted in so that mounts do not shadow each other
sort.Slice(mounts, func(i, j int) bool {

43
vendor/github.com/osbuild/images/pkg/osbuild/device.go generated vendored
View file

@ -164,6 +164,18 @@ func deviceName(p disk.Entity) string {
panic(fmt.Sprintf("unsupported device type in deviceName: '%T'", p))
}
// getDevices takes an entity path, and returns osbuild devices required before being able to mount the leaf Mountable
//
// - path is an entity path as defined by the disk.entityPath function
// - filename is the name of an underlying image file (which will get loop-mounted)
// - lockLoopback determines whether the loop device will get locked after creation
//
// The device names are created from the payload that they are holding. This is useful to easily visually map e.g.
// a loopback device and its mount (in the case of ordinary partitions): they should have the same, or similar name.
//
// The first returned value is a map of devices for the given path.
// The second returned value is the name of the last device in the path. This is the device that should be used as the
// source for the mount.
func getDevices(path []disk.Entity, filename string, lockLoopback bool) (map[string]Device, string) {
var pt *disk.PartitionTable
@ -225,8 +237,14 @@ func pathEscape(path string) string {
return strings.ReplaceAll(path, "/", "-")
}
func genOsbuildMount(name, source string, mnt disk.Mountable) (*Mount, error) {
// genOsbuildMount generates an osbuild mount from Mountable mnt
//
// - source is the name of the device that the mount should be created from.
// The name of the mount is derived from the mountpoint of the mountable, escaped with pathEscape. This shouldn't
// create any conflicts, as the mountpoint is unique within the partition table.
func genOsbuildMount(source string, mnt disk.Mountable) (*Mount, error) {
mountpoint := mnt.GetMountpoint()
name := pathEscape(mountpoint)
t := mnt.GetFSType()
switch t {
case "xfs":
@ -242,21 +260,30 @@ func genOsbuildMount(name, source string, mnt disk.Mountable) (*Mount, error) {
}
}
// genMountsDevicesFromPt generates osbuild mounts and devices from a disk.PartitionTable
// filename is the name of the underlying image file (which will get loop-mounted).
//
// Returned values:
// 1) the name of the mount for the filesystem root
// 2) generated mounts
// 3) generated devices
// 4) error if any
func genMountsDevicesFromPt(filename string, pt *disk.PartitionTable) (string, []Mount, map[string]Device, error) {
devices := make(map[string]Device, len(pt.Partitions))
mounts := make([]Mount, 0, len(pt.Partitions))
var fsRootMntName string
genMounts := func(mnt disk.Mountable, path []disk.Entity) error {
stageDevices, name := getDevices(path, filename, false)
mountpoint := mnt.GetMountpoint()
if mountpoint == "/" {
fsRootMntName = name
}
mount, err := genOsbuildMount(name, name, mnt)
stageDevices, leafDeviceName := getDevices(path, filename, false)
mount, err := genOsbuildMount(leafDeviceName, mnt)
if err != nil {
return err
}
mountpoint := mnt.GetMountpoint()
if mountpoint == "/" {
fsRootMntName = mount.Name
}
mounts = append(mounts, *mount)
// update devices map with new elements from stageDevices

2
vendor/github.com/osbuild/images/pkg/osbuild/disk.go generated vendored
View file

@ -99,7 +99,7 @@ func GenImagePrepareStages(pt *disk.PartitionTable, filename string, partTool Pa
stages = append(stages, s...)
// Generate all the filesystems on partitons and devices
s = GenMkfsStages(pt, loopback)
s = GenMkfsStages(pt, filename)
stages = append(stages, s...)
return stages

4
vendor/github.com/osbuild/images/pkg/osbuild/kickstart_stage.go generated vendored
View file

@ -243,6 +243,10 @@ func NewKickstartStageOptionsWithLiveIMG(
// generated in place of the original file and is returned as an fsnode.File.
// The raw content *should not* contain the %include statement.
func (options *KickstartStageOptions) IncludeRaw(raw string) (*fsnode.File, error) {
// TODO: flip the way this function includes one kickstart in another when
// we add an include option to the kickstart stage so that the raw part
// remains intact, our own kickstart file remains the "primary", and we
// %include the raw kickstart from our own.
origPath := options.Path
origName := filepath.Base(origPath)

15
vendor/github.com/osbuild/images/pkg/osbuild/mkfs_stage.go generated vendored
View file

