diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 55020d89bf..2fe379b516 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -11,7 +11,7 @@ jobs: actionlint: runs-on: ${{ fromJSON(vars.RUNNER) }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Check workflow files uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint@sha256:5acca218639222e4afbc82fc6e9ef56cbe646ade3b07f3f5ec364b638258a244 with: diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 660b46f70f..02466877cd 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -16,7 +16,7 @@ jobs: runs-on: ${{ fromJSON(vars.RUNNER) }} container: hashicorpdev/backport-assistant:0.5.1 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 # Fetch all branches and tags - name: Check if any migrations have changed diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4ac297eebc..d5efd1a8d1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,7 +26,7 @@ jobs: base-product-version: $${{ steps.set-product-version.outputs.base-product-version }} prerelease-product-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Product version id: set-product-version uses: hashicorp/actions-set-product-version@v2 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed @@ -39,7 +39,7 @@ jobs: product-edition: ${{ steps.get-product-edition.outputs.product-edition }} go-version: ${{ steps.get-go-version.outputs.go-version }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Determine Go version id: get-go-version # We use .go-version as our source of truth for current Go @@ -48,7 +48,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false @@ -58,7 +58,7 @@ jobs: echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT" echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -86,7 +86,7 @@ jobs: runs-on: ${{ fromJSON(vars.BUILDER_LINUX) }} steps: - name: 'Checkout directory' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - run: | echo "Product Version - ${{ needs.set-product-version.outputs.product-version }}" echo "Product Prerelease - ${{ needs.set-product-version.outputs.prerelease-product-version }}" @@ -100,7 +100,7 @@ jobs: filepath: ${{ steps.generate-metadata-file.outputs.filepath }} steps: - name: 'Checkout directory' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Generate metadata file id: generate-metadata-file uses: hashicorp/actions-generate-metadata@v1 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed @@ -108,7 +108,7 @@ jobs: repository: boundary version: ${{ needs.set-product-version.outputs.product-version }} product: ${{ env.PKG_NAME }} - - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: metadata.json path: ${{ steps.generate-metadata-file.outputs.filepath }} @@ -137,9 +137,9 @@ jobs: GOPRIVATE: "github.com/hashicorp" GO111MODULE: on steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: ${{ matrix.go }} cache: false @@ -149,7 +149,7 @@ jobs: echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT" echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -205,11 +205,11 @@ jobs: GO111MODULE: on steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Git run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: ${{ matrix.go }} cache: false @@ -219,7 +219,7 @@ jobs: echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT" echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -279,12 +279,12 @@ jobs: echo "RPM_PACKAGE=$(basename out/*.rpm)" >> "$GITHUB_ENV" echo "DEB_PACKAGE=$(basename out/*.deb)" >> "$GITHUB_ENV" - name: Upload RPM package - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ env.RPM_PACKAGE }} path: out/${{ env.RPM_PACKAGE }} - name: Upload DEB package - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ env.DEB_PACKAGE }} path: out/${{ env.DEB_PACKAGE }} @@ -307,9 +307,9 @@ jobs: GO111MODULE: on steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: ${{ matrix.go }} cache: false @@ -319,7 +319,7 @@ jobs: echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT" echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -371,7 +371,7 @@ jobs: version: ${{ needs.set-product-version.outputs.product-version }} minor-version: ${{ needs.product-metadata.outputs.product-minor-version }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Docker Build (Action) uses: hashicorp/actions-docker-build@v2 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed with: @@ -380,7 +380,6 @@ jobs: arch: ${{ matrix.arch }} tags: | docker.io/hashicorp/${{ env.repo }}:${{ env.version }} - docker.io/hashicorp/${{ env.repo }}:${{ env.version }}_${{ github.sha }} public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }} # Per-commit dev images follow the naming convention MAJOR.MINOR-dev # And MAJOR.MINOR-dev-$COMMITSHA diff --git a/.github/workflows/enos-fmt.yml b/.github/workflows/enos-fmt.yml index b8f46f3720..154f73fe82 100644 --- a/.github/workflows/enos-fmt.yml +++ b/.github/workflows/enos-fmt.yml @@ -18,7 +18,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.SERVICE_USER_GITHUB_TOKEN }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed with: terraform_wrapper: false diff --git a/.github/workflows/enos-run.yml b/.github/workflows/enos-run.yml index 08a416f416..4428ef96a7 100644 --- a/.github/workflows/enos-run.yml +++ b/.github/workflows/enos-run.yml @@ -34,11 +34,11 @@ jobs: go-cache-key: ${{ steps.go-cache-key.outputs.key }} runs-on: ${{ fromJSON(vars.RUNNER) }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: '0' - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: ${{ inputs.go-version }} cache: false @@ -53,7 +53,7 @@ jobs: echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" echo "go-bin=$(go env GOPATH)/bin" >> "$GITHUB_OUTPUT" - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -80,7 +80,6 @@ jobs: - filter: 'e2e_database' - filter: 'e2e_docker_base builder:crt' - filter: 'e2e_docker_base_plus builder:crt' - - filter: 'e2e_docker_base_with_gcp builder:crt' - filter: 'e2e_docker_base_with_vault builder:crt' - filter: 'e2e_docker_base_with_worker builder:crt' - filter: 'e2e_docker_worker_registration_controller_led builder:crt' @@ -102,20 +101,16 @@ jobs: ENOS_VAR_boundary_docker_image_name: ${{ inputs.docker-image-name }} ENOS_VAR_boundary_docker_image_file: ./support/boundary_docker_image.tar ENOS_VAR_go_version: ${{ inputs.go-version }} - ENOS_VAR_gcp_project_id: ${{ secrets.GCP_PROJECT_ID_CI }} - ENOS_VAR_gcp_client_email: ${{ secrets.GCP_CLIENT_EMAIL_CI }} - ENOS_VAR_gcp_private_key_id: ${{ secrets.GCP_PRIVATE_KEY_ID_CI }} - ENOS_VAR_gcp_private_key: ${{ secrets.GCP_PRIVATE_KEY_CI }} steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: ${{ inputs.go-version }} cache: false - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ needs.setup.outputs.cache-go-build }} @@ -133,7 +128,7 @@ jobs: terraform_wrapper: false - name: Import GPG key for Boundary pass keystore id: import_gpg - uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0 + uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 with: gpg_private_key: ${{ secrets.ENOS_GPG_PRIVATE_KEY }} passphrase: ${{ secrets.ENOS_GPG_PASSPHRASE }} @@ -152,17 +147,6 @@ jobs: role-to-assume: ${{ secrets.AWS_ROLE_ARN_CI }} role-skip-session-tagging: true role-duration-seconds: 3600 - - name: Configure GCP credentials - if: contains(matrix.filter, 'gcp') - id: gcp_auth - uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2 - with: - credentials_json: ${{ secrets.GCP_CREDENTIALS }} - access_token_lifetime: '3600s' - project_id: ${{ secrets.GCP_PROJECT_ID_CI }} - - name: 'Set up GCP Cloud SDK' - if: contains(matrix.filter, 'gcp') - uses: google-github-actions/setup-gcloud@98ddc00a17442e89a24bbf282954a3b65ce6d200 # v2.1.0 - name: Set up Enos uses: hashicorp/action-setup-enos@v1 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed with: @@ -176,7 +160,7 @@ jobs: echo "debug_data_artifact_name=enos-debug-data_$(echo ${{ matrix.filter }} | sed -e 's/ /_/g' | sed -e 's/:/=/g')" >> "$GITHUB_OUTPUT" - name: Set up dependency cache id: dep-cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: /tmp/test-deps key: enos-test-deps-password-store-1.7.4-vault-1.12.2 @@ -234,12 +218,12 @@ jobs: run: | mv ${{ steps.download-docker.outputs.download-path }}/*.tar enos/support/boundary_docker_image.tar - name: Set up Node.js - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 if: contains(matrix.filter, 'e2e_ui') with: node-version: '16.x' - name: Checkout boundary-ui - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 if: contains(matrix.filter, 'e2e_ui') with: repository: hashicorp/boundary-ui @@ -282,7 +266,7 @@ jobs: SCENARIO=$(echo "${{ matrix.filter }}" | cut -d' ' -f1) echo fragment="${SCENARIO}" >> "$GITHUB_OUTPUT" - name: Upload e2e tests output - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: test-${{ steps.split.outputs.fragment }} path: enos/*.log @@ -295,7 +279,7 @@ jobs: docker logs database - name: Upload e2e UI tests debug info if: contains(matrix.filter, 'e2e_ui') && steps.run.outcome == 'failure' - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: test-e2e-ui-debug path: enos/support/src/boundary-ui/ui/admin/tests/e2e/artifacts/test-failures @@ -308,7 +292,7 @@ jobs: enos scenario launch --timeout 60m0s --chdir ./enos ${{ matrix.filter }} - name: Upload Debug Data if: ${{ always() && steps.run_retry.outcome == 'failure' }} - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: # The name of the artifact is the same as the matrix scenario name with the spaces replaced with underscores and colons replaced by equals. name: ${{ steps.prepare_scenario.outputs.debug_data_artifact_name }} @@ -343,24 +327,27 @@ jobs: env find ./enos -name "scenario.tf" -exec cat {} \; - name: Send Slack message if Run and Retry fails (or if something else went wrong) - uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 # steps.run.outcome reports as failure when there is an error in `Run Enos scenario` # failure() captures errors before `Run Enos scenario` # failure() does not capture errors in `Run Enos scenario` due to continue-on-error if: ${{ failure() || (steps.run.outcome == 'failure' && steps.run_retry.outcome == 'failure') }} with: - method: chat.postMessage - token: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }} + channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }} payload: | - channel: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }} - text: ":x: e2e tests failed (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>" + { + "text": ":x: e2e tests failed (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>" + } + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }} - name: Send Slack message if Run but Retry passes - uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: ${{ steps.run.outcome == 'failure' && steps.run_retry.outcome != 'failure' }} with: - method: chat.postMessage - token: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }} + channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }} payload: | - channel: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }} - text: ":warning: e2e tests passed, but needed retry (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>" - + { + "text": ":warning: e2e tests passed, but needed retry (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>" + } + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }} diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 6ff1baf925..ad74a3d2cc 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -34,7 +34,7 @@ jobs: name: Fuzz grants.Parse runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Determine Go version id: get-go-version # We use .go-version as our source of truth for current Go @@ -42,14 +42,14 @@ jobs: run: | echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" - shell: bash run: go test ./internal/perms -fuzz=FuzzParse -fuzztime=30s - name: Upload fuzz failure seed corpus as run artifact if: failure() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: fuzz-corpus path: ./internal/perms/testdata/fuzz diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 23e48b4162..c2a5d3601b 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -13,7 +13,7 @@ jobs: name: "Run Linter" runs-on: ${{ fromJSON(vars.RUNNER) }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: '0' - name: Determine Go version @@ -24,7 +24,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" - name: Install Dependencies diff --git a/.github/workflows/make-gen-delta.yml b/.github/workflows/make-gen-delta.yml index cf604780b2..19476c0289 100644 --- a/.github/workflows/make-gen-delta.yml +++ b/.github/workflows/make-gen-delta.yml @@ -12,7 +12,7 @@ jobs: name: "Check for uncommitted changes from make gen" runs-on: ${{ fromJSON(vars.RUNNER) }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: '0' - name: Determine Go version @@ -23,7 +23,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" - name: Running go mod tidy diff --git a/.github/workflows/schema-diff.yml b/.github/workflows/schema-diff.yml index 6dbecb7068..a5ea449b01 100644 --- a/.github/workflows/schema-diff.yml +++ b/.github/workflows/schema-diff.yml @@ -30,7 +30,7 @@ jobs: if: '! github.event.pull_request.draft' runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: '0' - name: Generate Schema Diff diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 3790d400b7..45fe62d03f 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -17,7 +17,7 @@ jobs: github.actor != 'dependabot[bot]' && github.actor != 'hc-github-team-secure-boundary' steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Determine Go version id: get-go-version @@ -28,21 +28,21 @@ jobs: echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false - name: Set up Python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: 3.x - name: Clone Security Scanner repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: hashicorp/security-scanner - token: ${{ secrets.PRODSEC_SCANNER_READ_ONLY }} + token: ${{ secrets.HASHIBOT_PRODSEC_GITHUB_TOKEN }} path: security-scanner ref: main @@ -64,7 +64,7 @@ jobs: python3 -m pip install semgrep==1.45.0 # CodeQL - LATEST=$(gh release list --repo https://github.com/github/codeql-action | cut -f 3 | grep codeql-bundle- | sort --version-sort | tail -n1) + LATEST=$(gh release list --repo https://github.com/github/codeql-action | cut -f 3 | sort --version-sort | tail -n1) gh release download --repo https://github.com/github/codeql-action --pattern codeql-bundle-linux64.tar.gz "$LATEST" tar xf codeql-bundle-linux64.tar.gz -C "$HOME/.bin" @@ -79,7 +79,7 @@ jobs: repository: "$PWD" - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@cbe18979603527f12c7871a6eb04833ecf1548c7 # codeql-bundle-v2.19.3 + uses: github/codeql-action/upload-sarif@5618c9fc1e675841ca52c1c6b1304f5255a905a0 # codeql-bundle-v2.19.0 with: sarif_file: results.sarif diff --git a/.github/workflows/test-ci-bootstrap-oss.yml b/.github/workflows/test-ci-bootstrap-oss.yml index 54984daa9d..d89734dc0d 100644 --- a/.github/workflows/test-ci-bootstrap-oss.yml +++ b/.github/workflows/test-ci-bootstrap-oss.yml @@ -27,7 +27,7 @@ jobs: TF_TOKEN_app_terraform_io: ${{ secrets.TF_API_TOKEN }} runs-on: ${{ fromJSON(vars.RUNNER) }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up Terraform uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed - name: Configure AWS credentials diff --git a/.github/workflows/test-ci-cleanup-oss.yml b/.github/workflows/test-ci-cleanup-oss.yml index ac792bae4c..985ea52a53 100644 --- a/.github/workflows/test-ci-cleanup-oss.yml +++ b/.github/workflows/test-ci-cleanup-oss.yml @@ -53,7 +53,7 @@ jobs: role-skip-session-tagging: true role-duration-seconds: 3600 mask-aws-account-id: false - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Configure run: | cp enos/ci/aws-nuke.yml . diff --git a/.github/workflows/test-cli-ui_oss.yml b/.github/workflows/test-cli-ui_oss.yml index f47b4d237f..de52043355 100644 --- a/.github/workflows/test-cli-ui_oss.yml +++ b/.github/workflows/test-cli-ui_oss.yml @@ -16,10 +16,10 @@ jobs: runs-on: ${{ fromJSON(vars.RUNNER) }} name: CLI tests steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Import GPG key for Boundary pass keystore id: import_gpg - uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0 + uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 with: gpg_private_key: ${{ secrets.ENOS_GPG_PRIVATE_KEY }} passphrase: ${{ secrets.ENOS_GPG_PASSPHRASE }} @@ -31,12 +31,12 @@ jobs: cat ~/.gnupg/gpg.conf - name: Set up Bats CLI UI tests dependency cache id: dep-cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: /tmp/bats-cli-ui-deps key: enos-bats-cli-ui-deps-jq-1.6-password-store-1.7.4-vault-1.12.2 - name: Set up Node for Bats install - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: 16 - name: Install Bats via NPM @@ -112,10 +112,12 @@ jobs: make -C internal/tests/cli test-vault-down - name: Send Slack message if: ${{ failure() }} - uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 with: - method: chat.postMessage - token: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }} + channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }} payload: | - channel: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }} - text: ":x: bats tests failed: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>" + { + "text": ":x: bats tests failed: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>" + } + env: + SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }} diff --git a/.github/workflows/test-race.yml b/.github/workflows/test-race.yml index 127e63bf47..3ca39bcc52 100644 --- a/.github/workflows/test-race.yml +++ b/.github/workflows/test-race.yml @@ -25,7 +25,7 @@ jobs: plugin-cache-key: ${{ steps.plugin-cache-key.outputs.key }} runs-on: ${{ fromJSON(vars.RUNNER) }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: '0' - name: Determine Go version @@ -36,7 +36,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false @@ -51,7 +51,7 @@ jobs: echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" echo "go-bin=$(go env GOPATH)/bin" >> "$GITHUB_OUTPUT" - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -74,7 +74,7 @@ jobs: echo "path=plugins/**/assets/*.gz" >> "$GITHUB_OUTPUT" - name: Set up plugin cache id: plugin-cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.plugin-cache-paths.outputs.path }} @@ -93,14 +93,14 @@ jobs: matrix: module: ["api", "sdk"] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ needs.setup.outputs.cache-go-build }} @@ -125,14 +125,14 @@ jobs: ulimit -Sa echo "Hard limits" ulimit -Ha - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ needs.setup.outputs.cache-go-build }} @@ -144,7 +144,7 @@ jobs: fail-on-cache-miss: false - name: Set up plugin cache id: plugin-cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ needs.setup.outputs.plugin-cache-path }} diff --git a/.github/workflows/test-sql.yml b/.github/workflows/test-sql.yml index 27007ebe27..3d97446457 100644 --- a/.github/workflows/test-sql.yml +++ b/.github/workflows/test-sql.yml @@ -18,7 +18,7 @@ jobs: postgres-version: [ latest, 12-alpine, 13-alpine, 14-alpine, 15-alpine ] name: SQL Tests ${{ matrix.postgres-version }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Run SQL PgTap Tests run: | make test-sql POSTGRES_DOCKER_IMAGE_BASE=docker.mirror.hashicorp.services/postgres PG_DOCKER_TAG=${{ matrix.postgres-version }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5b7cc89c54..41b4bedbae 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -25,7 +25,7 @@ jobs: plugin-cache-key: ${{ steps.plugin-cache-key.outputs.key }} runs-on: ${{ fromJSON(vars.RUNNER) }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: '0' - name: Determine Go version @@ -36,7 +36,7 @@ jobs: echo "Building with Go $(cat .go-version)" echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT" - name: Set up Go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ steps.get-go-version.outputs.go-version }}" cache: false @@ -51,7 +51,7 @@ jobs: echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" echo "go-bin=$(go env GOPATH)/bin" >> "$GITHUB_OUTPUT" - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -74,7 +74,7 @@ jobs: echo "path=plugins/**/assets/*.gz" >> "$GITHUB_OUTPUT" - name: Set up plugin cache id: plugin-cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ steps.plugin-cache-paths.outputs.path }} @@ -93,14 +93,14 @@ jobs: matrix: module: ["api", "sdk"] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ needs.setup.outputs.cache-go-build }} @@ -125,14 +125,14 @@ jobs: ulimit -Sa echo "Hard limits" ulimit -Ha - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set up go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: "${{ needs.setup.outputs.go-version }}" cache: false - name: Set up Go modules cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ needs.setup.outputs.cache-go-build }} @@ -144,7 +144,7 @@ jobs: fail-on-cache-miss: false - name: Set up plugin cache id: plugin-cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | ${{ needs.setup.outputs.plugin-cache-path }} diff --git a/.github/workflows/trigger-merge-to-downstream.yml b/.github/workflows/trigger-merge-to-downstream.yml index aec3f938f3..000dcc043f 100644 --- a/.github/workflows/trigger-merge-to-downstream.yml +++ b/.github/workflows/trigger-merge-to-downstream.yml @@ -18,7 +18,7 @@ jobs: DOWNSTREAM_TOK: ${{ secrets.DOWNSTREAM_TOK }} DOWNSTREAM_WORKFLOW: ${{ vars.DOWNSTREAM_WORKFLOW }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Trigger Merge run: | ./scripts/trigger-merge-to-downstream-gha ${{ github.ref_name }} diff --git a/.go-version b/.go-version index ac1df3fce3..49e0a31d49 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.23.3 +1.23.1 diff --git a/CHANGELOG.md b/CHANGELOG.md index df42e577f0..58b6446307 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,38 +2,6 @@ Canonical reference for changes, improvements, and bugfixes for Boundary. -## Next - -### New and Improved - -* Introduces soft-delete for users within the client cache. - ([PR](https://github.com/hashicorp/boundary/pull/5173)). - -## 0.18.2 (2024/12/12) -### Bug fixes - -* Fixed an issue where session recordings would fail when large numbers of - sessions were created around the same time. ([PR](https://github.com/hashicorp/boundary-plugin-aws/pull/55)) -* Fixed an issue where the controller would incorrectly handle HTTP requests - and stop prematurely. ([PR](https://github.com/hashicorp/boundary/pull/5304)) - -## 0.18.1 (2024/11/21) -### New and Improved - -* Delete terminated sessions in batches to avoid long running jobs. - ([PR](https://github.com/hashicorp/boundary/pull/5201)) - -### Bug fixes - -* Fix an issue where users would lose access to managed groups if - there are more than 10,000 managed groups in the auth method used. - ([PR](https://github.com/hashicorp/boundary/pull/5242)) -* Fix an issue where only the first 10,000 members of a managed group - are returned when getting the managed group, and a similar issue where - only the first 10,000 managed groups an account is part of is included - when getting the account. - ([PR](https://github.com/hashicorp/boundary/pull/5245)) - ## 0.18.0 (2024/10/01) ### New and Improved diff --git a/CODEOWNERS b/CODEOWNERS index 2520668fd3..44fba948e1 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,7 +1,12 @@ # These owners will be the default owners for everything in # the repo, unless a later match takes precedence. -* @hashicorp/boundary +@hashicorp/boundary -# web presence and education +# release configuration -/website/ @hashicorp/boundary-education-approvers @hashicorp/web-presence @hashicorp/boundary \ No newline at end of file +/.release/ @hashicorp/github-secure-boundary +/.github/workflows/build.yml @hashicorp/github-secure-boundary + +# education + +/website/content/ @hashicorp/boundary-education-approvers diff --git a/api/go.mod b/api/go.mod index 699f004079..ce20c34df6 100644 --- a/api/go.mod +++ b/api/go.mod @@ -1,12 +1,12 @@ module github.com/hashicorp/boundary/api -go 1.23.3 +go 1.23.1 require ( github.com/hashicorp/boundary/sdk v0.0.48 github.com/hashicorp/go-cleanhttp v0.5.2 - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 - github.com/hashicorp/go-retryablehttp v0.7.7 + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 + github.com/hashicorp/go-retryablehttp v0.7.4 github.com/hashicorp/go-rootcerts v1.0.2 github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 @@ -19,7 +19,7 @@ require ( go.uber.org/atomic v1.11.0 golang.org/x/time v0.3.0 google.golang.org/grpc v1.61.0 - google.golang.org/protobuf v1.34.2 + google.golang.org/protobuf v1.33.0 nhooyr.io/websocket v1.8.10 ) @@ -37,8 +37,8 @@ require ( github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect - golang.org/x/crypto v0.31.0 // indirect - golang.org/x/sys v0.28.0 // indirect + golang.org/x/crypto v0.18.0 // indirect + golang.org/x/sys v0.16.0 // indirect google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/api/go.sum b/api/go.sum index 71e3415864..4b7b62d724 100644 --- a/api/go.sum +++ b/api/go.sum @@ -12,8 +12,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= -github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho= github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= @@ -36,18 +36,19 @@ github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0/go.mod h1:tMywUTIvdB/FXhwm6HMTt61C8/eODY6gitCHhXtyojg= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= -github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= +github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= -github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= -github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= +github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= +github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= @@ -95,8 +96,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= -github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= @@ -130,6 +131,7 @@ github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFR github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= @@ -143,8 +145,8 @@ go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= @@ -154,19 +156,19 @@ golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -189,8 +191,8 @@ google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= diff --git a/enos/ci/bootstrap/main.tf b/enos/ci/bootstrap/main.tf index 1b9f952fb6..3c778c49ce 100644 --- a/enos/ci/bootstrap/main.tf +++ b/enos/ci/bootstrap/main.tf @@ -4,8 +4,7 @@ terraform { required_providers { aws = { - source = "hashicorp/aws" - version = "5.72.1" + source = "hashicorp/aws" } } diff --git a/enos/ci/service-user-iam/main.tf b/enos/ci/service-user-iam/main.tf index e1e83ef3dd..a8c2fd4d6e 100644 --- a/enos/ci/service-user-iam/main.tf +++ b/enos/ci/service-user-iam/main.tf @@ -119,7 +119,6 @@ data "aws_iam_policy_document" "enos_policy_document" { "ec2:RevokeSecurityGroupIngress", "ec2:RunInstances", "ec2:TerminateInstances", - "ec2:UnassignIpv6Addresses", "elasticloadbalancing:AddTags", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:AttachLoadBalancerToSubnets", @@ -133,7 +132,6 @@ data "aws_iam_policy_document" "enos_policy_document" { "elasticloadbalancing:DeleteRule", "elasticloadbalancing:DeleteTargetGroup", "elasticloadbalancing:DeregisterTargets", - "elasticloadbalancing:DescribeListenerAttributes", "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", @@ -228,7 +226,6 @@ data "aws_iam_policy_document" "enos_policy_document" { "s3:HeadBucket", "s3:PutBucket*", "s3:ListBucket", - "s3:PutLifecycleConfiguration", ] resources = ["*"] diff --git a/enos/enos-modules.hcl b/enos/enos-modules.hcl index 0c7c7facc1..d2b53ba110 100644 --- a/enos/enos-modules.hcl +++ b/enos/enos-modules.hcl @@ -178,15 +178,3 @@ module "docker_ldap" { module "docker_minio" { source = "./modules/docker_minio" } - -module "gcp_iam_setup" { - source = "./modules/gcp_iam_setup" - gcp_project_id = var.gcp_project_id -} - -module "gcp_target" { - source = "./modules/gcp_target" - target_count = var.target_count - environment = var.environment - enos_user = var.enos_user -} diff --git a/enos/enos-scenario-e2e-docker-base-with-gcp.hcl b/enos/enos-scenario-e2e-docker-base-with-gcp.hcl deleted file mode 100644 index d70f476487..0000000000 --- a/enos/enos-scenario-e2e-docker-base-with-gcp.hcl +++ /dev/null @@ -1,143 +0,0 @@ -# Copyright (c) HashiCorp, Inc. -# SPDX-License-Identifier: BUSL-1.1 - -# For this scenario to work, add the following line to /etc/hosts -# 127.0.0.1 localhost boundary - -scenario "e2e_docker_base_with_gcp" { - terraform_cli = terraform_cli.default - terraform = terraform.default - providers = [ - provider.enos.default, - provider.google.default - ] - - matrix { - builder = ["local", "crt"] - } - - locals { - local_boundary_dir = var.local_boundary_dir != null ? abspath(var.local_boundary_dir) : null - local_boundary_src_dir = var.local_boundary_src_dir != null ? abspath(var.local_boundary_src_dir) : null - boundary_docker_image_file = abspath(var.boundary_docker_image_file) - license_path = abspath(var.boundary_license_path != null ? var.boundary_license_path : joinpath(path.root, "./support/boundary.hclic")) - gcp_private_key = var.gcp_private_key_path != null ? file(var.gcp_private_key_path) : var.gcp_private_key - - network_cluster = "e2e_gcp" - - build_path = { - "local" = "/tmp", - "crt" = var.crt_bundle_path == null ? null : abspath(var.crt_bundle_path) - } - tags = merge({ - "Project Name" : var.project_name - "Project" : "Enos", - "Environment" : "ci" - }, var.tags) - } - - step "build_boundary_docker_image" { - module = matrix.builder == "crt" ? module.build_boundary_docker_crt : module.build_boundary_docker_local - - variables { - path = matrix.builder == "crt" ? local.boundary_docker_image_file : "" - cli_build_path = local.build_path[matrix.builder] - edition = var.boundary_edition - } - } - - step "create_docker_network" { - module = module.docker_network - variables { - network_name = local.network_cluster - } - } - - step "create_boundary_database" { - depends_on = [ - step.create_docker_network - ] - variables { - image_name = "${var.docker_mirror}/library/postgres:latest" - network_name = [local.network_cluster] - } - module = module.docker_postgres - } - - step "read_license" { - skip_step = var.boundary_edition == "oss" - module = module.read_license - - variables { - file_name = local.license_path - } - } - - step "create_boundary" { - module = module.docker_boundary - depends_on = [ - step.create_docker_network, - step.create_boundary_database, - step.build_boundary_docker_image - ] - variables { - image_name = matrix.builder == "crt" ? var.boundary_docker_image_name : step.build_boundary_docker_image.image_name - network_name = [local.network_cluster] - database_network = local.network_cluster - postgres_address = step.create_boundary_database.address - boundary_license = var.boundary_edition != "oss" ? step.read_license.license : "" - } - } - - step "create_test_id" { - module = module.random_stringifier - variables { - length = 5 - } - } - - step "create_gcp_target" { - module = module.gcp_target - - variables { - enos_user = var.enos_user - instance_type = var.gcp_target_instance_type - gcp_zone = var.gcp_zone - target_count = 1 - } - } - - step "run_e2e_test" { - module = module.test_e2e_docker - depends_on = [ - step.create_boundary, - step.create_gcp_target - ] - variables { - test_package = "github.com/hashicorp/boundary/testing/internal/e2e/tests/gcp" - docker_mirror = var.docker_mirror - network_name = step.create_docker_network.network_name - go_version = var.go_version - debug_no_run = var.e2e_debug_no_run - alb_boundary_api_addr = step.create_boundary.address - auth_method_id = step.create_boundary.auth_method_id - auth_login_name = step.create_boundary.login_name - auth_password = step.create_boundary.password - local_boundary_dir = step.build_boundary_docker_image.cli_zip_path - local_boundary_src_dir = local.local_boundary_src_dir - gcp_host_set_filter1 = step.create_gcp_target.filter_label1 - gcp_host_set_filter2 = step.create_gcp_target.filter_label2 - gcp_private_key_id = var.gcp_private_key_id - gcp_private_key = local.gcp_private_key - gcp_zone = var.gcp_zone - gcp_project_id = var.gcp_project_id - gcp_client_email = var.gcp_client_email - gcp_target_ssh_key = step.create_gcp_target.target_ssh_key - gcp_host_set_ips = step.create_gcp_target.target_ips - target_address = step.create_gcp_target.target_public_ips[0] - target_port = "22" - target_user = "ubuntu" - max_page_size = step.create_boundary.max_page_size - } - } -} diff --git a/enos/enos-variables.hcl b/enos/enos-variables.hcl index 19a5bf867c..aa41eaec93 100644 --- a/enos/enos-variables.hcl +++ b/enos/enos-variables.hcl @@ -200,56 +200,3 @@ variable "hcp_boundary_cluster_id" { // If using HCP int, ensure that the cluster id starts with "int-" // Example: "int-19283a-123123-..." } - -variable "gcp_target_instance_type" { - description = "Instance type for test target nodes" - type = string - default = "e2-micro" -} - -variable "gcp_region" { - description = "GCP region where the resources will be created" - type = string - default = "us-central1" -} - -variable "gcp_zone" { - description = "GCP zone where the resources will be created" - type = string - default = "us-central1-a" -} - -variable "gcp_project_id" { - description = "GCP project where the resources will be created" - type = string - sensitive = true - default = "" -} - -variable "gcp_private_key_path" { - description = "Path to the GCP private key" - type = string - sensitive = true - default = null -} - -variable "gcp_private_key" { - description = "GCP private key" - type = string - sensitive = true - default = null -} - -variable "gcp_private_key_id" { - description = "GCP private key ID" - type = string - sensitive = true - default = null -} - -variable "gcp_client_email" { - description = "GCP client email" - type = string - sensitive = true - default = null -} \ No newline at end of file diff --git a/enos/enos.hcl b/enos/enos.hcl index 85c68c6bbd..5bd1d82a53 100644 --- a/enos/enos.hcl +++ b/enos/enos.hcl @@ -14,13 +14,7 @@ terraform "default" { } aws = { - source = "hashicorp/aws" - version = "5.72.1" - } - - google = { - source = "hashicorp/google" - version = "5.22.0" + source = "hashicorp/aws" } } } @@ -37,8 +31,3 @@ provider "enos" "default" { } } } - -provider "google" "default" { - region = var.gcp_region - project = var.gcp_project_id -} diff --git a/enos/enos.vars.hcl b/enos/enos.vars.hcl index c558af8cd1..0609134642 100644 --- a/enos/enos.vars.hcl +++ b/enos/enos.vars.hcl @@ -60,23 +60,6 @@ // Number of target instances to create. Applies to AWS scenarios only. // target_count = 1 -// The GCP project ID to use for the tests. Only needed if running GCP scenarios. -// gcp_project_id = "my-gcp-project-id" - -// The GCP private_key_path. This is used to authenticate with GCP. Only needed -// if running GCP scenarios. This should not be used in combination with gcp_private_key. -// gcp_private_key_path = "" - -// The GCP private_key. This is used to authenticate with GCP. Only needed -// if running GCP scenarios. This should not be used in combination with gcp_private_key_path. -// gcp_private_key = "" - -// The GCP private_key_id. Only needed if running GCP scenarios. -// gcp_private_key_id = "" - -// The GCP client_email used to authenticate with GCP -// gcp_client_email = "my-gcp-client-email" - // The directory that contains the copy of the boundary cli that the e2e tests // will use in CI. Only needed if e2e_debug_no_run = false. // local_boundary_dir = "/Users//.go/bin" diff --git a/enos/modules/aws_boundary/variables.tf b/enos/modules/aws_boundary/variables.tf index 1509dd3723..abeaf87080 100644 --- a/enos/modules/aws_boundary/variables.tf +++ b/enos/modules/aws_boundary/variables.tf @@ -25,7 +25,7 @@ variable "worker_count" { variable "worker_instance_type" { description = "EC2 Instance type" type = string - default = "t2.small" + default = "t2.micro" } variable "worker_type_tags" { @@ -72,7 +72,7 @@ variable "controller_count" { variable "controller_instance_type" { description = "EC2 Instance type" type = string - default = "t2.small" + default = "t2.micro" } variable "controller_ebs_iops" { diff --git a/enos/modules/aws_bucket/main.tf b/enos/modules/aws_bucket/main.tf index 9557820668..20c7b1c394 100644 --- a/enos/modules/aws_bucket/main.tf +++ b/enos/modules/aws_bucket/main.tf @@ -3,29 +3,10 @@ resource "random_pet" "default" {} -data "aws_caller_identity" "current" {} - resource "aws_s3_bucket" "default" { bucket_prefix = "enos-${random_pet.default.id}-" force_destroy = true - tags = merge( - local.common_tags, - { - User = "${split(":", data.aws_caller_identity.current.user_id)[1]}" - }, - ) -} - -resource "aws_s3_bucket_lifecycle_configuration" "example" { - bucket = aws_s3_bucket.default.id - - rule { - id = "file_retention" - expiration { - days = 30 - } - status = "Enabled" - } + tags = local.common_tags } data "aws_iam_policy_document" "default" { diff --git a/enos/modules/aws_worker/main.tf b/enos/modules/aws_worker/main.tf index 1d1ce692dc..67b8a8d8d8 100644 --- a/enos/modules/aws_worker/main.tf +++ b/enos/modules/aws_worker/main.tf @@ -10,7 +10,6 @@ terraform { } data "enos_environment" "current" {} -data "aws_caller_identity" "current" {} locals { selected_az = data.aws_availability_zones.available.names[random_integer.az.result] @@ -145,7 +144,7 @@ resource "aws_instance" "worker" { tags = merge( local.common_tags, { - Name = "${var.name_prefix}-boundary-worker-${split(":", data.aws_caller_identity.current.user_id)[1]}", + Name = "${var.name_prefix}-boundary-worker", }, ) } diff --git a/enos/modules/aws_worker/variables.tf b/enos/modules/aws_worker/variables.tf index 2b3dfbe426..dcda83f665 100644 --- a/enos/modules/aws_worker/variables.tf +++ b/enos/modules/aws_worker/variables.tf @@ -31,7 +31,7 @@ variable "ubuntu_ami_id" { variable "worker_instance_type" { description = "The EC2 Instance type to be used for the worker's node" type = string - default = "t2.small" + default = "t2.micro" } variable "ssh_aws_keypair" { diff --git a/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca b/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca index de348a417a..00cd08e724 100644 --- a/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca +++ b/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/00-trust-user-ca @@ -2,13 +2,13 @@ # Copyright (c) HashiCorp, Inc. # SPDX-License-Identifier: BUSL-1.1 -cp /ca/ca-key.pub /config/sshd/ca-key.pub -chown 1000:1000 /config/sshd/ca-key.pub -chmod 644 /config/sshd/ca-key.pub -echo TrustedUserCAKeys /config/sshd/ca-key.pub >> /config/sshd/sshd_config -echo PermitTTY yes >> /config/sshd/sshd_config -sed -i 's/X11Forwarding no/X11Forwarding yes/' /config/sshd/sshd_config -echo "X11UseLocalhost no" >> /config/sshd/sshd_config +cp /ca/ca-key.pub /etc/ssh/ca-key.pub +chown 1000:1000 /etc/ssh/ca-key.pub +chmod 644 /etc/ssh/ca-key.pub +echo TrustedUserCAKeys /etc/ssh/ca-key.pub >> /etc/ssh/sshd_config +echo PermitTTY yes >> /etc/ssh/sshd_config +sed -i 's/X11Forwarding no/X11Forwarding yes/' /etc/ssh/sshd_config +echo "X11UseLocalhost no" >> /etc/ssh/sshd_config apk update apk add xterm util-linux dbus ttf-freefont xauth firefox diff --git a/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/01-allow-tcp-forwarding b/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/01-allow-tcp-forwarding deleted file mode 100644 index b5f589da23..0000000000 --- a/enos/modules/docker_openssh_server_ca_key/custom-cont-init.d/01-allow-tcp-forwarding +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/with-contenv bash -# Copyright (c) HashiCorp, Inc. -# SPDX-License-Identifier: BUSL-1.1 - -sed -i 's/AllowTcpForwarding no/AllowTcpForwarding yes/' /config/sshd/sshd_config diff --git a/enos/modules/docker_openssh_server_ca_key/main.tf b/enos/modules/docker_openssh_server_ca_key/main.tf index cf1441aefe..c6cd4bab6c 100644 --- a/enos/modules/docker_openssh_server_ca_key/main.tf +++ b/enos/modules/docker_openssh_server_ca_key/main.tf @@ -61,14 +61,9 @@ locals { ca_public_key = data.tls_public_key.ca_key.public_key_openssh } -data "docker_registry_image" "openssh" { - name = var.image_name -} - resource "docker_image" "openssh_server" { - name = var.image_name - keep_locally = true - pull_triggers = [data.docker_registry_image.openssh.sha256_digest] + name = var.image_name + keep_locally = true } resource "docker_container" "openssh_server" { @@ -80,7 +75,6 @@ resource "docker_container" "openssh_server" { "TZ=US/Eastern", "USER_NAME=${var.target_user}", "PUBLIC_KEY=${local.ssh_public_key}", - "SUDO_ACCESS=true", ] network_mode = "bridge" dynamic "networks_advanced" { diff --git a/enos/modules/gcp_target/main.tf b/enos/modules/gcp_target/main.tf deleted file mode 100644 index a983daa06d..0000000000 --- a/enos/modules/gcp_target/main.tf +++ /dev/null @@ -1,160 +0,0 @@ -# Copyright (c) HashiCorp, Inc. -# SPDX-License-Identifier: BUSL-1.1 - -terraform { - required_providers { - enos = { - source = "registry.terraform.io/hashicorp-forge/enos" - } - } -} - -variable "target_count" {} -variable "enos_user" {} -variable "additional_labels" { - default = {} -} -variable "instance_type" { - description = "The type of instance to create." - type = string - default = "e2-micro" -} -variable "environment" { - description = "Name of the environment." - type = string - default = "enos-environment" -} -variable "private_cidr_block" { - type = list(string) - default = ["10.0.0.0/8"] -} -variable "gcp_zone" { - description = "The zone to deploy the resources." - type = string - default = "us-central1-a" -} - -data "enos_environment" "current" {} - -resource "random_string" "test_string" { - length = 5 - lower = true - upper = false - numeric = false - special = false -} - -resource "google_compute_network" "boundary_compute_network" { - name = "boundary-enos-network-${random_string.test_string.result}" -} - -resource "random_id" "filter_label1" { - prefix = "enos_boundary" - byte_length = 4 -} - -resource "random_id" "filter_label2" { - prefix = "enos_boundary" - byte_length = 4 -} - -resource "tls_private_key" "ssh" { - algorithm = "RSA" - rsa_bits = 4096 -} - -resource "google_compute_address" "boundary_external_ip" { - count = var.target_count - name = "boundary-external-ip-${random_string.test_string.result}-${count.index}" - address_type = "EXTERNAL" -} - -resource "google_compute_firewall" "boundary_private_ssh" { - name = "boundary-private-ssh-${random_string.test_string.result}" - network = google_compute_network.boundary_compute_network.name - source_ranges = var.private_cidr_block - target_tags = ["boundary-target-${random_string.test_string.result}"] - - allow { - protocol = "tcp" - ports = ["22"] - } -} - -resource "google_compute_firewall" "boundary_enos_ssh" { - name = "boundary-enos-ssh-${random_string.test_string.result}" - network = google_compute_network.boundary_compute_network.name - source_ranges = flatten([formatlist("%s/32", data.enos_environment.current.public_ipv4_addresses)]) - target_tags = ["boundary-target-${random_string.test_string.result}"] - - allow { - protocol = "tcp" - ports = ["22"] - } -} - -resource "google_compute_instance" "boundary_target" { - count = var.target_count - name = "boundary-target-${random_string.test_string.result}-${count.index}" - machine_type = var.instance_type - zone = var.gcp_zone - - boot_disk { - initialize_params { - image = "ubuntu-os-cloud/ubuntu-2204-lts" - } - } - - network_interface { - network = google_compute_network.boundary_compute_network.id - - access_config { - nat_ip = google_compute_address.boundary_external_ip[count.index].address - } - } - - tags = ["boundary-target-${random_string.test_string.result}"] - - metadata = { - ssh-keys = "ubuntu:${tls_private_key.ssh.public_key_openssh}" - } - - labels = merge(var.additional_labels, { - "name" : "boundary-target-${random_string.test_string.result}-${count.index}", - "type" : "target", - "project" : "enos", - "project_name" : "qti-enos-boundary", - "environment" : var.environment, - "enos_user" : var.enos_user, - "filter_label_1" : random_id.filter_label1.hex - "filter_label_2" : random_id.filter_label2.hex - }) -} - -output "target_private_ips" { - value = [for instance in google_compute_instance.boundary_target : instance.network_interface[0].network_ip] -} - -output "target_public_ips" { - value = [for instance in google_compute_instance.boundary_target : instance.network_interface[0].access_config[0].nat_ip] -} - -output "target_ips" { - value = flatten([ - [for instance in google_compute_instance.boundary_target : instance.network_interface[0].network_ip], - [for instance in google_compute_instance.boundary_target : instance.network_interface[0].access_config[0].nat_ip] - ]) -} - -output "target_ssh_key" { - value = tls_private_key.ssh.private_key_pem - sensitive = true -} - -output "filter_label1" { - value = "labels.filter_label_1=${random_id.filter_label1.hex}" -} - -output "filter_label2" { - value = "labels.filter_label_2=${random_id.filter_label2.hex}" -} \ No newline at end of file diff --git a/enos/modules/test_e2e_docker/main.tf b/enos/modules/test_e2e_docker/main.tf index 839acfefec..8bd7b0f0d9 100644 --- a/enos/modules/test_e2e_docker/main.tf +++ b/enos/modules/test_e2e_docker/main.tf @@ -222,63 +222,6 @@ variable "test_timeout" { type = string default = "25m" } -variable "gcp_private_key_id" { - description = "ID of the private key used to authenticate with GCP" - type = string - sensitive = true - default = "" -} - -variable "gcp_private_key" { - description = "Private key used to authenticate with GCP" - type = string - sensitive = true - default = "" -} - -variable "gcp_project_id" { - description = "GCP project where the resources will be created" - type = string - default = "" -} - -variable "gcp_zone" { - description = "GCP zone where the resources will be created" - type = string - default = "" -} - -variable "gcp_target_ssh_key" { - description = "SSH key used to authenticate with GCP target" - type = string - sensitive = true - default = "" -} - -variable "gcp_client_email" { - description = "GCP client email associated with the private key" - type = string - sensitive = true - default = "" -} - -variable "gcp_host_set_filter1" { - description = "value for the first filter in the host set" - type = string - default = "" -} - -variable "gcp_host_set_filter2" { - description = "value for the second filter in the host set" - type = string - default = "" -} - -variable "gcp_host_set_ips" { - description = "List of IP addresses" - type = list(string) - default = [""] -} resource "enos_local_exec" "get_go_version" { count = var.go_version == "" ? 1 : 0 @@ -341,15 +284,6 @@ resource "enos_local_exec" "run_e2e_test" { E2E_LDAP_USER_NAME = var.ldap_user_name E2E_LDAP_USER_PASSWORD = var.ldap_user_password E2E_LDAP_GROUP_NAME = var.ldap_group_name - E2E_GCP_PRIVATE_KEY_ID = var.gcp_private_key_id - E2E_GCP_PRIVATE_KEY = var.gcp_private_key - E2E_GCP_PROJECT_ID = var.gcp_project_id - E2E_GCP_CLIENT_EMAIL = var.gcp_client_email - E2E_GCP_ZONE = var.gcp_zone - E2E_GCP_TARGET_SSH_KEY = var.gcp_target_ssh_key - E2E_GCP_HOST_SET_FILTER1 = var.gcp_host_set_filter1 - E2E_GCP_HOST_SET_FILTER2 = var.gcp_host_set_filter2 - E2E_GCP_HOST_SET_IPS = jsonencode(var.gcp_host_set_ips) E2E_MAX_PAGE_SIZE = var.max_page_size E2E_CONTROLLER_CONTAINER_NAME = var.controller_container_name BOUNDARY_DIR = abspath(var.local_boundary_src_dir) diff --git a/enos/modules/test_e2e_docker/test_runner.sh b/enos/modules/test_e2e_docker/test_runner.sh index 24e1e99d5b..e4c1390c73 100644 --- a/enos/modules/test_e2e_docker/test_runner.sh +++ b/enos/modules/test_e2e_docker/test_runner.sh @@ -45,15 +45,6 @@ docker run \ -e "E2E_LDAP_USER_NAME=$E2E_LDAP_USER_NAME" \ -e "E2E_LDAP_USER_PASSWORD=$E2E_LDAP_USER_PASSWORD" \ -e "E2E_LDAP_GROUP_NAME=$E2E_LDAP_GROUP_NAME" \ - -e "E2E_GCP_PRIVATE_KEY_ID=$E2E_GCP_PRIVATE_KEY_ID" \ - -e "E2E_GCP_PRIVATE_KEY=$E2E_GCP_PRIVATE_KEY" \ - -e "E2E_GCP_CLIENT_EMAIL=$E2E_GCP_CLIENT_EMAIL" \ - -e "E2E_GCP_PROJECT_ID=$E2E_GCP_PROJECT_ID" \ - -e "E2E_GCP_ZONE=$E2E_GCP_ZONE" \ - -e "E2E_GCP_TARGET_SSH_KEY=$E2E_GCP_TARGET_SSH_KEY" \ - -e "E2E_GCP_HOST_SET_FILTER1=$E2E_GCP_HOST_SET_FILTER1" \ - -e "E2E_GCP_HOST_SET_FILTER2=$E2E_GCP_HOST_SET_FILTER2" \ - -e "E2E_GCP_HOST_SET_IPS=$E2E_GCP_HOST_SET_IPS" \ -e "E2E_MAX_PAGE_SIZE=$E2E_MAX_PAGE_SIZE" \ -e "E2E_CONTROLLER_CONTAINER_NAME=$E2E_CONTROLLER_CONTAINER_NAME" \ --mount type=bind,src=$BOUNDARY_DIR,dst=/src/boundary/ \ diff --git a/go.mod b/go.mod index 3f91854c1a..4a46436146 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary -go 1.23.3 +go 1.23.1 replace github.com/hashicorp/boundary/api => ./api @@ -66,10 +66,10 @@ require ( github.com/stretchr/testify v1.9.0 github.com/zalando/go-keyring v0.2.3 go.uber.org/atomic v1.11.0 - golang.org/x/crypto v0.31.0 - golang.org/x/sync v0.10.0 - golang.org/x/sys v0.28.0 - golang.org/x/term v0.27.0 + golang.org/x/crypto v0.25.0 + golang.org/x/sync v0.7.0 + golang.org/x/sys v0.22.0 + golang.org/x/term v0.22.0 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d google.golang.org/genproto v0.0.0-20240205150955-31a09d347014 google.golang.org/grpc v1.61.1 @@ -91,7 +91,7 @@ require ( github.com/golang/protobuf v1.5.3 github.com/hashicorp/cap/ldap v0.0.0-20240206183135-ed8f24513744 github.com/hashicorp/dbassert v0.0.0-20231012105025-1bc1bd88e22b - github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20241126174344-f3b1a41a15fd + github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20231219183231-6bac757bb482 github.com/hashicorp/go-rate v0.0.0-20231204194614-cc8d401f70ab github.com/hashicorp/go-version v1.6.0 github.com/hashicorp/nodeenrollment v0.2.13 @@ -102,7 +102,7 @@ require ( github.com/mikesmitty/edkey v0.0.0-20170222072505-3356ea4e686a github.com/sevlyar/go-daemon v0.1.6 golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 - golang.org/x/net v0.31.0 + golang.org/x/net v0.25.0 google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014 ) @@ -223,7 +223,7 @@ require ( github.com/xo/dburl v0.23.1 // indirect golang.org/x/mod v0.17.0 // indirect golang.org/x/oauth2 v0.17.0 // indirect - golang.org/x/text v0.21.0 + golang.org/x/text v0.16.0 golang.org/x/time v0.5.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014 // indirect diff --git a/go.sum b/go.sum index d1b812f289..828d0d4a71 100644 --- a/go.sum +++ b/go.sum @@ -205,8 +205,8 @@ github.com/hashicorp/go-dbw v0.1.5-0.20240909162114-6cee92b3da36 h1:rPD+2QPhCLq8 github.com/hashicorp/go-dbw v0.1.5-0.20240909162114-6cee92b3da36/go.mod h1:/YHbfK7mgG9k09aB74Imw3fEOwno0eTtlFTTYGZ7SFk= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20241126174344-f3b1a41a15fd h1:CmPn4FXkYbPgmIqAKU970nXOEWW0u2RYZ7NnB6f7jkQ= -github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20241126174344-f3b1a41a15fd/go.mod h1:8G70jr/DzTk81B2Z+bXnvqWHwPq6GkoRWagyZsbX0U0= +github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20231219183231-6bac757bb482 h1:1DqTnLaNk658AEenlF4PNGYd9b1hXE/+0jSOBIGOAms= +github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20231219183231-6bac757bb482/go.mod h1:323uN1BJ6bc9F1U6DPvgmLTVlBlMMnOIRrzCd5ZDee0= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= github.com/hashicorp/go-kms-wrapping/v2 v2.0.17-0.20240313190905-91d44aa8e360 h1:AgzTis5Y2hKvmluFZH7V6+evaB1LoKT1KKjXysywyRI= @@ -547,8 +547,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3 h1:/RIbNt/Zr7rVhIkQhooTxCxFcdWLGIKnZA4IXNFSrvo= golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= @@ -583,8 +583,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= @@ -595,8 +595,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -625,8 +625,8 @@ golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -635,8 +635,8 @@ golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= -golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -647,8 +647,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= diff --git a/internal/alias/target/alias_test.go b/internal/alias/target/alias_test.go index c9571b61b2..8bff6d08dc 100644 --- a/internal/alias/target/alias_test.go +++ b/internal/alias/target/alias_test.go @@ -157,7 +157,7 @@ func TestCreate(t *testing.T) { a.PublicId, err = db.NewPublicId(ctx, globals.TargetAliasPrefix) require.NoError(t, err) - start := time.Now().UTC().Round(time.Second) + start := time.Now().UTC() err = rw.Create(ctx, a) if c.errContains != "" { @@ -169,8 +169,8 @@ func TestCreate(t *testing.T) { assert.Equal(t, a.Version, uint32(1)) assert.Equal(t, a.ScopeId, c.scope) assert.Equal(t, a.Value, c.value) - assert.GreaterOrEqual(t, a.CreateTime.AsTime().Round(time.Second), start) - assert.GreaterOrEqual(t, a.UpdateTime.AsTime().Round(time.Second), start) + assert.GreaterOrEqual(t, a.CreateTime.AsTime(), start) + assert.GreaterOrEqual(t, a.UpdateTime.AsTime(), start) if c.validate != nil { c.validate(t, a) } diff --git a/internal/auth/oidc/repository_managed_group_members.go b/internal/auth/oidc/repository_managed_group_members.go index 6c65413196..96e04b60b9 100644 --- a/internal/auth/oidc/repository_managed_group_members.go +++ b/internal/auth/oidc/repository_managed_group_members.go @@ -111,7 +111,7 @@ func (r *Repository) SetManagedGroupMemberships(ctx context.Context, am *AuthMet msgs = append(msgs, &mgOplogMsg) } - currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader), WithLimit(-1)) + currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader)) if err != nil { return errors.Wrap(ctx, err, op, errors.WithMsg("unable to retrieve current managed group memberships before deletion")) } @@ -181,7 +181,7 @@ func (r *Repository) SetManagedGroupMemberships(ctx context.Context, am *AuthMet } } - currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader), WithLimit(-1)) + currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader)) if err != nil { return errors.Wrap(ctx, err, op, errors.WithMsg("unable to retrieve current managed group memberships after set")) } diff --git a/internal/auth/oidc/service_callback.go b/internal/auth/oidc/service_callback.go index 4bd62b07d3..505c252ae9 100644 --- a/internal/auth/oidc/service_callback.go +++ b/internal/auth/oidc/service_callback.go @@ -193,7 +193,7 @@ func Callback( } // Get the set of all managed groups so we can filter - mgs, _, err := r.ListManagedGroups(ctx, am.GetPublicId(), WithLimit(-1)) + mgs, _, err := r.ListManagedGroups(ctx, am.GetPublicId()) if err != nil { return "", errors.Wrap(ctx, err, op) } diff --git a/internal/auth/oidc/service_callback_test.go b/internal/auth/oidc/service_callback_test.go index f9a3219952..e5b088aea0 100644 --- a/internal/auth/oidc/service_callback_test.go +++ b/internal/auth/oidc/service_callback_test.go @@ -675,8 +675,7 @@ func Test_ManagedGroupFiltering(t *testing.T) { return iam.NewRepository(ctx, rw, rw, kmsCache) } repoFn := func() (*Repository, error) { - // Set a low limit to test that the managed group listing overrides the limit - return NewRepository(ctx, rw, rw, kmsCache, WithLimit(1)) + return NewRepository(ctx, rw, rw, kmsCache) } atRepoFn := func() (*authtoken.Repository, error) { return authtoken.NewRepository(ctx, rw, rw, kmsCache) @@ -820,7 +819,7 @@ func Test_ManagedGroupFiltering(t *testing.T) { tp.SetExpectedState(state) // Set the filters on the MGs for this test. First we need to get the current versions. - currMgs, ttime, err := repo.ListManagedGroups(ctx, testAuthMethod.PublicId, WithLimit(-1)) + currMgs, ttime, err := repo.ListManagedGroups(ctx, testAuthMethod.PublicId) require.NoError(err) // Transaction timestamp should be within ~10 seconds of now assert.True(time.Now().Before(ttime.Add(10 * time.Second))) @@ -861,7 +860,7 @@ func Test_ManagedGroupFiltering(t *testing.T) { assert.Contains(key.(map[string]any)["payload"], "auth_token_end") } // Ensure that we get the expected groups - memberships, err := repo.ListManagedGroupMembershipsByMember(ctx, account.PublicId, WithLimit(-1)) + memberships, err := repo.ListManagedGroupMembershipsByMember(ctx, account.PublicId) require.NoError(err) assert.Equal(len(tt.matchingMgs), len(memberships)) var matchingIds []string diff --git a/internal/census/census_job.go b/internal/census/census_job.go index 1c116cdc54..dcca071189 100644 --- a/internal/census/census_job.go +++ b/internal/census/census_job.go @@ -54,7 +54,7 @@ func (c *censusJob) Status() scheduler.JobStatus { // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (c *censusJob) Run(ctx context.Context, _ time.Duration) error { +func (c *censusJob) Run(ctx context.Context) error { err := RunFn(ctx, c) return err } diff --git a/internal/clientcache/internal/cache/refresh_test.go b/internal/clientcache/internal/cache/refresh_test.go index 6f43e6b028..3895376132 100644 --- a/internal/clientcache/internal/cache/refresh_test.go +++ b/internal/clientcache/internal/cache/refresh_test.go @@ -104,7 +104,7 @@ func testResolvableAliasStaticResourceRetrievalFunc(inFunc func(ctx context.Cont // testNoRefreshRetrievalFunc simulates a controller that doesn't support refresh // since it does not return any refresh token. -func testNoRefreshRetrievalFunc[T any](_ *testing.T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { +func testNoRefreshRetrievalFunc[T any](t *testing.T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { return func(_ context.Context, _, _ string, _ RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { return nil, nil, "", ErrRefreshNotSupported } @@ -113,7 +113,7 @@ func testNoRefreshRetrievalFunc[T any](_ *testing.T) func(context.Context, strin // testErroringForRefreshTokenRetrievalFunc returns a refresh token error when // the refresh token is not empty. This is useful for testing behavior when // the refresh token has expired or is otherwise invalid. -func testErroringForRefreshTokenRetrievalFunc[T any](_ *testing.T, ret []T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { +func testErroringForRefreshTokenRetrievalFunc[T any](t *testing.T, ret []T) func(context.Context, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { return func(ctx context.Context, s1, s2 string, refToken RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { if refToken != "" { return nil, nil, "", api.ErrInvalidListToken @@ -158,7 +158,7 @@ func testStaticResourceRetrievalFuncForId[T any](t *testing.T, ret [][]T, remove // since it does not return any refresh token. This is for retrieval // functions that require an id be provided for listing purposes like when // listing resolvable aliases. -func testNoRefreshRetrievalFuncForId[T any](_ *testing.T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { +func testNoRefreshRetrievalFuncForId[T any](t *testing.T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { return func(_ context.Context, _, _, _ string, _ RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { return nil, nil, "", ErrRefreshNotSupported } @@ -169,7 +169,7 @@ func testNoRefreshRetrievalFuncForId[T any](_ *testing.T) func(context.Context, // the refresh token has expired or is otherwise invalid. This is for retrieval // functions that require an id be provided for listing purposes like when // listing resolvable aliases. -func testErroringForRefreshTokenRetrievalFuncForId[T any](_ *testing.T, ret []T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { +func testErroringForRefreshTokenRetrievalFuncForId[T any](t *testing.T, ret []T) func(context.Context, string, string, string, RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { return func(ctx context.Context, s1, s2, s3 string, refToken RefreshTokenValue) ([]T, []string, RefreshTokenValue, error) { if refToken != "" { return nil, nil, "", api.ErrInvalidListToken diff --git a/internal/clientcache/internal/cache/repository_refresh_token_test.go b/internal/clientcache/internal/cache/repository_refresh_token_test.go index cb092b6912..e2c67ccabe 100644 --- a/internal/clientcache/internal/cache/repository_refresh_token_test.go +++ b/internal/clientcache/internal/cache/repository_refresh_token_test.go @@ -189,7 +189,7 @@ func TestLookupRefreshToken(t *testing.T) { }) t.Run("unknown user", func(t *testing.T) { - got, err := r.lookupRefreshToken(ctx, &user{Id: "unknownUser", Address: "addr"}, targetResourceType) + got, err := r.lookupRefreshToken(ctx, &user{Id: "unkonwnUser", Address: "addr"}, targetResourceType) assert.NoError(t, err) assert.Empty(t, got) }) @@ -209,11 +209,10 @@ func TestLookupRefreshToken(t *testing.T) { require.NoError(t, r.rw.Create(ctx, known)) before := time.Now().Truncate(time.Millisecond).UTC() - _, err := r.rw.DoTx(ctx, 1, db.ExpBackoff{}, func(r db.Reader, w db.Writer) error { + r.rw.DoTx(ctx, 1, db.ExpBackoff{}, func(r db.Reader, w db.Writer) error { require.NoError(t, upsertRefreshToken(ctx, w, known, targetResourceType, token)) return nil }) - require.NoError(t, err) got, err := r.lookupRefreshToken(ctx, known, targetResourceType) assert.NoError(t, err) diff --git a/internal/clientcache/internal/cache/repository_token.go b/internal/clientcache/internal/cache/repository_token.go index 1e7f8f7b27..055a1b7e32 100644 --- a/internal/clientcache/internal/cache/repository_token.go +++ b/internal/clientcache/internal/cache/repository_token.go @@ -75,8 +75,7 @@ func upsertUserAndAuthToken(ctx context.Context, reader db.Reader, writer db.Wri } var users []*user - // we only want users that have not been soft deleted - if err := reader.SearchWhere(ctx, &users, "true", []any{}, db.WithLimit(-1), db.WithTable(activeUserTableName)); err != nil { + if err := reader.SearchWhere(ctx, &users, "true", []any{}, db.WithLimit(-1)); err != nil { return errors.Wrap(ctx, err, op) } if len(users) <= usersLimit { @@ -383,8 +382,6 @@ func cleanExpiredOrOrphanedAuthTokens(ctx context.Context, writer db.Writer, idT return nil } -const activeUserTableName = "user_active" // users that have not been soft deleted - // lookupUser returns a user if one is present in the repository or nil if not. func (r *Repository) lookupUser(ctx context.Context, id string) (*user, error) { const op = "cache.(Repository).lookupUser" @@ -393,8 +390,7 @@ func (r *Repository) lookupUser(ctx context.Context, id string) (*user, error) { return nil, errors.New(ctx, errors.InvalidParameter, op, "empty id") } ret := &user{Id: id} - // we only want users that have NOT been soft deleted - if err := r.rw.LookupById(ctx, ret, db.WithTable(activeUserTableName)); err != nil { + if err := r.rw.LookupById(ctx, ret); err != nil { if errors.IsNotFoundError(err) { return nil, nil } @@ -407,8 +403,7 @@ func (r *Repository) lookupUser(ctx context.Context, id string) (*user, error) { func (r *Repository) listUsers(ctx context.Context) ([]*user, error) { const op = "cache.(Repository).listUsers" var ret []*user - // we only want users that have NOT been soft deleted - if err := r.rw.SearchWhere(ctx, &ret, "true", nil, db.WithTable(activeUserTableName)); err != nil { + if err := r.rw.SearchWhere(ctx, &ret, "true", nil); err != nil { return nil, errors.Wrap(ctx, err, op) } return ret, nil @@ -487,31 +482,16 @@ func deleteUser(ctx context.Context, w db.Writer, u *user) (int, error) { case u.Id == "": return db.NoRowsAffected, errors.New(ctx, errors.InvalidParameter, op, "missing id") } - const ( - // delete the user if they don't have any refresh tokens which are - // newer than 20 days (the refresh token expiration time) - deleteStmt = "delete from user where id = ? and id not in (select user_id from refresh_token where DATETIME('now', '-20 days') < datetime(create_time) )" - - // fallback to soft deleting the user - softDeleteStmt = "update user set deleted_at = (strftime('%Y-%m-%d %H:%M:%f','now')) where id = ?" - ) - // see if we should delete the user - rowsAffected, err := w.Exec(ctx, deleteStmt, []any{u.Id}) - switch { - case err != nil: - return db.NoRowsAffected, errors.Wrap(ctx, err, op) - case rowsAffected > 0: - // if we deleted the user, we're done. - return rowsAffected, nil - } - - // fallback to soft delete - rowsAffected, err = w.Exec(ctx, softDeleteStmt, []any{u.Id}) + // TODO(https://github.com/go-gorm/gorm/issues/4879): Use the + // writer.Delete() function once the gorm bug is fixed. Until then + // the gorm driver for sqlite has an error which wont execute a + // delete correctly. as a work around we manually execute the + // query here. + n, err := w.Exec(ctx, "delete from user where id = ?", []any{u.Id}) if err != nil { - return db.NoRowsAffected, errors.Wrap(ctx, err, op) + err = errors.Wrap(ctx, err, op) } - - return rowsAffected, nil + return n, err } // user is a gorm model for the user table. It represents a user diff --git a/internal/clientcache/internal/cache/repository_token_test.go b/internal/clientcache/internal/cache/repository_token_test.go index c41845f316..7124e805ad 100644 --- a/internal/clientcache/internal/cache/repository_token_test.go +++ b/internal/clientcache/internal/cache/repository_token_test.go @@ -5,21 +5,14 @@ package cache import ( "context" - "database/sql/driver" - stderrors "errors" "fmt" "sync" "testing" "time" - "github.com/hashicorp/boundary/api/aliases" "github.com/hashicorp/boundary/api/authtokens" - "github.com/hashicorp/boundary/api/sessions" - "github.com/hashicorp/boundary/api/targets" cachedb "github.com/hashicorp/boundary/internal/clientcache/internal/db" "github.com/hashicorp/boundary/internal/db" - "github.com/hashicorp/go-dbw" - "github.com/hashicorp/go-hclog" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "golang.org/x/exp/maps" @@ -617,7 +610,7 @@ func TestRepository_LookupToken(t *testing.T) { }) } -func TestRepository_lookupUpUser(t *testing.T) { +func TestRepository_lookupUpser(t *testing.T) { ctx := context.Background() s, err := cachedb.Open(ctx) require.NoError(t, err) @@ -657,250 +650,6 @@ func TestRepository_lookupUpUser(t *testing.T) { assert.NoError(t, err) assert.Equal(t, &user{Id: at.UserId, Address: addr}, u) }) - t.Run("soft-deleted", func(t *testing.T) { - at2 := &authtokens.AuthToken{ - Id: "at_2", - Token: "at_2_token", - UserId: "u_2", - ExpirationTime: time.Now().Add(1 * time.Minute), // not expired is required for this test - } - kt2 := KeyringToken{ - TokenName: "t2", - KeyringType: "k2", - AuthTokenId: at2.Id, - } - addr2 := "address2" - boundaryAuthTokens2 := []*authtokens.AuthToken{at2} - atMap2 := map[ringToken]*authtokens.AuthToken{ - {kt2.KeyringType, kt2.TokenName}: at2, - } - m := &sync.Map{} - r2, err := NewRepository(ctx, s, m, mapBasedAuthTokenKeyringLookup(atMap2), sliceBasedAuthTokenBoundaryReader(boundaryAuthTokens2)) - require.NoError(t, err) - assert.NoError(t, r2.AddKeyringToken(ctx, addr2, kt2)) - - rs, err := NewRefreshService(ctx, r2, hclog.NewNullLogger(), 0, 0) - require.NoError(t, err) - - retTargets := []*targets.Target{ - target("1"), - target("2"), - target("3"), - target("4"), - } - opts := []Option{ - WithAliasRetrievalFunc(testResolvableAliasStaticResourceRetrievalFunc(testStaticResourceRetrievalFuncForId[*aliases.Alias](t, nil, nil))), - WithSessionRetrievalFunc(testSessionStaticResourceRetrievalFunc(testStaticResourceRetrievalFunc[*sessions.Session](t, nil, nil))), - WithTargetRetrievalFunc(testTargetStaticResourceRetrievalFunc(testStaticResourceRetrievalFunc[*targets.Target](t, - [][]*targets.Target{ - retTargets[:3], - retTargets[3:], - }, - [][]string{ - nil, - {retTargets[0].Id, retTargets[1].Id}, - }, - ))), - } - assert.NoError(t, rs.RefreshForSearch(ctx, at2.Id, Targets, opts...)) - // Now load up a few resources and a token, and trying again should - // see the RefreshForSearch update more fields. - assert.NoError(t, rs.Refresh(ctx, opts...)) - cachedTargets, err := r.ListTargets(ctx, at2.Id) - assert.NoError(t, err) - assert.ElementsMatch(t, retTargets[:3], cachedTargets.Targets) - - // should be found in cache (user_active) - u2, err := r2.lookupUser(ctx, at2.UserId) - assert.NoError(t, err) - assert.Equal(t, &user{Id: at2.UserId, Address: addr2}, u2) - u2, err = r2.lookupUser(ctx, at2.UserId) - assert.NoError(t, err) - assert.Equal(t, &user{Id: at2.UserId, Address: addr2}, u2) - - // should be found in underlying user table as well - tu, err := testLookupUser(t, s, at2.UserId) - assert.NoError(t, err) - assert.Equal(t, &testUser{Id: at2.UserId, Address: addr2, DeletedAt: infinityValue}, tu) - - // there better be some refresh tokens - tks, err := r2.listRefreshTokens(ctx, u2) - assert.NoError(t, err) - assert.NotEmpty(t, tks) - - // now delete the user's auth_token and be sure the user is still found - // in the cache (table == "user" and not in "user_active") - err = r2.deleteKeyringToken(ctx, kt2) - require.NoError(t, err) - - currentTks, err := r2.listTokens(ctx, u2) - require.NoError(t, err) - assert.Empty(t, currentTks) - - // should no longer be an active user - u2, err = r2.lookupUser(ctx, tu.Id) - assert.NoError(t, err) - assert.Empty(t, u2) - - // should still be found in underlying user table - tu, err = testLookupUser(t, s, tu.Id) - assert.NoError(t, err) - assert.Equal(t, &testUser{Id: tu.Id, Address: tu.Address, DeletedAt: tu.DeletedAt}, tu) - }) - t.Run("hard-deleted", func(t *testing.T) { - at3 := &authtokens.AuthToken{ - Id: "at_3", - Token: "at_3_token", - UserId: "u_3", - ExpirationTime: time.Now().Add(1 * time.Minute), // not expired is required for this test - } - kt3 := KeyringToken{ - TokenName: "t3", - KeyringType: "k3", - AuthTokenId: at3.Id, - } - addr3 := "address3" - boundaryAuthTokens3 := []*authtokens.AuthToken{at3} - atMap3 := map[ringToken]*authtokens.AuthToken{ - {kt3.KeyringType, kt3.TokenName}: at3, - } - m := &sync.Map{} - r3, err := NewRepository(ctx, s, m, mapBasedAuthTokenKeyringLookup(atMap3), sliceBasedAuthTokenBoundaryReader(boundaryAuthTokens3)) - require.NoError(t, err) - assert.NoError(t, r3.AddKeyringToken(ctx, addr3, kt3)) - - // should be found in cache (user_active) - u3, err := r3.lookupUser(ctx, at3.UserId) - assert.NoError(t, err) - assert.Equal(t, &user{Id: at3.UserId, Address: addr3}, u3) - u3, err = r3.lookupUser(ctx, at3.UserId) - assert.NoError(t, err) - assert.Equal(t, &user{Id: at3.UserId, Address: addr3}, u3) - - // should be found in underlying user table as well - tu, err := testLookupUser(t, s, at3.UserId) - assert.NoError(t, err) - assert.Equal(t, &testUser{Id: at3.UserId, Address: addr3, DeletedAt: infinityValue}, tu) - - // there better be some refresh tokens - tks, err := r3.listRefreshTokens(ctx, u3) - assert.NoError(t, err) - assert.Empty(t, tks) - - // now delete the user's auth_token and be sure the user is not found - // in the cache (not in either the "user" or "user_active" tables) - err = r3.deleteKeyringToken(ctx, kt3) - require.NoError(t, err) - - currentTks, err := r3.listTokens(ctx, u3) - require.NoError(t, err) - assert.Empty(t, currentTks) - - // should no longer be an active user - u3, err = r3.lookupUser(ctx, tu.Id) - assert.NoError(t, err) - assert.Empty(t, u3) - - // should not be found in underlying user table - _, err = testLookupUser(t, s, tu.Id) - assert.Error(t, err) - assert.ErrorIs(t, err, dbw.ErrRecordNotFound) - }) -} - -// infinityValue represents a time.Time that is infinity -var infinityValue = infinityDate{ - Time: time.Time{}, - IsInfinity: true, -} - -// negInfinityValue represents a time.Time that is negative infinity -var negInfinityValue = infinityDate{ - Time: time.Time{}, - IsNegInfinity: true, -} - -// infinityDate is used to represent a time.Time that can be infinity, neg -// infinity or a regular time.Time -type infinityDate struct { - Time time.Time - IsInfinity bool - IsNegInfinity bool -} - -// sqliteDatetimeLayout defines the format for sqlite datetime ('YYYY-MM-DD HH:MM:SS.SSS') -const sqliteDatetimeLayout = "2006-01-02 15:04:05.999" - -// Scan implements the sql.Scanner interface for infinityDate -func (d *infinityDate) Scan(value any) error { - switch v := value.(type) { - case string: - if v == "infinity" { - d.IsInfinity = true - d.IsNegInfinity = false - return nil - } else if v == "-infinity" { - d.IsNegInfinity = true - d.IsInfinity = false - return nil - } else { - parsedTime, err := time.Parse(sqliteDatetimeLayout, v) - if err != nil { - return err - } - d.Time = parsedTime - d.IsInfinity = false - d.IsNegInfinity = false - return nil - } - case time.Time: - d.Time = v - d.IsInfinity = false - d.IsNegInfinity = false - return nil - } - return stderrors.New("unsupported data type for Date") -} - -// Value implements the driver.Valuer interface for infinityDate -func (d infinityDate) Value() (driver.Value, error) { - if d.IsInfinity { - return "infinity", nil - } else if d.IsNegInfinity { - return "-infinity", nil - } - return d.Time.Format(sqliteDatetimeLayout), nil -} - -// testUser is used by testLookupUser to lookup a user from the database and -// supports returning the user's DeletedAt time (soft delete). -type testUser struct { - Id string - Address string - DeletedAt infinityDate -} - -// testLookupUser is a helper function to lookup a user from the database in the -// underlying user table. -func testLookupUser(t *testing.T, conn any, id string) (*testUser, error) { - t.Helper() - var rw db.Reader - switch v := conn.(type) { - case *db.DB: - rw = db.New(v) - case db.Reader: - rw = v - } - u := &testUser{ - Id: id, - } - err := rw.LookupById(context.Background(), u, db.WithTable("user")) - switch { - case err == nil: - return u, nil - default: - return &testUser{}, err - } } func TestRepository_RemoveStaleTokens(t *testing.T) { @@ -1114,110 +863,4 @@ func TestUpsertUserAndAuthToken(t *testing.T) { return nil }) require.NoError(t, err) - t.Run("hard-and-soft-delete-oldest-user", func(t *testing.T) { - boundaryAuthTokens := make([]*authtokens.AuthToken, 0, usersLimit) - atMap := map[ringToken]*authtokens.AuthToken{} - m := &sync.Map{} - - // create usersLimit users to simulate the case where the user limit is - // reached. The Tx is required because upsertUserAndAuthToken requires - // an inflight transaction. - _, err = rw.DoTx(ctx, 1, db.ExpBackoff{}, func(txReader db.Reader, txWriter db.Writer) error { - for i := 1; i <= usersLimit; i++ { - u := &user{ - Id: fmt.Sprintf("u_%d", i), - Address: fmt.Sprintf("address_%d", i), - } - at := &authtokens.AuthToken{ - Id: fmt.Sprintf("at_%d", i), - Token: fmt.Sprintf("at_%d_token", i), - UserId: u.Id, - } - boundaryAuthTokens = append(boundaryAuthTokens, at) - atMap[ringToken{fmt.Sprintf("k_%d", i), fmt.Sprintf("t_%d", i)}] = at - err := upsertUserAndAuthToken(ctx, txReader, txWriter, u.Address, at) - require.NoError(t, err) - - } - return nil - }) - // verify that all the initial users were added - repo, err := NewRepository(ctx, s, m, mapBasedAuthTokenKeyringLookup(atMap), sliceBasedAuthTokenBoundaryReader(boundaryAuthTokens)) - require.NoError(t, err) - for i := 1; i <= usersLimit; i++ { - userId := fmt.Sprintf("u_%d", i) - foundUser, err := repo.lookupUser(ctx, userId) - require.NoError(t, err) - _, err = testLookupUser(t, s, foundUser.Id) - assert.NoError(t, err) - } - - { - // setup is done. Let's add a new user and verify that the oldest - // user is hard deleted - _, err = rw.DoTx(ctx, 1, db.ExpBackoff{}, func(txReader db.Reader, txWriter db.Writer) error { - // add a new user, which should trigger the hard deletion of the oldest user - newUser := &user{ - Id: "u_new", - Address: "address_new", - } - newUserAt := &authtokens.AuthToken{ - Id: "at_new", - Token: "at_new_token", - UserId: newUser.Id, - } - err := upsertUserAndAuthToken(ctx, txReader, txWriter, newUser.Address, newUserAt) - require.NoError(t, err) - return nil - }) - require.NoError(t, err) - - // verify that the oldest user was hard deleted - foundUser, err := repo.lookupUser(ctx, "u_1") - assert.NoError(t, err) - assert.Empty(t, foundUser) - foundTestUser, err := testLookupUser(t, s, "u_1") - assert.Error(t, err) - assert.Equal(t, &testUser{}, foundTestUser) - } - { - // Let's add a refresh token for the oldest user and then new user - // and verify that the oldest user is soft deleted - rt := &refreshToken{ - UserId: "u_2", - ResourceType: "target", - RefreshToken: "rt_2", - CreateTime: time.Now().Add(-24 * time.Hour), - UpdateTime: time.Now().Add(-24 * time.Hour), - } - err = repo.rw.Create(ctx, rt) - require.NoError(t, err) - - _, err = rw.DoTx(ctx, 1, db.ExpBackoff{}, func(txReader db.Reader, txWriter db.Writer) error { - // add a new user, which should trigger the soft deletion of the oldest user - newUser := &user{ - Id: "u_new_2", - Address: "address_new_2", - } - newUserAt := &authtokens.AuthToken{ - Id: "at_new_2", - Token: "at_new_token_2", - UserId: newUser.Id, - } - err := upsertUserAndAuthToken(ctx, txReader, txWriter, newUser.Address, newUserAt) - require.NoError(t, err) - return nil - }) - require.NoError(t, err) - - // verify that the oldest user was soft deleted - foundUser, err := repo.lookupUser(ctx, "u_2") - assert.NoError(t, err) - assert.Empty(t, foundUser) - // should not find the user in the underlying user table - foundTestUser, err := testLookupUser(t, s, "u_2") - assert.NoError(t, err) - assert.NotEqual(t, &testUser{}, foundTestUser) - } - }) } diff --git a/internal/clientcache/internal/db/db.go b/internal/clientcache/internal/db/db.go index 302b36f370..9063cf3725 100644 --- a/internal/clientcache/internal/db/db.go +++ b/internal/clientcache/internal/db/db.go @@ -146,7 +146,7 @@ type schema struct { const ( schemaTableName = "schema_version" - schemaCurrentVersion = "v0.0.3" + schemaCurrentVersion = "v0.0.2" ) // TableName returns the table name diff --git a/internal/clientcache/internal/db/schema.sql b/internal/clientcache/internal/db/schema.sql index 4b20cd910f..3806637716 100644 --- a/internal/clientcache/internal/db/schema.sql +++ b/internal/clientcache/internal/db/schema.sql @@ -34,7 +34,7 @@ when end; -insert into schema_version(version) values('v0.0.3'); +insert into schema_version(version) values('v0.0.2'); -- user contains the boundary user information for the boundary user that owns -- the information in the cache. @@ -44,18 +44,9 @@ create table if not exists user ( check (length(id) > 0), -- The address of the boundary instance that this user id comes from address text not null - check (length(address) > 0), - -- deleted_at indicates when the user was soft-deleted because all - -- auth_tokens associated with the user were deleted. It is set to 'infinity' - -- for users that have not been soft-deleted. - deleted_at timestamp not null default 'infinity' + check (length(address) > 0) ); --- user_active is a view that contains only the active users in the cache. This --- view is used to prevent the cache from syncing data for users that have been --- soft-deleted. -create view user_active as select * from user where deleted_at = 'infinity'; - -- Contains the known resource types contained in the boundary client cache create table if not exists resource_type_enm( string text not null primary key @@ -120,46 +111,19 @@ create table if not exists auth_token ( ); -- *delete_orphaned_users triggers delete a user when it no longer has any --- auth tokens associated with them and they no longer have any refresh tokens --- that