@ -8,23 +8,18 @@ import (
// GenMkfsStages generates a list of org.mkfs.* stages based on a
// partition table description for a single device node
func GenMkfsStages(pt *disk.PartitionTable, device *Device) []*Stage {
// filename is the path to the underlying image file (to be used as a source for the loopback device)
func GenMkfsStages(pt *disk.PartitionTable, filename string) []*Stage {
stages := make([]*Stage, 0, len(pt.Partitions))
// assume loopback device for simplicity since it's the only one currently supported
// panic if the conversion fails
devOptions, ok := device.Options.(*LoopbackDeviceOptions)
if !ok {
panic("GenMkfsStages: failed to convert device options to loopback options")
}
genStage := func(mnt disk.Mountable, path []disk.Entity) error {
t := mnt.GetFSType()
var stage *Stage
stageDevices, lastName := getDevices(path, devOptions.Filename, true)
stageDevices, lastName := getDevices(path, filename, true)
// the last device on the PartitionTable must be named "device"
// The last device in the chain must be named "device", because that's the device that mkfs stages run on.
// See their schema for reference.
lastDevice := stageDevices[lastName]
delete(stageDevices, lastName)
stageDevices["device"] = lastDevice

2
vendor/github.com/vmware/govmomi/internal/version/version.go generated vendored
View file

@ -21,5 +21,5 @@ const (
ClientName = "govmomi"
// ClientVersion is the version of this SDK
ClientVersion = "0.37.1"
ClientVersion = "0.37.2"
)

18
vendor/github.com/vmware/govmomi/vapi/library/library_item_updatesession_file.go generated vendored
View file

@ -1,5 +1,5 @@
/*
Copyright (c) 2019-2023 VMware, Inc. All Rights Reserved.
Copyright (c) 2019-2024 VMware, Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@ -19,6 +19,7 @@ package library
import (
"bufio"
"context"
"fmt"
"io"
"net/http"
"strings"
@ -31,6 +32,7 @@ import (
// TransferEndpoint provides information on the source of a library item file.
type TransferEndpoint struct {
URI string `json:"uri,omitempty"`
SSLCertificate string `json:"ssl_certificate,omitempty"`
SSLCertificateThumbprint string `json:"ssl_certificate_thumbprint,omitempty"`
}
@ -86,7 +88,7 @@ func (c *Manager) AddLibraryItemFile(ctx context.Context, sessionID string, upda
}
// AddLibraryItemFileFromURI adds a file from a remote URI.
func (c *Manager) AddLibraryItemFileFromURI(ctx context.Context, sessionID, name, uri string) (*UpdateFile, error) {
func (c *Manager) AddLibraryItemFileFromURI(ctx context.Context, sessionID, name, uri string, checksum ...Checksum) (*UpdateFile, error) {
source := &TransferEndpoint{
URI: uri,
}
@ -97,6 +99,12 @@ func (c *Manager) AddLibraryItemFileFromURI(ctx context.Context, sessionID, name
SourceEndpoint: source,
}
if len(checksum) == 1 && checksum[0].Checksum != "" {
file.Checksum = &checksum[0]
} else if len(checksum) > 1 {
return nil, fmt.Errorf("expected 0 or 1 checksum, got %d", len(checksum))
}
if res, err := c.Head(uri); err == nil {
file.Size = res.ContentLength
if res.TLS != nil {
@ -107,7 +115,11 @@ func (c *Manager) AddLibraryItemFileFromURI(ctx context.Context, sessionID, name
if err != nil {
return nil, err
}
source.SSLCertificateThumbprint = res.SSLThumbprint
if res.SSLCertificate != "" {
source.SSLCertificate = res.SSLCertificate
} else {
source.SSLCertificateThumbprint = res.SSLThumbprint
}
}
return c.AddLibraryItemFile(ctx, sessionID, file)

19
vendor/golang.org/x/crypto/sha3/sha3_s390x.go generated vendored
View file

@ -143,6 +143,12 @@ func (s *asmState) Write(b []byte) (int, error) {
// Read squeezes an arbitrary number of bytes from the sponge.
func (s *asmState) Read(out []byte) (n int, err error) {
// The 'compute last message digest' instruction only stores the digest
// at the first operand (dst) for SHAKE functions.
if s.function != shake_128 && s.function != shake_256 {
panic("sha3: can only call Read for SHAKE functions")
}
n = len(out)
// need to pad if we were absorbing
@ -202,8 +208,17 @@ func (s *asmState) Sum(b []byte) []byte {
// Hash the buffer. Note that we don't clear it because we
// aren't updating the state.
klmd(s.function, &a, nil, s.buf)
return append(b, a[:s.outputLen]...)
switch s.function {
case sha3_224, sha3_256, sha3_384, sha3_512:
klmd(s.function, &a, nil, s.buf)
return append(b, a[:s.outputLen]...)
case shake_128, shake_256:
d := make([]byte, s.outputLen, 64)
klmd(s.function, &a, d, s.buf)
return append(b, d[:s.outputLen]...)
default:
panic("sha3: unknown function")
}
}
// Reset resets the Hash to its initial state.