are less than 20 days old. This is to prevent the cache from syncing --- data for users that are no longer active. +-- auth tokens associated with them create trigger token_update_delete_orphaned_users after update on auth_token begin --- delete users that no longer have any auth tokens associated with them --- and they have no refresh tokens that are newer (less) than 20 days old. -delete from user -where - id not in (select user_id from auth_token) and - id not in (select user_id from refresh_token where DATETIME('now', '-20 days') < datetime(create_time) ); - --- soft delete users that no longer have any auth tokens associated with them --- and they haven't been previously soft deleted --- and they no longer have any refresh tokens that are newer (greater) than 20 days old. -update user set deleted_at = (strftime('%Y-%m-%d %H:%M:%f','now')) +delete from user where - id not in (select user_id from auth_token) and - deleted_at = 'infinity' and - id not in (select user_id from refresh_token where DATETIME('now', '-20 days') > datetime(create_time)); - + id not in (select user_id from auth_token); end; create trigger token_delete_delete_orphaned_users after delete on auth_token begin --- delete users that no longer have any auth tokens associated with them --- and they have no refresh tokens that are newer (less) than 20 days old. -delete from user -where - id not in (select user_id from auth_token) and - id not in (select user_id from refresh_token where DATETIME('now', '-20 days') < datetime(create_time) ); - --- soft delete users that no longer have any auth tokens associated with them --- and they haven't been previously soft deleted --- and they no longer have any refresh tokens that are newer (greater) than 20 days old. -update user set deleted_at = (strftime('%Y-%m-%d %H:%M:%f','now')) +delete from user where - id not in (select user_id from auth_token) and - deleted_at = 'infinity' and - id not in (select user_id from refresh_token where DATETIME('now', '-20 days') > datetime(create_time)); + id not in (select user_id from auth_token); end; create table if not exists keyring_token ( diff --git a/internal/cmd/base/base.go b/internal/cmd/base/base.go index 2e2c0618d1..e668743f31 100644 --- a/internal/cmd/base/base.go +++ b/internal/cmd/base/base.go @@ -38,7 +38,6 @@ const ( EnabledPluginAws EnabledPluginHostAzure EnabledPluginMinio - EnabledPluginGCP ) // MinioEnabled controls if the Minio storage plugin should be initiated or not @@ -54,8 +53,6 @@ func (e EnabledPlugin) String() string { return "Azure" case EnabledPluginMinio: return "MinIO" - case EnabledPluginGCP: - return "GCP" default: return "" } diff --git a/internal/cmd/base/dev.go b/internal/cmd/base/dev.go index e8881d5d3e..f930015444 100644 --- a/internal/cmd/base/dev.go +++ b/internal/cmd/base/dev.go @@ -23,7 +23,6 @@ import ( "github.com/hashicorp/boundary/internal/iam" "github.com/hashicorp/boundary/internal/kms" "github.com/hashicorp/boundary/internal/types/scope" - "github.com/hashicorp/boundary/internal/util" "github.com/hashicorp/boundary/testing/dbtest" capoidc "github.com/hashicorp/cap/oidc" "github.com/jimlambrt/gldap" @@ -243,9 +242,13 @@ func (b *Server) CreateDevLdapAuthMethod(ctx context.Context) error { if purpose != "api" { continue } - host, _, err = util.SplitHostPort(ln.Config.Address) + host, _, err = net.SplitHostPort(ln.Config.Address) if err != nil { - return fmt.Errorf("error splitting host/port: %w", err) + if strings.Contains(err.Error(), "missing port") { + host = ln.Config.Address + } else { + return fmt.Errorf("error splitting host/port: %w", err) + } } } if host == "" { @@ -256,16 +259,6 @@ func (b *Server) CreateDevLdapAuthMethod(ctx context.Context) error { tb := &oidcLogger{} port = testdirectory.FreePort(tb) - - // The util.SplitHostPort() method removes the square brackets that enclose the - // host address when the address type is ipv6. The square brackets must be - // added back, otherwise the gldap server will fail to start due to a parsing - // error. - if ip := net.ParseIP(host); ip != nil { - if ip.To16() != nil { - host = fmt.Sprintf("[%s]", host) - } - } b.DevLdapSetup.testDirectory = testdirectory.Start(tb, testdirectory.WithNoTLS(tb), testdirectory.WithHost(tb, host), @@ -462,12 +455,15 @@ func (b *Server) CreateDevOidcAuthMethod(ctx context.Context) error { if purpose != "api" { continue } - b.DevOidcSetup.hostAddr, b.DevOidcSetup.callbackPort, err = util.SplitHostPort(ln.Config.Address) + b.DevOidcSetup.hostAddr, b.DevOidcSetup.callbackPort, err = net.SplitHostPort(ln.Config.Address) if err != nil { - return fmt.Errorf("error splitting host/port: %w", err) - } - if b.DevOidcSetup.callbackPort == "" { - b.DevOidcSetup.callbackPort = "9200" + if strings.Contains(err.Error(), "missing port") { + b.DevOidcSetup.hostAddr = ln.Config.Address + // Use the default API port in the callback + b.DevOidcSetup.callbackPort = "9200" + } else { + return fmt.Errorf("error splitting host/port: %w", err) + } } } if b.DevOidcSetup.hostAddr == "" { diff --git a/internal/cmd/base/listener.go b/internal/cmd/base/listener.go index bfaad009de..49a32e9bce 100644 --- a/internal/cmd/base/listener.go +++ b/internal/cmd/base/listener.go @@ -16,7 +16,6 @@ import ( _ "crypto/sha512" "crypto/tls" - "github.com/hashicorp/boundary/internal/util" "github.com/hashicorp/go-secure-stdlib/listenerutil" "github.com/hashicorp/go-secure-stdlib/reloadutil" "github.com/mitchellh/cli" @@ -138,22 +137,24 @@ func tcpListenerFactory(purpose string, l *listenerutil.ListenerConfig, ui cli.U } } - host, port, err := util.SplitHostPort(l.Address) + host, port, err := net.SplitHostPort(l.Address) if err != nil { - return "", nil, fmt.Errorf("error splitting host/port: %w", err) - } - if port == "" { - switch purpose { - case "api": - port = "9200" - case "cluster": - port = "9201" - case "proxy": - port = "9202" - case "ops": - port = "9203" - default: - return "", nil, errors.New("no purpose provided for listener and no port discoverable") + if strings.Contains(err.Error(), "missing port") { + switch purpose { + case "api": + port = "9200" + case "cluster": + port = "9201" + case "proxy": + port = "9202" + case "ops": + port = "9203" + default: + return "", nil, errors.New("no purpose provided for listener and no port discoverable") + } + host = l.Address + } else { + return "", nil, fmt.Errorf("error splitting host/port: %w", err) } } diff --git a/internal/cmd/base/servers.go b/internal/cmd/base/servers.go index 351f8a6f81..b5392a53b1 100644 --- a/internal/cmd/base/servers.go +++ b/internal/cmd/base/servers.go @@ -10,9 +10,11 @@ import ( "errors" "fmt" "io" + "net" "os" "os/signal" "path/filepath" + "regexp" "sort" "strconv" "strings" @@ -56,6 +58,10 @@ const ( WorkerAuthReqFile = "auth_request_token" ) +// This regular expression is used to find all instances of square brackets within a string. +// This regular expression is used to remove the square brackets from an IPv6 address. +var squareBrackets = regexp.MustCompile("\\[|\\]") + func init() { metric.InitializeBuildInfo(prometheus.DefaultRegisterer) } @@ -835,14 +841,20 @@ func (b *Server) SetupWorkerPublicAddress(conf *config.Config, flagValue string) } } - host, port, err := util.SplitHostPort(conf.Worker.PublicAddr) + host, port, err := net.SplitHostPort(conf.Worker.PublicAddr) if err != nil { - return fmt.Errorf("Error splitting public adddress host/port: %w", err) - } - if port == "" { - port = "9202" + if strings.Contains(err.Error(), "missing port") { + port = "9202" + host = conf.Worker.PublicAddr + } else { + return fmt.Errorf("Error splitting public adddress host/port: %w", err) + } } - conf.Worker.PublicAddr = util.JoinHostPort(host, port) + + // remove the square brackets from the ipv6 address because the method + // net.JoinHostPort() will add a second pair of square brackets. + host = squareBrackets.ReplaceAllString(host, "") + conf.Worker.PublicAddr = net.JoinHostPort(host, port) return nil } diff --git a/internal/cmd/commands/connect/connect.go b/internal/cmd/commands/connect/connect.go index aac30cac66..dbed3345df 100644 --- a/internal/cmd/commands/connect/connect.go +++ b/internal/cmd/commands/connect/connect.go @@ -10,6 +10,7 @@ import ( "fmt" "io" "math" + "net" "net/netip" "os" "strconv" @@ -21,7 +22,6 @@ import ( apiproxy "github.com/hashicorp/boundary/api/proxy" "github.com/hashicorp/boundary/api/targets" "github.com/hashicorp/boundary/internal/cmd/base" - "github.com/hashicorp/boundary/internal/util" "github.com/mitchellh/cli" "github.com/posener/complete" "go.uber.org/atomic" @@ -476,10 +476,14 @@ func (c *Command) Run(args []string) (retCode int) { proxyAddr := clientProxy.ListenerAddress(context.Background()) var clientProxyHost, clientProxyPort string - clientProxyHost, clientProxyPort, err = util.SplitHostPort(proxyAddr) + clientProxyHost, clientProxyPort, err = net.SplitHostPort(proxyAddr) if err != nil { - c.PrintCliError(fmt.Errorf("error splitting listener addr: %w", err)) - return base.CommandCliError + if strings.Contains(err.Error(), "missing port") { + clientProxyHost = proxyAddr + } else { + c.PrintCliError(fmt.Errorf("error splitting listener addr: %w", err)) + return base.CommandCliError + } } c.sessInfo.Address = clientProxyHost @@ -601,11 +605,15 @@ func (c *Command) handleExec(clientProxy *apiproxy.ClientProxy, passthroughArgs addr := clientProxy.ListenerAddress(context.Background()) var host, port string var err error - host, port, err = util.SplitHostPort(addr) + host, port, err = net.SplitHostPort(addr) if err != nil { - c.PrintCliError(fmt.Errorf("Error splitting listener addr: %w", err)) - c.execCmdReturnValue.Store(int32(3)) - return + if strings.Contains(err.Error(), "missing port") { + host = addr + } else { + c.PrintCliError(fmt.Errorf("Error splitting listener addr: %w", err)) + c.execCmdReturnValue.Store(int32(3)) + return + } } var args []string diff --git a/internal/cmd/commands/dev/dev.go b/internal/cmd/commands/dev/dev.go index 6edf736970..77bc225c69 100644 --- a/internal/cmd/commands/dev/dev.go +++ b/internal/cmd/commands/dev/dev.go @@ -8,6 +8,7 @@ import ( "errors" "fmt" "math/rand" + "net" "os" "runtime" "strings" @@ -26,7 +27,6 @@ import ( "github.com/hashicorp/boundary/internal/server" "github.com/hashicorp/boundary/internal/server/store" "github.com/hashicorp/boundary/internal/types/scope" - "github.com/hashicorp/boundary/internal/util" "github.com/hashicorp/go-secure-stdlib/parseutil" "github.com/hashicorp/go-secure-stdlib/strutil" "github.com/hashicorp/nodeenrollment" @@ -592,10 +592,13 @@ func (c *Command) Run(args []string) int { return base.CommandUserError } - host, port, err := util.SplitHostPort(c.flagHostAddress) + host, port, err := net.SplitHostPort(c.flagHostAddress) if err != nil { - c.UI.Error(fmt.Errorf("Invalid host address specified: %w", err).Error()) - return base.CommandUserError + if !strings.Contains(err.Error(), "missing port") { + c.UI.Error(fmt.Errorf("Invalid host address specified: %w", err).Error()) + return base.CommandUserError + } + host = c.flagHostAddress } if port != "" { c.UI.Error(`Port must not be specified as part of the dev host address`) @@ -821,7 +824,7 @@ func (c *Command) Run(args []string) int { } { - c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure, base.EnabledPluginGCP) + c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure) if base.MinioEnabled { c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginMinio) } diff --git a/internal/cmd/commands/server/controller_db_swap_test.go b/internal/cmd/commands/server/controller_db_swap_test.go index f6ee0f49e1..73abff3f66 100644 --- a/internal/cmd/commands/server/controller_db_swap_test.go +++ b/internal/cmd/commands/server/controller_db_swap_test.go @@ -115,7 +115,7 @@ func TestReloadControllerDatabase(t *testing.T) { exitCode := cmd.Run(args) if exitCode != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() @@ -241,6 +241,7 @@ func TestReloadControllerDatabase_InvalidNewDatabaseState(t *testing.T) { cfgHcl := fmt.Sprintf(dbSwapConfig, urlA, controllerKey, workerAuthKey, recoveryKey) require.NoError(t, os.WriteFile(td+"/config.hcl", []byte(cfgHcl), 0o644)) + errCh := make(chan error, 1) wg := &sync.WaitGroup{} wg.Add(1) go func() { @@ -250,12 +251,15 @@ func TestReloadControllerDatabase_InvalidNewDatabaseState(t *testing.T) { exitCode := cmd.Run(args) if exitCode != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + errCh <- fmt.Errorf("got a non-zero exit status: %s", output) + close(errCh) } }() // Wait until things are up and running (or timeout). select { + case err := <-errCh: + t.Fatal(err) case <-cmd.startedCh: case <-time.After(15 * time.Second): t.Fatal("timeout") diff --git a/internal/cmd/commands/server/controller_ratelimit_reload_test.go b/internal/cmd/commands/server/controller_ratelimit_reload_test.go index 2fce90741e..278d00f1a6 100644 --- a/internal/cmd/commands/server/controller_ratelimit_reload_test.go +++ b/internal/cmd/commands/server/controller_ratelimit_reload_test.go @@ -184,7 +184,7 @@ listener "tcp" { ` ) -func TestReloadControllerRateLimits(t *testing.T) { +func TestRealodControllerRateLimits(t *testing.T) { td := t.TempDir() controllerKey := config.DevKeyGeneration() @@ -209,7 +209,7 @@ func TestReloadControllerRateLimits(t *testing.T) { exitCode := cmd.Run(args) if exitCode != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() @@ -282,7 +282,7 @@ func TestReloadControllerRateLimits(t *testing.T) { wg.Wait() } -func TestReloadControllerRateLimitsSameConfig(t *testing.T) { +func TestRealodControllerRateLimitsSameConfig(t *testing.T) { td := t.TempDir() // Create and migrate database A and B. @@ -308,7 +308,7 @@ func TestReloadControllerRateLimitsSameConfig(t *testing.T) { exitCode := cmd.Run(args) if exitCode != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() @@ -377,7 +377,7 @@ func TestReloadControllerRateLimitsSameConfig(t *testing.T) { wg.Wait() } -func TestReloadControllerRateLimitsDisable(t *testing.T) { +func TestRealodControllerRateLimitsDisable(t *testing.T) { td := t.TempDir() controllerKey := config.DevKeyGeneration() @@ -402,7 +402,7 @@ func TestReloadControllerRateLimitsDisable(t *testing.T) { exitCode := cmd.Run(args) if exitCode != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() @@ -475,7 +475,7 @@ func TestReloadControllerRateLimitsDisable(t *testing.T) { wg.Wait() } -func TestReloadControllerRateLimitsEnable(t *testing.T) { +func TestRealodControllerRateLimitsEnable(t *testing.T) { td := t.TempDir() controllerKey := config.DevKeyGeneration() @@ -501,7 +501,7 @@ func TestReloadControllerRateLimitsEnable(t *testing.T) { exitCode := cmd.Run(args) if exitCode != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() diff --git a/internal/cmd/commands/server/listener_reload_test.go b/internal/cmd/commands/server/listener_reload_test.go index a5472f4501..809e6ca7cd 100644 --- a/internal/cmd/commands/server/listener_reload_test.go +++ b/internal/cmd/commands/server/listener_reload_test.go @@ -132,7 +132,7 @@ func TestServer_ReloadListener(t *testing.T) { defer wg.Done() if code := cmd.Run(args); code != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() diff --git a/internal/cmd/commands/server/server.go b/internal/cmd/commands/server/server.go index 5badbfa4c7..a57c3b8137 100644 --- a/internal/cmd/commands/server/server.go +++ b/internal/cmd/commands/server/server.go @@ -26,7 +26,6 @@ import ( "github.com/hashicorp/boundary/internal/errors" "github.com/hashicorp/boundary/internal/event" "github.com/hashicorp/boundary/internal/kms" - "github.com/hashicorp/boundary/internal/util" "github.com/hashicorp/go-hclog" "github.com/hashicorp/go-secure-stdlib/mlock" "github.com/hashicorp/go-secure-stdlib/parseutil" @@ -356,10 +355,14 @@ func (c *Command) Run(args []string) int { } } for _, upstream := range c.Config.Worker.InitialUpstreams { - host, _, err := util.SplitHostPort(upstream) + host, _, err := net.SplitHostPort(upstream) if err != nil { - c.UI.Error(fmt.Errorf("Invalid worker upstream address %q: %w", upstream, err).Error()) - return base.CommandUserError + if strings.Contains(err.Error(), globals.MissingPortErrStr) { + host = upstream + } else { + c.UI.Error(fmt.Errorf("Invalid worker upstream address %q: %w", upstream, err).Error()) + return base.CommandUserError + } } ip := net.ParseIP(host) if ip != nil { @@ -410,10 +413,14 @@ func (c *Command) Run(args []string) int { if purpose != "cluster" { continue } - host, _, err := util.SplitHostPort(ln.Address) + host, _, err := net.SplitHostPort(ln.Address) if err != nil { - c.UI.Error(fmt.Errorf("Invalid cluster listener address %q: %w", ln.Address, err).Error()) - return base.CommandUserError + if strings.Contains(err.Error(), globals.MissingPortErrStr) { + host = ln.Address + } else { + c.UI.Error(fmt.Errorf("Invalid cluster listener address %q: %w", ln.Address, err).Error()) + return base.CommandUserError + } } ip := net.ParseIP(host) if ip != nil { @@ -492,7 +499,7 @@ func (c *Command) Run(args []string) int { } } - c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure, base.EnabledPluginGCP) + c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginAws, base.EnabledPluginHostAzure) if base.MinioEnabled { c.EnabledPlugins = append(c.EnabledPlugins, base.EnabledPluginMinio) } diff --git a/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go b/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go index a16935ce93..24b7b36fb1 100644 --- a/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go +++ b/internal/cmd/commands/server/worker_initial_upstreams_reload_test.go @@ -75,7 +75,7 @@ func TestServer_ReloadInitialUpstreams(t *testing.T) { defer wg.Done() if code := cmd.Run(nil); code != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() diff --git a/internal/cmd/commands/server/worker_tags_reload_test.go b/internal/cmd/commands/server/worker_tags_reload_test.go index b6f8729c4b..4159b9f181 100644 --- a/internal/cmd/commands/server/worker_tags_reload_test.go +++ b/internal/cmd/commands/server/worker_tags_reload_test.go @@ -87,7 +87,7 @@ func TestServer_ReloadWorkerTags(t *testing.T) { defer wg.Done() if code := cmd.Run(nil); code != 0 { output := cmd.UI.(*cli.MockUi).ErrorWriter.String() + cmd.UI.(*cli.MockUi).OutputWriter.String() - fmt.Printf("%s: got a non-zero exit status: %s", t.Name(), output) + t.Errorf("got a non-zero exit status: %s", output) } }() diff --git a/internal/cmd/config/config.go b/internal/cmd/config/config.go index b66ea720bc..6b2dbbc1a4 100644 --- a/internal/cmd/config/config.go +++ b/internal/cmd/config/config.go @@ -15,6 +15,7 @@ import ( "net" "os" "reflect" + "regexp" "strconv" "strings" "time" @@ -102,84 +103,6 @@ listener "tcp" { purpose = "ops" tls_disable = true } -` - - devIpv6ControllerExtraConfig = ` -controller { - name = "dev-controller" - description = "A default controller created in dev mode" -} - -kms "aead" { - purpose = "root" - aead_type = "aes-gcm" - key = "%s" - key_id = "global_root" -} - -kms "aead" { - purpose = "worker-auth" - aead_type = "aes-gcm" - key = "%s" - key_id = "global_worker-auth" -} - -kms "aead" { - purpose = "bsr" - aead_type = "aes-gcm" - key = "%s" - key_id = "global_bsr" -} - -kms "aead" { - purpose = "recovery" - aead_type = "aes-gcm" - key = "%s" - key_id = "global_recovery" -} - -listener "tcp" { - address = "[::1]" - purpose = "api" - tls_disable = true - cors_enabled = true - cors_allowed_origins = ["*"] -} - -listener "tcp" { - address = "[::1]" - purpose = "cluster" -} - -listener "tcp" { - address = "[::1]" - purpose = "ops" - tls_disable = true -} -` - - devIpv6WorkerExtraConfig = ` -listener "tcp" { - address = "[::1]" - purpose = "proxy" -} - -worker { - name = "w_1234567890" - description = "A default worker created in dev mode" - public_addr = "[::1]" - initial_upstreams = ["[::1]"] - tags { - type = ["dev", "local"] - } -} - -kms "aead" { - purpose = "worker-auth-storage" - aead_type = "aes-gcm" - key = "%s" - key_id = "worker-auth-storage" -} ` devWorkerExtraConfig = ` @@ -210,6 +133,10 @@ kms "aead" { defaultCsp = "default-src 'none'; script-src 'self' 'wasm-unsafe-eval'; frame-src 'self'; font-src 'self'; connect-src 'self'; img-src 'self' data:; style-src 'self'; media-src 'self'; manifest-src 'self'; style-src-attr 'self'; frame-ancestors 'self'" ) +// This regular expression is used to find all instances of square brackets within a string. +// This regular expression is used to remove the square brackets from an IPv6 address. +var squareBrackets = regexp.MustCompile("\\[|\\]") + // Config is the configuration for the boundary controller type Config struct { *configutil.SharedConfig `hcl:"-"` @@ -451,18 +378,15 @@ type License struct { // WithAuditEventsEnabled, TestWithErrorEventsEnabled func DevWorker(opt ...Option) (*Config, error) { workerAuthStorageKey := DevKeyGeneration() - opts, err := getOpts(opt...) - if err != nil { - return nil, fmt.Errorf("error parsing options: %w", err) - } hclStr := fmt.Sprintf(devConfig+devWorkerExtraConfig, workerAuthStorageKey) - if opts.withIPv6Enabled { - hclStr = fmt.Sprintf(devConfig+devIpv6WorkerExtraConfig, workerAuthStorageKey) - } parsed, err := Parse(hclStr) if err != nil { return nil, fmt.Errorf("error parsing dev config: %w", err) } + opts, err := getOpts(opt...) + if err != nil { + return nil, fmt.Errorf("error parsing options: %w", err) + } parsed.Eventing.AuditEnabled = opts.withAuditEventsEnabled parsed.Eventing.ObservationsEnabled = opts.withObservationsEnabled parsed.Eventing.SysEventsEnabled = opts.withSysEventsEnabled @@ -490,20 +414,12 @@ func DevKeyGeneration() string { // DevController is a Config that is used for dev mode of Boundary // controllers func DevController(opt ...Option) (*Config, error) { - opts, err := getOpts(opt...) - if err != nil { - return nil, fmt.Errorf("error parsing options: %w", err) - } - controllerKey := DevKeyGeneration() workerAuthKey := DevKeyGeneration() bsrKey := DevKeyGeneration() recoveryKey := DevKeyGeneration() hclStr := fmt.Sprintf(devConfig+devControllerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey) - if opts.withIPv6Enabled { - hclStr = fmt.Sprintf(devConfig+devIpv6ControllerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey) - } parsed, err := Parse(hclStr) if err != nil { return nil, fmt.Errorf("error parsing dev config: %w", err) @@ -513,6 +429,10 @@ func DevController(opt ...Option) (*Config, error) { parsed.DevWorkerAuthKey = workerAuthKey parsed.DevBsrKey = bsrKey parsed.DevRecoveryKey = recoveryKey + opts, err := getOpts(opt...) + if err != nil { + return nil, fmt.Errorf("error parsing options: %w", err) + } parsed.Eventing.AuditEnabled = opts.withAuditEventsEnabled parsed.Eventing.ObservationsEnabled = opts.withObservationsEnabled parsed.Eventing.SysEventsEnabled = opts.withSysEventsEnabled @@ -520,22 +440,13 @@ func DevController(opt ...Option) (*Config, error) { return parsed, nil } -func DevCombined(opt ...Option) (*Config, error) { - opts, err := getOpts(opt...) - if err != nil { - return nil, fmt.Errorf("error parsing options: %w", err) - } - +func DevCombined() (*Config, error) { controllerKey := DevKeyGeneration() workerAuthKey := DevKeyGeneration() workerAuthStorageKey := DevKeyGeneration() bsrKey := DevKeyGeneration() recoveryKey := DevKeyGeneration() - hclStr := fmt.Sprintf(devConfig+devControllerExtraConfig+devWorkerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey, workerAuthStorageKey) - if opts.withIPv6Enabled { - hclStr = fmt.Sprintf(devConfig+devIpv6ControllerExtraConfig+devIpv6WorkerExtraConfig, controllerKey, workerAuthKey, bsrKey, recoveryKey, workerAuthStorageKey) - } parsed, err := Parse(hclStr) if err != nil { return nil, fmt.Errorf("error parsing dev config: %w", err) @@ -1344,14 +1255,20 @@ func (c *Config) SetupControllerPublicClusterAddress(flagValue string) error { } } - host, port, err := util.SplitHostPort(c.Controller.PublicClusterAddr) + host, port, err := net.SplitHostPort(c.Controller.PublicClusterAddr) if err != nil { - return fmt.Errorf("Error splitting public cluster adddress host/port: %w", err) - } - if port == "" { - port = "9201" + if strings.Contains(err.Error(), "missing port") { + port = "9201" + host = c.Controller.PublicClusterAddr + } else { + return fmt.Errorf("Error splitting public cluster adddress host/port: %w", err) + } } - c.Controller.PublicClusterAddr = util.JoinHostPort(host, port) + + // remove the square brackets from the ipv6 address because the method + // net.JoinHostPort() will add a second pair of square brackets. + host = squareBrackets.ReplaceAllString(host, "") + c.Controller.PublicClusterAddr = net.JoinHostPort(host, port) return nil } @@ -1405,7 +1322,11 @@ func (c *Config) SetupWorkerInitialUpstreams() error { break } // Best effort see if it's a domain name and if not assume it must match - host, _, err := util.SplitHostPort(c.Worker.InitialUpstreams[0]) + host, _, err := net.SplitHostPort(c.Worker.InitialUpstreams[0]) + if err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr) { + err = nil + host = c.Worker.InitialUpstreams[0] + } if err == nil { ip := net.ParseIP(host) if ip == nil { diff --git a/internal/cmd/config/config_test.go b/internal/cmd/config/config_test.go index 56f4d834b1..30449cc7ba 100644 --- a/internal/cmd/config/config_test.go +++ b/internal/cmd/config/config_test.go @@ -6,7 +6,6 @@ package config import ( "encoding/base64" "fmt" - "net" "net/http" "os" "testing" @@ -14,7 +13,6 @@ import ( "github.com/hashicorp/boundary/internal/event" "github.com/hashicorp/boundary/internal/ratelimit" - "github.com/hashicorp/boundary/internal/util" configutil "github.com/hashicorp/go-secure-stdlib/configutil/v2" "github.com/hashicorp/go-secure-stdlib/listenerutil" "github.com/hashicorp/go-secure-stdlib/parseutil" @@ -781,101 +779,6 @@ func TestDevWorkerRecordingStoragePath(t *testing.T) { } } -func TestDevControllerIpv6(t *testing.T) { - require, assert := require.New(t), assert.New(t) - // This test only validates that all listeners are utilizing an IPv6 address. - // Other dev controller configurations are validates in TestDevController. - actual, err := DevController(WithIPv6Enabled(true)) - require.NoError(err) - - // expected an error here because we purposely did not provide a port number - // to allow randomly assigned port values - _, _, err = net.SplitHostPort(actual.Controller.PublicClusterAddr) - require.Error(err) - - // assert the square brackets are removed from the host ipv6 address and that the port value is empty - publicAddr, port, err := util.SplitHostPort(actual.Controller.PublicClusterAddr) - require.NoError(err) - assert.Empty(port) - assert.Empty(publicAddr) - - require.NotEmpty(actual.Listeners) - for _, l := range actual.Listeners { - addr, _, err := util.SplitHostPort(l.Address) - require.NoError(err) - ip := net.ParseIP(addr) - assert.NotNil(ip, "failed to parse listener address for %v", l.Purpose) - assert.NotNil(ip.To16(), "failed to convert address to IPv6 for %v, found %v", l.Purpose, addr) - } -} - -func TestDevWorkerIpv6(t *testing.T) { - require, assert := require.New(t), assert.New(t) - // This test only validates that all listeners are utilizing an IPv6 address. - // Other dev worker configurations are validates in TestDevWorker. - actual, err := DevWorker(WithIPv6Enabled(true)) - require.NoError(err) - - // expected an error here because we purposely did not provide a port number - // to allow randomly assigned port values - _, _, err = net.SplitHostPort(actual.Worker.PublicAddr) - require.Error(err) - - // assert the square brackets are removed from the worker ipv6 address and that the port value is empty - publicAddr, port, err := util.SplitHostPort(actual.Worker.PublicAddr) - require.NoError(err) - assert.Empty(port) - ip := net.ParseIP(publicAddr) - assert.NotNil(ip, "failed to parse worker public address") - assert.NotNil(ip.To16(), "worker public address is not IPv6 %s", actual.Worker.PublicAddr) - - require.NotEmpty(actual.Listeners) - for _, l := range actual.Listeners { - addr, _, err := util.SplitHostPort(l.Address) - require.NoError(err) - ip := net.ParseIP(addr) - assert.NotNil(ip, "failed to parse listener address for %v", l.Purpose) - assert.NotNil(ip.To16(), "failed to convert address to IPv6 for %v, found %v", l.Purpose, addr) - } -} - -func TestDevCombinedIpv6(t *testing.T) { - require, assert := require.New(t), assert.New(t) - // This test only validates that all listeners are utilizing an IPv6 address. - actual, err := DevCombined(WithIPv6Enabled(true)) - require.NoError(err) - - // expected an error here because we purposely did not provide a port number - // to allow randomly assigned port values for the worker and controller - _, _, err = net.SplitHostPort(actual.Worker.PublicAddr) - require.Error(err) - _, _, err = net.SplitHostPort(actual.Controller.PublicClusterAddr) - require.Error(err) - - // assert the square brackets are removed from the host ipv6 address and that the port value is empty - publicAddr, port, err := util.SplitHostPort(actual.Worker.PublicAddr) - require.NoError(err) - assert.Empty(port) - ip := net.ParseIP(publicAddr) - assert.NotNil(ip, "failed to parse worker public address") - assert.NotNil(ip.To16(), "worker public address is not IPv6 %s", actual.Worker.PublicAddr) - - // assert the square brackets are removed from the controller ipv6 address and that the port value is empty - publicAddr, port, err = util.SplitHostPort(actual.Controller.PublicClusterAddr) - require.NoError(err) - assert.Empty(port) - assert.Empty(publicAddr) - - require.NotEmpty(actual.Listeners) - for _, l := range actual.Listeners { - addr, _, err := util.SplitHostPort(l.Address) - require.NoError(err) - ip := net.ParseIP(addr) - assert.NotNil(ip, "failed to parse listener address for %v", l.Purpose) - assert.NotNil(ip.To16(), "failed to convert address to IPv6 for %v, found %v", l.Purpose, addr) - } -} - func TestDevKeyGeneration(t *testing.T) { t.Parallel() dk := DevKeyGeneration() diff --git a/internal/cmd/config/options.go b/internal/cmd/config/options.go index e95564f786..aed401b7a3 100644 --- a/internal/cmd/config/options.go +++ b/internal/cmd/config/options.go @@ -35,7 +35,6 @@ type options struct { withSysEventsEnabled bool withAuditEventsEnabled bool withObservationsEnabled bool - withIPv6Enabled bool testWithErrorEventsEnabled bool } @@ -60,12 +59,6 @@ func getDefaultOptions() (options, error) { } opts.withObservationsEnabled = obs - ipv6, err := parseutil.ParseBool(os.Getenv("BOUNDARY_ENABLE_TEST_IPV6")) - if err != nil { - return opts, err - } - opts.withIPv6Enabled = ipv6 - errEvents, err := parseutil.ParseBool(os.Getenv("BOUNDARY_ENABLE_TEST_ERROR_EVENTS")) if err != nil { return opts, err @@ -99,14 +92,6 @@ func WithObservationsEnabled(enable bool) Option { } } -// WithIPv6Enabled provides an option for enabling network ipv6 addresses -func WithIPv6Enabled(enable bool) Option { - return func(o *options) error { - o.withIPv6Enabled = enable - return nil - } -} - // TestWithErrorEventsEnabled provides an option for enabling error events // during tests. func TestWithErrorEventsEnabled(_ testing.TB, enable bool) Option { diff --git a/internal/credential/vault/jobs.go b/internal/credential/vault/jobs.go index 0013d09d8f..d7e23d9c8c 100644 --- a/internal/credential/vault/jobs.go +++ b/internal/credential/vault/jobs.go @@ -130,7 +130,7 @@ func (r *TokenRenewalJob) Status() scheduler.JobStatus { // Run queries the vault credential repo for tokens that need to be renewed, it then creates // a vault client and renews each token. Can not be run in parallel, if Run is invoked while // already running an error with code JobAlreadyRunning will be returned. -func (r *TokenRenewalJob) Run(ctx context.Context, _ time.Duration) error { +func (r *TokenRenewalJob) Run(ctx context.Context) error { const op = "vault.(TokenRenewalJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") @@ -356,7 +356,7 @@ func (r *TokenRevocationJob) Status() scheduler.JobStatus { // Run queries the vault credential repo for tokens that need to be revoked, it then creates // a vault client and revokes each token. Can not be run in parallel, if Run is invoked while // already running an error with code JobAlreadyRunning will be returned. -func (r *TokenRevocationJob) Run(ctx context.Context, _ time.Duration) error { +func (r *TokenRevocationJob) Run(ctx context.Context) error { const op = "vault.(TokenRevocationJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") @@ -521,7 +521,7 @@ func (r *CredentialRenewalJob) Status() scheduler.JobStatus { // Run queries the vault credential repo for credentials that need to be renewed, it then creates // a vault client and renews each credential. Can not be run in parallel, if Run is invoked while // already running an error with code JobAlreadyRunning will be returned. -func (r *CredentialRenewalJob) Run(ctx context.Context, _ time.Duration) error { +func (r *CredentialRenewalJob) Run(ctx context.Context) error { const op = "vault.(CredentialRenewalJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") @@ -696,7 +696,7 @@ func (r *CredentialRevocationJob) Status() scheduler.JobStatus { // Run queries the vault credential repo for credentials that need to be revoked, it then creates // a vault client and revokes each credential. Can not be run in parallel, if Run is invoked while // already running an error with code JobAlreadyRunning will be returned. -func (r *CredentialRevocationJob) Run(ctx context.Context, _ time.Duration) error { +func (r *CredentialRevocationJob) Run(ctx context.Context) error { const op = "vault.(CredentialRevocationJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") @@ -847,7 +847,7 @@ func (r *CredentialStoreCleanupJob) Status() scheduler.JobStatus { // Run deletes all vault credential stores in the repo that have been soft deleted. // Can not be run in parallel, if Run is invoked while already running an error with code // JobAlreadyRunning will be returned. -func (r *CredentialStoreCleanupJob) Run(ctx context.Context, _ time.Duration) error { +func (r *CredentialStoreCleanupJob) Run(ctx context.Context) error { const op = "vault.(CredentialStoreCleanupJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") @@ -947,7 +947,7 @@ func (r *CredentialCleanupJob) Status() scheduler.JobStatus { // Run deletes all Vault credential in the repo that have a null session_id and are not active. // Can not be run in parallel, if Run is invoked while already running an error with code // JobAlreadyRunning will be returned. -func (r *CredentialCleanupJob) Run(ctx context.Context, _ time.Duration) error { +func (r *CredentialCleanupJob) Run(ctx context.Context) error { const op = "vault.(CredentialCleanupJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") diff --git a/internal/credential/vault/jobs_test.go b/internal/credential/vault/jobs_test.go index 12b029a251..39177b2677 100644 --- a/internal/credential/vault/jobs_test.go +++ b/internal/credential/vault/jobs_test.go @@ -312,7 +312,7 @@ func TestTokenRenewalJob_RunLimits(t *testing.T) { r, err := newTokenRenewalJob(ctx, rw, rw, kmsCache, tt.opts...) require.NoError(err) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(tt.wantLen, r.numTokens) @@ -352,7 +352,7 @@ func TestTokenRenewalJob_Run(t *testing.T) { cs, err := repo.CreateCredentialStore(ctx, in) require.NoError(err) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // No tokens should have been renewed since token expiration is 24 hours by default assert.Equal(0, r.numProcessed) @@ -391,7 +391,7 @@ func TestTokenRenewalJob_Run(t *testing.T) { require.NoError(err) // Run token renewal again - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // Current and maintaining token should have been processed assert.Equal(2, r.numProcessed) @@ -468,7 +468,7 @@ func TestTokenRenewalJob_RunExpired(t *testing.T) { time.Sleep(time.Second * 2) // Token should have expired in vault, run should now expire in repo - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(1, r.numTokens) @@ -790,7 +790,7 @@ func TestTokenRevocationJob_RunLimits(t *testing.T) { r, err := newTokenRevocationJob(ctx, rw, rw, kmsCache, tt.opts...) require.NoError(err) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(tt.wantLen, r.numTokens) @@ -836,7 +836,7 @@ func TestTokenRevocationJob_Run(t *testing.T) { require.NoError(err) // No tokens should have been revoked since only the current token exists - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(0, r.numProcessed) @@ -885,7 +885,7 @@ func TestTokenRevocationJob_Run(t *testing.T) { // Running should revoke noCredsToken and the revokeToken even though it has active // credentials it has been marked for revocation - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(2, r.numProcessed) @@ -922,7 +922,7 @@ func TestTokenRevocationJob_Run(t *testing.T) { assert.NoError(err) // Running again should now revoke the credsToken - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(1, r.numProcessed) @@ -934,7 +934,7 @@ func TestTokenRevocationJob_Run(t *testing.T) { require.NoError(rw.LookupWhere(ctx, &repoToken, "token_hmac = ?", []any{credsToken.TokenHmac})) assert.Equal(string(RevokedToken), repoToken.Status) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // With only the current token remaining no tokens should be revoked assert.Equal(0, r.numProcessed) @@ -1129,7 +1129,7 @@ func TestCredentialRenewalJob_RunLimits(t *testing.T) { r, err := newCredentialRenewalJob(ctx, rw, rw, kmsCache, tt.opts...) require.NoError(err) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(tt.wantLen, r.numCreds) @@ -1196,7 +1196,7 @@ func TestCredentialRenewalJob_Run(t *testing.T) { credRenewal, err := newCredentialRenewalJob(ctx, rw, rw, kmsCache) require.NoError(err) - err = credRenewal.Run(ctx, 0) + err = credRenewal.Run(ctx) require.NoError(err) // No credentials should have been renewed assert.Equal(0, credRenewal.numCreds) @@ -1213,7 +1213,7 @@ func TestCredentialRenewalJob_Run(t *testing.T) { // Sleep to move clock time.Sleep(2 * time.Second) - err = credRenewal.Run(ctx, 0) + err = credRenewal.Run(ctx) require.NoError(err) // The active credential should have been renewed assert.Equal(1, credRenewal.numCreds) @@ -1319,7 +1319,7 @@ func TestCredentialRenewalJob_RunExpired(t *testing.T) { require.NoError(rw.LookupById(ctx, lookupCred)) assert.Equal(string(ActiveCredential), lookupCred.Status) - err = credRenewal.Run(ctx, 0) + err = credRenewal.Run(ctx) require.NoError(err) // The active credential should have been processed assert.Equal(1, credRenewal.numCreds) @@ -1678,7 +1678,7 @@ func TestCredentialRevocationJob_RunLimits(t *testing.T) { r, err := newCredentialRevocationJob(ctx, rw, rw, kmsCache, tt.opts...) require.NoError(err) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(tt.wantLen, r.numCreds) @@ -1745,7 +1745,7 @@ func TestCredentialRevocationJob_Run(t *testing.T) { r, err := newCredentialRevocationJob(ctx, rw, rw, kmsCache) require.NoError(err) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // No credentials should have been revoked assert.Equal(0, r.numCreds) @@ -1764,7 +1764,7 @@ func TestCredentialRevocationJob_Run(t *testing.T) { // Verify revokeCred is valid in testDb assert.NoError(testDb.ValidateCredential(t, revokeSecret)) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // The revoke credential should have been revoked assert.Equal(1, r.numCreds) @@ -1842,7 +1842,7 @@ func TestCredentialRevocationJob_RunDeleted(t *testing.T) { secret, cred := testVaultCred(t, conn, v, cl, sess, repoToken, ActiveCredential, 5*time.Hour) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // No credentials should have been revoked as expiration is 5 hours from now assert.Equal(0, r.numCreds) @@ -1852,7 +1852,7 @@ func TestCredentialRevocationJob_RunDeleted(t *testing.T) { require.NoError(err) assert.Equal(1, count) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // No credentials should have been revoked assert.Equal(0, r.numCreds) @@ -1879,7 +1879,7 @@ func TestCredentialRevocationJob_RunDeleted(t *testing.T) { assert.Empty(lookupCred.SessionId) assert.Equal(string(RevokeCredential), lookupCred.Status) - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) // The revoke credential should have been revoked assert.Equal(1, r.numCreds) @@ -2028,7 +2028,7 @@ func TestCredentialStoreCleanupJob_Run(t *testing.T) { require.NoError(err) // No credential stores should have been cleaned up - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(0, r.numStores) @@ -2057,7 +2057,7 @@ func TestCredentialStoreCleanupJob_Run(t *testing.T) { assert.Equal(string(RevokeToken), repoToken.Status) // Both soft deleted credential stores should not be cleaned up yet - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(0, r.numStores) @@ -2067,7 +2067,7 @@ func TestCredentialStoreCleanupJob_Run(t *testing.T) { assert.Equal(1, count) // cs1 should be deleted - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(1, r.numStores) @@ -2095,7 +2095,7 @@ func TestCredentialStoreCleanupJob_Run(t *testing.T) { assert.Equal(1, count) // cs2 still has a second token not yet revoked/expired - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(0, r.numStores) @@ -2112,7 +2112,7 @@ func TestCredentialStoreCleanupJob_Run(t *testing.T) { assert.Equal(1, count) // With no un-expired or un-revoked tokens cs2 should now be deleted - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(1, r.numStores) @@ -2289,7 +2289,7 @@ func TestCredentialCleanupJob_Run(t *testing.T) { _, sess2Cred := testVaultCred(t, conn, v, cl, sess2, repoToken, ActiveCredential, 5*time.Hour) // No credentials should be cleaned up - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(0, r.numCreds) @@ -2299,7 +2299,7 @@ func TestCredentialCleanupJob_Run(t *testing.T) { assert.Equal(1, count) // Credentials are still in the revoke state so none should be deleted yet - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(0, r.numCreds) @@ -2324,7 +2324,7 @@ func TestCredentialCleanupJob_Run(t *testing.T) { assert.Equal(1, count) // Only the three credentials associated with the deleted session should be deleted - err = r.Run(ctx, 0) + err = r.Run(ctx) require.NoError(err) assert.Equal(3, r.numCreds) diff --git a/internal/daemon/cluster/handlers/worker_service.go b/internal/daemon/cluster/handlers/worker_service.go index 1b57f6ee63..2e3209f2a7 100644 --- a/internal/daemon/cluster/handlers/worker_service.go +++ b/internal/daemon/cluster/handlers/worker_service.go @@ -193,12 +193,12 @@ func (ws *workerServiceServer) Status(ctx context.Context, req *pbs.StatusReques authorizedDownstreams := &pbs.AuthorizedDownstreamWorkerList{} if len(req.GetConnectedWorkerPublicIds()) > 0 { - knownConnectedWorkers, err := serverRepo.VerifyKnownWorkers(ctx, req.GetConnectedWorkerPublicIds()) + knownConnectedWorkers, err := serverRepo.ListWorkers(ctx, []string{scope.Global.String()}, server.WithWorkerPool(req.GetConnectedWorkerPublicIds()), server.WithLiveness(-1)) if err != nil { event.WriteError(ctx, op, err, event.WithInfoMsg("error getting known connected worker ids")) return &pbs.StatusResponse{}, status.Errorf(codes.Internal, "Error getting known connected worker ids: %v", err) } - authorizedDownstreams.WorkerPublicIds = knownConnectedWorkers + authorizedDownstreams.WorkerPublicIds = server.WorkerList(knownConnectedWorkers).PublicIds() } if len(req.GetConnectedUnmappedWorkerKeyIdentifiers()) > 0 { diff --git a/internal/daemon/controller/auth/auth_test.go b/internal/daemon/controller/auth/auth_test.go index 1c4644d74f..b9454d225b 100644 --- a/internal/daemon/controller/auth/auth_test.go +++ b/internal/daemon/controller/auth/auth_test.go @@ -341,14 +341,5 @@ func TestGrantsHash(t *testing.T) { hash3, err := res.GrantsHash(ctx) require.NoError(t, err) assert.False(t, bytes.Equal(hash1, hash3)) - assert.False(t, bytes.Equal(hash2, hash3)) - - // Recreate auth result with no grants, should return a slice of empty bytes - res.grants = nil - hash4, err := res.GrantsHash(ctx) - require.NoError(t, err) - assert.False(t, bytes.Equal(hash1, hash4)) - assert.False(t, bytes.Equal(hash2, hash4)) - assert.False(t, bytes.Equal(hash3, hash4)) - assert.True(t, bytes.Equal([]byte{0, 0, 0, 0, 0, 0, 0, 0}, hash4)) + assert.False(t, bytes.Equal(hash1, hash3)) } diff --git a/internal/daemon/controller/controller.go b/internal/daemon/controller/controller.go index 57200a7a62..3ac24f483e 100644 --- a/internal/daemon/controller/controller.go +++ b/internal/daemon/controller/controller.go @@ -45,6 +45,7 @@ import ( "github.com/hashicorp/boundary/internal/ratelimit" "github.com/hashicorp/boundary/internal/recording" "github.com/hashicorp/boundary/internal/scheduler" + "github.com/hashicorp/boundary/internal/scheduler/cleaner" "github.com/hashicorp/boundary/internal/scheduler/job" "github.com/hashicorp/boundary/internal/server" serversjob "github.com/hashicorp/boundary/internal/server/job" @@ -320,8 +321,6 @@ func New(ctx context.Context, conf *Config) (*Controller, error) { if _, err := conf.RegisterPlugin(ctx, pluginType, client, []plugin.PluginType{plugin.PluginTypeHost}, plugin.WithDescription(fmt.Sprintf("Built-in %s host plugin", enabledPlugin.String()))); err != nil { return nil, fmt.Errorf("error registering %s host plugin: %w", pluginType, err) } - case enabledPlugin == base.EnabledPluginGCP && !c.conf.SkipPlugins: - fallthrough case enabledPlugin == base.EnabledPluginAws && !c.conf.SkipPlugins: pluginType := strings.ToLower(enabledPlugin.String()) client, cleanup, err := external_plugins.CreateHostPlugin( @@ -398,8 +397,8 @@ func New(ctx context.Context, conf *Config) (*Controller, error) { jobRepoFn := func() (*job.Repository, error) { return job.NewRepository(ctx, dbase, dbase, c.kms) } - - schedulerOpts := []scheduler.Option{} + // TODO: Allow setting run jobs limit from config + schedulerOpts := []scheduler.Option{scheduler.WithRunJobsLimit(-1)} if c.conf.RawConfig.Controller.Scheduler.JobRunIntervalDuration > 0 { schedulerOpts = append(schedulerOpts, scheduler.WithRunJobsInterval(c.conf.RawConfig.Controller.Scheduler.JobRunIntervalDuration)) } @@ -638,6 +637,9 @@ func (c *Controller) registerJobs() error { if err := kmsjob.RegisterJobs(c.baseContext, c.scheduler, c.kms); err != nil { return err } + if err := cleaner.RegisterJob(c.baseContext, c.scheduler, rw); err != nil { + return err + } if err := snapshot.RegisterJob(c.baseContext, c.scheduler, rw, rw); err != nil { return err } diff --git a/internal/daemon/controller/controller_test.go b/internal/daemon/controller/controller_test.go index 1c6dd54aa9..0dfb72ab81 100644 --- a/internal/daemon/controller/controller_test.go +++ b/internal/daemon/controller/controller_test.go @@ -257,7 +257,6 @@ func TestController_NewPluginsConfig(t *testing.T) { conf.EnabledPlugins = []base.EnabledPlugin{ base.EnabledPluginAws, base.EnabledPluginHostAzure, - base.EnabledPluginGCP, } _, err = New(testCtx, conf) @@ -266,15 +265,14 @@ func TestController_NewPluginsConfig(t *testing.T) { // Check that both plugins were written to the temp dir files, err := os.ReadDir(tmpDir) require.NoError(err) - require.Len(files, 3) + require.Len(files, 2) for _, file := range files { name := filepath.Base(file.Name()) // Remove random chars and hyphen name = name[0 : len(name)-6] switch name { case boundary_plugin_assets.PluginPrefix + "aws", - boundary_plugin_assets.PluginPrefix + "azure", - boundary_plugin_assets.PluginPrefix + "gcp": + boundary_plugin_assets.PluginPrefix + "azure": default: require.Fail("unexpected name", name) } diff --git a/internal/daemon/controller/handlers/accounts/account_service.go b/internal/daemon/controller/handlers/accounts/account_service.go index a132fc3a79..18e2c5932d 100644 --- a/internal/daemon/controller/handlers/accounts/account_service.go +++ b/internal/daemon/controller/handlers/accounts/account_service.go @@ -606,7 +606,7 @@ func (s Service) getFromRepo(ctx context.Context, id string) (auth.Account, []st } return nil, nil, err } - mgs, err := repo.ListManagedGroupMembershipsByMember(ctx, a.GetPublicId(), oidc.WithLimit(-1)) + mgs, err := repo.ListManagedGroupMembershipsByMember(ctx, a.GetPublicId()) if err != nil { return nil, nil, err } @@ -629,7 +629,7 @@ func (s Service) getFromRepo(ctx context.Context, id string) (auth.Account, []st } return nil, nil, err } - mgs, err := repo.ListManagedGroupMembershipsByMember(ctx, a.GetPublicId(), ldap.WithLimit(ctx, -1)) + mgs, err := repo.ListManagedGroupMembershipsByMember(ctx, a.GetPublicId()) if err != nil { return nil, nil, err } diff --git a/internal/daemon/controller/handlers/accounts/account_service_test.go b/internal/daemon/controller/handlers/accounts/account_service_test.go index 7a5e549d2f..5e33ea3741 100644 --- a/internal/daemon/controller/handlers/accounts/account_service_test.go +++ b/internal/daemon/controller/handlers/accounts/account_service_test.go @@ -134,15 +134,13 @@ func TestGet(t *testing.T) { return password.NewRepository(ctx, rw, rw, kmsCache) } oidcRepoFn := func() (*oidc.Repository, error) { - // Use a small limit to test that membership lookup is explicitly unlimited - return oidc.NewRepository(ctx, rw, rw, kmsCache, oidc.WithLimit(1)) + return oidc.NewRepository(ctx, rw, rw, kmsCache) } iamRepoFn := func() (*iam.Repository, error) { return iam.NewRepository(ctx, rw, rw, kmsCache) } ldapRepoFn := func() (*ldap.Repository, error) { - // Use a small limit to test that membership lookup is explicitly unlimited - return ldap.NewRepository(ctx, rw, rw, kmsCache, ldap.WithLimit(ctx, 1)) + return ldap.NewRepository(ctx, rw, rw, kmsCache) } s, err := accounts.NewService(ctx, pwRepoFn, oidcRepoFn, ldapRepoFn, 1000) @@ -177,10 +175,9 @@ func TestGet(t *testing.T) { oidc.WithApiUrl(oidc.TestConvertToUrls(t, "https://www.alice.com/callback")[0]), ) oidcA := oidc.TestAccount(t, conn, oidcAm, "test-subject") - // Create some managed groups that will always match, so we can test that it is + // Create a managed group that will always match, so we can test that it is // returned in results mg := oidc.TestManagedGroup(t, conn, oidcAm, `"/token/sub" matches ".*"`) - mg2 := oidc.TestManagedGroup(t, conn, oidcAm, `"/token/sub" matches ".*"`) oidcWireAccount := pb.Account{ Id: oidcA.GetPublicId(), AuthMethodId: oidcA.GetAuthMethodId(), @@ -196,7 +193,7 @@ func TestGet(t *testing.T) { }, }, AuthorizedActions: oidcAuthorizedActions, - ManagedGroupIds: []string{mg.GetPublicId(), mg2.GetPublicId()}, + ManagedGroupIds: []string{mg.GetPublicId()}, } ldapAm := ldap.TestAuthMethod(t, conn, databaseWrapper, org.PublicId, []string{"ldaps://ldap1"}) @@ -207,7 +204,6 @@ func TestGet(t *testing.T) { ldap.WithDn(ctx, "test-dn"), ) ldapMg := ldap.TestManagedGroup(t, conn, ldapAm, []string{"admin"}) - ldapMg2 := ldap.TestManagedGroup(t, conn, ldapAm, []string{"admin"}) ldapWireAccount := pb.Account{ Id: ldapAcct.GetPublicId(), AuthMethodId: ldapAm.GetPublicId(), @@ -226,7 +222,7 @@ func TestGet(t *testing.T) { }, Type: ldap.Subtype.String(), AuthorizedActions: ldapAuthorizedActions, - ManagedGroupIds: []string{ldapMg.GetPublicId(), ldapMg2.GetPublicId()}, + ManagedGroupIds: []string{ldapMg.GetPublicId()}, } cases := []struct { @@ -293,14 +289,12 @@ func TestGet(t *testing.T) { if globals.ResourceInfoFromPrefix(tc.req.Id).Subtype == oidc.Subtype { // Set up managed groups before getting. First get the current - // managed groups to make sure we have the right version. + // managed group to make sure we have the right version. oidcRepo, err := oidcRepoFn() require.NoError(err) currMg, err := oidcRepo.LookupManagedGroup(ctx, mg.GetPublicId()) require.NoError(err) - currMg2, err := oidcRepo.LookupManagedGroup(ctx, mg2.GetPublicId()) - require.NoError(err) - _, _, err = oidcRepo.SetManagedGroupMemberships(ctx, oidcAm, oidcA, []*oidc.ManagedGroup{currMg, currMg2}) + _, _, err = oidcRepo.SetManagedGroupMemberships(ctx, oidcAm, oidcA, []*oidc.ManagedGroup{currMg}) require.NoError(err) } diff --git a/internal/daemon/controller/handlers/managed_groups/managed_group_service.go b/internal/daemon/controller/handlers/managed_groups/managed_group_service.go index d8c03480d5..dd7c780917 100644 --- a/internal/daemon/controller/handlers/managed_groups/managed_group_service.go +++ b/internal/daemon/controller/handlers/managed_groups/managed_group_service.go @@ -446,7 +446,7 @@ func (s Service) getFromRepo(ctx context.Context, id string) (auth.ManagedGroup, } return nil, nil, err } - ids, err := repo.ListManagedGroupMembershipsByGroup(ctx, mg.GetPublicId(), oidc.WithLimit(-1)) + ids, err := repo.ListManagedGroupMembershipsByGroup(ctx, mg.GetPublicId()) if err != nil { return nil, nil, err } @@ -469,7 +469,7 @@ func (s Service) getFromRepo(ctx context.Context, id string) (auth.ManagedGroup, } return nil, nil, err } - ids, err := repo.ListManagedGroupMembershipsByGroup(ctx, mg.GetPublicId(), ldap.WithLimit(ctx, -1)) + ids, err := repo.ListManagedGroupMembershipsByGroup(ctx, mg.GetPublicId()) if err != nil { return nil, nil, err } diff --git a/internal/daemon/controller/handlers/managed_groups/managed_group_service_test.go b/internal/daemon/controller/handlers/managed_groups/managed_group_service_test.go index 14762802b9..8c83d142f4 100644 --- a/internal/daemon/controller/handlers/managed_groups/managed_group_service_test.go +++ b/internal/daemon/controller/handlers/managed_groups/managed_group_service_test.go @@ -118,15 +118,13 @@ func TestGet(t *testing.T) { wrap := db.TestWrapper(t) kmsCache := kms.TestKms(t, conn, wrap) oidcRepoFn := func() (*oidc.Repository, error) { - // Use a small limit to test that membership lookup is explicitly unlimited - return oidc.NewRepository(ctx, rw, rw, kmsCache, oidc.WithLimit(1)) + return oidc.NewRepository(ctx, rw, rw, kmsCache) } iamRepoFn := func() (*iam.Repository, error) { return iam.NewRepository(ctx, rw, rw, kmsCache) } ldapRepoFn := func() (*ldap.Repository, error) { - // Use a small limit to test that membership lookup is explicitly unlimited - return ldap.NewRepository(ctx, rw, rw, kmsCache, ldap.WithLimit(ctx, 1)) + return ldap.NewRepository(ctx, rw, rw, kmsCache) } s, err := managed_groups.NewService(ctx, oidcRepoFn, ldapRepoFn, 1000) @@ -144,7 +142,6 @@ func TestGet(t *testing.T) { oidc.WithApiUrl(oidc.TestConvertToUrls(t, "https://www.alice.com/callback")[0]), ) oidcA := oidc.TestAccount(t, conn, oidcAm, "test-subject") - oidcB := oidc.TestAccount(t, conn, oidcAm, "test-subject-2") omg := oidc.TestManagedGroup(t, conn, oidcAm, oidc.TestFakeManagedGroupFilter) // Set up managed group before getting. First get the current @@ -156,10 +153,6 @@ func TestGet(t *testing.T) { require.NoError(t, err) _, _, err = oidcRepo.SetManagedGroupMemberships(ctx, oidcAm, oidcA, []*oidc.ManagedGroup{currMg}) require.NoError(t, err) - currMg, err = oidcRepo.LookupManagedGroup(ctx, omg.GetPublicId()) - require.NoError(t, err) - _, _, err = oidcRepo.SetManagedGroupMemberships(ctx, oidcAm, oidcB, []*oidc.ManagedGroup{currMg}) - require.NoError(t, err) // Fetch the group once more to get the updated time currMg, err = oidcRepo.LookupManagedGroup(ctx, omg.GetPublicId()) require.NoError(t, err) @@ -178,12 +171,11 @@ func TestGet(t *testing.T) { }, }, AuthorizedActions: oidcAuthorizedActions, - MemberIds: []string{oidcA.GetPublicId(), oidcB.GetPublicId()}, + MemberIds: []string{oidcA.GetPublicId()}, } ldapAm := ldap.TestAuthMethod(t, conn, databaseWrapper, org.PublicId, []string{"ldaps://ldap1"}) ldapAcct := ldap.TestAccount(t, conn, ldapAm, "test-login-name", ldap.WithMemberOfGroups(ctx, "admin")) - ldapAcct2 := ldap.TestAccount(t, conn, ldapAm, "test-login-name-2", ldap.WithMemberOfGroups(ctx, "admin")) ldapMg := ldap.TestManagedGroup(t, conn, ldapAm, []string{"admin"}) ldapWireManagedGroup := pb.ManagedGroup{ Id: ldapMg.GetPublicId(), @@ -199,7 +191,7 @@ func TestGet(t *testing.T) { }, }, AuthorizedActions: ldapAuthorizedActions, - MemberIds: []string{ldapAcct.GetPublicId(), ldapAcct2.GetPublicId()}, + MemberIds: []string{ldapAcct.GetPublicId()}, } cases := []struct { diff --git a/internal/daemon/controller/handlers/targets/target_service.go b/internal/daemon/controller/handlers/targets/target_service.go index f6e92d28d1..e05eeaec49 100644 --- a/internal/daemon/controller/handlers/targets/target_service.go +++ b/internal/daemon/controller/handlers/targets/target_service.go @@ -42,7 +42,6 @@ import ( "github.com/hashicorp/boundary/internal/types/resource" "github.com/hashicorp/boundary/internal/types/scope" "github.com/hashicorp/boundary/internal/types/subtypes" - "github.com/hashicorp/boundary/internal/util" "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/scopes" pb "github.com/hashicorp/boundary/sdk/pbs/controller/api/resources/targets" fm "github.com/hashicorp/boundary/version" @@ -968,10 +967,17 @@ func (s Service) AuthorizeSession(ctx context.Context, req *pbs.AuthorizeSession "No host was discovered after checking target address and host sources.") } - // Ensure we don't have a port from the address - _, err = util.ParseAddress(ctx, h) - if err != nil { + // Ensure we don't have a port from the address, which would be unexpected + _, _, err = net.SplitHostPort(h) + switch { + case err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr): + // This is what we expect + case err != nil: return nil, errors.Wrap(ctx, err, op, errors.WithMsg("error when parsing the chosen endpoint host address")) + case err == nil: + return nil, handlers.ApiErrorWithCodeAndMessage( + codes.FailedPrecondition, + "Address specified for use unexpectedly contains a port.") } // Generate the endpoint URL diff --git a/internal/daemon/controller/handlers/targets/tcp/target_service_test.go b/internal/daemon/controller/handlers/targets/tcp/target_service_test.go index 836c6a28b7..92274e83e1 100644 --- a/internal/daemon/controller/handlers/targets/tcp/target_service_test.go +++ b/internal/daemon/controller/handlers/targets/tcp/target_service_test.go @@ -4409,104 +4409,57 @@ func TestAuthorizeSession_Errors(t *testing.T) { assert.Equal(t, 1, num) v.RevokeToken(t, tok1) - workerExists := func(tar target.Target) target.Target { + workerExists := func(tar target.Target) (version uint32) { server.TestKmsWorker(t, conn, wrapper) - return tar + return tar.GetVersion() } - hostSetNoHostExists := func(tar target.Target) target.Target { + hostSetNoHostExists := func(tar target.Target) (version uint32) { hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0] hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0] - _, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{ - Id: tar.GetPublicId(), - Version: tar.GetVersion(), - HostSourceIds: []string{hs.GetPublicId()}, - }) - require.NoError(t, err) - repo, err := repoFn() - require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) - require.NoError(t, err) - return tar - } - hostExists := func(tar target.Target) target.Target { - hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0] - h := static.TestHosts(t, conn, hc.GetPublicId(), 1)[0] - hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0] - _ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h}) - _, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{ + tr, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{ Id: tar.GetPublicId(), Version: tar.GetVersion(), HostSourceIds: []string{hs.GetPublicId()}, }) require.NoError(t, err) - hostRepo, err := staticHostRepoFn() - require.NoError(t, err) - _, _, err = hostRepo.UpdateHost(ctx, hc.GetProjectId(), h, h.GetVersion(), []string{"address"}) - require.NoError(t, err) - repo, err := repoFn() - require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) - require.NoError(t, err) - return tar + return tr.GetItem().GetVersion() } - hostWithoutPort := func(tar target.Target) target.Target { + hostExists := func(tar target.Target) (version uint32) { hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0] h := static.TestHosts(t, conn, hc.GetPublicId(), 1)[0] hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0] _ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h}) - _, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{ - Id: tar.GetPublicId(), - Version: tar.GetVersion(), - HostSourceIds: []string{hs.GetPublicId()}, - }) - require.NoError(t, err) - repo, err := repoFn() - require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) - require.NoError(t, err) - return tar - } - - ipv4HostWithHostPort := func(tar target.Target) target.Target { - hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0] - h := static.TestHost(t, conn, hc.GetPublicId(), static.WithAddress("8.8.8.8:22")) - hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0] - _ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h}) - _, err := s.SetTargetHostSources(ctx, &pbs.SetTargetHostSourcesRequest{ + apiTar, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{ Id: tar.GetPublicId(), Version: tar.GetVersion(), HostSourceIds: []string{hs.GetPublicId()}, }) require.NoError(t, err) - repo, err := repoFn() + repo, err := staticHostRepoFn() require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) + _, _, err = repo.UpdateHost(ctx, hc.GetProjectId(), h, h.GetVersion(), []string{"address"}) require.NoError(t, err) - return tar + return apiTar.GetItem().GetVersion() } - ipv6HostWithHostPort := func(tar target.Target) target.Target { + hostWithoutPort := func(tar target.Target) (version uint32) { hc := static.TestCatalogs(t, conn, proj.GetPublicId(), 1)[0] - h := static.TestHost(t, conn, hc.GetPublicId(), static.WithAddress("[2001:4860:4860:0:0:0:0:8888]:22")) + h := static.TestHosts(t, conn, hc.GetPublicId(), 1)[0] hs := static.TestSets(t, conn, hc.GetPublicId(), 1)[0] _ = static.TestSetMembers(t, conn, hs.GetPublicId(), []*static.Host{h}) - _, err := s.SetTargetHostSources(ctx, &pbs.SetTargetHostSourcesRequest{ + apiTar, err := s.AddTargetHostSources(ctx, &pbs.AddTargetHostSourcesRequest{ Id: tar.GetPublicId(), Version: tar.GetVersion(), HostSourceIds: []string{hs.GetPublicId()}, }) require.NoError(t, err) - repo, err := repoFn() - require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) - require.NoError(t, err) - return tar + return apiTar.GetItem().GetVersion() } - libraryExists := func(tar target.Target) target.Target { + libraryExists := func(tar target.Target) (version uint32) { credService, err := credentiallibraries.NewService(ctx, iamRepoFn, vaultCredRepoFn, 1000) require.NoError(t, err) clsResp, err := credService.CreateCredentialLibrary(ctx, &pbs.CreateCredentialLibraryRequest{Item: &credlibpb.CredentialLibrary{ @@ -4521,21 +4474,17 @@ func TestAuthorizeSession_Errors(t *testing.T) { }}) require.NoError(t, err) - _, err = s.AddTargetCredentialSources(ctx, + tr, err := s.AddTargetCredentialSources(ctx, &pbs.AddTargetCredentialSourcesRequest{ Id: tar.GetPublicId(), BrokeredCredentialSourceIds: []string{clsResp.GetItem().GetId()}, Version: tar.GetVersion(), }) require.NoError(t, err) - repo, err := repoFn() - require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) - require.NoError(t, err) - return tar + return tr.GetItem().GetVersion() } - misConfiguredlibraryExists := func(tar target.Target) target.Target { + misConfiguredlibraryExists := func(tar target.Target) (version uint32) { credService, err := credentiallibraries.NewService(ctx, iamRepoFn, vaultCredRepoFn, 1000) require.NoError(t, err) clsResp, err := credService.CreateCredentialLibrary(ctx, &pbs.CreateCredentialLibraryRequest{Item: &credlibpb.CredentialLibrary{ @@ -4550,21 +4499,17 @@ func TestAuthorizeSession_Errors(t *testing.T) { }}) require.NoError(t, err) - _, err = s.AddTargetCredentialSources(ctx, + tr, err := s.AddTargetCredentialSources(ctx, &pbs.AddTargetCredentialSourcesRequest{ Id: tar.GetPublicId(), BrokeredCredentialSourceIds: []string{clsResp.GetItem().GetId()}, Version: tar.GetVersion(), }) require.NoError(t, err) - repo, err := repoFn() - require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) - require.NoError(t, err) - return tar + return tr.GetItem().GetVersion() } - expiredTokenLibrary := func(tar target.Target) target.Target { + expiredTokenLibrary := func(tar target.Target) (version uint32) { credService, err := credentiallibraries.NewService(ctx, iamRepoFn, vaultCredRepoFn, 1000) require.NoError(t, err) clsResp, err := credService.CreateCredentialLibrary(ctx, &pbs.CreateCredentialLibraryRequest{Item: &credlibpb.CredentialLibrary{ @@ -4579,18 +4524,14 @@ func TestAuthorizeSession_Errors(t *testing.T) { }}) require.NoError(t, err) - _, err = s.AddTargetCredentialSources(ctx, + tr, err := s.AddTargetCredentialSources(ctx, &pbs.AddTargetCredentialSourcesRequest{ Id: tar.GetPublicId(), BrokeredCredentialSourceIds: []string{clsResp.GetItem().GetId()}, Version: tar.GetVersion(), }) require.NoError(t, err) - repo, err := repoFn() - require.NoError(t, err) - tar, err = repo.LookupTarget(ctx, tar.GetPublicId()) - require.NoError(t, err) - return tar + return tr.GetItem().GetVersion() } // Generate correlation Id and add it to the context @@ -4602,7 +4543,7 @@ func TestAuthorizeSession_Errors(t *testing.T) { cases := []struct { name string ctx context.Context - setup []func(target.Target) target.Target + setup []func(target.Target) uint32 useTargetId bool wantErr bool wantErrContains string @@ -4611,100 +4552,70 @@ func TestAuthorizeSession_Errors(t *testing.T) { // This one must be run first since it relies on the DB not having any worker details name: "no worker", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{hostExists, libraryExists}, + setup: []func(tcpTarget target.Target) uint32{hostExists, libraryExists}, useTargetId: true, wantErrContains: "No workers are available to handle this session", }, { name: "success", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, libraryExists}, + setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, libraryExists}, useTargetId: true, }, { name: "no target", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, libraryExists}, + setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, libraryExists}, useTargetId: false, wantErrContains: "Resource not found", }, { name: "no host port", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{workerExists, hostWithoutPort, libraryExists}, + setup: []func(tcpTarget target.Target) uint32{workerExists, hostWithoutPort, libraryExists}, useTargetId: true, }, { - name: "ipv4 target address host port", + name: "host port", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{ - workerExists, func(tcpTarget target.Target) target.Target { + setup: []func(tcpTarget target.Target) uint32{ + workerExists, func(tcpTarget target.Target) uint32 { + tcpTarget.SetAddress("127.0.0.1:22") repo, err := repoFn() require.NoError(t, err) - n, err := repo.DeleteTarget(ctx, tcpTarget.GetPublicId()) + tcpTarget, _, err = repo.UpdateTarget(ctx, tcpTarget, tcpTarget.GetVersion(), []string{"address"}) require.NoError(t, err) - assert.Equal(t, 1, n) - return tcp.TestTarget(ctx, t, conn, tcpTarget.GetProjectId(), tcpTarget.GetName(), target.WithAddress("127.0.0.1:22"), target.WithDefaultPort(22)) + return tcpTarget.GetVersion() }, }, - wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port", - useTargetId: true, - }, - { - name: "ipv6 target address host port", - ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{ - workerExists, func(tcpTarget target.Target) target.Target { - repo, err := repoFn() - require.NoError(t, err) - n, err := repo.DeleteTarget(ctx, tcpTarget.GetPublicId()) - require.NoError(t, err) - assert.Equal(t, 1, n) - return tcp.TestTarget(ctx, t, conn, tcpTarget.GetProjectId(), tcpTarget.GetName(), target.WithAddress("[2001:4860:4860:0:0:0:0:8888]:22"), target.WithDefaultPort(22)) - }, - }, - wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port", - useTargetId: true, - }, - { - name: "ipv4 static host port", - ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{ipv4HostWithHostPort}, - wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port", - useTargetId: true, - }, - { - name: "ipv6 static host port", - ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{ipv6HostWithHostPort}, - wantErrContains: "error when parsing the chosen endpoint host address: unknown: error #0: address contains a port", + wantErrContains: "Address specified for use unexpectedly contains a port", useTargetId: true, }, { name: "no hosts", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{workerExists, hostSetNoHostExists, libraryExists}, + setup: []func(tcpTarget target.Target) uint32{workerExists, hostSetNoHostExists, libraryExists}, useTargetId: true, wantErrContains: "No host sources or address found for given target", }, { name: "bad library configuration", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, misConfiguredlibraryExists}, + setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, misConfiguredlibraryExists}, useTargetId: true, wantErrContains: "external system issue: error #3014: Error making API request", }, { name: "expired token library", ctx: ctxWithCor, - setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, expiredTokenLibrary}, + setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, expiredTokenLibrary}, useTargetId: true, wantErrContains: "vault.newClient: invalid configuration", }, { name: "no correaltion id", ctx: ctx, - setup: []func(tcpTarget target.Target) target.Target{workerExists, hostExists, libraryExists}, + setup: []func(tcpTarget target.Target) uint32{workerExists, hostExists, libraryExists}, useTargetId: true, wantErrContains: "authorize session: missing correlation id", }, @@ -4715,7 +4626,8 @@ func TestAuthorizeSession_Errors(t *testing.T) { tar := tcp.TestTarget(ctx, t, conn, proj.GetPublicId(), fmt.Sprintf("test-%d", i), target.WithDefaultPort(22)) for _, fn := range tc.setup { - tar = fn(tar) + ver := fn(tar) + tar.SetVersion(ver) } id := tar.GetPublicId() diff --git a/internal/daemon/controller/testing.go b/internal/daemon/controller/testing.go index abf2e76759..41dc57d2ba 100644 --- a/internal/daemon/controller/testing.go +++ b/internal/daemon/controller/testing.go @@ -503,8 +503,6 @@ type TestControllerOpts struct { WorkerAuthDebuggingEnabled *atomic.Bool DisableRateLimiting bool - - EnableIPv6 bool } func NewTestController(t testing.TB, opts *TestControllerOpts) *TestController { @@ -589,8 +587,7 @@ func TestControllerConfig(t testing.TB, ctx context.Context, tc *TestController, opts.Config = cfg case opts.Config == nil: - cfgOpts := append([]config.Option{}, config.WithIPv6Enabled(true)) - opts.Config, err = config.DevController(cfgOpts...) + opts.Config, err = config.DevController() if err != nil { t.Fatal(err) } diff --git a/internal/daemon/controller/testing_test.go b/internal/daemon/controller/testing_test.go index 52e0bc4eeb..57af31cb5d 100644 --- a/internal/daemon/controller/testing_test.go +++ b/internal/daemon/controller/testing_test.go @@ -7,9 +7,7 @@ import ( "bytes" "context" "io" - "net" "os" - "strings" "testing" "github.com/hashicorp/boundary/globals" @@ -101,26 +99,3 @@ func Test_TestController(t *testing.T) { assert.NotNil(ws.Bsr()) }) } - -func Test_TestControllerIPv6(t *testing.T) { - require, assert := require.New(t), assert.New(t) - c := NewTestController(t, &TestControllerOpts{ - EnableIPv6: true, - }) - require.NotNil(c) - validateIPv6 := func(addr, name string) { - host, _, err := net.SplitHostPort(addr) - require.NoError(err) - require.NotEmpty(host, "missing host") - ip := net.ParseIP(host) - assert.NotNil(ip, "failed to parse %s", name) - assert.NotNil(ip.To16(), "%s is not IPv6 %s", name, addr) - } - for _, addr := range c.ClusterAddrs() { - validateIPv6(addr, "cluster addr") - } - for _, addr := range c.ApiAddrs() { - addr = strings.ReplaceAll(addr, "http://", "") - validateIPv6(addr, "api addr") - } -} diff --git a/internal/daemon/controller/tickers.go b/internal/daemon/controller/tickers.go index d1ac967840..ebf5314d16 100644 --- a/internal/daemon/controller/tickers.go +++ b/internal/daemon/controller/tickers.go @@ -12,7 +12,9 @@ import ( "github.com/hashicorp/boundary/internal/daemon/cluster" "github.com/hashicorp/boundary/internal/errors" "github.com/hashicorp/boundary/internal/event" + "github.com/hashicorp/boundary/internal/server" "github.com/hashicorp/boundary/internal/server/store" + "github.com/hashicorp/boundary/internal/types/scope" ) // In the future we could make this configurable @@ -196,12 +198,12 @@ func (c *Controller) startWorkerConnectionMaintenanceTicking(cancelCtx context.C event.WriteError(cancelCtx, op, err, event.WithInfoMsg("error fetching server repository for cluster connection maintenance")) break } - knownWorkers, err := serverRepo.VerifyKnownWorkers(cancelCtx, connectionState.WorkerIds()) + knownWorker, err := serverRepo.ListWorkers(cancelCtx, []string{scope.Global.String()}, server.WithWorkerPool(connectionState.WorkerIds()), server.WithLiveness(-1)) if err != nil { event.WriteError(cancelCtx, op, err, event.WithInfoMsg("couldn't get known workers from repo")) break } - connectionState.DisconnectMissingWorkers(knownWorkers) + connectionState.DisconnectMissingWorkers(server.WorkerList(knownWorker).PublicIds()) } if len(connectionState.UnmappedKeyIds()) > 0 { diff --git a/internal/daemon/worker/controller_connection.go b/internal/daemon/worker/controller_connection.go index d766ae00c5..33bd766f4d 100644 --- a/internal/daemon/worker/controller_connection.go +++ b/internal/daemon/worker/controller_connection.go @@ -14,6 +14,7 @@ import ( "sync/atomic" "time" + "github.com/hashicorp/boundary/globals" "github.com/hashicorp/boundary/internal/cmd/base" "github.com/hashicorp/boundary/internal/daemon/cluster" "github.com/hashicorp/boundary/internal/daemon/cluster/handlers" @@ -49,14 +50,14 @@ func (w *Worker) StartControllerConnections() error { case strings.HasPrefix(addr, "/"): initialAddrs = append(initialAddrs, addr) default: - host, port, err := util.SplitHostPort(addr) + host, port, err := net.SplitHostPort(addr) + if err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr) { + host, port, err = net.SplitHostPort(net.JoinHostPort(addr, "9201")) + } if err != nil { return fmt.Errorf("error parsing upstream address: %w", err) } - if port == "" { - port = "9201" - } - initialAddrs = append(initialAddrs, util.JoinHostPort(host, port)) + initialAddrs = append(initialAddrs, net.JoinHostPort(host, port)) } } diff --git a/internal/daemon/worker/testing.go b/internal/daemon/worker/testing.go index 7083becb7b..ad57f22b6c 100644 --- a/internal/daemon/worker/testing.go +++ b/internal/daemon/worker/testing.go @@ -236,9 +236,6 @@ type TestWorkerOpts struct { // Enable observation events EnableObservationEvents bool - // Enable IPv6 - EnableIPv6 bool - // Enable error events EnableErrorEvents bool } @@ -275,7 +272,6 @@ func NewTestWorker(t testing.TB, opts *TestWorkerOpts) *TestWorker { configOpts = append(configOpts, config.WithAuditEventsEnabled(opts.EnableAuditEvents)) configOpts = append(configOpts, config.WithSysEventsEnabled(opts.EnableSysEvents)) configOpts = append(configOpts, config.WithObservationsEnabled(opts.EnableObservationEvents)) - configOpts = append(configOpts, config.WithIPv6Enabled(opts.EnableIPv6)) configOpts = append(configOpts, config.TestWithErrorEventsEnabled(t, opts.EnableErrorEvents)) opts.Config, err = config.DevWorker(configOpts...) if err != nil { @@ -456,6 +452,9 @@ func NewTestMultihopWorkers(t testing.TB, }) t.Cleanup(kmsWorker.Shutdown) + // Give time for it to be inserted into the database + time.Sleep(2 * time.Second) + // names should not be set when using pki workers pkiWorkerConf, err := config.DevWorker() require.NoError(err) @@ -473,6 +472,9 @@ func NewTestMultihopWorkers(t testing.TB, }) t.Cleanup(pkiWorker.Shutdown) + // Give time for it to be inserted into the database + time.Sleep(2 * time.Second) + // Get a server repo and worker auth repo serversRepo, err := serversRepoFn() require.NoError(err) @@ -507,6 +509,9 @@ func NewTestMultihopWorkers(t testing.TB, }) t.Cleanup(childPkiWorker.Shutdown) + // Give time for it to be inserted into the database + time.Sleep(2 * time.Second) + // Perform initial authentication of worker to controller reqBytes, err = base58.FastBase58Decoding(childPkiWorker.Worker().WorkerAuthRegistrationRequest) require.NoError(err) @@ -539,62 +544,16 @@ func NewTestMultihopWorkers(t testing.TB, WorkerAuthDebuggingEnabled: enableAuthDebugging, DisableAutoStart: true, }) - t.Cleanup(childKmsWorker.Shutdown) childKmsWorker.w.conf.WorkerAuthStorageKms = nil err = childKmsWorker.w.Start() - require.NoError(err) + t.Cleanup(childKmsWorker.Shutdown) + if err != nil { + t.Fatal(err) + } - t.Log("Waiting for workers to start up") - require.Eventually( - func() bool { - t.Log("Checking worker status") - workers, err := serversRepo.ListWorkers(controllerContext, []string{"global"}) - if err != nil { - return false - } - if len(workers) != 4 { - return false - } - for _, w := range workers { - if w.LastStatusTime == nil { - return false - } - } - return true - }, - 30*time.Second, - time.Second, - ) - t.Log("All workers have started") - - t.Cleanup(func() { - // Run shutdowns in parallel, they each take multiple seconds - // Note: this duplicates the shutdowns above, but since shutdowns - // are idempotent, that's OK. This is the first time we can safely run them - // all in parallel. - t.Log("Shutting down workers") - wg := &sync.WaitGroup{} - wg.Add(4) - go func() { - defer wg.Done() - kmsWorker.Shutdown() - }() - go func() { - defer wg.Done() - pkiWorker.Shutdown() - }() - go func() { - defer wg.Done() - childPkiWorker.Shutdown() - }() - go func() { - defer wg.Done() - childKmsWorker.Shutdown() - }() - wg.Wait() - t.Log("Workers shut down") - }) + // Sleep so that workers can startup and connect. + time.Sleep(12 * time.Second) return kmsWorker, pkiWorker, childPkiWorker, childKmsWorker } @@ -602,7 +561,7 @@ func NewTestMultihopWorkers(t testing.TB, // NewAuthorizedPkiTestWorker creates a new test worker with the provided upstreams // and creates it in the provided repo as an authorized worker. It returns // The TestWorker and it's boundary id. -func NewAuthorizedPkiTestWorker(t *testing.T, repo *server.Repository, name string, upstreams []string, opt ...config.Option) (*TestWorker, string) { +func NewAuthorizedPkiTestWorker(t *testing.T, repo *server.Repository, name string, upstreams []string) (*TestWorker, string) { t.Helper() logger := hclog.New(&hclog.LoggerOptions{ Level: hclog.Trace, diff --git a/internal/daemon/worker/testing_test.go b/internal/daemon/worker/testing_test.go index 5742bbefc2..25ae99bdd0 100644 --- a/internal/daemon/worker/testing_test.go +++ b/internal/daemon/worker/testing_test.go @@ -209,30 +209,6 @@ func TestNewTestMultihopWorkers(t *testing.T) { require.NoError(t, c.WaitForNextWorkerStatusUpdate(childKmsWorker.Name())) } -func TestWorkerIPv6(t *testing.T) { - require, assert := require.New(t), assert.New(t) - w := NewTestWorker(t, &TestWorkerOpts{ - EnableIPv6: true, - }) - require.NotNil(w) - validateIPv6 := func(addr, name string) { - host, _, err := net.SplitHostPort(addr) - require.NoError(err) - require.NotEmpty(host, "missing host") - ip := net.ParseIP(host) - assert.NotNil(ip, "failed to parse %s", name) - assert.NotNil(ip.To16(), "%s is not IPv6 %s", name, addr) - } - for _, addr := range w.addrs { - validateIPv6(addr, "worker addr") - } - for _, addr := range w.ProxyAddrs() { - validateIPv6(addr, "proxy addr") - } - require.NotNil(w.Worker().proxyListener) - validateIPv6(w.Worker().proxyListener.ProxyListener.Addr().String(), "proxy listener addr") -} - func createTestCert(t *testing.T) ([]byte, ed25519.PublicKey, ed25519.PrivateKey) { pub, priv, err := ed25519.GenerateKey(rand.Reader) require.NoError(t, err) diff --git a/internal/db/option.go b/internal/db/option.go index c260c4aa37..f590fc6af0 100644 --- a/internal/db/option.go +++ b/internal/db/option.go @@ -137,9 +137,6 @@ func getDbwOptions(ctx context.Context, rw *Db, i any, opType OpType, opt ...Opt if opts.withRowsAffected != nil { dbwOpts = append(dbwOpts, dbw.WithReturnRowsAffected(opts.withRowsAffected)) } - if opts.withTable != "" { - dbwOpts = append(dbwOpts, dbw.WithTable(opts.withTable)) - } return dbwOpts, nil } @@ -184,8 +181,6 @@ type Options struct { withOnConflict *OnConflict withRowsAffected *int64 - - withTable string } type oplogOpts struct { @@ -210,13 +205,6 @@ func getDefaultOptions() Options { } } -// WithTable provides an optional table name for the operation. -func WithTable(name string) Option { - return func(o *Options) { - o.withTable = name - } -} - // WithLookup enables a lookup. func WithLookup(enable bool) Option { return func(o *Options) { diff --git a/internal/db/option_test.go b/internal/db/option_test.go index 99feb9659e..e953b2644e 100644 --- a/internal/db/option_test.go +++ b/internal/db/option_test.go @@ -255,15 +255,4 @@ func Test_getOpts(t *testing.T) { testOpts.withRowsAffected = &rowsAffected assert.Equal(opts, testOpts) }) - t.Run("WithTable", func(t *testing.T) { - assert := assert.New(t) - // test default of "" - opts := GetOpts() - testOpts := getDefaultOptions() - assert.Equal(opts, testOpts) - - opts = GetOpts(WithTable("foo")) - testOpts.withTable = "foo" - assert.Equal(opts, testOpts) - }) } diff --git a/internal/db/read_writer.go b/internal/db/read_writer.go index 91d63e7b8c..29f3da7b5e 100644 --- a/internal/db/read_writer.go +++ b/internal/db/read_writer.go @@ -471,15 +471,14 @@ func (rw *Db) IsTx(_ context.Context) bool { } // LookupByPublicId will lookup resource by its public_id or private_id, which -// must be unique. WithTable and WithDebug are the only valid options, all other -// options are ignored. +// must be unique. WithDebug is the only valid option, all other options are ignored. func (rw *Db) LookupById(ctx context.Context, resourceWithIder any, opt ...Option) error { const op = "db.LookupById" if rw.underlying == nil { return errors.New(ctx, errors.InvalidParameter, op, "missing underlying db") } opts := GetOpts(opt...) - if err := dbw.New(rw.underlying.wrapped.Load()).LookupBy(ctx, resourceWithIder, dbw.WithDebug(opts.withDebug), dbw.WithTable(opts.withTable)); err != nil { + if err := dbw.New(rw.underlying.wrapped.Load()).LookupBy(ctx, resourceWithIder, dbw.WithDebug(opts.withDebug)); err != nil { var errOpts []errors.Option if errors.Is(err, dbw.ErrRecordNotFound) { // Not found is a common workflow in the application layer during lookup, suppress @@ -492,21 +491,20 @@ func (rw *Db) LookupById(ctx context.Context, resourceWithIder any, opt ...Optio } // LookupByPublicId will lookup resource by its public_id, which must be unique. -// WithTable and WithDebug are supported. +// WithDebug is supported. func (rw *Db) LookupByPublicId(ctx context.Context, resource ResourcePublicIder, opt ...Option) error { return rw.LookupById(ctx, resource, opt...) } // LookupWhere will lookup the first resource using a where clause with -// parameters (it only returns the first one). WithTable and WithDebug are -// supported. +// parameters (it only returns the first one). WithDebug is supported. func (rw *Db) LookupWhere(ctx context.Context, resource any, where string, args []any, opt ...Option) error { const op = "db.LookupWhere" if rw.underlying == nil { return errors.New(ctx, errors.InvalidParameter, op, "missing underlying db") } opts := GetOpts(opt...) - if err := dbw.New(rw.underlying.wrapped.Load()).LookupWhere(ctx, resource, where, args, dbw.WithDebug(opts.withDebug), dbw.WithTable(opts.withTable)); err != nil { + if err := dbw.New(rw.underlying.wrapped.Load()).LookupWhere(ctx, resource, where, args, dbw.WithDebug(opts.withDebug)); err != nil { var errOpts []errors.Option if errors.Is(err, dbw.ErrRecordNotFound) { // Not found is a common workflow in the application layer during lookup, suppress diff --git a/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql b/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql index cf7cb29de5..472762ca49 100644 --- a/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql +++ b/internal/db/schema/migrations/oss/postgres/7/03_job.up.sql @@ -20,7 +20,6 @@ begin; create trigger immutable_columns before update on job for each row execute procedure immutable_columns('plugin_id', 'name'); - -- updated in 93/01_job_run_clean.up.sql create table job_run_status_enm ( name text not null primary key constraint only_predefined_job_status_allowed @@ -29,7 +28,6 @@ begin; comment on table job_run_status_enm is 'job_run_status_enm is an enumeration table where each row contains a valid job run state.'; - -- updated in 93/01_job_run_clean.up.sql insert into job_run_status_enm (name) values ('running'), @@ -86,7 +84,6 @@ begin; create trigger immutable_columns before update on job_run for each row execute procedure immutable_columns('private_id', 'job_plugin_id', 'job_name', 'create_time'); - -- dropped in 93/02_drop_job_jobs_to_run.up.sql create view job_jobs_to_run as with running_jobs (job_plugin_id, job_name) as ( diff --git a/internal/db/schema/migrations/oss/postgres/92/04_add_column_to_job_run.up.sql b/internal/db/schema/migrations/oss/postgres/92/04_add_column_to_job_run.up.sql deleted file mode 100644 index 9a077cc025..0000000000 --- a/internal/db/schema/migrations/oss/postgres/92/04_add_column_to_job_run.up.sql +++ /dev/null @@ -1,11 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - -begin; - - alter table job_run - add column retries_count int not null default 0 - constraint retries_count_can_not_be_negative - check(retries_count >= 0); - -commit; diff --git a/internal/db/schema/migrations/oss/postgres/92/05_delete_terminated_session_job.up.sql b/internal/db/schema/migrations/oss/postgres/92/05_delete_terminated_session_job.up.sql deleted file mode 100644 index 9a07fd1622..0000000000 --- a/internal/db/schema/migrations/oss/postgres/92/05_delete_terminated_session_job.up.sql +++ /dev/null @@ -1,34 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - -begin; - - create table session_delete_terminated_job ( - batch_size int not null - constraint batch_size_must_be_greater_than_0 - check(batch_size > 0), - create_time wt_timestamp, - update_time wt_timestamp - ); - comment on table session_delete_terminated_job is - 'session_delete_terminated_job is a single row table that contains settings for the delete terminated sessions job.'; - - -- this index ensures that there will only ever be one row in the - -- table. see: - -- https://www.postgresql.org/docs/current/indexes-expressional.html - create unique index session_delete_terminated_job_one_row - on session_delete_terminated_job((batch_size is not null)); - - create trigger immutable_columns before update on session_delete_terminated_job - for each row execute procedure immutable_columns('create_time'); - - create trigger default_create_time_column before insert on session_delete_terminated_job - for each row execute procedure default_create_time(); - - create trigger update_time_column before update on session_delete_terminated_job - for each row execute procedure update_time_column(); - - insert into session_delete_terminated_job(batch_size) values(5000); - -commit; - diff --git a/internal/db/schema/migrations/oss/postgres/93/01_job_run_clean.up.sql b/internal/db/schema/migrations/oss/postgres/93/01_job_run_clean.up.sql deleted file mode 100644 index d09a197775..0000000000 --- a/internal/db/schema/migrations/oss/postgres/93/01_job_run_clean.up.sql +++ /dev/null @@ -1,37 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - --- Boundary's design on removing entries from job_run has changed from having a --- job that periodically cleans the table to a design where the scheduler --- handles this by itself if the job is successful. It is possible that some --- entries are left in the table with this change (eg: Boundary is stopped after --- some jobs run but before the cleaner job runs). --- --- These entries would forever be stored, so this migration cleans them to --- ensure no dangling rows are left behind. --- --- It also updates the valid statues enum to reflect the ones in use. - -begin; - delete from job_run where status = 'completed'; - - delete from job_run where job_name = 'job_run_cleaner'; - delete from job where name = 'job_run_cleaner'; - - comment on index job_run_status_ix is - 'the job_run_status_ix indexes the commonly-used status field'; - - comment on table job_run is - 'job_run is a table where each row represents an instance of a job run that is either actively running or has failed in some way.'; - - -- Since we don't set completed anymore, but rather remove the job_run entry, - -- remove 'completed' from the valid statuses. - -- updates 7/03_job.up.sql. - delete from job_run_status_enm where name = 'completed'; - - alter table job_run_status_enm - drop constraint only_predefined_job_status_allowed, - add constraint only_predefined_job_status_allowed - check(name in ('running', 'failed', 'interrupted')); - -commit; diff --git a/internal/db/schema/migrations/oss/postgres/93/02_drop_job_jobs_to_run.up.sql b/internal/db/schema/migrations/oss/postgres/93/02_drop_job_jobs_to_run.up.sql deleted file mode 100644 index a1be8736dc..0000000000 --- a/internal/db/schema/migrations/oss/postgres/93/02_drop_job_jobs_to_run.up.sql +++ /dev/null @@ -1,10 +0,0 @@ --- Copyright (c) HashiCorp, Inc. --- SPDX-License-Identifier: BUSL-1.1 - --- This migration removes support for the job_jobs_to_run view as it is not used --- anymore by the job repository. - -begin; - -- drops view from 7/03_job.up.sql - drop view job_jobs_to_run; -commit; \ No newline at end of file diff --git a/internal/event/eventer.go b/internal/event/eventer.go index ae33fe3514..11a0d5b6cb 100644 --- a/internal/event/eventer.go +++ b/internal/event/eventer.go @@ -794,18 +794,14 @@ func (e *Eventer) ReleaseGate() error { if qe == nil { continue // we may have already sent this but gotten errors later } - ctx, cancel := newSendCtx(qe.ctx) - if cancel != nil { - defer cancel() - } var queuedOp string switch t := qe.event.(type) { case *sysEvent: queuedOp = "system" - writeErr = e.writeSysEvent(ctx, t, WithNoGateLocking(true)) + writeErr = e.writeSysEvent(qe.ctx, t, WithNoGateLocking(true)) case *err: queuedOp = "error" - writeErr = e.writeError(ctx, t, WithNoGateLocking(true)) + writeErr = e.writeError(qe.ctx, t, WithNoGateLocking(true)) default: // Have no idea what this is and shouldn't have gotten in here to // begin with, so just continue, and log it diff --git a/internal/event/eventer_gate_test.go b/internal/event/eventer_gate_test.go index 450eac3458..2e821cdf4c 100644 --- a/internal/event/eventer_gate_test.go +++ b/internal/event/eventer_gate_test.go @@ -159,48 +159,3 @@ func TestEventer_Gating(t *testing.T) { }) } } - -func TestReleaseGate_NoError_CanceledContext(t *testing.T) { - require := require.New(t) - - buffer := new(bytes.Buffer) - eventerConfig := EventerConfig{ - AuditEnabled: true, - ObservationsEnabled: true, - SysEventsEnabled: true, - Sinks: []*SinkConfig{ - { - Name: "test-sink", - EventTypes: []Type{EveryType}, - Format: TextHclogSinkFormat, - Type: WriterSink, - WriterConfig: &WriterSinkTypeConfig{ - Writer: buffer, - }, - }, - }, - } - testLock := &sync.Mutex{} - testLogger := testLogger(t, testLock) - - eventer, err := NewEventer( - testLogger, - testLock, - "TestEventer_Gating", - eventerConfig, - WithGating(true), - ) - require.NoError(err) - - ctx, cancel := context.WithCancel(context.Background()) - t.Cleanup(cancel) - ctx, err = NewEventerContext(ctx, eventer) - require.NoError(err) - - WriteError(ctx, "error-1", fmt.Errorf("error-1")) - _ = WriteObservation(ctx, "observation-1", WithId("observation-1"), WithHeader("foo", "bar")) - - cancel() - - require.NoError(eventer.ReleaseGate()) -} diff --git a/internal/gen/controller.swagger.json b/internal/gen/controller.swagger.json index f4d8e62c9a..fc7d3fe827 100644 --- a/internal/gen/controller.swagger.json +++ b/internal/gen/controller.swagger.json @@ -3,7 +3,7 @@ "info": { "title": "Boundary controller HTTP API", "description": "Welcome to the Boundary controller HTTP API documentation. This page provides a reference guide for using the Boundary controller API, a JSON-based HTTP API. The API implements commonly seen HTTP API patterns for status codes, paths, and errors. See the [API overview](https://developer.hashicorp.com/boundary/docs/api-clients/api) for more information.\n\nBefore you read this page, it is useful to understand Boundary's [domain model](https://developer.hashicorp.com/boundary/docs/concepts/domain-model) and to be aware of the terminology used here. To get started, search for the service you want to interact with in the sidebar to the left. Each resource in Boundary, such as accounts and credential stores, has its own service. Each service contains all the API endpoints for the resource.\n## Status codes\n- `2XX`: Boundary returns a code between `200` and `299` on success. Generally this is `200`, but implementations should be prepared to accept any `2XX` status code as indicating success. If a call returns a `2XX` code that is not `200`, it follows well-understood semantics for those status codes.\n- `400`: Boundary returns `400` when a command cannot be completed due to invalid user input, except for a properly-formatted identifier that does not map to an existing resource, which returns a `404` as discussed below.\n- `401`: Boundary returns `401` if no authentication token is provided or if the provided token is invalid. A valid token that simply does not have permission for a resource returns a `403` instead. A token that is invalid or missing, but where the anonymous user (`u_anon`) is able to successfully perform the action, will not return a `401` but instead will return the result of the action.\n- `403`: Boundary returns `403` if a provided token was valid but does not have the grants required to perform the requested action.\n- `404`: Boundary returns `404` if a resource cannot be found. Note that this happens _prior_ to authentication/authorization checking in nearly all cases as the resource information (such as its scope, available actions, etc.) is a required part of that check. As a result, an action against a resource that does not exist returns a `404` instead of a `401` or `403`. While this could be considered an information leak, since IDs are randomly generated and this only discloses whether an ID is valid, it's tolerable as it allows for far simpler and more robust client implementation.\n- `405`: Boundary returns a `405` to indicate that the method (HTTP verb or custom action) is not implemented for the given resource.\n- `429`: Boundary returns a `429` if any of the API rate limit quotas have been exhausted for the resource and action. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n- `500`: Boundary returns `500` if an error occurred that is not (directly) tied to invalid user input. If a `500` is generated, information about the error is logged to Boundary's server log but is not generally provided to the client.\n- `503`: Boundary returns a `503` if it is unable to store a quota due to the API rate limit being exceeded. It includes the `Retry-After` header so that the client knows how long to wait before making a new request.\n## List pagination\nBoundary uses [API pagination](https://developer.hashicorp.com/boundary/docs/api-clients/api/pagination) to support searching and filtering large lists of results efficiently.", - "version": "0.19.0", + "version": "0.18.0", "contact": { "name": "HashiCorp Boundary", "url": "https://www.boundaryproject.io/" diff --git a/internal/host/plugin/host_address_test.go b/internal/host/plugin/host_address_test.go index 599a4c9397..b1afb5dda5 100644 --- a/internal/host/plugin/host_address_test.go +++ b/internal/host/plugin/host_address_test.go @@ -211,7 +211,7 @@ func TestHostIpAddress_Create(t *testing.T) { wantDbErr: true, }, { - name: "valid-ipv4", + name: "valid", args: args{ hostId: host1.GetPublicId(), address: "1.2.3.4", @@ -223,64 +223,6 @@ func TestHostIpAddress_Create(t *testing.T) { }, }, }, - { - name: "valid-ipv6", - args: args{ - hostId: host1.GetPublicId(), - address: "2001:4860:4860:0:0:0:0:8888", - }, - want: &host.IpAddress{ - IpAddress: &store.IpAddress{ - HostId: host1.GetPublicId(), - Address: "2001:4860:4860:0:0:0:0:8888", - }, - }, - }, - { - name: "valid-abbreviated-ipv6", - args: args{ - hostId: host1.GetPublicId(), - address: "2001:4860:4860::8887", - }, - want: &host.IpAddress{ - IpAddress: &store.IpAddress{ - HostId: host1.GetPublicId(), - Address: "2001:4860:4860::8887", - }, - }, - }, - { - name: "invalid-abbreviated-[ipv6]", - args: args{ - hostId: host1.GetPublicId(), - address: "[2001:4860:4860::8886]", - }, - wantNewErr: true, - }, - { - name: "invalid-[ipv6]", - args: args{ - hostId: host1.GetPublicId(), - address: "[2001:4860:4860:0:0:0:0:8885]", - }, - wantNewErr: true, - }, - { - name: "invalid-abbreviated-[ipv6]:port", - args: args{ - hostId: host1.GetPublicId(), - address: "[2001:4860:4860::8884]:80", - }, - wantNewErr: true, - }, - { - name: "invalid-[ipv6]:port", - args: args{ - hostId: host1.GetPublicId(), - address: "[2001:4860:4860:0:0:0:0:8883]:80", - }, - wantNewErr: true, - }, { name: "duplicate-name", args: args{ diff --git a/internal/host/plugin/job_orphaned_host_cleanup.go b/internal/host/plugin/job_orphaned_host_cleanup.go index d5cf543ff2..1206d286e2 100644 --- a/internal/host/plugin/job_orphaned_host_cleanup.go +++ b/internal/host/plugin/job_orphaned_host_cleanup.go @@ -66,7 +66,7 @@ func (r *OrphanedHostCleanupJob) Status() scheduler.JobStatus { // deletes those hosts. Can not be run in parallel, if // Run is invoked while already running an error with code JobAlreadyRunning // will be returned. -func (r *OrphanedHostCleanupJob) Run(ctx context.Context, _ time.Duration) error { +func (r *OrphanedHostCleanupJob) Run(ctx context.Context) error { const op = "plugin.(OrphanedHostCleanupJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") diff --git a/internal/host/plugin/job_orphaned_host_cleanup_test.go b/internal/host/plugin/job_orphaned_host_cleanup_test.go index da17ae1f57..cc22c4afef 100644 --- a/internal/host/plugin/job_orphaned_host_cleanup_test.go +++ b/internal/host/plugin/job_orphaned_host_cleanup_test.go @@ -118,7 +118,7 @@ func TestOrphanedHostCleanupJob_Run(t *testing.T) { err = sche.RegisterJob(context.Background(), r) require.NoError(err) - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // No sets should have been synced. assert.Equal(0, r.numProcessed) @@ -134,7 +134,7 @@ func TestOrphanedHostCleanupJob_Run(t *testing.T) { TestHost(t, conn, cat.GetPublicId(), "host2") // Run sync again with the newly created set - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // The single existing set should have been processed assert.Equal(1, r.numHosts) @@ -148,14 +148,14 @@ func TestOrphanedHostCleanupJob_Run(t *testing.T) { TestHost(t, conn, cat.GetPublicId(), "5") // Run sync again with the freshly synced set - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // The single existing set should have been processed assert.Equal(5, r.numHosts) assert.Equal(5, r.numProcessed) // Run sync again with the freshly synced set - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // The single existing set should have been processed assert.Equal(0, r.numHosts) diff --git a/internal/host/plugin/job_set_sync.go b/internal/host/plugin/job_set_sync.go index 29a0662366..b3f537a9ba 100644 --- a/internal/host/plugin/job_set_sync.go +++ b/internal/host/plugin/job_set_sync.go @@ -85,7 +85,7 @@ func (r *SetSyncJob) Status() scheduler.JobStatus { // creates a plugin client and syncs each set. Can not be run in parallel, if // Run is invoked while already running an error with code JobAlreadyRunning // will be returned. -func (r *SetSyncJob) Run(ctx context.Context, _ time.Duration) error { +func (r *SetSyncJob) Run(ctx context.Context) error { const op = "plugin.(SetSyncJob).Run" if !r.running.CompareAndSwap(r.running.Load(), true) { return errors.New(ctx, errors.JobAlreadyRunning, op, "job already running") diff --git a/internal/host/plugin/job_set_sync_test.go b/internal/host/plugin/job_set_sync_test.go index 870cd3790a..e838d8b21f 100644 --- a/internal/host/plugin/job_set_sync_test.go +++ b/internal/host/plugin/job_set_sync_test.go @@ -156,7 +156,7 @@ func TestSetSyncJob_Run(t *testing.T) { err = sche.RegisterJob(context.Background(), r) require.NoError(err) - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // No sets should have been synced. assert.Equal(0, r.numProcessed) @@ -175,7 +175,7 @@ func TestSetSyncJob_Run(t *testing.T) { TestSetMembers(t, conn, setToRemoveHosts.GetPublicId(), []*Host{hostToRemove}) // Run sync again with the newly created set - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) hsa := &hostSetAgg{PublicId: setToRemoveHosts.GetPublicId()} @@ -217,7 +217,7 @@ func TestSetSyncJob_Run(t *testing.T) { assert.Less(hsa.LastSyncTime.AsTime().UnixNano(), hsa.CreateTime.AsTime().UnixNano()) // Run sync again with the newly created set - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // The single existing set should have been processed assert.Equal(1, r.numSets) @@ -243,7 +243,7 @@ func TestSetSyncJob_Run(t *testing.T) { firstSyncTime := hsa.LastSyncTime // Run sync again with the freshly synced set - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) assert.Equal(0, r.numSets) assert.Equal(0, r.numProcessed) @@ -258,7 +258,7 @@ func TestSetSyncJob_Run(t *testing.T) { assert.True(hs.NeedSync) // Run sync again with the set needing update - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // The single existing set should have been processed assert.Equal(1, r.numSets) @@ -273,7 +273,7 @@ func TestSetSyncJob_Run(t *testing.T) { // Run sync with a new second set _ = TestSet(t, conn, kmsCache, sched, cat, plgm) - require.NoError(r.Run(context.Background(), 0)) + require.NoError(r.Run(context.Background())) assert.Equal(1, r.numSets) assert.Equal(1, r.numProcessed) @@ -398,7 +398,7 @@ func TestSetSyncJob_Run(t *testing.T) { assert.Equal(1, count) // Run job - err = r.Run(context.Background(), 0) + err = r.Run(context.Background()) require.NoError(err) // Validate results diff --git a/internal/host/plugin/repository_host_catalog_test.go b/internal/host/plugin/repository_host_catalog_test.go index 0a29f9adcd..77e50e4c25 100644 --- a/internal/host/plugin/repository_host_catalog_test.go +++ b/internal/host/plugin/repository_host_catalog_test.go @@ -1547,7 +1547,7 @@ func (j *testSyncJob) Status() scheduler.JobStatus { } } -func (j *testSyncJob) Run(_ context.Context, _ time.Duration) error { return nil } +func (j *testSyncJob) Run(_ context.Context) error { return nil } func (j *testSyncJob) NextRunIn(_ context.Context) (time.Duration, error) { return setSyncJobRunInterval, nil } diff --git a/internal/host/plugin/testing.go b/internal/host/plugin/testing.go index 8a62f1e2f0..d4f1b41b87 100644 --- a/internal/host/plugin/testing.go +++ b/internal/host/plugin/testing.go @@ -209,7 +209,7 @@ func TestRunSetSync(t testing.TB, conn *db.DB, kmsCache *kms.Kms, plgm map[strin j, err := newSetSyncJob(ctx, rw, rw, kmsCache, plgm) require.NoError(t, err) - require.NoError(t, j.Run(ctx, 0)) + require.NoError(t, j.Run(ctx)) } func testGetDnsName(t testing.TB) string { diff --git a/internal/host/static/host.go b/internal/host/static/host.go index ece1cf832b..1fe420c3a3 100644 --- a/internal/host/static/host.go +++ b/internal/host/static/host.go @@ -32,9 +32,8 @@ type Host struct { // Name and description are the only valid options. All other options are // ignored. func NewHost(ctx context.Context, catalogId string, opt ...Option) (*Host, error) { - const op = "static.NewHost" if catalogId == "" { - return nil, errors.New(ctx, errors.InvalidParameter, op, "no catalog id") + return nil, errors.New(ctx, errors.InvalidParameter, "static.NewHost", "no catalog id") } opts := getOpts(opt...) diff --git a/internal/host/static/host_test.go b/internal/host/static/host_test.go index db05ddcfc3..f26239c7da 100644 --- a/internal/host/static/host_test.go +++ b/internal/host/static/host_test.go @@ -131,30 +131,30 @@ func TestHost_New(t *testing.T) { for _, tt := range tests { tt := tt t.Run(tt.name, func(t *testing.T) { - require, assert := require.New(t), assert.New(t) + assert := assert.New(t) got, err := NewHost(ctx, tt.args.catalogId, tt.args.opts...) if tt.wantCreateErr { - require.Error(err) + assert.Error(err) assert.Nil(got) - return - } - require.NoError(err) - require.NotNil(got) - assert.Emptyf(got.PublicId, "PublicId set") - assert.Equal(tt.want, got) + } else { + assert.NoError(err) + if assert.NotNil(got) { + assert.Emptyf(got.PublicId, "PublicId set") + assert.Equal(tt.want, got) + + id, err := newHostId(ctx) + assert.NoError(err) - id, err := newHostId(ctx) - require.NoError(err) - tt.want.PublicId = id - got.PublicId = id + tt.want.PublicId = id + got.PublicId = id - w := db.New(conn) - dbWriteErr := w.Create(ctx, got) - if tt.wantWriteErr { - require.Error(dbWriteErr) - return + w := db.New(conn) + err2 := w.Create(ctx, got) + if tt.wantWriteErr { + assert.Error(err2) + } + } } - require.NoError(dbWriteErr) }) } } diff --git a/internal/host/static/repository_host.go b/internal/host/static/repository_host.go index acf4e970c5..b4246fdf7f 100644 --- a/internal/host/static/repository_host.go +++ b/internal/host/static/repository_host.go @@ -15,7 +15,6 @@ import ( "github.com/hashicorp/boundary/internal/errors" "github.com/hashicorp/boundary/internal/kms" "github.com/hashicorp/boundary/internal/oplog" - "github.com/hashicorp/boundary/internal/util" "github.com/hashicorp/go-dbw" ) @@ -45,10 +44,9 @@ func (r *Repository) CreateHost(ctx context.Context, projectId string, h *Host, if projectId == "" { return nil, errors.New(ctx, errors.InvalidParameter, op, "no project id") } - var err error - h.Address, err = util.ParseAddress(ctx, h.Address) - if err != nil { - return nil, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address")) + h.Address = strings.TrimSpace(h.Address) + if len(h.Address) < MinHostAddressLength || len(h.Address) > MaxHostAddressLength { + return nil, errors.New(ctx, errors.InvalidAddress, op, "invalid address") } h = h.clone() @@ -140,10 +138,9 @@ func (r *Repository) UpdateHost(ctx context.Context, projectId string, h *Host, case strings.EqualFold("Name", f): case strings.EqualFold("Description", f): case strings.EqualFold("Address", f): - var err error - h.Address, err = util.ParseAddress(ctx, h.Address) - if err != nil { - return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address")) + h.Address = strings.TrimSpace(h.Address) + if len(h.Address) < MinHostAddressLength || len(h.Address) > MaxHostAddressLength { + return nil, db.NoRowsAffected, errors.New(ctx, errors.InvalidAddress, op, "invalid address") } default: return nil, db.NoRowsAffected, errors.New(ctx, errors.InvalidFieldMask, op, fmt.Sprintf("invalid field mask: %s", f)) diff --git a/internal/host/static/repository_host_test.go b/internal/host/static/repository_host_test.go index cbec7485d1..88056ba1c2 100644 --- a/internal/host/static/repository_host_test.go +++ b/internal/host/static/repository_host_test.go @@ -69,21 +69,6 @@ func TestRepository_CreateHost(t *testing.T) { }, wantIsErr: errors.InvalidParameter, }, - { - name: "valid-dns-name", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "www.google.com", - }, - }, - want: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "www.google.com", - }, - }, - }, { name: "valid-ipv4-address", in: &Host{ @@ -99,16 +84,6 @@ func TestRepository_CreateHost(t *testing.T) { }, }, }, - { - name: "invalid-ipv4-address-with-port", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "127.0.0.1:80", - }, - }, - wantIsErr: errors.InvalidAddress, - }, { name: "valid-abbreviated-ipv6-address", in: &Host{ @@ -124,16 +99,6 @@ func TestRepository_CreateHost(t *testing.T) { }, }, }, - { - name: "invalid-abbreviated-ipv6-address-with-port", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "[2001:4860:4860::8888]:80", - }, - }, - wantIsErr: errors.InvalidAddress, - }, { name: "valid-ipv6-address", in: &Host{ @@ -149,46 +114,6 @@ func TestRepository_CreateHost(t *testing.T) { }, }, }, - { - name: "invalid-ipv6-address-with-port", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "[2001:4860:4860:0:0:0:0:8888]:80", - }, - }, - wantIsErr: errors.InvalidAddress, - }, - { - name: "valid-abbreviated-[ipv6]-address", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "[2001:4860:4860::8888]", - }, - }, - want: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "[2001:4860:4860::8888]", - }, - }, - }, - { - name: "valid-[ipv6]-address", - in: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "[2001:4860:4860:0:0:0:0:8888]", - }, - }, - want: &Host{ - Host: &store.Host{ - CatalogId: catalog.PublicId, - Address: "[2001:4860:4860:0:0:0:0:8888]", - }, - }, - }, { name: "valid-with-name", in: &Host{ @@ -649,22 +574,6 @@ func TestRepository_UpdateHost(t *testing.T) { }, wantCount: 1, }, - { - name: "change-dns-name", - orig: &Host{ - Host: &store.Host{ - Address: "www.google.com", - }, - }, - chgFn: changeAddress("www.hashicorp.com"), - masks: []string{"Address"}, - want: &Host{ - Host: &store.Host{ - Address: "www.hashicorp.com", - }, - }, - wantCount: 1, - }, { name: "change-ipv4-address", orig: &Host{ @@ -681,39 +590,6 @@ func TestRepository_UpdateHost(t *testing.T) { }, wantCount: 1, }, - { - name: "change-invalid-ipv4-address", - orig: &Host{ - Host: &store.Host{ - Address: "127.0.0.1", - }, - }, - chgFn: changeAddress("10.0.0.1:80"), - masks: []string{"Address"}, - wantIsErr: errors.InvalidAddress, - }, - { - name: "change-invalid-abbreviated-ipv6-address", - orig: &Host{ - Host: &store.Host{ - Address: "127.0.0.1", - }, - }, - chgFn: changeAddress("[2001:4860:4860::8888]:80"), - masks: []string{"Address"}, - wantIsErr: errors.InvalidAddress, - }, - { - name: "change-invalid-ipv6-address", - orig: &Host{ - Host: &store.Host{ - Address: "127.0.0.1", - }, - }, - chgFn: changeAddress("[2001:4860:4860:0:0:0:0:8888]:80"), - masks: []string{"Address"}, - wantIsErr: errors.InvalidAddress, - }, { name: "change-abbreviated-ipv6-address", orig: &Host{ @@ -746,38 +622,6 @@ func TestRepository_UpdateHost(t *testing.T) { }, wantCount: 1, }, - { - name: "change-abbreviated-[ipv6]-address", - orig: &Host{ - Host: &store.Host{ - Address: "127.0.0.1", - }, - }, - chgFn: changeAddress("[2001:4860:4860::8888]"), - masks: []string{"Address"}, - want: &Host{ - Host: &store.Host{ - Address: "[2001:4860:4860::8888]", - }, - }, - wantCount: 1, - }, - { - name: "change-[ipv6]-address", - orig: &Host{ - Host: &store.Host{ - Address: "127.0.0.1", - }, - }, - chgFn: changeAddress("[2001:4860:4860:0:0:0:0:8888]"), - masks: []string{"Address"}, - want: &Host{ - Host: &store.Host{ - Address: "[2001:4860:4860:0:0:0:0:8888]", - }, - }, - wantCount: 1, - }, { name: "change-short-address", orig: &Host{ diff --git a/internal/host/static/testing.go b/internal/host/static/testing.go index a3dc7b1d58..0e34bb7603 100644 --- a/internal/host/static/testing.go +++ b/internal/host/static/testing.go @@ -37,30 +37,6 @@ func TestCatalogs(t testing.TB, conn *db.DB, projectId string, count int) []*Hos return cats } -// TestHost creates a static host to the provided DB with the provided catalog id. -// The catalog must have been created previously. If any errors are encountered -// during the creation of the host, the test will fail. -func TestHost(t testing.TB, conn *db.DB, catalogId string, opt ...Option) *Host { - t.Helper() - ctx := context.Background() - assert := assert.New(t) - - host, err := NewHost(ctx, catalogId, opt...) - assert.NoError(err) - assert.NotNil(host) - - id, err := newHostId(ctx) - assert.NoError(err) - assert.NotEmpty(id) - host.PublicId = id - - w := db.New(conn) - err2 := w.Create(ctx, host) - assert.NoError(err2) - - return host -} - // TestHosts creates count number of static hosts to the provided DB // with the provided catalog id. The catalog must have been created previously. // If any errors are encountered during the creation of the host, the test will fail. diff --git a/internal/iam/repository_principal_role_test.go b/internal/iam/repository_principal_role_test.go index f2c24563a0..cd0f0e2cf5 100644 --- a/internal/iam/repository_principal_role_test.go +++ b/internal/iam/repository_principal_role_test.go @@ -141,12 +141,20 @@ func TestRepository_AddPrincipalRoles(t *testing.T) { if tt.args.wantUserIds { userIds = createUsersFn(orgs) u := TestUser(t, repo, staticOrg.PublicId) - userIds = append(userIds, u.PublicId) + if roleId == orgRole.PublicId { + userIds = append(userIds, u.PublicId) + } else { + userIds = append(userIds, u.PublicId) + } } if tt.args.wantGroupIds { groupIds = createGrpsFn(orgs, projects) g := TestGroup(t, conn, staticProj.PublicId) - groupIds = append(groupIds, g.PublicId) + if roleId == projRole.PublicId { + groupIds = append(groupIds, g.PublicId) + } else { + groupIds = append(groupIds, g.PublicId) + } } if len(tt.args.specificUserIds) > 0 { userIds = tt.args.specificUserIds diff --git a/internal/kms/job/data_key_version_destruction_monitor_job.go b/internal/kms/job/data_key_version_destruction_monitor_job.go index b09d6cae5a..91be9ade80 100644 --- a/internal/kms/job/data_key_version_destruction_monitor_job.go +++ b/internal/kms/job/data_key_version_destruction_monitor_job.go @@ -35,7 +35,7 @@ func (r dataKeyVersionDestructionMonitorJob) Status() scheduler.JobStatus { // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (r *dataKeyVersionDestructionMonitorJob) Run(ctx context.Context, _ time.Duration) error { +func (r *dataKeyVersionDestructionMonitorJob) Run(ctx context.Context) error { const op = "kmsjob.(dataKeyVersionDestructionMonitorJob).Run" if err := r.kmsRepo.MonitorDataKeyVersionDestruction(ctx); err != nil { diff --git a/internal/kms/job/table_rewrapping_job.go b/internal/kms/job/table_rewrapping_job.go index 96962d499c..116bd167c6 100644 --- a/internal/kms/job/table_rewrapping_job.go +++ b/internal/kms/job/table_rewrapping_job.go @@ -41,7 +41,7 @@ func (r tableRewrappingJob) Status() scheduler.JobStatus { // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (r *tableRewrappingJob) Run(ctx context.Context, _ time.Duration) error { +func (r *tableRewrappingJob) Run(ctx context.Context) error { const op = "kmsjob.(tableRewrappingJob).Run" if err := r.kmsRepo.MonitorTableRewrappingRuns(ctx, r.tableName); err != nil { diff --git a/internal/pagination/purge/purge_job.go b/internal/pagination/purge/purge_job.go index 3f91f41ccb..89e3e7e328 100644 --- a/internal/pagination/purge/purge_job.go +++ b/internal/pagination/purge/purge_job.go @@ -43,7 +43,7 @@ func (c *purgeJob) Status() scheduler.JobStatus { // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (c *purgeJob) Run(ctx context.Context, _ time.Duration) error { +func (c *purgeJob) Run(ctx context.Context) error { const op = "purge.(purgeJob).Run" _, err := c.w.Exec(ctx, c.query, nil) if err != nil { diff --git a/internal/pagination/purge/purge_test.go b/internal/pagination/purge/purge_test.go index 4ba7ade8cd..6ef25ba4fb 100644 --- a/internal/pagination/purge/purge_test.go +++ b/internal/pagination/purge/purge_test.go @@ -54,7 +54,7 @@ func TestPurgeTables(t *testing.T) { query: query, } - err = sJob.Run(ctx, 0) + err = sJob.Run(ctx) require.NoError(t, err) var count int diff --git a/internal/perms/grants.go b/internal/perms/grants.go index d8662a1f7a..97d5bc8948 100644 --- a/internal/perms/grants.go +++ b/internal/perms/grants.go @@ -53,10 +53,9 @@ type GrantTuple struct { type GrantTuples []GrantTuple // GrantsHash returns a stable hash of all the grants in the GrantTuples. -// -// In the event that GrantTuples is nil, return a slice of empty bytes: []byte{0,0,0,0,0,0,0,0} func (g GrantTuples) GrantHash(ctx context.Context) ([]byte, error) { const op = "perms.