2
vendor/golang.org/x/net/html/doc.go generated vendored
View file

@ -104,7 +104,7 @@ tokenization, and tokenization and tree construction stages of the WHATWG HTML
parsing specification respectively. While the tokenizer parses and normalizes
individual HTML tokens, only the parser constructs the DOM tree from the
tokenized HTML, as described in the tree construction stage of the
specification, dynamically modifying or extending the docuemnt's DOM tree.
specification, dynamically modifying or extending the document's DOM tree.
If your use case requires semantically well-formed HTML documents, as defined by
the WHATWG specification, the parser should be used rather than the tokenizer.

13
vendor/golang.org/x/net/http/httpguts/httplex.go generated vendored
View file

@ -12,7 +12,7 @@ import (
"golang.org/x/net/idna"
)
var isTokenTable = [127]bool{
var isTokenTable = [256]bool{
'!': true,
'#': true,
'$': true,
@ -93,12 +93,7 @@ var isTokenTable = [127]bool{
}
func IsTokenRune(r rune) bool {
i := int(r)
return i < len(isTokenTable) && isTokenTable[i]
}
func isNotToken(r rune) bool {
return !IsTokenRune(r)
return r < utf8.RuneSelf && isTokenTable[byte(r)]
}
// HeaderValuesContainsToken reports whether any string in values
@ -202,8 +197,8 @@ func ValidHeaderFieldName(v string) bool {
if len(v) == 0 {
return false
}
for _, r := range v {
if !IsTokenRune(r) {
for i := 0; i < len(v); i++ {
if !isTokenTable[v[i]] {
return false
}
}

13
vendor/golang.org/x/net/http2/frame.go generated vendored
View file

@ -490,6 +490,9 @@ func terminalReadFrameError(err error) bool {
// returned error is ErrFrameTooLarge. Other errors may be of type
// ConnectionError, StreamError, or anything else from the underlying
// reader.
//
// If ReadFrame returns an error and a non-nil Frame, the Frame's StreamID
// indicates the stream responsible for the error.
func (fr *Framer) ReadFrame() (Frame, error) {
fr.errDetail = nil
if fr.lastFrame != nil {
@ -1521,7 +1524,7 @@ func (fr *Framer) maxHeaderStringLen() int {
// readMetaFrame returns 0 or more CONTINUATION frames from fr and
// merge them into the provided hf and returns a MetaHeadersFrame
// with the decoded hpack values.
func (fr *Framer) readMetaFrame(hf *HeadersFrame) (*MetaHeadersFrame, error) {
func (fr *Framer) readMetaFrame(hf *HeadersFrame) (Frame, error) {
if fr.AllowIllegalReads {
return nil, errors.New("illegal use of AllowIllegalReads with ReadMetaHeaders")
}
@ -1592,7 +1595,7 @@ func (fr *Framer) readMetaFrame(hf *HeadersFrame) (*MetaHeadersFrame, error) {
}
// It would be nice to send a RST_STREAM before sending the GOAWAY,
// but the structure of the server's frame writer makes this difficult.
return nil, ConnectionError(ErrCodeProtocol)
return mh, ConnectionError(ErrCodeProtocol)
}
// Also close the connection after any CONTINUATION frame following an
@ -1604,11 +1607,11 @@ func (fr *Framer) readMetaFrame(hf *HeadersFrame) (*MetaHeadersFrame, error) {
}
// It would be nice to send a RST_STREAM before sending the GOAWAY,
// but the structure of the server's frame writer makes this difficult.
return nil, ConnectionError(ErrCodeProtocol)
return mh, ConnectionError(ErrCodeProtocol)
}
if _, err := hdec.Write(frag); err != nil {
return nil, ConnectionError(ErrCodeCompression)
return mh, ConnectionError(ErrCodeCompression)
}
if hc.HeadersEnded() {
@ -1625,7 +1628,7 @@ func (fr *Framer) readMetaFrame(hf *HeadersFrame) (*MetaHeadersFrame, error) {
mh.HeadersFrame.invalidate()
if err := hdec.Close(); err != nil {
return nil, ConnectionError(ErrCodeCompression)
return mh, ConnectionError(ErrCodeCompression)
}
if invalid != nil {
fr.errDetail = invalid