(GrantTuples).GrantHash" + // TODO: Should this return an error when the GrantTuples is empty? var values []string for _, grant := range g { values = append(values, grant.Grant, grant.RoleId, grant.GrantScopeId) @@ -208,7 +207,9 @@ func (g Grant) clone() *Grant { } if outFields, hasSetFields := g.OutputFields.Fields(); hasSetFields { fieldsToAdd := make([]string, 0, len(outFields)) - fieldsToAdd = append(fieldsToAdd, outFields...) + for _, v := range outFields { + fieldsToAdd = append(fieldsToAdd, v) + } ret.OutputFields = ret.OutputFields.AddFields(fieldsToAdd) } return ret diff --git a/internal/perms/grants_test.go b/internal/perms/grants_test.go index c0ac735acd..f2bcd68804 100644 --- a/internal/perms/grants_test.go +++ b/internal/perms/grants_test.go @@ -1083,18 +1083,6 @@ func TestHasActionOrSubaction(t *testing.T) { } } -func Test_HasNoGrants(t *testing.T) { - t.Parallel() - - ctx := context.Background() - - var gt GrantTuples - - hash, err := gt.GrantHash(ctx) - require.NoError(t, err) - assert.Equal(t, []byte{0, 0, 0, 0, 0, 0, 0, 0}, hash) -} - func FuzzParse(f *testing.F) { ctx := context.Background() tc := []string{ diff --git a/internal/proto/controller/storage/job/store/v1/job.proto b/internal/proto/controller/storage/job/store/v1/job.proto index e362b79ff5..f3380740d8 100644 --- a/internal/proto/controller/storage/job/store/v1/job.proto +++ b/internal/proto/controller/storage/job/store/v1/job.proto @@ -67,12 +67,7 @@ message JobRun { // @inject_tag: `gorm:"default:0"` uint32 total_count = 9; - // retries_count is set during an update to indicate the number of times - // a job has retried work. - // @inject_tag: `gorm:"default:0"` - uint32 retries_count = 12; - - // status of the job run (running, failed or interrupted). + // status of the job run (running, completed, failed or interrupted). // @inject_tag: `gorm:"not_null"` string status = 10; diff --git a/internal/recording/delete_session_recording_job.go b/internal/recording/delete_session_recording_job.go index d5b3271dc0..f77670d022 100644 --- a/internal/recording/delete_session_recording_job.go +++ b/internal/recording/delete_session_recording_job.go @@ -33,7 +33,7 @@ func (dsr *deleteSessionRecordingJob) Status() scheduler.JobStatus { return sche // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (dsr *deleteSessionRecordingJob) Run(_ context.Context, _ time.Duration) error { return nil } +func (dsr *deleteSessionRecordingJob) Run(_ context.Context) error { return nil } // NextRunIn returns the duration until the next job run should be scheduled. // Delete Session Recording will run every hour unless we know there are more to delete, diff --git a/internal/scheduler/additional_verification_test.go b/internal/scheduler/additional_verification_test.go index 2d1bf498f8..a62b919b05 100644 --- a/internal/scheduler/additional_verification_test.go +++ b/internal/scheduler/additional_verification_test.go @@ -35,12 +35,12 @@ func TestSchedulerWorkflow(t *testing.T) { }) err := event.InitSysEventer(testLogger, testLock, "TestSchedulerWorkflow", event.WithEventerConfig(testConfig)) require.NoError(err) - sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second)) + sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second)) job1Ch := make(chan error) job1Ready := make(chan struct{}) testDone := make(chan struct{}) - fn1 := func(_ context.Context, _ time.Duration) error { + fn1 := func(_ context.Context) error { select { case <-testDone: return nil @@ -54,7 +54,7 @@ func TestSchedulerWorkflow(t *testing.T) { job2Ch := make(chan error) job2Ready := make(chan struct{}) - fn2 := func(_ context.Context, _ time.Duration) error { + fn2 := func(_ context.Context) error { select { case <-testDone: return nil @@ -118,7 +118,7 @@ func TestSchedulerCancelCtx(t *testing.T) { err := event.InitSysEventer(testLogger, testLock, "TestSchedulerCancelCtx", event.WithEventerConfig(testConfig)) require.NoError(err) - sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second)) + sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second)) fn, jobReady, jobDone := testJobFn() tj := testJob{name: "name", description: "desc", fn: fn, nextRunIn: time.Hour} @@ -168,7 +168,7 @@ func TestSchedulerInterruptedCancelCtx(t *testing.T) { err := event.InitSysEventer(testLogger, testLock, "TestSchedulerInterruptedCancelCtx", event.WithEventerConfig(testConfig)) require.NoError(err) - sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second)) + sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second)) fn, job1Ready, job1Done := testJobFn() tj1 := testJob{name: "name1", description: "desc", fn: fn, nextRunIn: time.Hour} @@ -270,11 +270,11 @@ func TestSchedulerJobProgress(t *testing.T) { err := event.InitSysEventer(testLogger, testLock, "TestSchedulerJobProgress", event.WithEventerConfig(testConfig)) require.NoError(err) - sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second)) + sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second)) jobReady := make(chan struct{}) done := make(chan struct{}) - fn := func(ctx context.Context, _ time.Duration) error { + fn := func(ctx context.Context) error { select { case <-done: return nil @@ -317,7 +317,7 @@ func TestSchedulerJobProgress(t *testing.T) { <-statusRequest // Send progress to monitor loop to persist - jobStatus <- JobStatus{Total: 10, Completed: 0, Retries: 1} + jobStatus <- JobStatus{Total: 10, Completed: 0} // Wait for scheduler to query for job status before verifying previous results <-statusRequest @@ -329,7 +329,6 @@ func TestSchedulerJobProgress(t *testing.T) { assert.Equal(string(job.Running), run.Status) assert.Equal(uint32(10), run.TotalCount) assert.Equal(uint32(0), run.CompletedCount) - assert.Equal(uint32(1), run.RetriesCount) // Send progress to monitor loop to persist jobStatus <- JobStatus{Total: 20, Completed: 10} @@ -380,12 +379,12 @@ func TestSchedulerMonitorLoop(t *testing.T) { err := event.InitSysEventer(testLogger, testLock, "TestSchedulerMonitorLoop", event.WithEventerConfig(testConfig)) require.NoError(err) - sched := TestScheduler(t, conn, wrapper, WithInterruptThreshold(time.Second), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second)) + sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithInterruptThreshold(time.Second), WithRunJobsInterval(time.Second), WithMonitorInterval(time.Second)) jobReady := make(chan struct{}) jobDone := make(chan struct{}) testDone := make(chan struct{}) - fn := func(ctx context.Context, _ time.Duration) error { + fn := func(ctx context.Context) error { select { case <-testDone: return nil @@ -446,12 +445,12 @@ func TestSchedulerFinalStatusUpdate(t *testing.T) { err := event.InitSysEventer(testLogger, testLock, "TestSchedulerFinalStatusUpdate", event.WithEventerConfig(testConfig)) require.NoError(err) - sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Second)) + sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Second)) jobReady := make(chan struct{}) jobErr := make(chan error) testDone := make(chan struct{}) - fn := func(_ context.Context, _ time.Duration) error { + fn := func(_ context.Context) error { select { case <-testDone: return nil @@ -489,7 +488,7 @@ func TestSchedulerFinalStatusUpdate(t *testing.T) { repo, err := job.NewRepository(ctx, rw, rw, kmsCache) require.NoError(err) - run := waitForRunStatus(t, repo, runId, job.Failed) + run := waitForRunStatus(t, repo, runId, string(job.Failed)) assert.Equal(uint32(10), run.TotalCount) assert.Equal(uint32(10), run.CompletedCount) @@ -502,9 +501,17 @@ func TestSchedulerFinalStatusUpdate(t *testing.T) { runId = runJob.(*runningJob).runId // Complete job without error so CompleteRun is called - completeFn := waitForRunComplete(t, sched, repo, runId, tj.name) jobErr <- nil - completeFn() + + // Report status + jobStatus <- JobStatus{Total: 20, Completed: 20} + + repo, err = job.NewRepository(ctx, rw, rw, kmsCache) + require.NoError(err) + + run = waitForRunStatus(t, repo, runId, string(job.Completed)) + assert.Equal(uint32(20), run.TotalCount) + assert.Equal(uint32(20), run.CompletedCount) baseCnl() close(testDone) @@ -530,12 +537,12 @@ func TestSchedulerRunNow(t *testing.T) { require.NoError(err) // Create test scheduler that only runs jobs every hour - sched := TestScheduler(t, conn, wrapper, WithRunJobsInterval(time.Hour)) + sched := TestScheduler(t, conn, wrapper, WithRunJobsLimit(10), WithRunJobsInterval(time.Hour)) jobCh := make(chan struct{}) jobReady := make(chan struct{}) testDone := make(chan struct{}) - fn := func(_ context.Context, _ time.Duration) error { + fn := func(_ context.Context) error { select { case <-testDone: return nil @@ -562,13 +569,12 @@ func TestSchedulerRunNow(t *testing.T) { require.True(ok) runId := runJob.(*runningJob).runId - repo, err := job.NewRepository(ctx, rw, rw, kmsCache) - require.NoError(err) - // Complete job - completeFn := waitForRunComplete(t, sched, repo, runId, tj.name) jobCh <- struct{}{} - completeFn() + + repo, err := job.NewRepository(ctx, rw, rw, kmsCache) + require.NoError(err) + waitForRunStatus(t, repo, runId, string(job.Completed)) // Update job to run immediately once scheduling loop is called err = sched.UpdateJobNextRunInAtLeast(context.Background(), tj.name, 0) @@ -593,9 +599,9 @@ func TestSchedulerRunNow(t *testing.T) { runId = runJob.(*runningJob).runId // Complete job - completeFn = waitForRunComplete(t, sched, repo, runId, tj.name) jobCh <- struct{}{} - completeFn() + + waitForRunStatus(t, repo, runId, string(job.Completed)) // Update job to run again with RunNow option err = sched.UpdateJobNextRunInAtLeast(context.Background(), tj.name, 0, WithRunNow(true)) @@ -613,34 +619,7 @@ func TestSchedulerRunNow(t *testing.T) { close(jobCh) } -func waitForRunComplete(t *testing.T, sched *Scheduler, repo *job.Repository, runId, jobName string) func() { - r, err := repo.LookupRun(context.Background(), runId) - require.NoError(t, err) - require.EqualValues(t, job.Running, r.Status) - - return func() { - timeout := time.NewTimer(5 * time.Second) - for { - select { - case <-timeout.C: - t.Fatal(fmt.Errorf("timed out waiting for job run %q to be completed", runId)) - case <-time.After(100 * time.Millisecond): - } - - // A run is complete when we don't find it in the scheduler's - // running jobs list and also not in the job_run table. - _, ok := sched.runningJobs.Load(jobName) - if !ok { - r, err = repo.LookupRun(context.Background(), runId) - require.Nil(t, r) - require.Nil(t, err) - break - } - } - } -} - -func waitForRunStatus(t *testing.T, repo *job.Repository, runId string, status job.Status) *job.Run { +func waitForRunStatus(t *testing.T, repo *job.Repository, runId, status string) *job.Run { t.Helper() var run *job.Run @@ -656,7 +635,7 @@ func waitForRunStatus(t *testing.T, repo *job.Repository, runId string, status j var err error run, err = repo.LookupRun(context.Background(), runId) require.NoError(t, err) - if run.Status == string(status) { + if run.Status == status { break } } diff --git a/internal/scheduler/batch/batch.go b/internal/scheduler/batch/batch.go deleted file mode 100644 index 71d0ef128a..0000000000 --- a/internal/scheduler/batch/batch.go +++ /dev/null @@ -1,400 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -/* -Package batch implements a batch processor for jobs that update or delete -multiple rows in the database using a single SQL UPDATE or DELETE -statement. - -It defines a type, [Batch], which is used by a job to execute a SQL -statement in batches. SQL commands are executed in batches by providing an -[Exec] function that executes a SQL statement, which must contain a -parameterized LIMIT clause, and returns the number of rows affected by the -query or an error if the query failed. Batch adjusts the batch size in an -effort to get the query execution time close to the [Config.Target] -duration. When the batch size is adjusted, [Store] is called. Jobs using -the batch processor should persist this value and use it as the starting -batch size in subsequent calls to Batch. - -See session.deleteTerminatedJob for an example of how to use the batch -processor. - -# SQL - -The SQL LIMIT clause can only be used in query statements. It cannot be -used directly in a DELETE or UPDATE statement. Instead, a subquery or CTE -must be used to limit the number of rows affected by the query. - -Here is an example SQL DELETE statement that uses a subquery with a LIMIT -clause: - - delete - from alias_target_deleted - where public_id in ( - select public_id - from alias_target_deleted - where delete_time < @delete_time - limit @batch_size - ); -*/ -package batch - -import ( - "context" - "math/rand/v2" - "sync" - "time" - - "github.com/hashicorp/boundary/internal/errors" - "github.com/hashicorp/boundary/internal/scheduler" -) - -const ( - DefaultStatusThreshold = 5 * time.Minute - DefaultTarget = 1 * time.Second -) - -const ( - DefaultSize = 5000 - DefaultMin = 10 - DefaultMax = 10000 -) - -// Exec is the function type used for executing the batch query. An Exec -// function must return the number of rows affected by the query or an -// error if the query failed. -type Exec func(ctx context.Context, batchSize int) (rowCount int, err error) - -// Store is the function type used for storing the batch size in the -// database. A Store function must return an error if the store failed. -type Store func(ctx context.Context, batchSize int) error - -// Config is a structure used to configure a [Batch]. -type Config struct { - // Size is the initial batch size. - // - // If Size is less than 1, the initial batch size will be set to - // DefaultSize. - // - // If Size is less than Min, the initial batch size will be set to Min. - // - // If Size is greater than Max, the initial batch size will be set to - // Max. - Size int - - // Min and Max are the minimum and maximum batch sizes allowed. The - // batch size will be clamped to the range [Min, Max]. - // - // If Min is less than 1, it will be set to DefaultMin. - // - // If Max is less than or equal to Min, it will be set to DefaultMax. - Min int - Max int - - // TotalToComplete is the total number of rows to be processed by the - // job. This is reported in the JobStatus returned by the Status - // method. - TotalToComplete int - - // StatusThreshold is the amount of time the job has to return a - // JobStatus with values different from the previous JobStatus. If a - // call to Exec approaches this threshold, Batch will interrupt the - // call to Exec, reduce the batch size, and call Exec again. It will - // also increment the Retries value reported in the Status method. - // - // If StatusThreshold is less than or equal to zero, it will be set to - // DefaultStatusThreshold. - StatusThreshold time.Duration - - // Target is the target duration for the query to run in. The batch - // size will be adjusted to keep the query duration within the target - // range. - // - // If Target is less than or equal to zero, it will be set to - // DefaultTarget. - // - // If Target is greater than or equal to StatusThreshold, it will be - // set to StatusThreshold - 5ms. - Target time.Duration - - // Exec is called to execute the query. Exec is called by the Run - // method in a loop until the row count returned by Exec is less than - // the current batch size or Exec returns an error other than - // context.DeadlineExceeded. The configuration must supply this - // callback for batch to succeed. - // - // If Exec returns a context.DeadlineExceeded error, the batch size - // will be reduced, the Retries value reported in the Status method - // will be incremented, and then Exec will be called again. - // - // If Exec returns an error other than context.DeadlineExceeded, the - // batch size will not be changed and the Run method will exit - // returning the error. - Exec Exec - - // Store, if not nil, is called when the batch size has changed and the - // new batch size should be stored in the database. If Store returns an - // error, the Run method will exit and return with the error. - Store Store -} - -func (c *Config) size() int { - switch { - case c.Size < 1: - return DefaultSize - case c.Size < c.min(): - return c.min() - case c.Size > c.max(): - return c.max() - } - return c.Size -} - -func (c *Config) min() int { - if c.Min < 1 { - return DefaultMin - } - return c.Min -} - -func (c *Config) max() int { - if c.Max <= c.Min { - return DefaultMax - } - return c.Max -} - -// Arbitrary constants -const ( - statusThresholdBuffer = 250 * time.Millisecond - - // both ranges are a percentage of the target duration - lowerRange = 10 - upperRange = 10 -) - -func (c *Config) statusThreshold() time.Duration { - if c.StatusThreshold <= 0 { - return DefaultStatusThreshold - statusThresholdBuffer - } - return c.StatusThreshold - statusThresholdBuffer -} - -func (c *Config) target() time.Duration { - switch { - case c.Target <= 0: - return DefaultTarget - case c.Target >= c.statusThreshold(): - return c.statusThreshold() - } - return c.Target -} - -func (c *Config) targetRange() (lower time.Duration, upper time.Duration) { - target := c.target() - return target - (target / lowerRange), target + (target / upperRange) -} - -func (c *Config) store() Store { - if c.Store == nil { - return func(_ context.Context, _ int) error { return nil } - } - return c.Store -} - -func (c *Config) clone() *Config { - if c == nil { - return nil - } - return &Config{ - Size: c.Size, - Min: c.Min, - Max: c.Max, - TotalToComplete: c.TotalToComplete, - StatusThreshold: c.StatusThreshold, - Target: c.Target, - Exec: c.Exec, - Store: c.Store, - } -} - -// Batch is a batch job processor for SQL jobs that update or delete -// multiple rows in the database using a single SQL UPDATE or DELETE -// statement. -type Batch struct { - c *Config - - slowExecutions int - fastExecutions int - - mu sync.Mutex - retries int - totalCompleted int -} - -// New creates a [Batch] that uses the given configuration to execute a SQL -// job in batches. An error is returned if c contains a nil Exec. -func New(ctx context.Context, c *Config) (*Batch, error) { - const op = "batch.New" - switch { - case c == nil: - return nil, errors.New(ctx, errors.InvalidParameter, op, "nil Config") - case c.Exec == nil: - return nil, errors.New(ctx, errors.InvalidParameter, op, "nil Exec") - } - return &Batch{ - c: c.clone(), - }, nil -} - -// Status reports the job’s current status. -func (b *Batch) Status() scheduler.JobStatus { - b.mu.Lock() - defer b.mu.Unlock() - return scheduler.JobStatus{ - Completed: b.totalCompleted, - Total: b.c.TotalToComplete, - Retries: b.retries, - } -} - -// Run runs the batch processor. It calls the [Exec] function in a loop -// until the row count returned by Exec is less than the current batch size -// or Exec returns an error other than context.DeadlineExceeded. -// -// Each call to Run resets the values returned in [Batch.Status]. -func (b *Batch) Run(ctx context.Context) error { - const op = "batch.Run" - b.reset() - - for { - count, runDuration, err := b.run(ctx) - if err != nil { - if errors.Is(err, context.DeadlineExceeded) { - if err := b.timedOut(ctx); err != nil { - return errors.Wrap(ctx, err, op) - } - continue - } - return errors.Wrap(ctx, err, op) - } - - b.successful(count) - - // batch is not complete - if count == b.c.size() { - if err := b.adjustSize(ctx, runDuration); err != nil { - return errors.Wrap(ctx, err, op) - } - continue - } - - // batch is complete - return nil - } -} - -func (b *Batch) run(ctx context.Context) (int, time.Duration, error) { - queryCtx, cancel := context.WithTimeout(ctx, b.c.statusThreshold()) - defer cancel() - start := time.Now() - n, err := b.c.Exec(queryCtx, b.c.size()) - return n, time.Since(start), err -} - -func (b *Batch) reset() { - b.mu.Lock() - b.retries = 0 - b.totalCompleted = 0 - b.mu.Unlock() - b.fastExecutions = 0 - b.slowExecutions = 0 -} - -func (b *Batch) timedOut(ctx context.Context) error { - b.mu.Lock() - b.retries++ - b.mu.Unlock() - return b.c.exponentialDecrease(ctx, b.retries) -} - -func (b *Batch) successful(rowCount int) { - b.mu.Lock() - b.totalCompleted += rowCount - b.mu.Unlock() -} - -func (b *Batch) adjustSize(ctx context.Context, runDuration time.Duration) error { - lower, upper := b.c.targetRange() - - switch { - case runDuration < lower: // too fast - // increase the batch size to go slower - b.fastExecutions++ - b.slowExecutions = 0 - return b.c.linearIncrease(ctx, b.fastExecutions) - case runDuration > upper: // too slow - // decrease the batch size to go faster - b.slowExecutions++ - b.fastExecutions = 0 - return b.c.linearDecrease(ctx, b.slowExecutions) - } - - // within target range so reset the counters - b.fastExecutions = 0 - b.slowExecutions = 0 - return nil -} - -func (c *Config) exponentialDecrease(ctx context.Context, attempt int) error { - if attempt < 1 { - attempt = 1 - } - newSize := (c.size() / (1 << uint(attempt))) - c.jitter() - return c.setSize(ctx, newSize) -} - -func (c *Config) linearIncrease(ctx context.Context, attempt int) error { - if attempt < 1 { - attempt = 1 - } - newSize := c.size() + (c.size() / 10 * attempt) + c.jitter() - return c.setSize(ctx, newSize) -} - -func (c *Config) linearDecrease(ctx context.Context, attempt int) error { - if attempt < 1 { - attempt = 1 - } - newSize := c.size() - (c.size() / 10 * attempt) - c.jitter() - return c.setSize(ctx, newSize) -} - -// jitter returns a random number between 0 and 10% of the current batch -// size. -func (c *Config) jitter() int { - return rand.N(c.size() / 10) -} - -// setSize sets the batch size to newSize and calls Store if newSize is -// different from the current size. If newSize is less than Min, the batch -// size will be set to Min. If newSize is greater than Max, the batch size -// will be set to Max. If Store returns an error, it will be returned by -// setSize. -func (c *Config) setSize(ctx context.Context, newSize int) error { - currentSize := c.Size - if newSize == currentSize { - return nil - } - switch { - case newSize < c.min(): - newSize = c.min() - case newSize > c.max(): - newSize = c.max() - } - if newSize != currentSize { - c.Size = newSize - return c.store()(ctx, newSize) - } - return nil -} diff --git a/internal/scheduler/batch/batch_test.go b/internal/scheduler/batch/batch_test.go deleted file mode 100644 index 8fc60f4054..0000000000 --- a/internal/scheduler/batch/batch_test.go +++ /dev/null @@ -1,577 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package batch - -import ( - "context" - "errors" - "fmt" - "sync" - "testing" - "time" - - "github.com/hashicorp/boundary/internal/scheduler" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -func TestNew(t *testing.T) { - t.Parallel() - t.Run("nil-config", func(t *testing.T) { - t.Parallel() - ctx := context.Background() - got, err := New(ctx, nil) - require.Error(t, err) - assert.Nil(t, got) - }) - t.Run("nil-Exec", func(t *testing.T) { - t.Parallel() - ctx := context.Background() - config := &Config{} - got, err := New(ctx, config) - require.Error(t, err) - assert.Nil(t, got) - }) - t.Run("minimum-config", func(t *testing.T) { - t.Parallel() - ctx := context.Background() - config := &Config{ - Exec: func(ctx context.Context, batchSize int) (int, error) { return 0, nil }, - } - got, err := New(ctx, config) - require.NoError(t, err) - assert.NotNil(t, got) - }) -} - -func TestConfig(t *testing.T) { - t.Parallel() - t.Run("default-config", func(t *testing.T) { - t.Parallel() - assert := assert.New(t) - config := &Config{ - Exec: func(ctx context.Context, batchSize int) (int, error) { return 0, nil }, - } - assert.Equal(DefaultSize, config.size()) - assert.Equal(DefaultMin, config.min()) - assert.Equal(DefaultMax, config.max()) - assert.Equal(DefaultStatusThreshold-statusThresholdBuffer, config.statusThreshold()) - assert.Equal(DefaultTarget, config.target()) - config.StatusThreshold = DefaultTarget - config.Target = DefaultTarget - want := DefaultTarget - statusThresholdBuffer - assert.Equal(want, config.target()) - }) - tests := []struct { - min, max, size int - want int - }{ - {0, 0, 0, DefaultSize}, - {0, 0, DefaultMin - 1, DefaultMin}, - {0, 0, DefaultMax + 1, DefaultMax}, - } - for _, tt := range tests { - tt := tt - t.Run(fmt.Sprintf("min-max-size_%d-%d-%d", tt.min, tt.max, tt.size), func(t *testing.T) { - t.Parallel() - assert := assert.New(t) - config := &Config{ - Min: tt.min, - Max: tt.max, - Size: tt.size, - } - assert.Equal(tt.want, config.size()) - }) - } -} - -type testStore struct { - called bool - batchSize int -} - -func (s *testStore) Store(ctx context.Context, batchSize int) error { - s.called = true - s.batchSize = batchSize - return nil -} - -func TestConfig_setSize(t *testing.T) { - t.Parallel() - ctx := context.Background() - config := &Config{ - Min: 5, - Max: 15, - Size: 10, - } - tests := []struct { - newSize int - wantSize int - wantCalled bool - }{ - {0, 5, true}, - {4, 5, true}, - {5, 5, true}, - {6, 6, true}, - {10, 10, false}, - {20, 15, true}, - {15, 15, true}, - } - for _, tt := range tests { - tt := tt - t.Run(fmt.Sprintf("newSize_%d", tt.newSize), func(t *testing.T) { - t.Parallel() - assert, require := assert.New(t), require.New(t) - c := config.clone() - assert.Equal(config, c) - - ts := &testStore{} - c.Store = ts.Store - - err := c.setSize(ctx, tt.newSize) - require.NoError(err) - assert.Equal(tt.wantSize, c.Size) - assert.Equal(tt.wantCalled, ts.called) - if tt.wantCalled { - assert.Equal(tt.wantSize, ts.batchSize) - } - }) - } -} - -func TestConfig_targetRange(t *testing.T) { - t.Parallel() - tests := []struct { - target time.Duration - wantUpper time.Duration - wantLower time.Duration - }{ - { - target: 1000 * time.Millisecond, - wantLower: 900 * time.Millisecond, - wantUpper: 1100 * time.Millisecond, - }, - { - target: 60 * time.Second, - wantLower: 54 * time.Second, - wantUpper: 66 * time.Second, - }, - } - for _, tt := range tests { - tt := tt - t.Run(fmt.Sprintf("target_%d", tt.target), func(t *testing.T) { - t.Parallel() - assert := assert.New(t) - config := &Config{ - Target: tt.target, - } - assert.Equal(tt.target, config.target()) - lower, upper := config.targetRange() - assert.Equal(tt.wantLower, lower) - assert.Equal(tt.wantUpper, upper) - }) - } -} - -func TestConfig_exponentialDecrease(t *testing.T) { - t.Parallel() - tests := []struct { - batchSize int - attempt int - expected int - }{ - {10, 0, DefaultMin}, - {10, 1, DefaultMin}, - {10, 2, DefaultMin}, - {9, 1, DefaultMin}, - {9, 2, DefaultMin}, - {1000, 0, 500}, - {1000, 1, 500}, - {1000, 2, 250}, - {1000, 3, 125}, - {1000, 4, 62}, - {1000, 5, 31}, - {1000, 6, 15}, - {1000, 7, DefaultMin}, - {500, 1, 250}, - {500, 2, 125}, - } - for _, tt := range tests { - tt := tt - t.Run(fmt.Sprintf("batchSize=%d/attempt=%d", tt.batchSize, tt.attempt), func(t *testing.T) { - assert, require := assert.New(t), require.New(t) - ctx := context.Background() - c := &Config{ - Size: tt.batchSize, - } - delta := c.size() / 10 - err := c.exponentialDecrease(ctx, tt.attempt) - require.NoError(err) - assert.InDelta(tt.expected, c.Size, float64(delta)) - }) - } -} - -func Test_linearDecrease(t *testing.T) { - t.Parallel() - tests := []struct { - batchSize int - attempt int - expected int - }{ - {10, 0, DefaultMin}, - {10, 1, DefaultMin}, - {10, 2, DefaultMin}, - {1000, 0, 900}, - {1000, 1, 900}, - {1000, 2, 800}, - {1000, 3, 700}, - {1000, 4, 600}, - {1000, 5, 500}, - {1000, 6, 400}, - {1000, 7, 300}, - {1000, 10, DefaultMin}, - {1000, 11, DefaultMin}, - {500, 1, 450}, - {500, 2, 400}, - {100, 1, 90}, - {100, 2, 80}, - } - for _, tt := range tests { - tt := tt - t.Run(fmt.Sprintf("batchSize=%d/attempt=%d", tt.batchSize, tt.attempt), func(t *testing.T) { - t.Parallel() - assert, require := assert.New(t), require.New(t) - ctx := context.Background() - c := &Config{ - Size: tt.batchSize, - } - delta := c.size() / 10 - err := c.linearDecrease(ctx, tt.attempt) - require.NoError(err) - assert.InDelta(tt.expected, c.Size, float64(delta)) - }) - } -} - -func Test_linearIncrease(t *testing.T) { - t.Parallel() - tests := []struct { - batchSize int - attempt int - expected int - }{ - {10000, 0, DefaultMax}, - {10000, 1, DefaultMax}, - {10000, 2, DefaultMax}, - {1000, 0, 1100}, - {1000, 1, 1100}, - {1000, 2, 1200}, - {1000, 3, 1300}, - {1000, 4, 1400}, - {1000, 5, 1500}, - {1000, 6, 1600}, - {1000, 7, 1700}, - {500, 1, 550}, - {500, 2, 600}, - {100, 1, 110}, - {100, 2, 120}, - {10, 1, 11}, - {10, 2, 12}, - } - for _, tt := range tests { - tt := tt - t.Run(fmt.Sprintf("batchSize=%d/attempt=%d", tt.batchSize, tt.attempt), func(t *testing.T) { - t.Parallel() - assert, require := assert.New(t), require.New(t) - ctx := context.Background() - c := &Config{ - Size: tt.batchSize, - } - delta := c.size() / 10 - err := c.linearIncrease(ctx, tt.attempt) - require.NoError(err) - assert.InDelta(tt.expected, c.Size, float64(delta)) - }) - } -} - -type recorder struct { - execBatchSize int - storeBatchSize int - status scheduler.JobStatus - mu sync.Mutex -} - -func (r *recorder) setup(c *Config) { - r.mu.Lock() - defer r.mu.Unlock() - c.Store = r.Store -} - -func (r *recorder) Store(ctx context.Context, batchSize int) error { - r.mu.Lock() - defer r.mu.Unlock() - r.storeBatchSize = batchSize - return nil -} - -func (r *recorder) Exec(ctx context.Context, batchSize int) (int, error) { - r.mu.Lock() - defer r.mu.Unlock() - r.execBatchSize = batchSize - return 0, nil -} - -type testRun struct { - ret func(context.Context, int, *Config) (int, error) - chk func(*testing.T, *recorder) - rec *recorder - mu sync.Mutex -} - -func (tr *testRun) validate(t *testing.T) { - if tr.chk != nil { - tr.chk(t, tr.rec) - } -} - -func (tr *testRun) recorder(cf *Config) *recorder { - tr.mu.Lock() - defer tr.mu.Unlock() - if tr.rec == nil { - tr.rec = &recorder{} - tr.rec.setup(cf) - } - return tr.rec -} - -type testRunner struct { - conf *Config - b *Batch - runs []*testRun - t *testing.T - call int -} - -func newTestRunner(t *testing.T, conf *Config, b *Batch) *testRunner { - tr := &testRunner{ - t: t, - conf: conf, - b: b, - } - conf.Exec = tr.Exec - return tr -} - -func (tr *testRunner) Exec(ctx context.Context, batchSize int) (int, error) { - if tr.call > 0 { - prevRun := tr.runs[tr.call-1] - prevRun.rec.status = tr.b.Status() - prevRun.validate(tr.t) - } - run := tr.runs[tr.call] - rec := run.recorder(tr.conf) - if _, err := rec.Exec(ctx, batchSize); err != nil { - return 0, err - } - tr.call++ - return run.ret(ctx, batchSize, tr.conf) -} - -func TestRun(t *testing.T) { - const testStatusTotal = 10 - - t.Parallel() - assertStoreCalled := func() func(*testing.T, *recorder) { - const op = "assertStoreCalled" - return func(t *testing.T, r *recorder) { - assert.Positive(t, r.storeBatchSize, op) - } - } - assertStoreNotCalled := func() func(*testing.T, *recorder) { - const op = "assertStoreNotCalled" - return func(t *testing.T, r *recorder) { - t.Helper() - assert.Zero(t, r.storeBatchSize, op) - } - } - assertRetryCalled := func() func(*testing.T, *recorder) { - const op = "assertRetryCalled" - return func(t *testing.T, r *recorder) { - assert.Positive(t, r.status.Retries, op) - } - } - assertRetryNotCalled := func() func(*testing.T, *recorder) { - const op = "assertRetryNotCalled" - return func(t *testing.T, r *recorder) { - assert.Zero(t, r.status.Retries, op) - } - } - assertCompletedCalled := func() func(*testing.T, *recorder) { - const op = "assertCompletedCalled" - return func(t *testing.T, r *recorder) { - assert.Positive(t, r.status.Completed, op) - } - } - assertCompletedNotCalled := func() func(*testing.T, *recorder) { - const op = "assertCompletedNotCalled" - return func(t *testing.T, r *recorder) { - assert.Zero(t, r.status.Completed, op) - } - } - assertStatusTotal := func() func(*testing.T, *recorder) { - const op = "assertStatusTotal" - return func(t *testing.T, r *recorder) { - assert.Equal(t, testStatusTotal, r.status.Total, op) - } - } - combine := func(fns ...func(*testing.T, *recorder)) func(*testing.T, *recorder) { - return func(t *testing.T, r *recorder) { - for _, fn := range fns { - fn(t, r) - } - } - } - - execLessThanBatch := func() func(context.Context, int, *Config) (int, error) { - return func(ctx context.Context, batchSize int, c *Config) (int, error) { - return batchSize - 1, nil - } - } - execTimeout := func() func(context.Context, int, *Config) (int, error) { - return func(ctx context.Context, batchSize int, c *Config) (int, error) { - select { - case <-ctx.Done(): - return 0, ctx.Err() - } - } - } - execError := func() func(context.Context, int, *Config) (int, error) { - return func(ctx context.Context, batchSize int, c *Config) (int, error) { - return 0, errors.New("fake error") - } - } - execSlow := func() func(context.Context, int, *Config) (int, error) { - return func(ctx context.Context, batchSize int, c *Config) (int, error) { - _, upper := c.targetRange() - time.Sleep(upper + (2 * time.Millisecond)) - return batchSize, nil - } - } - execTargetRange := func() func(context.Context, int, *Config) (int, error) { - return func(ctx context.Context, batchSize int, c *Config) (int, error) { - time.Sleep(c.Target) - return batchSize, nil - } - } - - runMap := map[string]*testRun{ - "execLessThanBatch": { - ret: execLessThanBatch(), - chk: combine(assertStatusTotal(), assertStoreNotCalled(), assertRetryNotCalled(), assertCompletedCalled()), - }, - "execTimeout": { - ret: execTimeout(), - chk: combine(assertStatusTotal(), assertStoreCalled(), assertRetryCalled(), assertCompletedNotCalled()), - }, - "execError": { - ret: execError(), - chk: combine(assertStatusTotal(), assertStoreNotCalled(), assertRetryNotCalled(), assertCompletedNotCalled()), - }, - "execSlow": { - ret: execSlow(), - chk: combine(assertStatusTotal(), assertStoreCalled(), assertRetryNotCalled(), assertCompletedCalled()), - }, - "execTargetRange": { - ret: execTargetRange(), - chk: combine(assertStatusTotal(), assertStoreNotCalled(), assertRetryNotCalled(), assertCompletedCalled()), - }, - } - - tests := []struct { - name string - conf *Config - runs []*testRun - wantErr bool - }{ - { - name: "normal", - conf: &Config{ - TotalToComplete: testStatusTotal, - }, - runs: []*testRun{runMap["execLessThanBatch"]}, - }, - { - name: "error", - conf: &Config{ - TotalToComplete: testStatusTotal, - }, - runs: []*testRun{runMap["execError"]}, - wantErr: true, - }, - { - name: "timeout-normal", - conf: &Config{ - TotalToComplete: testStatusTotal, - StatusThreshold: 5 * time.Millisecond, - }, - runs: []*testRun{runMap["execTimeout"], runMap["execLessThanBatch"]}, - }, - { - name: "slow-normal", - conf: &Config{ - TotalToComplete: testStatusTotal, - StatusThreshold: 5 * time.Millisecond, - }, - runs: []*testRun{runMap["execSlow"], runMap["execLessThanBatch"]}, - }, - { - name: "target-normal", - conf: &Config{ - TotalToComplete: testStatusTotal, - Target: 1 * time.Second, - }, - runs: []*testRun{runMap["execTargetRange"], runMap["execLessThanBatch"]}, - }, - } - for _, tt := range tests { - tt := tt - t.Run(tt.name, func(t *testing.T) { - t.Parallel() - assert := assert.New(t) - ctx := context.Background() - b := &Batch{ - c: tt.conf, - } - tr := newTestRunner(t, tt.conf, b) - tr.runs = tt.runs - - if err := b.Run(ctx); tt.wantErr { - assert.Error(err) - } else { - assert.NoError(err) - } - }) - } -} - -func TestBatch_batchCompleted(t *testing.T) { - t.Parallel() - assert, require := assert.New(t), require.New(t) - ctx := context.Background() - config := &Config{ - Exec: func(ctx context.Context, batchSize int) (int, error) { return 0, nil }, - Store: func(ctx context.Context, batchSize int) error { - fmt.Println("batchSize: ", batchSize) - return nil - }, - } - b, err := New(ctx, config) - require.NoError(err) - assert.NotNil(b) - - err = b.adjustSize(ctx, 10) - require.NoError(err) -} diff --git a/internal/scheduler/cleaner/cleaner.go b/internal/scheduler/cleaner/cleaner.go new file mode 100644 index 0000000000..86358cb586 --- /dev/null +++ b/internal/scheduler/cleaner/cleaner.go @@ -0,0 +1,30 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package cleaner + +import ( + "context" + + "github.com/hashicorp/boundary/internal/db" + "github.com/hashicorp/boundary/internal/errors" + "github.com/hashicorp/boundary/internal/scheduler" + "github.com/hashicorp/boundary/internal/util" +) + +// RegisterJob registers the cleaner job with the provided scheduler. +func RegisterJob(ctx context.Context, s *scheduler.Scheduler, w db.Writer) error { + const op = "cleaner.RegisterJob" + if s == nil { + return errors.New(ctx, errors.Internal, "nil scheduler", op, errors.WithoutEvent()) + } + if util.IsNil(w) { + return errors.New(ctx, errors.Internal, "nil DB writer", op, errors.WithoutEvent()) + } + + if err := s.RegisterJob(ctx, newCleanerJob(w)); err != nil { + return errors.Wrap(ctx, err, op) + } + + return nil +} diff --git a/internal/scheduler/cleaner/cleaner_job.go b/internal/scheduler/cleaner/cleaner_job.go new file mode 100644 index 0000000000..402054abee --- /dev/null +++ b/internal/scheduler/cleaner/cleaner_job.go @@ -0,0 +1,57 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package cleaner + +import ( + "context" + "time" + + "github.com/hashicorp/boundary/internal/db" + "github.com/hashicorp/boundary/internal/errors" + "github.com/hashicorp/boundary/internal/scheduler" +) + +type cleanerJob struct { + w db.Writer +} + +func newCleanerJob(w db.Writer) *cleanerJob { + return &cleanerJob{ + w: w, + } +} + +// Status reports the job’s current status. +func (c *cleanerJob) Status() scheduler.JobStatus { + return scheduler.JobStatus{} +} + +// Run performs the required work depending on the implementation. +// The context is used to notify the job that it should exit early. +func (c *cleanerJob) Run(ctx context.Context) error { + const op = "cleaner.