11
vendor/golang.org/x/net/http2/server.go generated vendored
View file

@ -732,11 +732,7 @@ func isClosedConnError(err error) bool {
return false
}
// TODO: remove this string search and be more like the Windows
// case below. That might involve modifying the standard library
// to return better error types.
str := err.Error()
if strings.Contains(str, "use of closed network connection") {
if errors.Is(err, net.ErrClosed) {
return true
}
@ -1482,6 +1478,11 @@ func (sc *serverConn) processFrameFromReader(res readFrameResult) bool {
sc.goAway(ErrCodeFlowControl)
return true
case ConnectionError:
if res.f != nil {
if id := res.f.Header().StreamID; id > sc.maxClientStreamID {
sc.maxClientStreamID = id
}
}
sc.logf("http2: server connection error from %v: %v", sc.conn.RemoteAddr(), ev)
sc.goAway(ErrCode(ev))
return true // goAway will handle shutdown

15
vendor/golang.org/x/net/http2/transport.go generated vendored
View file

@ -936,7 +936,20 @@ func (cc *ClientConn) setGoAway(f *GoAwayFrame) {
}
last := f.LastStreamID
for streamID, cs := range cc.streams {
if streamID > last {
if streamID <= last {
// The server's GOAWAY indicates that it received this stream.
// It will either finish processing it, or close the connection
// without doing so. Either way, leave the stream alone for now.
continue
}
if streamID == 1 && cc.goAway.ErrCode != ErrCodeNo {
// Don't retry the first stream on a connection if we get a non-NO error.
// If the server is sending an error on a new connection,
// retrying the request on a new one probably isn't going to work.
cs.abortStreamLocked(fmt.Errorf("http2: Transport received GOAWAY from server ErrCode:%v", cc.goAway.ErrCode))
} else {
// Aborting the stream with errClentConnGotGoAway indicates that
// the request should be retried on a new connection.
cs.abortStreamLocked(errClientConnGotGoAway)
}
}

2
vendor/golang.org/x/oauth2/oauth2.go generated vendored
View file

@ -393,7 +393,7 @@ func ReuseTokenSource(t *Token, src TokenSource) TokenSource {
}
}
// ReuseTokenSource returns a TokenSource that acts in the same manner as the
// ReuseTokenSourceWithExpiry returns a TokenSource that acts in the same manner as the
// TokenSource returned by ReuseTokenSource, except the expiry buffer is
// configurable. The expiration time of a token is calculated as
// t.Expiry.Add(-earlyExpiry).

1
vendor/golang.org/x/sys/cpu/cpu.go generated vendored
View file

@ -103,6 +103,7 @@ var ARM64 struct {
HasASIMDDP bool // Advanced SIMD double precision instruction set
HasSHA512 bool // SHA512 hardware implementation
HasSVE bool // Scalable Vector Extensions
HasSVE2 bool // Scalable Vector Extensions 2
HasASIMDFHM bool // Advanced SIMD multiplication FP16 to FP32
_ CacheLinePad
}

10
vendor/golang.org/x/sys/cpu/cpu_arm64.go generated vendored
View file

@ -28,6 +28,7 @@ func initOptions() {
{Name: "sm3", Feature: &ARM64.HasSM3},
{Name: "sm4", Feature: &ARM64.HasSM4},
{Name: "sve", Feature: &ARM64.HasSVE},
{Name: "sve2", Feature: &ARM64.HasSVE2},
{Name: "crc32", Feature: &ARM64.HasCRC32},
{Name: "atomics", Feature: &ARM64.HasATOMICS},
{Name: "asimdhp", Feature: &ARM64.HasASIMDHP},
@ -164,6 +165,15 @@ func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) {
switch extractBits(pfr0, 32, 35) {
case 1:
ARM64.HasSVE = true
parseARM64SVERegister(getzfr0())
}
}
func parseARM64SVERegister(zfr0 uint64) {
switch extractBits(zfr0, 0, 3) {
case 1:
ARM64.HasSVE2 = true
}
}

8
vendor/golang.org/x/sys/cpu/cpu_arm64.s generated vendored
View file

@ -29,3 +29,11 @@ TEXT ·getpfr0(SB),NOSPLIT,$0-8
WORD $0xd5380400
MOVD R0, ret+0(FP)
RET
// func getzfr0() uint64
TEXT ·getzfr0(SB),NOSPLIT,$0-8
// get SVE Feature Register 0 into x0
// mrs x0, ID_AA64ZFR0_EL1 = d5380480
WORD $0xd5380480
MOVD R0, ret+0(FP)
RET

Some files were not shown because too many files have changed in this diff Show more