(cleanerJob).Run" + + if _, err := c.w.Exec(ctx, "delete from job_run where status='completed'", nil); err != nil { + return errors.Wrap(ctx, err, op) + } + + return nil +} + +// NextRunIn returns the duration until the next job run should be scheduled. +// We report as ready immediately after a successful run. This doesn't mean that +// this job will run immediately, only about as often as the configured scheduler interval. +func (c *cleanerJob) NextRunIn(_ context.Context) (time.Duration, error) { + return 0, nil +} + +// Name is the unique name of the job. +func (c *cleanerJob) Name() string { + return "job_run_cleaner" +} + +// Description is the human readable description of the job. +func (c *cleanerJob) Description() string { + return "Cleans completed job runs" +} diff --git a/internal/scheduler/cleaner/cleaner_test.go b/internal/scheduler/cleaner/cleaner_test.go new file mode 100644 index 0000000000..13eb4bbbdf --- /dev/null +++ b/internal/scheduler/cleaner/cleaner_test.go @@ -0,0 +1,64 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: BUSL-1.1 + +package cleaner_test + +import ( + "context" + "sync" + "testing" + "time" + + "github.com/hashicorp/boundary/internal/db" + "github.com/hashicorp/boundary/internal/scheduler" + "github.com/hashicorp/boundary/internal/scheduler/cleaner" + "github.com/hashicorp/boundary/internal/scheduler/job" + "github.com/stretchr/testify/require" +) + +func TestCleanerJob(t *testing.T) { + conn, _ := db.TestSetup(t, "postgres") + rw := db.New(conn) + wrapper := db.TestWrapper(t) + s := scheduler.TestScheduler(t, conn, wrapper, scheduler.WithMonitorInterval(10*time.Millisecond)) + err := cleaner.RegisterJob(context.Background(), s, rw) + require.NoError(t, err) + wg := &sync.WaitGroup{} + err = s.Start(context.Background(), wg) + require.NoError(t, err) + + // Trigger some runs, waiting for the cleaner to run + for i := 0; i < 10; i++ { + s.RunNow() + // Wait to allow for the job to finish + time.Sleep(50 * time.Millisecond) + } + + var jobRuns []*job.Run + err = rw.SearchWhere(context.Background(), &jobRuns, "", nil) + require.NoError(t, err) + + // We should have run 10 times, as long as some of them + // have been cleaned we should succeed. + require.True(t, len(jobRuns) < 10, "expected fewer than 10 job_run rows, found %d", len(jobRuns)) +} + +func TestRegisterJob(t *testing.T) { + conn, _ := db.TestSetup(t, "postgres") + rw := db.New(conn) + wrapper := db.TestWrapper(t) + s := scheduler.TestScheduler(t, conn, wrapper) + + t.Run("succeeds", func(t *testing.T) { + err := cleaner.RegisterJob(context.Background(), s, rw) + require.NoError(t, err) + }) + t.Run("fails-on-nil-scheduler", func(t *testing.T) { + err := cleaner.RegisterJob(context.Background(), nil, rw) + require.Error(t, err) + }) + t.Run("fails-on-nil-db-writer", func(t *testing.T) { + err := cleaner.RegisterJob(context.Background(), s, nil) + require.Error(t, err) + }) +} diff --git a/internal/scheduler/job.go b/internal/scheduler/job.go index bbb2baff13..0c5d0bd0e1 100644 --- a/internal/scheduler/job.go +++ b/internal/scheduler/job.go @@ -11,41 +11,20 @@ import ( ) // Job defines an interface for jobs that can be invoked by the scheduler. -// Multiple goroutines may invoke methods on a Job simultaneously. type Job interface { - // Status reports the job’s current status. It is called periodically - // while the Run method is running and immediately after the Run method - // completes. - // - // The scheduler uses the values in the returned JobStatus to verify - // that progress is being made by the job. The scheduler will interrupt - // the job if the values returned by Status do not change over a - // configurable amount of time. - // - // See scheduler.WithInterruptThreshold for more information. + // Status reports the job’s current status. The status is periodically persisted by + // the scheduler when a job is running, and will be used to verify a job is making progress. Status() JobStatus - // Run starts the specified job and waits for it to complete. - // - // The context parameter is used to notify the job that it should exit. - // - // The statusThreshold parameter is the amount of time the job has to - // return a JobStatus with values different from the previous - // JobStatus. Each time a JobStatus with values different from the - // previous JobStatus is returned, the timer for the threshold - // restarts. If the threshold is reached, the context is canceled. - // - // If the returned error is not nil, the job will be scheduled to run - // again immediately and the returned error will be logged. - Run(ctx context.Context, statusThreshold time.Duration) error + // Run performs the required work depending on the implementation. + // The context is used to notify the job that it should exit early. + Run(ctx context.Context) error - // NextRunIn returns the duration the job scheduler should wait before - // running the job again. It is only called after the Run method has - // completed and returned a nil error. If a zero duration is returned + // NextRunIn returns the duration until the next job run should be scheduled. This + // method is invoked after a run has successfully completed and the next run time + // is being persisted by the scheduler. If an error is returned, the error will be logged + // but the duration returned will still be used in scheduling. If a zero duration is returned // the job will be scheduled to run again immediately. - // - // If an error is returned, the error will be logged but the returned - // duration will still be used in scheduling. NextRunIn(context.Context) (time.Duration, error) // Name is the unique name of the job. @@ -55,25 +34,12 @@ type Job interface { Description() string } -// A JobStatus represents the status of a job. -// Completed and Total are used to indicate job progress. -// The Completed value cannot be greater than the Total value -// and both values must be greater than or equal to zero. -// -// Retries is used to indicate how many times the job has retried -// accomplishing work. The value must be greater than or equal to zero. -// -// The scheduler uses the values in the JobStatus to verify that -// progress is being made by the job. The scheduler will interrupt the job -// if the values returned by Status do not change over a configurable -// amount of time. +// JobStatus defines the struct that must be returned by the Job.Status() method. type JobStatus struct { - // The job's work items - Completed int // number of items processed - Total int // total number of items to be processed - - // The job's liveliness - Retries int // number of times the job has retried work + // Completed and Total are used to indicate job progress, + // each job implementation will determine the definition of + // progress by calculating both Completed and Total. + Completed, Total int } func validateJob(ctx context.Context, j Job) error { diff --git a/internal/scheduler/job/additional_verification_test.go b/internal/scheduler/job/additional_verification_test.go index 6ec748efe6..4e221b14fe 100644 --- a/internal/scheduler/job/additional_verification_test.go +++ b/internal/scheduler/job/additional_verification_test.go @@ -44,7 +44,7 @@ func TestJobWorkflow(t *testing.T) { assert.NotEmpty(run.PrivateId) assert.Equal(job.Name, run.JobName) - run, err = repo.UpdateProgress(ctx, run.PrivateId, 100, 110, 0) + run, err = repo.UpdateProgress(ctx, run.PrivateId, 100, 110) require.NoError(err) assert.Equal(uint32(100), run.CompletedCount) assert.Equal(uint32(110), run.TotalCount) @@ -54,8 +54,9 @@ func TestJobWorkflow(t *testing.T) { require.NoError(err) assert.Nil(newRuns) - err = repo.CompleteRun(ctx, run.PrivateId, time.Hour) + run, err = repo.CompleteRun(ctx, run.PrivateId, time.Hour, 0, 0) require.NoError(err) + assert.Equal(Completed.string(), run.Status) job, err = repo.LookupJob(ctx, job.Name) require.NoError(err) @@ -84,7 +85,7 @@ func TestJobWorkflow(t *testing.T) { require.NoError(err) assert.Nil(newRuns) - newRun, err = repo.FailRun(ctx, newRun.PrivateId, 0, 0, 0) + newRun, err = repo.FailRun(ctx, newRun.PrivateId, 0, 0) require.NoError(err) assert.Equal(Failed.string(), newRun.Status) diff --git a/internal/scheduler/job/doc.go b/internal/scheduler/job/doc.go index b67e53e999..dce76363e9 100644 --- a/internal/scheduler/job/doc.go +++ b/internal/scheduler/job/doc.go @@ -45,5 +45,5 @@ // nextJobRun = time.Now().Add(time.Hour) // // repo, _ = job.NewRepository(db, db, wrapper) -// _ = repo.CompleteRun(ctx, run.PrivateId nextJobRun) +// run, _ = repo.CompleteRun(ctx, run.PrivateId, job.Completed, nextJobRun) package job diff --git a/internal/scheduler/job/options.go b/internal/scheduler/job/options.go index 4d68ca4b6a..9dd8521333 100644 --- a/internal/scheduler/job/options.go +++ b/internal/scheduler/job/options.go @@ -8,7 +8,8 @@ import ( ) const ( - defaultPluginId = "pi_system" + defaultRunJobsLimit = 1 + defaultPluginId = "pi_system" ) // getOpts - iterate the inbound Options and return a struct @@ -26,13 +27,16 @@ type Option func(*options) // options = how options are represented type options struct { withNextRunIn time.Duration + withRunJobsLimit int withLimit int withName string withControllerId string } func getDefaultOptions() options { - return options{} // No default options. + return options{ + withRunJobsLimit: defaultRunJobsLimit, + } } // WithNextRunIn provides an option to provide the duration until the next run is scheduled. @@ -44,6 +48,18 @@ func WithNextRunIn(d time.Duration) Option { } } +// WithRunJobsLimit provides an option to provide the number of jobs to run. +// If WithRunJobsLimit == 0, then default run jobs limit is used. +// If WithRunJobsLimit < 0, then no limit is used. +func WithRunJobsLimit(l int) Option { + return func(o *options) { + o.withRunJobsLimit = l + if o.withRunJobsLimit == 0 { + o.withRunJobsLimit = defaultRunJobsLimit + } + } +} + // WithLimit provides an option to provide a limit for ListJobs. Intentionally // allowing negative integers. If WithLimit < 0, then unlimited results are // returned. If WithLimit == 0, then default limits are used for results. diff --git a/internal/scheduler/job/options_test.go b/internal/scheduler/job/options_test.go index 115381b6e4..ca0a53c88a 100644 --- a/internal/scheduler/job/options_test.go +++ b/internal/scheduler/job/options_test.go @@ -21,6 +21,21 @@ func Test_GetOpts(t *testing.T) { testOpts.withNextRunIn = time.Hour assert.Equal(opts, testOpts) }) + t.Run("WithRunJobsLimit", func(t *testing.T) { + assert := assert.New(t) + opts := getOpts(WithRunJobsLimit(10)) + testOpts := getDefaultOptions() + assert.NotEqual(opts, testOpts) + testOpts.withRunJobsLimit = 10 + assert.Equal(opts, testOpts) + }) + t.Run("WithZeroRunJobsLimit", func(t *testing.T) { + assert := assert.New(t) + opts := getOpts(WithRunJobsLimit(0)) + testOpts := getDefaultOptions() + assert.Equal(opts, testOpts) + assert.Equal(defaultRunJobsLimit, opts.withRunJobsLimit) + }) t.Run("WithLimit", func(t *testing.T) { assert := assert.New(t) opts := getOpts(WithLimit(100)) diff --git a/internal/scheduler/job/query.go b/internal/scheduler/job/query.go index 686fb9b9cc..dbb8be5fb9 100644 --- a/internal/scheduler/job/query.go +++ b/internal/scheduler/job/query.go @@ -7,13 +7,13 @@ const runJobsQuery = ` insert into job_run ( job_plugin_id, job_name, controller_id ) - select - j.plugin_id, j."name", ? - from job j - where next_scheduled_run <= current_timestamp + select + job_plugin_id, job_name, ? + from job_jobs_to_run order by next_scheduled_run asc - on conflict - (job_plugin_id, job_name) + %s + on conflict + (job_plugin_id, job_name) where status = 'running' do nothing returning *; @@ -65,8 +65,7 @@ const updateProgressQuery = ` job_run set completed_count = ?, - total_count = ?, - retries_count = ? + total_count = ? where private_id = ? and status = 'running' @@ -74,7 +73,13 @@ const updateProgressQuery = ` ` const completeRunQuery = ` - delete from job_run + update + job_run + set + completed_count = ?, + total_count = ?, + status = 'completed', + end_time = current_timestamp where private_id = ? and status = 'running' @@ -87,7 +92,6 @@ const failRunQuery = ` set completed_count = ?, total_count = ?, - retries_count = ?, status = 'failed', end_time = current_timestamp where diff --git a/internal/scheduler/job/repository_run.go b/internal/scheduler/job/repository_run.go index b5c0eec419..d0f54e7127 100644 --- a/internal/scheduler/job/repository_run.go +++ b/internal/scheduler/job/repository_run.go @@ -17,17 +17,29 @@ import ( // If there are not jobs to run, an empty slice will be returned with a nil error. // // • serverId is required and is the private_id of the server that will run the jobs. -// No options are supported. -func (r *Repository) RunJobs(ctx context.Context, serverId string, _ ...Option) ([]*Run, error) { +// +// The only valid option is WithRunJobsLimit, if not provided RunJobs will run only 1 job. +func (r *Repository) RunJobs(ctx context.Context, serverId string, opt ...Option) ([]*Run, error) { const op = "job.(Repository).RunJobs" if serverId == "" { return nil, errors.New(ctx, errors.InvalidParameter, op, "missing server id") } + opts := getOpts(opt...) + var limit string + switch { + case opts.withRunJobsLimit == 0: + // zero signals the defaults should be used. + limit = fmt.Sprintf("limit %d", defaultRunJobsLimit) + case opts.withRunJobsLimit > 0: + limit = fmt.Sprintf("limit %d", opts.withRunJobsLimit) + } + + query := fmt.Sprintf(runJobsQuery, limit) var runs []*Run _, err := r.writer.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{}, func(r db.Reader, w db.Writer) error { - rows, err := w.Query(ctx, runJobsQuery, []any{serverId}) + rows, err := w.Query(ctx, query, []any{serverId}) if err != nil { return errors.Wrap(ctx, err, op) } @@ -56,10 +68,10 @@ func (r *Repository) RunJobs(ctx context.Context, serverId string, _ ...Option) // UpdateProgress updates the repository entry's completed and total counts for the provided runId. // -// Once a run has been persisted with a final run status (failed or interrupted), +// Once a run has been persisted with a final run status (completed, failed or interrupted), // any future UpdateProgress attempts will return an error with Code errors.InvalidJobRunState. // All options are ignored. -func (r *Repository) UpdateProgress(ctx context.Context, runId string, completed, total, retries int, _ ...Option) (*Run, error) { +func (r *Repository) UpdateProgress(ctx context.Context, runId string, completed, total int, _ ...Option) (*Run, error) { const op = "job.(Repository).UpdateProgress" if runId == "" { return nil, errors.New(ctx, errors.InvalidParameter, op, "missing run id") @@ -69,7 +81,7 @@ func (r *Repository) UpdateProgress(ctx context.Context, runId string, completed run.PrivateId = runId _, err := r.writer.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{}, func(r db.Reader, w db.Writer) error { - rows, err := w.Query(ctx, updateProgressQuery, []any{completed, total, retries, runId}) + rows, err := w.Query(ctx, updateProgressQuery, []any{completed, total, runId}) if err != nil { return errors.Wrap(ctx, err, op) } @@ -111,26 +123,32 @@ func (r *Repository) UpdateProgress(ctx context.Context, runId string, completed return run, nil } -// CompleteRun is intended to be called when a job completes successfully. It -// deletes the job_run entry for the provided runId. It also updates the Job -// repository entry that is associated with this run, setting the job's -// NextScheduledRun to the current database time incremented by the nextRunIn +// CompleteRun updates the Run repository entry for the provided runId. +// It sets the status to 'completed', updates the run's EndTime to the current database +// time, and sets the completed and total counts. +// CompleteRun also updates the Job repository entry that is associated with this run, +// setting the job's NextScheduledRun to the current database time incremented by the nextRunIn // parameter. // -// If a run is persisted with a final run status (failed or interrupted), any -// calls to CompleteRun will return an error with Code -// errors.InvalidJobRunState. All options are ignored. -func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn time.Duration, _ ...Option) error { +// Once a run has been persisted with a final run status (completed, failed +// or interrupted), any future calls to CompleteRun will return an error with Code +// errors.InvalidJobRunState. +// All options are ignored. +func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn time.Duration, completed, total int, _ ...Option) (*Run, error) { const op = "job.(Repository).CompleteRun" if runId == "" { - return errors.New(ctx, errors.InvalidParameter, op, "missing run id") + return nil, errors.New(ctx, errors.InvalidParameter, op, "missing run id") } run := allocRun() run.PrivateId = runId _, err := r.writer.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{}, func(r db.Reader, w db.Writer) error { - rows, err := w.Query(ctx, completeRunQuery, []any{runId}) + // TODO (lcr 07/2021) this can potentially overwrite completed and total values + // persisted by the scheduler's monitor jobs loop. + // Add an on update sql trigger to protect the job_run table, once progress + // values are used in the critical path. + rows, err := w.Query(ctx, completeRunQuery, []any{completed, total, runId}) if err != nil { return errors.Wrap(ctx, err, op) } @@ -151,8 +169,7 @@ func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn ti return errors.Wrap(ctx, err, op, errors.WithMsg("unable to get next row for job run")) } if rowCnt == 0 { - // No rows returned from the query: Either it's already been - // removed or was in a final state (not 'running'). + // Failed to update run, either it does not exist or was in an invalid state if err = r.LookupById(ctx, run); err != nil { if errors.IsNotFoundError(err) { return errors.Wrap(ctx, err, op, errors.WithMsg(fmt.Sprintf("job run %q does not exist", runId))) @@ -189,21 +206,21 @@ func (r *Repository) CompleteRun(ctx context.Context, runId string, nextRunIn ti }, ) if err != nil { - return errors.Wrap(ctx, err, op) + return nil, errors.Wrap(ctx, err, op) } - return nil + return run, nil } // FailRun updates the Run repository entry for the provided runId. // It sets the status to 'failed' and updates the run's EndTime to the current database // time, and sets the completed and total counts. // -// Once a run has been persisted with a final run status (failed +// Once a run has been persisted with a final run status (completed, failed // or interrupted), any future calls to FailRun will return an error with Code // errors.InvalidJobRunState. // All options are ignored. -func (r *Repository) FailRun(ctx context.Context, runId string, completed, total, retries int, _ ...Option) (*Run, error) { +func (r *Repository) FailRun(ctx context.Context, runId string, completed, total int, _ ...Option) (*Run, error) { const op = "job.(Repository).FailRun" if runId == "" { return nil, errors.New(ctx, errors.InvalidParameter, op, "missing run id") @@ -217,7 +234,7 @@ func (r *Repository) FailRun(ctx context.Context, runId string, completed, total // persisted by the scheduler's monitor jobs loop. // Add an on update sql trigger to protect the job_run table, once progress // values are used in the critical path. - rows, err := w.Query(ctx, failRunQuery, []any{completed, total, retries, runId}) + rows, err := w.Query(ctx, failRunQuery, []any{completed, total, runId}) if err != nil { return errors.Wrap(ctx, err, op) } @@ -263,7 +280,7 @@ func (r *Repository) FailRun(ctx context.Context, runId string, completed, total // updated for the provided interruptThreshold. It sets the status to 'interrupted' and // updates the run's EndTime to the current database time. // -// Once a run has been persisted with a final run status (failed +// Once a run has been persisted with a final run status (completed, failed // or interrupted), any future calls to InterruptRuns will return an error with Code // errors.InvalidJobRunState. // WithControllerId is the only valid option diff --git a/internal/scheduler/job/repository_run_test.go b/internal/scheduler/job/repository_run_test.go index a5565520a3..a468535dc1 100644 --- a/internal/scheduler/job/repository_run_test.go +++ b/internal/scheduler/job/repository_run_test.go @@ -5,6 +5,7 @@ package job import ( "context" + "fmt" "sort" "testing" "time" @@ -119,6 +120,73 @@ func TestRepository_RunJobs(t *testing.T) { } } +func TestRepository_RunJobs_Limits(t *testing.T) { + t.Parallel() + ctx := context.Background() + conn, _ := db.TestSetup(t, "postgres") + rw := db.New(conn) + wrapper := db.TestWrapper(t) + kms := kms.TestKms(t, conn, wrapper) + iam.TestRepo(t, conn, wrapper) + + numJobs := 20 + server := testController(t, conn, wrapper) + + tests := []struct { + name string + opts []Option + wantLen int + }{ + { + name: "with-more-than-available", + opts: []Option{WithRunJobsLimit(numJobs * 2)}, + wantLen: numJobs, + }, + { + name: "with-no-option", + wantLen: defaultRunJobsLimit, + }, + { + name: "with-limit", + opts: []Option{WithRunJobsLimit(3)}, + wantLen: 3, + }, + { + name: "with-zero-limit", + opts: []Option{WithRunJobsLimit(0)}, + wantLen: defaultRunJobsLimit, + }, + { + name: "unlimited", + opts: []Option{WithRunJobsLimit(-1)}, + wantLen: numJobs, + }, + } + + for _, tt := range tests { + tt := tt + t.Run(tt.name, func(t *testing.T) { + assert, require := assert.New(t), require.New(t) + repo, err := NewRepository(ctx, rw, rw, kms) + assert.NoError(err) + require.NotNil(repo) + + for i := 0; i < numJobs; i++ { + testJob(t, conn, fmt.Sprintf("%v-%d", tt.name, i), "description", wrapper) + } + + got, err := repo.RunJobs(ctx, server.PrivateId, tt.opts...) + require.NoError(err) + assert.Len(got, tt.wantLen) + + // Clean up jobs for next run + rows, err := rw.Query(ctx, "delete from job", nil) + require.NoError(err) + _ = rows.Close() + }) + } +} + func TestRepository_RunJobsOrder(t *testing.T) { t.Parallel() ctx := context.Background() @@ -142,18 +210,41 @@ func TestRepository_RunJobsOrder(t *testing.T) { runs, err := repo.RunJobs(ctx, server.PrivateId) require.NoError(err) - require.Len(runs, 3) + require.Len(runs, 1) + run := runs[0] + assert.Equal(run.JobName, firstJob.Name) + assert.Equal(run.JobPluginId, firstJob.PluginId) - // We should see the job runs ordered by scheduled time. - // firstJob > middleJob > lastJob - assert.Equal(firstJob.Name, runs[0].JobName) - assert.Equal(firstJob.PluginId, runs[0].JobPluginId) + // End first job with time between last and middle + _, err = repo.CompleteRun(ctx, run.PrivateId, -6*time.Hour, 0, 0) + require.NoError(err) - assert.Equal(middleJob.Name, runs[1].JobName) - assert.Equal(middleJob.PluginId, runs[1].JobPluginId) + runs, err = repo.RunJobs(ctx, server.PrivateId) + require.NoError(err) + require.Len(runs, 1) + run = runs[0] + assert.Equal(run.JobName, middleJob.Name) + assert.Equal(run.JobPluginId, middleJob.PluginId) + + // firstJob should be up again, as it is scheduled before lastJob + runs, err = repo.RunJobs(ctx, server.PrivateId) + require.NoError(err) + require.Len(runs, 1) + run = runs[0] + assert.Equal(run.JobName, firstJob.Name) + assert.Equal(run.JobPluginId, firstJob.PluginId) - assert.Equal(lastJob.Name, runs[2].JobName) - assert.Equal(lastJob.PluginId, runs[2].JobPluginId) + runs, err = repo.RunJobs(ctx, server.PrivateId) + require.NoError(err) + require.Len(runs, 1) + run = runs[0] + assert.Equal(run.JobName, lastJob.Name) + assert.Equal(run.JobPluginId, lastJob.PluginId) + + // All jobs are running no work should be returned + runs, err = repo.RunJobs(ctx, server.PrivateId) + require.NoError(err) + require.Len(runs, 0) } func TestRepository_UpdateProgress(t *testing.T) { @@ -169,7 +260,7 @@ func TestRepository_UpdateProgress(t *testing.T) { job := testJob(t, conn, "name", "description", wrapper) type args struct { - completed, total, retries int + completed, total int } tests := []struct { @@ -215,6 +306,20 @@ func TestRepository_UpdateProgress(t *testing.T) { wantErrCode: errors.InvalidJobRunState, wantErrMsg: "job.(Repository).UpdateProgress: db.DoTx: job.(Repository).UpdateProgress: job run was in a final run state: failed: integrity violation: error #115", }, + { + name: "status-already-completed", + orig: &Run{ + JobRun: &store.JobRun{ + JobName: job.Name, + JobPluginId: job.PluginId, + ControllerId: server.PrivateId, + Status: Completed.string(), + }, + }, + wantErr: true, + wantErrCode: errors.InvalidJobRunState, + wantErrMsg: "job.(Repository).UpdateProgress: db.DoTx: job.(Repository).UpdateProgress: job run was in a final run state: completed: integrity violation: error #115", + }, { name: "valid-no-changes", orig: &Run{ @@ -237,12 +342,10 @@ func TestRepository_UpdateProgress(t *testing.T) { }, }, args: args{ - total: 10, - retries: 1, + total: 10, }, want: args{ - total: 10, - retries: 1, + total: 10, }, }, { @@ -278,12 +381,10 @@ func TestRepository_UpdateProgress(t *testing.T) { args: args{ completed: 10, total: 20, - retries: 1, }, want: args{ completed: 10, total: 20, - retries: 1, }, }, { @@ -321,7 +422,7 @@ func TestRepository_UpdateProgress(t *testing.T) { privateId = tt.orig.PrivateId } - got, err := repo.UpdateProgress(ctx, privateId, tt.args.completed, tt.args.total, tt.args.retries) + got, err := repo.UpdateProgress(ctx, privateId, tt.args.completed, tt.args.total) if tt.wantErr { require.Error(err) assert.Truef(errors.Match(errors.T(tt.wantErrCode), err), "Unexpected error %s", err) @@ -354,7 +455,7 @@ func TestRepository_UpdateProgress(t *testing.T) { require.NoError(err) require.NotNil(repo) - got, err := repo.UpdateProgress(ctx, "fake-run-id", 0, 0, 0) + got, err := repo.UpdateProgress(ctx, "fake-run-id", 0, 0) require.Error(err) require.Nil(got) assert.Truef(errors.Match(errors.T(errors.RecordNotFound), err), "Unexpected error %s", err) @@ -374,10 +475,14 @@ func TestRepository_CompleteRun(t *testing.T) { server := testController(t, conn, wrapper) job := testJob(t, conn, "name", "description", wrapper) + type args struct { + completed, total int + } tests := []struct { name string orig *Run nextRunIn time.Duration + args args wantErr bool wantErrCode errors.Code wantErrMsg string @@ -416,6 +521,20 @@ func TestRepository_CompleteRun(t *testing.T) { wantErrCode: errors.InvalidJobRunState, wantErrMsg: "job.(Repository).CompleteRun: db.DoTx: job.(Repository).CompleteRun: job run was in a final run state: failed: integrity violation: error #115", }, + { + name: "status-already-completed", + orig: &Run{ + JobRun: &store.JobRun{ + JobName: job.Name, + JobPluginId: job.PluginId, + ControllerId: server.PrivateId, + Status: Completed.string(), + }, + }, + wantErr: true, + wantErrCode: errors.InvalidJobRunState, + wantErrMsg: "job.(Repository).CompleteRun: db.DoTx: job.(Repository).CompleteRun: job run was in a final run state: completed: integrity violation: error #115", + }, { name: "valid", orig: &Run{ @@ -438,6 +557,7 @@ func TestRepository_CompleteRun(t *testing.T) { Status: Running.string(), }, }, + args: args{completed: 10, total: 20}, }, } @@ -455,13 +575,9 @@ func TestRepository_CompleteRun(t *testing.T) { require.NoError(err) assert.Empty(tt.orig.EndTime) privateId = tt.orig.PrivateId - - r, err := repo.LookupRun(ctx, privateId) - require.NoError(err) - require.NotNil(r) } - err = repo.CompleteRun(ctx, privateId, tt.nextRunIn) + got, err := repo.CompleteRun(ctx, privateId, tt.nextRunIn, tt.args.completed, tt.args.total) if tt.wantErr { require.Error(err) assert.Truef(errors.Match(errors.T(tt.wantErrCode), err), "Unexpected error %s", err) @@ -476,21 +592,26 @@ func TestRepository_CompleteRun(t *testing.T) { return } assert.NoError(err) + require.NotNil(got) + assert.NotEmpty(got.EndTime) + assert.Equal(Completed.string(), got.Status) + assert.Equal(tt.args.completed, int(got.CompletedCount)) + assert.Equal(tt.args.total, int(got.TotalCount)) updatedJob, err := repo.LookupJob(ctx, tt.orig.JobName) assert.NoError(err) require.NotNil(updatedJob) - // The next run is expected to be ~ now + whatever duration was - // passed into CompleteRun. - expectedNextRunIn := time.Now().Add(tt.nextRunIn).Round(time.Minute).UTC() - actualNextRunIn := updatedJob.NextScheduledRun.AsTime().Round(time.Minute).UTC() - require.EqualValues(expectedNextRunIn, actualNextRunIn) + // The previous run is ended before the next run is scheduled, therefore the previous + // run end time incremented by the nextRunIn duration, should be less than or equal to the + // NextScheduledRun time that is persisted in the repo. + nextRunAt := updatedJob.NextScheduledRun.AsTime() + previousRunEnd := got.EndTime.AsTime() + assert.Equal(nextRunAt.Round(time.Minute), previousRunEnd.Add(tt.nextRunIn).Round(time.Minute)) - // If we can't find the run, it means it was complete. - r, err := repo.LookupRun(ctx, privateId) - require.NoError(err) - require.Nil(r) + // Delete job run so it does not clash with future runs + _, err = repo.deleteRun(ctx, privateId) + assert.NoError(err) }) } @@ -500,8 +621,9 @@ func TestRepository_CompleteRun(t *testing.T) { require.NoError(err) require.NotNil(repo) - err = repo.CompleteRun(ctx, "fake-run-id", time.Hour) + got, err := repo.CompleteRun(ctx, "fake-run-id", time.Hour, 0, 0) require.Error(err) + require.Nil(got) assert.Truef(errors.Match(errors.T(errors.RecordNotFound), err), "Unexpected error %s", err) assert.Equal("job.(Repository).CompleteRun: db.DoTx: job.(Repository).CompleteRun: job run \"fake-run-id\" does not exist: db.LookupById: record not found, search issue: error #1100: dbw.LookupById: record not found", err.Error()) }) @@ -520,7 +642,7 @@ func TestRepository_FailRun(t *testing.T) { job := testJob(t, conn, "name", "description", wrapper) type args struct { - completed, total, retries int + completed, total int } tests := []struct { name string @@ -564,6 +686,20 @@ func TestRepository_FailRun(t *testing.T) { wantErrCode: errors.InvalidJobRunState, wantErrMsg: "job.(Repository).FailRun: db.DoTx: job.(Repository).FailRun: job run was in a final run state: failed: integrity violation: error #115", }, + { + name: "status-already-completed", + orig: &Run{ + JobRun: &store.JobRun{ + JobName: job.Name, + JobPluginId: job.PluginId, + ControllerId: server.PrivateId, + Status: Completed.string(), + }, + }, + wantErr: true, + wantErrCode: errors.InvalidJobRunState, + wantErrMsg: "job.(Repository).FailRun: db.DoTx: job.(Repository).FailRun: job run was in a final run state: completed: integrity violation: error #115", + }, { name: "valid", orig: &Run{ @@ -585,7 +721,7 @@ func TestRepository_FailRun(t *testing.T) { Status: Running.string(), }, }, - args: args{completed: 10, total: 20, retries: 5}, + args: args{completed: 10, total: 20}, }, } @@ -605,7 +741,7 @@ func TestRepository_FailRun(t *testing.T) { privateId = tt.orig.PrivateId } - got, err := repo.FailRun(ctx, privateId, tt.args.completed, tt.args.total, tt.args.retries) + got, err := repo.FailRun(ctx, privateId, tt.args.completed, tt.args.total) if tt.wantErr { require.Error(err) assert.Truef(errors.Match(errors.T(tt.wantErrCode), err), "Unexpected error %s", err) @@ -625,7 +761,6 @@ func TestRepository_FailRun(t *testing.T) { assert.Equal(Failed.string(), got.Status) assert.Equal(tt.args.completed, int(got.CompletedCount)) assert.Equal(tt.args.total, int(got.TotalCount)) - assert.Equal(tt.args.retries, int(got.RetriesCount)) // Delete job run so it does not clash with future runs _, err = repo.deleteRun(context.Background(), privateId) @@ -639,7 +774,7 @@ func TestRepository_FailRun(t *testing.T) { require.NoError(err) require.NotNil(repo) - got, err := repo.FailRun(ctx, "fake-run-id", 0, 0, 0) + got, err := repo.FailRun(ctx, "fake-run-id", 0, 0) require.Error(err) require.Nil(got) assert.Truef(errors.Match(errors.T(errors.RecordNotFound), err), "Unexpected error %s", err) @@ -771,6 +906,7 @@ func TestRepository_InterruptServerRuns(t *testing.T) { runs: []args{ { ControllerId: server1.PrivateId, + opts: []Option{WithRunJobsLimit(3)}, expectedJobs: []*Job{job1, job2, job3}, }, }, @@ -785,6 +921,7 @@ func TestRepository_InterruptServerRuns(t *testing.T) { runs: []args{ { ControllerId: server2.PrivateId, + opts: []Option{WithRunJobsLimit(3)}, expectedJobs: []*Job{job1, job2, job3}, }, }, @@ -830,6 +967,124 @@ func TestRepository_InterruptServerRuns(t *testing.T) { }, }, }, + { + name: "multiple-servers-interrupt-all", + runs: []args{ + { + ControllerId: server1.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job1}, + }, + { + ControllerId: server2.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job2}, + }, + { + ControllerId: server3.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job3}, + }, + }, + interrupts: []args{ + { + expectedJobs: []*Job{job1, job2, job3}, + }, + }, + }, + { + name: "multiple-servers-with-server-id", + runs: []args{ + { + ControllerId: server1.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job1}, + }, + { + ControllerId: server2.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job2}, + }, + { + ControllerId: server3.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job3}, + }, + }, + interrupts: []args{ + { + opts: []Option{WithControllerId(server1.PrivateId)}, + expectedJobs: []*Job{job1}, + }, + { + opts: []Option{WithControllerId(server2.PrivateId)}, + expectedJobs: []*Job{job2}, + }, + { + opts: []Option{WithControllerId(server3.PrivateId)}, + expectedJobs: []*Job{job3}, + }, + }, + }, + { + name: "multiple-servers-distributed-runs", + runs: []args{ + { + ControllerId: server1.PrivateId, + opts: []Option{WithRunJobsLimit(2)}, + expectedJobs: []*Job{job1, job2}, + }, + { + ControllerId: server2.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job3}, + }, + { + ControllerId: server3.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{}, + }, + }, + interrupts: []args{ + { + opts: []Option{WithControllerId(server1.PrivateId)}, + expectedJobs: []*Job{job1, job2}, + }, + { + opts: []Option{WithControllerId(server2.PrivateId)}, + expectedJobs: []*Job{job3}, + }, + { + opts: []Option{WithControllerId(server3.PrivateId)}, + expectedJobs: []*Job{}, + }, + }, + }, + { + name: "multiple-servers-distributed-runs-interrupt-all", + runs: []args{ + { + ControllerId: server1.PrivateId, + opts: []Option{WithRunJobsLimit(2)}, + expectedJobs: []*Job{job1, job2}, + }, + { + ControllerId: server2.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{job3}, + }, + { + ControllerId: server3.PrivateId, + opts: []Option{WithRunJobsLimit(1)}, + expectedJobs: []*Job{}, + }, + }, + interrupts: []args{ + { + expectedJobs: []*Job{job1, job2, job3}, + }, + }, + }, } for _, tt := range tests { tt := tt @@ -838,7 +1093,7 @@ func TestRepository_InterruptServerRuns(t *testing.T) { require.NoError(err) for _, r := range tt.runs { - runs, err := repo.RunJobs(ctx, r.ControllerId) + runs, err := repo.RunJobs(ctx, r.ControllerId, r.opts...) require.NoError(err) assert.Len(runs, len(r.expectedJobs)) sort.Slice(runs, func(i, j int) bool { return runs[i].JobName < runs[j].JobName }) diff --git a/internal/scheduler/job/run.go b/internal/scheduler/job/run.go index 0229c18fe0..2128af7b48 100644 --- a/internal/scheduler/job/run.go +++ b/internal/scheduler/job/run.go @@ -8,7 +8,7 @@ import ( "google.golang.org/protobuf/proto" ) -// Run represents an instance of a job that is either actively running or has failed in some way. +// Run represents an instance of a job that is either actively running or has already completed. type Run struct { *store.JobRun tableName string `gorm:"-"` diff --git a/internal/scheduler/job/status.go b/internal/scheduler/job/status.go index 4fe5df0077..5db19ff0d0 100644 --- a/internal/scheduler/job/status.go +++ b/internal/scheduler/job/status.go @@ -9,6 +9,9 @@ const ( // Running represents that the job run is actively running on a server Running Status = "running" + // Completed represents that the job run has successfully finished + Completed Status = "completed" + // Failed represent that the job run had an error during execution Failed Status = "failed" diff --git a/internal/scheduler/job/store/job.pb.go b/internal/scheduler/job/store/job.pb.go index f64fae2c2c..7bc6229cf0 100644 --- a/internal/scheduler/job/store/job.pb.go +++ b/internal/scheduler/job/store/job.pb.go @@ -134,11 +134,7 @@ type JobRun struct { // total_count is set during an update to indicate the progress goal. // @inject_tag: `gorm:"default:0"` TotalCount uint32 `protobuf:"varint,9,opt,name=total_count,json=totalCount,proto3" json:"total_count,omitempty" gorm:"default:0"` - // retries_count is set during an update to indicate the number of times - // a job has retried work. - // @inject_tag: `gorm:"default:0"` - RetriesCount uint32 `protobuf:"varint,12,opt,name=retries_count,json=retriesCount,proto3" json:"retries_count,omitempty" gorm:"default:0"` - // status of the job run (running, failed or interrupted). + // status of the job run (running, completed, failed or interrupted). // @inject_tag: `gorm:"not_null"` Status string `protobuf:"bytes,10,opt,name=status,proto3" json:"status,omitempty" gorm:"not_null"` // The controller_id of the controller running the job and must be set. @@ -234,13 +230,6 @@ func (x *JobRun) GetTotalCount() uint32 { return 0 } -func (x *JobRun) GetRetriesCount() uint32 { - if x != nil { - return x.RetriesCount - } - return 0 -} - func (x *JobRun) GetStatus() string { if x != nil { return x.Status @@ -277,7 +266,7 @@ var file_controller_storage_job_store_v1_job_proto_rawDesc = []byte{ 0x72, 0x2e, 0x73, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x2e, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x76, 0x31, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x10, 0x6e, 0x65, 0x78, 0x74, 0x53, 0x63, 0x68, 0x65, 0x64, 0x75, 0x6c, 0x65, 0x64, 0x52, - 0x75, 0x6e, 0x22, 0xfe, 0x03, 0x0a, 0x06, 0x4a, 0x6f, 0x62, 0x52, 0x75, 0x6e, 0x12, 0x1d, 0x0a, + 0x75, 0x6e, 0x22, 0xd9, 0x03, 0x0a, 0x06, 0x4a, 0x6f, 0x62, 0x52, 0x75, 0x6e, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x49, 0x64, 0x12, 0x22, 0x0a, 0x0d, 0x6a, 0x6f, 0x62, 0x5f, 0x70, 0x6c, 0x75, 0x67, 0x69, 0x6e, 0x5f, 0x69, 0x64, 0x18, 0x02, 0x20, @@ -302,18 +291,16 @@ var file_controller_storage_job_store_v1_job_proto_rawDesc = []byte{ 0x08, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0e, 0x63, 0x6f, 0x6d, 0x70, 0x6c, 0x65, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0a, 0x74, 0x6f, 0x74, 0x61, - 0x6c, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x74, 0x72, 0x69, 0x65, - 0x73, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0c, 0x72, - 0x65, 0x74, 0x72, 0x69, 0x65, 0x73, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, - 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, - 0x74, 0x75, 0x73, 0x12, 0x23, 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, - 0x72, 0x5f, 0x69, 0x64, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x74, - 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x49, 0x64, 0x52, 0x09, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, - 0x5f, 0x69, 0x64, 0x42, 0x42, 0x5a, 0x40, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, - 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x62, 0x6f, 0x75, 0x6e, - 0x64, 0x61, 0x72, 0x79, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x73, 0x63, - 0x68, 0x65, 0x64, 0x75, 0x6c, 0x65, 0x72, 0x2f, 0x6a, 0x6f, 0x62, 0x2f, 0x73, 0x74, 0x6f, 0x72, - 0x65, 0x3b, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x6c, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, + 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x23, + 0x0a, 0x0d, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x18, + 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x63, 0x6f, 0x6e, 0x74, 0x72, 0x6f, 0x6c, 0x6c, 0x65, + 0x72, 0x49, 0x64, 0x52, 0x09, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x69, 0x64, 0x42, 0x42, + 0x5a, 0x40, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, + 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x61, 0x72, 0x79, 0x2f, + 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x73, 0x63, 0x68, 0x65, 0x64, 0x75, 0x6c, + 0x65, 0x72, 0x2f, 0x6a, 0x6f, 0x62, 0x2f, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3b, 0x73, 0x74, 0x6f, + 0x72, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( diff --git a/internal/scheduler/options.go b/internal/scheduler/options.go index 056ced1861..c9a3c1d424 100644 --- a/internal/scheduler/options.go +++ b/internal/scheduler/options.go @@ -6,6 +6,7 @@ package scheduler import "time" const ( + defaultRunJobsLimit = 1 defaultRunJobsInterval = time.Minute defaultMonitorInterval = 30 * time.Second defaultInterruptThreshold = 5 * time.Minute @@ -26,6 +27,7 @@ type Option func(*options) // options = how options are represented type options struct { withNextRunIn time.Duration + withRunJobsLimit int withRunJobInterval time.Duration withMonitorInterval time.Duration withInterruptThreshold time.Duration @@ -34,12 +36,26 @@ type options struct { func getDefaultOptions() options { return options{ + withRunJobsLimit: defaultRunJobsLimit, withRunJobInterval: defaultRunJobsInterval, withMonitorInterval: defaultMonitorInterval, withInterruptThreshold: defaultInterruptThreshold, } } +// WithRunJobsLimit provides an option to provide the number of jobs that will be requested +// by the scheduler when querying for jobs to run. +// If WithRunJobsLimit == 0, then default run jobs limit is used. +// If WithRunJobsLimit < 0, then no limit is used. +func WithRunJobsLimit(l int) Option { + return func(o *options) { + o.withRunJobsLimit = l + if o.withRunJobsLimit == 0 { + o.withRunJobsLimit = defaultRunJobsLimit + } + } +} + // WithRunJobsInterval provides an option to provide the interval at which the scheduler // will query the repository for jobs to run. // If WithRunJobsInterval == 0, then default interval is used. diff --git a/internal/scheduler/options_test.go b/internal/scheduler/options_test.go index 5b3fc4733a..d5e872a67c 100644 --- a/internal/scheduler/options_test.go +++ b/internal/scheduler/options_test.go @@ -13,6 +13,20 @@ import ( // Test_GetOpts provides unit tests for GetOpts and all the options func Test_GetOpts(t *testing.T) { t.Parallel() + t.Run("WithRunJobsLimit", func(t *testing.T) { + assert := assert.New(t) + opts := getOpts(WithRunJobsLimit(10)) + testOpts := getDefaultOptions() + assert.NotEqual(opts, testOpts) + testOpts.withRunJobsLimit = 10 + assert.Equal(opts, testOpts) + }) + t.Run("WithZeroRunJobsLimit", func(t *testing.T) { + assert := assert.New(t) + opts := getOpts(WithRunJobsLimit(0)) + testOpts := getDefaultOptions() + assert.Equal(opts, testOpts) + }) t.Run("WithRunJobsInterval", func(t *testing.T) { assert := assert.New(t) opts := getOpts(WithRunJobsInterval(time.Hour)) diff --git a/internal/scheduler/scheduler.go b/internal/scheduler/scheduler.go index 66592fe7b8..50ad3e82b3 100644 --- a/internal/scheduler/scheduler.go +++ b/internal/scheduler/scheduler.go @@ -32,6 +32,7 @@ type Scheduler struct { runningJobs *sync.Map started ua.Bool + runJobsLimit int runJobsInterval time.Duration monitorInterval time.Duration interruptThreshold time.Duration @@ -44,7 +45,7 @@ type Scheduler struct { // // • jobRepoFn must be provided and is a function that returns the job repository // -// WithRunJobsInterval, WithMonitorInterval and WithInterruptThreshold are +// WithRunJobsLimit, WithRunJobsInterval, WithMonitorInterval and WithInterruptThreshold are // the only valid options. func New(ctx context.Context, serverId string, jobRepoFn jobRepoFactory, opt ...Option) (*Scheduler, error) { const op = "scheduler.New" @@ -61,6 +62,7 @@ func New(ctx context.Context, serverId string, jobRepoFn jobRepoFactory, opt ... jobRepoFn: jobRepoFn, registeredJobs: new(sync.Map), runningJobs: new(sync.Map), + runJobsLimit: opts.withRunJobsLimit, runJobsInterval: opts.withRunJobInterval, monitorInterval: opts.withMonitorInterval, interruptThreshold: opts.withInterruptThreshold, @@ -188,7 +190,7 @@ func (s *Scheduler) start(ctx context.Context) { event.WriteSysEvent(ctx, op, "scheduling loop running", "server id", s.serverId, "run interval", s.runJobsInterval.String(), - ) + "run limit", s.runJobsLimit) timer := time.NewTimer(0) var wg sync.WaitGroup for { @@ -216,7 +218,7 @@ func (s *Scheduler) schedule(ctx context.Context, wg *sync.WaitGroup) { return } - runs, err := repo.RunJobs(ctx, s.serverId) + runs, err := repo.RunJobs(ctx, s.serverId, job.WithRunJobsLimit(s.runJobsLimit)) if err != nil { event.WriteError(ctx, op, err, event.WithInfoMsg("error getting jobs to run from repo")) return @@ -226,7 +228,7 @@ func (s *Scheduler) schedule(ctx context.Context, wg *sync.WaitGroup) { err := s.runJob(ctx, wg, r) if err != nil { event.WriteError(ctx, op, err, event.WithInfoMsg("error starting job")) - if _, inner := repo.FailRun(ctx, r.PrivateId, 0, 0, 0); inner != nil { + if _, inner := repo.FailRun(ctx, r.PrivateId, 0, 0); inner != nil { event.WriteError(ctx, op, inner, event.WithInfoMsg("error updating failed job run")) } } @@ -258,8 +260,10 @@ func (s *Scheduler) runJob(ctx context.Context, wg *sync.WaitGroup, r *job.Run) go func() { defer rj.cancelCtx() defer wg.Done() - runErr := j.Run(jobContext, s.interruptThreshold) + runErr := j.Run(jobContext) + // Get final status report to update run progress with + status := j.Status() var updateErr error switch { case ctx.Err() != nil: @@ -269,12 +273,10 @@ func (s *Scheduler) runJob(ctx context.Context, wg *sync.WaitGroup, r *job.Run) if inner != nil { event.WriteError(ctx, op, inner, event.WithInfoMsg("error getting next run time", "name", j.Name())) } - updateErr = repo.CompleteRun(ctx, r.PrivateId, nextRun) + _, updateErr = repo.CompleteRun(ctx, r.PrivateId, nextRun, status.Completed, status.Total) default: event.WriteError(ctx, op, runErr, event.WithInfoMsg("job run failed", "run id", r.PrivateId, "name", j.Name())) - - status := j.Status() // Get final status report to update run progress with - _, updateErr = repo.FailRun(ctx, r.PrivateId, status.Completed, status.Total, status.Retries) + _, updateErr = repo.FailRun(ctx, r.PrivateId, status.Completed, status.Total) } if updateErr != nil { @@ -331,7 +333,7 @@ func (s *Scheduler) updateRunningJobProgress(ctx context.Context, j *runningJob) return fmt.Errorf("error creating job repo %w", err) } status := j.status() - _, err = repo.UpdateProgress(ctx, j.runId, status.Completed, status.Total, status.Retries) + _, err = repo.UpdateProgress(ctx, j.runId, status.Completed, status.Total) if errors.Match(errors.T(errors.InvalidJobRunState), err) { // Job has been persisted with a final run status, cancel job context to trigger early exit. j.cancelCtx() diff --git a/internal/scheduler/scheduler_test.go b/internal/scheduler/scheduler_test.go index b96a55cdb3..c9b22bcbcb 100644 --- a/internal/scheduler/scheduler_test.go +++ b/internal/scheduler/scheduler_test.go @@ -34,6 +34,7 @@ func TestScheduler_New(t *testing.T) { type args struct { serverId string jobRepo jobRepoFactory + runLimit int runInterval time.Duration monitorInterval time.Duration } @@ -69,6 +70,7 @@ func TestScheduler_New(t *testing.T) { }, want: args{ serverId: "test-server", + runLimit: defaultRunJobsLimit, runInterval: defaultRunJobsInterval, monitorInterval: defaultMonitorInterval, }, @@ -84,6 +86,7 @@ func TestScheduler_New(t *testing.T) { }, want: args{ serverId: "test-server", + runLimit: defaultRunJobsLimit, monitorInterval: defaultMonitorInterval, runInterval: time.Hour, }, @@ -94,9 +97,12 @@ func TestScheduler_New(t *testing.T) { serverId: "test-server", jobRepo: jobRepoFn, }, - opts: []Option{}, + opts: []Option{ + WithRunJobsLimit(-1), + }, want: args{ serverId: "test-server", + runLimit: -1, runInterval: defaultRunJobsInterval, monitorInterval: defaultMonitorInterval, }, @@ -107,9 +113,12 @@ func TestScheduler_New(t *testing.T) { serverId: "test-server", jobRepo: jobRepoFn, }, - opts: []Option{}, + opts: []Option{ + WithRunJobsLimit(20), + }, want: args{ serverId: "test-server", + runLimit: 20, runInterval: defaultRunJobsInterval, monitorInterval: defaultMonitorInterval, }, @@ -125,6 +134,7 @@ func TestScheduler_New(t *testing.T) { }, want: args{ serverId: "test-server", + runLimit: defaultRunJobsLimit, runInterval: defaultRunJobsInterval, monitorInterval: time.Hour, }, @@ -137,10 +147,12 @@ func TestScheduler_New(t *testing.T) { }, opts: []Option{ WithRunJobsInterval(time.Hour), + WithRunJobsLimit(20), WithMonitorInterval(2 * time.Hour), }, want: args{ serverId: "test-server", + runLimit: 20, runInterval: time.Hour, monitorInterval: 2 * time.Hour, }, @@ -162,6 +174,7 @@ func TestScheduler_New(t *testing.T) { require.NoError(err) assert.Equal(tt.want.serverId, got.serverId) + assert.Equal(tt.want.runLimit, got.runJobsLimit) assert.Equal(tt.want.runInterval, got.runJobsInterval) assert.Equal(tt.want.monitorInterval, got.monitorInterval) assert.NotNil(got.jobRepoFn) diff --git a/internal/scheduler/testing.go b/internal/scheduler/testing.go index e15d5f1066..71fafbcce2 100644 --- a/internal/scheduler/testing.go +++ b/internal/scheduler/testing.go @@ -55,10 +55,10 @@ func TestScheduler(t testing.TB, conn *db.DB, wrapper wrapping.Wrapper, opt ...O return s } -func testJobFn() (func(ctx context.Context, _ time.Duration) error, chan struct{}, chan struct{}) { +func testJobFn() (func(ctx context.Context) error, chan struct{}, chan struct{}) { jobReady := make(chan struct{}) jobDone := make(chan struct{}) - fn := func(ctx context.Context, _ time.Duration) error { + fn := func(ctx context.Context) error { jobReady <- struct{}{} // Block until context is canceled @@ -73,7 +73,7 @@ func testJobFn() (func(ctx context.Context, _ time.Duration) error, chan struct{ type testJob struct { nextRunIn time.Duration name, description string - fn func(context.Context, time.Duration) error + fn func(context.Context) error statusFn func() JobStatus } @@ -84,8 +84,8 @@ func (j testJob) Status() JobStatus { return j.statusFn() } -func (j testJob) Run(ctx context.Context, statusThreshold time.Duration) error { - return j.fn(ctx, statusThreshold) +func (j testJob) Run(ctx context.Context) error { + return j.fn(ctx) } func (j testJob) NextRunIn(_ context.Context) (time.Duration, error) { diff --git a/internal/server/job/rotate_roots_job.go b/internal/server/job/rotate_roots_job.go index 26a602dcd0..d0d4d23774 100644 --- a/internal/server/job/rotate_roots_job.go +++ b/internal/server/job/rotate_roots_job.go @@ -78,7 +78,7 @@ func (r *rotateRootsJob) Status() scheduler.JobStatus { } // Run executes the job by calling the rotateRoots domain function -func (r *rotateRootsJob) Run(ctx context.Context, _ time.Duration) error { +func (r *rotateRootsJob) Run(ctx context.Context) error { const op = "server.(rotateRootsJob).Run" _, err := server.RotateRoots(ctx, r.workerAuthRepo, nodeenrollment.WithCertificateLifetime(r.certificateLifetime)) diff --git a/internal/server/job/rotate_roots_job_test.go b/internal/server/job/rotate_roots_job_test.go index eb9df01ca4..cbf2154078 100644 --- a/internal/server/job/rotate_roots_job_test.go +++ b/internal/server/job/rotate_roots_job_test.go @@ -105,7 +105,7 @@ func TestRotateRootsJob(t *testing.T) { assert.Equal(time.Hour, nextRun) // Run job and ensure rotation was performed - err = got.Run(ctx, 0) + err = got.Run(ctx) require.NoError(err) require.Equal(1, got.totalRotates) rootIds, err = workerAuthRepo.List(ctx, (*types.RootCertificate)(nil)) @@ -127,6 +127,6 @@ func TestRotateRootsJobFailure(t *testing.T) { got, err := newRotateRootsJob(ctx, &db.Db{}, &db.Db{}, kmsCache) require.NoError(err) - err = got.Run(ctx, 0) + err = got.Run(ctx) require.Error(err) } diff --git a/internal/server/job/upsert_worker_storage_bucket_job.go b/internal/server/job/upsert_worker_storage_bucket_job.go index 11ec752b52..efc8a293f7 100644 --- a/internal/server/job/upsert_worker_storage_bucket_job.go +++ b/internal/server/job/upsert_worker_storage_bucket_job.go @@ -35,7 +35,7 @@ func (usb *upsertWorkerStorageBucketJob) Status() scheduler.JobStatus { return s // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (usb *upsertWorkerStorageBucketJob) Run(ctx context.Context, _ time.Duration) error { return nil } +func (usb *upsertWorkerStorageBucketJob) Run(_ context.Context) error { return nil } // NextRunIn returns the duration until the next job run should be scheduled. // Upsert Worker Storage Bucket will run every 24 hours unless we know there are diff --git a/internal/server/query.go b/internal/server/query.go index 54a6a6be0e..d78953b0e5 100644 --- a/internal/server/query.go +++ b/internal/server/query.go @@ -73,12 +73,6 @@ const ( where worker_key_identifier = @worker_key_identifier ` - verifyKnownWorkersQuery = ` - select public_id - from server_worker - where public_id in (?); - ` - getWorkerAuthsByWorkerIdQuery = ` select * from worker_auth_authorized diff --git a/internal/server/repository_controller.go b/internal/server/repository_controller.go index 4ecc229894..5e5ac77cba 100644 --- a/internal/server/repository_controller.go +++ b/internal/server/repository_controller.go @@ -46,7 +46,7 @@ func (r *Repository) listControllersWithReader(ctx context.Context, reader db.Re } func (r *Repository) UpsertController(ctx context.Context, controller *store.Controller) (int, error) { - const op = "server.(Repository).UpsertController" + const op = "server.UpsertController" if controller == nil { return db.NoRowsAffected, errors.New(ctx, errors.InvalidParameter, op, "controller is nil") diff --git a/internal/server/repository_nonce.go b/internal/server/repository_nonce.go index 90626f0e28..c72fe659e4 100644 --- a/internal/server/repository_nonce.go +++ b/internal/server/repository_nonce.go @@ -30,7 +30,7 @@ const ( // AddNonce adds a nonce func (r *Repository) AddNonce(ctx context.Context, nonce, purpose string, opt ...Option) error { - const op = "server.(Repository).AddNonce" + const op = "server.AddNonce" if nonce == "" { return errors.New(ctx, errors.InvalidParameter, op, "empty nonce") } diff --git a/internal/server/repository_worker.go b/internal/server/repository_worker.go index fbb9af0ee5..576313fb6e 100644 --- a/internal/server/repository_worker.go +++ b/internal/server/repository_worker.go @@ -303,7 +303,7 @@ func ListWorkers(ctx context.Context, reader db.Reader, scopeIds []string, opt . // the only ones used. All others are ignored. // Workers are intentionally not oplogged. func (r *Repository) UpsertWorkerStatus(ctx context.Context, worker *Worker, opt ...Option) (*Worker, error) { - const op = "server.(Repository).UpsertWorkerStatus" + const op = "server.UpsertWorkerStatus" opts := GetOpts(opt...) switch { @@ -431,40 +431,6 @@ func (r *Repository) UpsertWorkerStatus(ctx context.Context, worker *Worker, opt return ret, nil } -// VerifyKnownWorkers checks that the passed worker IDs are found in the repository and returns -// the public IDs of the workers that are found. -func (r *Repository) VerifyKnownWorkers(ctx context.Context, ids []string) ([]string, error) { - const op = "server.(Repository).VerifyKnownWorkers" - - if len(ids) == 0 { - return nil, nil - } - - rows, err := r.reader.Query(ctx, verifyKnownWorkersQuery, []any{ids}) - if err != nil { - return nil, errors.Wrap(ctx, err, op) - } - defer rows.Close() - - type rowsResult struct { - PublicId string - } - var ret []string - for rows.Next() { - var result rowsResult - err = r.reader.ScanRows(ctx, rows, &result) - if err != nil { - return nil, errors.Wrap(ctx, err, op) - } - ret = append(ret, result.PublicId) - } - if err := rows.Err(); err != nil { - return nil, errors.Wrap(ctx, err, op) - } - - return ret, nil -} - // setWorkerTags removes all existing tags from the same source and worker id // and creates new ones based on the ones provided. This function should be // called from inside a db transaction. @@ -519,10 +485,10 @@ func setWorkerTags(ctx context.Context, w db.Writer, id string, ts TagSource, ta // via the old registration method or pki-kms) name updates will be disallowed. func (r *Repository) UpdateWorker(ctx context.Context, worker *Worker, version uint32, fieldMaskPaths []string, opt ...Option) (*Worker, int, error) { const ( - op = "server.(Repository).UpdateWorker" nameField = "name" descField = "description" ) + const op = "server.(Repository).UpdateWorker" switch { case worker == nil: return nil, db.NoRowsAffected, errors.New(ctx, errors.InvalidParameter, op, "worker is nil") @@ -631,7 +597,7 @@ func (r *Repository) UpdateWorker(ctx context.Context, worker *Worker, version u // WithCreateControllerLedActivationToken. The latter two are mutually // exclusive. func (r *Repository) CreateWorker(ctx context.Context, worker *Worker, opt ...Option) (*Worker, error) { - const op = "server.(Repository).CreateWorker" + const op = "server.CreateWorker" opts := GetOpts(opt...) diff --git a/internal/server/repository_worker_test.go b/internal/server/repository_worker_test.go index 67f8f580d1..1295535167 100644 --- a/internal/server/repository_worker_test.go +++ b/internal/server/repository_worker_test.go @@ -567,63 +567,6 @@ func TestUpsertWorkerStatus(t *testing.T) { }) } -func TestVerifyKnownWorkers(t *testing.T) { - ctx := context.Background() - conn, _ := db.TestSetup(t, "postgres") - rw := db.New(conn) - wrapper := db.TestWrapper(t) - kmsCache := kms.TestKms(t, conn, wrapper) - require.NoError(t, kmsCache.CreateKeys(context.Background(), scope.Global.String(), kms.WithRandomReader(rand.Reader))) - repo, err := server.NewRepository(ctx, rw, rw, kmsCache) - require.NoError(t, err) - - workerIds := make([]string, 0, 10) - // Seed the repo with workers - for i := 0; i < 10; i++ { - w := server.TestPkiWorker(t, conn, wrapper) - workerIds = append(workerIds, w.GetPublicId()) - } - - tests := []struct { - name string - testIds []string - wantCnt int - }{ - { - name: "empty-list", - testIds: []string{}, - wantCnt: 0, - }, - { - name: "full-list", - testIds: workerIds, - wantCnt: 10, - }, - { - name: "bogus-list", - testIds: []string{"w_bogus1", "w_bogus2"}, - wantCnt: 0, - }, - { - name: "partial-bogus-list", - testIds: []string{"w_bogus1", "w_bogus2", workerIds[0], workerIds[1]}, - wantCnt: 2, - }, - { - name: "partial-list", - testIds: workerIds[:5], - wantCnt: 5, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - ids, err := repo.VerifyKnownWorkers(ctx, tt.testIds) - require.NoError(t, err) - require.Equal(t, tt.wantCnt, len(ids)) - }) - } -} - func TestTagUpdatingListing(t *testing.T) { ctx := context.Background() require := require.New(t) diff --git a/internal/server/worker_auth.go b/internal/server/worker_auth.go index 490986bb3f..08b91c3f4f 100644 --- a/internal/server/worker_auth.go +++ b/internal/server/worker_auth.go @@ -215,7 +215,7 @@ func (w *WorkerCertBundle) clone() *WorkerCertBundle { // Validate is called before storing a WorkerCertBundle in the db func (w *WorkerCertBundle) ValidateNewWorkerCertBundle(ctx context.Context) error { - const op = "server.(WorkerCertBundle).validateNewWorkerCertBundle" + const op = "server.(WorkerAuth).validateNewWorkerCertBundle" if w.RootCertificatePublicKey == nil { return errors.New(ctx, errors.InvalidParameter, op, "missing CertificatePublicKey") } diff --git a/internal/session/connection.go b/internal/session/connection.go index 3941b34904..b4697ad7f9 100644 --- a/internal/session/connection.go +++ b/internal/session/connection.go @@ -5,7 +5,6 @@ package session import ( "context" - "net" "github.com/hashicorp/boundary/internal/db" "github.com/hashicorp/boundary/internal/db/timestamp" @@ -186,14 +185,5 @@ func (c *Connection) validateNewConnection(ctx context.Context) error { if c.UserClientIp == "" { return errors.New(ctx, errors.InvalidParameter, op, "missing user client ip") } - if ip := net.ParseIP(c.ClientTcpAddress); ip == nil { - return errors.New(ctx, errors.InvalidParameter, op, "given client tcp address is not an ip address") - } - if ip := net.ParseIP(c.EndpointTcpAddress); ip == nil { - return errors.New(ctx, errors.InvalidParameter, op, "given endpoint tcp address is not an ip address") - } - if ip := net.ParseIP(c.UserClientIp); ip == nil { - return errors.New(ctx, errors.InvalidParameter, op, "given user client ip is not an ip address") - } return nil } diff --git a/internal/session/connection_test.go b/internal/session/connection_test.go index b5f515b1ad..0dbe2f8c93 100644 --- a/internal/session/connection_test.go +++ b/internal/session/connection_test.go @@ -31,24 +31,23 @@ func TestConnection_Create(t *testing.T) { userClientIp string } tests := []struct { - name string - args args - want *Connection - wantErr bool - wantIsErr errors.Code - create bool - wantCreateErr bool - expectedErrMsg string + name string + args args + want *Connection + wantErr bool + wantIsErr errors.Code + create bool + wantCreateErr bool }{ { - name: "valid-ipv4", + name: "valid", args: args{ sessionId: s.PublicId, clientTcpAddress: "127.0.0.1", clientTcpPort: 22, endpointTcpAddress: "127.0.0.1", endpointTcpPort: 2222, - userClientIp: "127.0.0.2", + userClientIp: "::1", }, want: &Connection{ SessionId: s.PublicId, @@ -56,134 +55,10 @@ func TestConnection_Create(t *testing.T) { ClientTcpPort: 22, EndpointTcpAddress: "127.0.0.1", EndpointTcpPort: 2222, - UserClientIp: "127.0.0.2", + UserClientIp: "::1", }, create: true, }, - { - name: "valid-ipv6", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "2001:4860:4860:0:0:0:0:8887", - clientTcpPort: 22, - endpointTcpAddress: "2001:4860:4860:0:0:0:0:8886", - endpointTcpPort: 2222, - userClientIp: "2001:4860:4860:0:0:0:0:8885", - }, - want: &Connection{ - SessionId: s.PublicId, - ClientTcpAddress: "2001:4860:4860:0:0:0:0:8887", - ClientTcpPort: 22, - EndpointTcpAddress: "2001:4860:4860:0:0:0:0:8886", - EndpointTcpPort: 2222, - UserClientIp: "2001:4860:4860:0:0:0:0:8885", - }, - create: true, - }, - { - name: "valid-abbreviated-ipv6", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "2001:4860:4860::8887", - clientTcpPort: 22, - endpointTcpAddress: "2001:4860:4860::8886", - endpointTcpPort: 2222, - userClientIp: "2001:4860:4860::8885", - }, - want: &Connection{ - SessionId: s.PublicId, - ClientTcpAddress: "2001:4860:4860::8887", - ClientTcpPort: 22, - EndpointTcpAddress: "2001:4860:4860::8886", - EndpointTcpPort: 2222, - UserClientIp: "2001:4860:4860::8885", - }, - create: true, - }, - { - name: "invalid-[ipv6]-client-tcp-address", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "[2001:4860:4860:0:0:0:0:8887]", - clientTcpPort: 22, - endpointTcpAddress: "2001:4860:4860:0:0:0:0:8886", - endpointTcpPort: 2222, - userClientIp: "2001:4860:4860:0:0:0:0:8885", - }, - wantErr: true, - wantIsErr: errors.InvalidParameter, - expectedErrMsg: "given client tcp address is not an ip address", - }, - { - name: "invalid-[ipv6]-endpoint-tcp-address", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "2001:4860:4860:0:0:0:0:8887", - clientTcpPort: 22, - endpointTcpAddress: "[2001:4860:4860:0:0:0:0:8886]", - endpointTcpPort: 2222, - userClientIp: "2001:4860:4860:0:0:0:0:8885", - }, - wantErr: true, - wantIsErr: errors.InvalidParameter, - expectedErrMsg: "given endpoint tcp address is not an ip address", - }, - { - name: "invalid-[ipv6]-user-client-ip", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "2001:4860:4860:0:0:0:0:8887", - clientTcpPort: 22, - endpointTcpAddress: "2001:4860:4860:0:0:0:0:8886", - endpointTcpPort: 2222, - userClientIp: "[2001:4860:4860:0:0:0:0:8885]", - }, - wantErr: true, - wantIsErr: errors.InvalidParameter, - expectedErrMsg: "given user client ip is not an ip address", - }, - { - name: "invalid-abbreviated-[ipv6]-client-tcp-address", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "[2001:4860:4860::8887]", - clientTcpPort: 22, - endpointTcpAddress: "2001:4860:4860::8886", - endpointTcpPort: 2222, - userClientIp: "2001:4860:4860::8885", - }, - wantErr: true, - wantIsErr: errors.InvalidParameter, - expectedErrMsg: "given client tcp address is not an ip address", - }, - { - name: "invalid-abbreviated-[ipv6]-endpoint-tcp-address", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "2001:4860:4860::8887", - clientTcpPort: 22, - endpointTcpAddress: "[2001:4860:4860::8886]", - endpointTcpPort: 2222, - userClientIp: "2001:4860:4860::8885", - }, - wantErr: true, - wantIsErr: errors.InvalidParameter, - expectedErrMsg: "given endpoint tcp address is not an ip address", - }, - { - name: "invalid-abbreviated-[ipv6]-user-client-ip", - args: args{ - sessionId: s.PublicId, - clientTcpAddress: "2001:4860:4860::8887", - clientTcpPort: 22, - endpointTcpAddress: "2001:4860:4860::8886", - endpointTcpPort: 2222, - userClientIp: "[2001:4860:4860::8885]", - }, - wantErr: true, - wantIsErr: errors.InvalidParameter, - expectedErrMsg: "given user client ip is not an ip address", - }, { name: "empty-session-id", args: args{ @@ -272,9 +147,6 @@ func TestConnection_Create(t *testing.T) { if tt.wantErr { require.Error(err) assert.True(errors.Match(errors.T(tt.wantIsErr), err)) - if tt.expectedErrMsg != "" { - assert.ErrorContains(err, tt.expectedErrMsg) - } return } require.NoError(err) diff --git a/internal/session/job_delete_terminated_sessions.go b/internal/session/job_delete_terminated_sessions.go index e0f9c4cda7..e43e9f8018 100644 --- a/internal/session/job_delete_terminated_sessions.go +++ b/internal/session/job_delete_terminated_sessions.go @@ -5,12 +5,10 @@ package session import ( "context" - "sync" "time" "github.com/hashicorp/boundary/internal/errors" "github.com/hashicorp/boundary/internal/scheduler" - "github.com/hashicorp/boundary/internal/scheduler/batch" ) type deleteTerminatedJob struct { @@ -20,8 +18,8 @@ type deleteTerminatedJob struct { // state for it to be deleted. threshold time.Duration - mu sync.Mutex - batch *batch.Batch + // the number of sessions deleted in the most recent run + deletedInRun int } func newDeleteTerminatedJob(ctx context.Context, repo *Repository, threshold time.Duration) (*deleteTerminatedJob, error) { @@ -40,49 +38,24 @@ func newDeleteTerminatedJob(ctx context.Context, repo *Repository, threshold tim // Status reports the job’s current status. The status is periodically persisted by // the scheduler when a job is running, and will be used to verify a job is making progress. func (d *deleteTerminatedJob) Status() scheduler.JobStatus { - d.mu.Lock() - defer d.mu.Unlock() - if d.batch != nil { - return d.batch.Status() + return scheduler.JobStatus{ + Completed: d.deletedInRun, + Total: d.deletedInRun, } - return scheduler.JobStatus{} } // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (d *deleteTerminatedJob) Run(ctx context.Context, statusThreshold time.Duration) error { +func (d *deleteTerminatedJob) Run(ctx context.Context) error { const op = "session.(deleteTerminatedJob).Run" + d.deletedInRun = 0 + var err error - params, err := d.repo.getDeleteJobParams(ctx, d.threshold) - switch { - case err != nil: - return errors.Wrap(ctx, err, op) - case params.TotalToDelete == 0: - return nil - } - - exec := func() batch.Exec { - return func(ctx context.Context, batchSize int) (int, error) { - return d.repo.deleteTerminatedSessionsBatch(ctx, params.WindowStartTime, batchSize) - } - } - - config := &batch.Config{ - Size: params.BatchSize, - TotalToComplete: params.TotalToDelete, - StatusThreshold: statusThreshold, - Exec: exec(), - Store: d.repo.setDeleteJobBatchSize, - } - - batch, err := batch.New(ctx, config) + d.deletedInRun, err = d.repo.deleteSessionsTerminatedBefore(ctx, d.threshold) if err != nil { return errors.Wrap(ctx, err, op) } - d.mu.Lock() - d.batch = batch - d.mu.Unlock() - return batch.Run(ctx) + return nil } // NextRunIn returns the duration until the next job run should be scheduled. This diff --git a/internal/session/job_delete_terminated_sessions_test.go b/internal/session/job_delete_terminated_sessions_test.go index 9aa4cefb21..b8df545aef 100644 --- a/internal/session/job_delete_terminated_sessions_test.go +++ b/internal/session/job_delete_terminated_sessions_test.go @@ -34,13 +34,48 @@ func TestDeleteTermiantedSessionsJob(t *testing.T) { threshold time.Duration expected int }{ - {0, 0, time.Nanosecond, 0}, - {1, 1, time.Nanosecond, 1}, - {1, 1, time.Hour, 0}, - {10, 10, time.Nanosecond, 10}, - {10, 4, time.Nanosecond, 4}, - {10, 0, time.Nanosecond, 0}, - {10, 10, time.Hour, 0}, + { + 0, + 0, + time.Nanosecond, + 0, + }, + { + 1, + 1, + time.Nanosecond, + 1, + }, + { + 1, + 1, + time.Hour, + 0, + }, + { + 10, + 10, + time.Nanosecond, + 10, + }, + { + 10, + 4, + time.Nanosecond, + 4, + }, + { + 10, + 0, + time.Nanosecond, + 0, + }, + { + 10, + 10, + time.Hour, + 0, + }, } for _, tc := range cases { @@ -66,9 +101,9 @@ func TestDeleteTermiantedSessionsJob(t *testing.T) { job, err := newDeleteTerminatedJob(ctx, repo, tc.threshold) require.NoError(t, err) - err = job.Run(ctx, 1*time.Second) + err = job.Run(ctx) require.NoError(t, err) - assert.Equal(t, tc.expected, job.Status().Completed) + assert.Equal(t, tc.expected, job.deletedInRun) }) } } diff --git a/internal/session/job_session_cleanup.go b/internal/session/job_session_cleanup.go index 0ec00fd89e..d98933c464 100644 --- a/internal/session/job_session_cleanup.go +++ b/internal/session/job_session_cleanup.go @@ -93,7 +93,7 @@ func (j *sessionConnectionCleanupJob) Status() scheduler.JobStatus { } // Run executes the job. -func (j *sessionConnectionCleanupJob) Run(ctx context.Context, _ time.Duration) error { +func (j *sessionConnectionCleanupJob) Run(ctx context.Context) error { const op = "session.(sessionConnectionCleanupJob).Run" j.totalClosed = 0 diff --git a/internal/session/job_session_cleanup_test.go b/internal/session/job_session_cleanup_test.go index aa4169a085..3e7e8a5284 100644 --- a/internal/session/job_session_cleanup_test.go +++ b/internal/session/job_session_cleanup_test.go @@ -110,7 +110,7 @@ func TestSessionConnectionCleanupJob(t *testing.T) { require.NoError(err) // Run the job. - require.NoError(job.Run(ctx, 0)) + require.NoError(job.Run(ctx)) // Assert connection state on both workers. assertConnections := func(workerId string, closed bool) { diff --git a/internal/session/query.go b/internal/session/query.go index 5d512dc31c..491c7555aa 100644 --- a/internal/session/query.go +++ b/internal/session/query.go @@ -341,6 +341,17 @@ update session_connection ) %s returning public_id; +` + deleteTerminated = ` +delete from session +using session_state +where + session.public_id = session_state.session_id +and + session_state.state = 'terminated' +and + lower(session_state.active_time_range) < wt_sub_seconds_from_now(@threshold_seconds) +; ` sessionCredentialRewrapQuery = ` select distinct @@ -446,42 +457,6 @@ values ` ) -// queries for the delete terminated sessions job -const ( - getDeleteJobParams = ` -with total (to_delete) as ( - select count(session_id) - from session_state - where session_state.state = 'terminated' - and lower(session_state.active_time_range) < wt_sub_seconds_from_now(@threshold_seconds) -), -params (batch_size) as ( - select batch_size - from session_delete_terminated_job -) -select total.to_delete as total_to_delete, - params.batch_size as batch_size, - wt_sub_seconds_from_now(@threshold_seconds) as window_start_time - from total, params; -` - setDeleteJobBatchSize = ` -update session_delete_terminated_job - set batch_size = @batch_size; -` - deleteTerminatedInBatch = ` -with batch (session_id) as ( - select session_id - from session_state - where state = 'terminated' - and lower(session_state.active_time_range) < @terminated_before - limit @batch_size -) -delete - from session - where public_id in (select session_id from batch); -` -) - func batchInsertSessionCredentialDynamic(creds []*DynamicCredential) (string, []any, error) { if len(creds) <= 0 { return "", nil, fmt.Errorf("empty slice of DynamicCredential, cannot build query") diff --git a/internal/session/repository_jobs.go b/internal/session/repository_jobs.go deleted file mode 100644 index 250705c4f6..0000000000 --- a/internal/session/repository_jobs.go +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package session - -import ( - "context" - "database/sql" - "time" - - "github.com/hashicorp/boundary/internal/db/timestamp" - "github.com/hashicorp/boundary/internal/errors" -) - -type deleteJobParams struct { - TotalToDelete int - BatchSize int - WindowStartTime *timestamp.Timestamp -} - -func (r *Repository) getDeleteJobParams(ctx context.Context, threshold time.Duration) (deleteJobParams, error) { - const op = "session.(Repository).getDeleteJobParams" - - args := []any{ - sql.Named("threshold_seconds", threshold.Seconds()), - } - rows, err := r.reader.Query(ctx, getDeleteJobParams, args) - if err != nil { - return deleteJobParams{}, errors.Wrap(ctx, err, op, errors.WithMsg("error getting parameters for delete terminated sessions job")) - } - defer rows.Close() - - var jobParams deleteJobParams - for rows.Next() { - if err := r.reader.ScanRows(ctx, rows, &jobParams); err != nil { - return deleteJobParams{}, errors.Wrap(ctx, err, op, errors.WithMsg("scan row failed")) - } - } - if err := rows.Err(); err != nil { - return deleteJobParams{}, errors.Wrap(ctx, err, op, errors.WithMsg("next row failed")) - } - return jobParams, nil -} - -func (r *Repository) setDeleteJobBatchSize(ctx context.Context, batchSize int) error { - const op = "session.(Repository).setDeleteJobBatchSize" - - args := []any{ - sql.Named("batch_size", batchSize), - } - - _, err := r.writer.Exec(ctx, setDeleteJobBatchSize, args) - if err != nil { - return errors.Wrap(ctx, err, op, errors.WithMsg("error setting delete job batch size")) - } - return nil -} - -func (r *Repository) deleteTerminatedSessionsBatch(ctx context.Context, terminatedBefore *timestamp.Timestamp, batchSize int) (int, error) { - const op = "session.(Repository).deleteTerminatedSessionsBatch" - - args := []any{ - sql.Named("terminated_before", terminatedBefore), - sql.Named("batch_size", batchSize), - } - - c, err := r.writer.Exec(ctx, deleteTerminatedInBatch, args) - if err != nil { - return 0, errors.Wrap(ctx, err, op, errors.WithMsg("error deleting terminated sessions")) - } - return c, nil -} diff --git a/internal/session/repository_jobs_test.go b/internal/session/repository_jobs_test.go deleted file mode 100644 index 514e89f293..0000000000 --- a/internal/session/repository_jobs_test.go +++ /dev/null @@ -1,185 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package session - -import ( - "context" - "fmt" - "testing" - "time" - - "github.com/hashicorp/boundary/internal/db" - "github.com/hashicorp/boundary/internal/iam" - "github.com/hashicorp/boundary/internal/kms" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -func TestRepository_getDeleteJobParams(t *testing.T) { - ctx := context.Background() - conn, _ := db.TestSetup(t, "postgres") - rw := db.New(conn) - wrapper := db.TestWrapper(t) - iamRepo := iam.TestRepo(t, conn, wrapper) - kms := kms.TestKms(t, conn, wrapper) - repo, err := NewRepository(ctx, rw, rw, kms) - composedOf := TestSessionParams(t, conn, wrapper, iamRepo) - - const defaultBatchSize = 5000 - - cases := []struct { - sessionCount int - terminateCount int - threshold time.Duration - expectedBatchSize int - expectedTotalToDelete int - }{ - {0, 0, time.Nanosecond, defaultBatchSize, 0}, - {1, 1, time.Nanosecond, defaultBatchSize, 1}, - {1, 1, time.Hour, defaultBatchSize, 0}, - {10, 10, time.Nanosecond, defaultBatchSize, 10}, - {10, 4, time.Nanosecond, defaultBatchSize, 4}, - {10, 0, time.Nanosecond, defaultBatchSize, 0}, - {10, 10, time.Hour, defaultBatchSize, 0}, - } - - for _, tc := range cases { - t.Run(fmt.Sprintf("%d_%d_%s_%d", tc.sessionCount, tc.terminateCount, tc.threshold, tc.expectedBatchSize), func(t *testing.T) { - t.Cleanup(func() { - sdb, err := conn.SqlDB(ctx) - require.NoError(t, err) - _, err = sdb.Exec(`delete from session;`) - require.NoError(t, err) - }) - - for i := 0; i < tc.sessionCount; i++ { - s := TestSession(t, conn, wrapper, composedOf) - if i < tc.terminateCount { - _, err = repo.CancelSession(ctx, s.PublicId, s.Version) - require.NoError(t, err) - } - } - - c, err := repo.TerminateCompletedSessions(ctx) - require.NoError(t, err) - assert.Equal(t, tc.terminateCount, c) - - p, err := repo.getDeleteJobParams(ctx, tc.threshold) - require.NoError(t, err) - assert.Equal(t, tc.expectedBatchSize, p.BatchSize) - assert.Equal(t, tc.expectedTotalToDelete, p.TotalToDelete) - }) - } -} - -func TestRepository_deleteTerminatedSessionsBatch(t *testing.T) { - ctx := context.Background() - conn, _ := db.TestSetup(t, "postgres") - rw := db.New(conn) - wrapper := db.TestWrapper(t) - iamRepo := iam.TestRepo(t, conn, wrapper) - kms := kms.TestKms(t, conn, wrapper) - repo, err := NewRepository(ctx, rw, rw, kms) - composedOf := TestSessionParams(t, conn, wrapper, iamRepo) - - cases := []struct { - sessionCount int - terminateCount int - batchSize int - expected int - }{ - {0, 0, 10, 0}, - {1, 1, 10, 1}, - {10, 10, 5, 5}, - {10, 2, 5, 2}, - {10, 0, 10, 0}, - } - - for _, tc := range cases { - t.Run(fmt.Sprintf("%d_%d_%d", tc.sessionCount, tc.terminateCount, tc.batchSize), func(t *testing.T) { - t.Cleanup(func() { - sdb, err := conn.SqlDB(ctx) - require.NoError(t, err) - _, err = sdb.Exec(`delete from session;`) - require.NoError(t, err) - }) - - // add initial group of sessions and terminate some of them - { - for i := 0; i < tc.sessionCount; i++ { - s := TestSession(t, conn, wrapper, composedOf) - if i < tc.terminateCount { - _, err = repo.CancelSession(ctx, s.PublicId, s.Version) - require.NoError(t, err) - } - } - - c, err := repo.TerminateCompletedSessions(ctx) - require.NoError(t, err) - assert.Equal(t, tc.terminateCount, c) - } - - // get the job parameters - p, err := repo.getDeleteJobParams(ctx, time.Nanosecond) - require.NoError(t, err) - assert.Equal(t, tc.terminateCount, p.TotalToDelete) - - // add more sessions to test the WindowStartTime - { - for i := 0; i < tc.sessionCount; i++ { - s := TestSession(t, conn, wrapper, composedOf) - if i < tc.terminateCount { - _, err = repo.CancelSession(ctx, s.PublicId, s.Version) - require.NoError(t, err) - } - } - - c, err := repo.TerminateCompletedSessions(ctx) - require.NoError(t, err) - assert.Equal(t, tc.terminateCount, c) - } - - c, err := repo.deleteTerminatedSessionsBatch(ctx, p.WindowStartTime, tc.batchSize) - require.NoError(t, err) - assert.Equal(t, tc.expected, c) - }) - } -} - -func TestRepository_setDeleteJobBatchSize(t *testing.T) { - ctx := context.Background() - conn, _ := db.TestSetup(t, "postgres") - rw := db.New(conn) - wrapper := db.TestWrapper(t) - kms := kms.TestKms(t, conn, wrapper) - repo, err := NewRepository(ctx, rw, rw, kms) - - cases := []struct { - batchSize int - expectErr bool - }{ - {-1, true}, - {0, true}, - {1, false}, - {9, false}, - {10, false}, - {10000, false}, - {10001, false}, - } - - for _, tc := range cases { - t.Run(fmt.Sprintf("%d_%t", tc.batchSize, tc.expectErr), func(t *testing.T) { - err = repo.setDeleteJobBatchSize(ctx, tc.batchSize) - if tc.expectErr { - assert.Error(t, err) - return - } - assert.NoError(t, err) - - p, err := repo.getDeleteJobParams(ctx, time.Nanosecond) - require.NoError(t, err) - assert.Equal(t, tc.batchSize, p.BatchSize) - }) - } -} diff --git a/internal/session/repository_session.go b/internal/session/repository_session.go index 0b82821a66..864db5c26d 100644 --- a/internal/session/repository_session.go +++ b/internal/session/repository_session.go @@ -909,6 +909,20 @@ func (r *Repository) CheckIfNotActive(ctx context.Context, reportedSessions []st return notActive, nil } +func (r *Repository) deleteSessionsTerminatedBefore(ctx context.Context, threshold time.Duration) (int, error) { + const op = "session.(Repository).deleteTerminated" + + args := []any{ + sql.Named("threshold_seconds", threshold.Seconds()), + } + + c, err := r.writer.Exec(ctx, deleteTerminated, args) + if err != nil { + return 0, errors.Wrap(ctx, err, op, errors.WithMsg("error deleting terminated sessions")) + } + return c, nil +} + func fetchStates(ctx context.Context, r db.Reader, sessionId string, opt ...db.Option) ([]*State, error) { const op = "session.fetchStates" var states []*State diff --git a/internal/session/repository_session_test.go b/internal/session/repository_session_test.go index a3e03d6bd7..9e28a90818 100644 --- a/internal/session/repository_session_test.go +++ b/internal/session/repository_session_test.go @@ -5,6 +5,7 @@ package session import ( "context" + "fmt" "testing" "time" @@ -1826,6 +1827,94 @@ func TestRepository_deleteTargetFKey(t *testing.T) { } } +func TestRepository_deleteTerminated(t *testing.T) { + ctx := context.Background() + conn, _ := db.TestSetup(t, "postgres") + rw := db.New(conn) + wrapper := db.TestWrapper(t) + iamRepo := iam.TestRepo(t, conn, wrapper) + kms := kms.TestKms(t, conn, wrapper) + repo, err := NewRepository(ctx, rw, rw, kms) + composedOf := TestSessionParams(t, conn, wrapper, iamRepo) + + cases := []struct { + sessionCount int + terminateCount int + threshold time.Duration + expected int + }{ + { + 0, + 0, + time.Nanosecond, + 0, + }, + { + 1, + 1, + time.Nanosecond, + 1, + }, + { + 1, + 1, + time.Hour, + 0, + }, + { + 10, + 10, + time.Nanosecond, + 10, + }, + { + 10, + 4, + time.Nanosecond, + 4, + }, + { + 10, + 0, + time.Nanosecond, + 0, + }, + { + 10, + 10, + time.Hour, + 0, + }, + } + + for _, tc := range cases { + t.Run(fmt.Sprintf("%d_%d_%s", tc.sessionCount, tc.terminateCount, tc.threshold), func(t *testing.T) { + t.Cleanup(func() { + sdb, err := conn.SqlDB(ctx) + require.NoError(t, err) + _, err = sdb.Exec(`delete from session;`) + require.NoError(t, err) + }) + + for i := 0; i < tc.sessionCount; i++ { + s := TestSession(t, conn, wrapper, composedOf) + if i < tc.terminateCount { + _, err = repo.CancelSession(ctx, s.PublicId, s.Version) + require.NoError(t, err) + } + + } + c, err := repo.TerminateCompletedSessions(ctx) + require.NoError(t, err) + assert.Equal(t, tc.terminateCount, c) + + c, err = repo.deleteSessionsTerminatedBefore(ctx, tc.threshold) + require.NoError(t, err) + assert.Equal(t, tc.expected, c) + }) + } +} + func Test_decrypt(t *testing.T) { conn, _ := db.TestSetup(t, "postgres") wrapper := db.TestWrapper(t) diff --git a/internal/session/session.go b/internal/session/session.go index 5f8b7b9994..6cbf75fb60 100644 --- a/internal/session/session.go +++ b/internal/session/session.go @@ -472,9 +472,13 @@ func newCert(ctx context.Context, jobId string, addresses []string, exp time.Tim for _, addr := range addresses { // First ensure we aren't looking at ports, regardless of IP or not - host, _, err := util.SplitHostPort(addr) + host, _, err := net.SplitHostPort(addr) if err != nil { - return nil, nil, errors.Wrap(ctx, err, op) + if strings.Contains(err.Error(), "missing port") { + host = addr + } else { + return nil, nil, errors.Wrap(ctx, err, op) + } } // Now figure out if it's an IP address or not. If ParseIP likes it, add // to IP SANs. Otherwise DNS SANs. diff --git a/internal/snapshot/snapshot_job.go b/internal/snapshot/snapshot_job.go index 6ec92cf107..6bda0cd250 100644 --- a/internal/snapshot/snapshot_job.go +++ b/internal/snapshot/snapshot_job.go @@ -41,7 +41,7 @@ func (c *snapshotJob) Status() scheduler.JobStatus { // Run performs the required work depending on the implementation. // The context is used to notify the job that it should exit early. -func (c *snapshotJob) Run(ctx context.Context, _ time.Duration) error { +func (c *snapshotJob) Run(ctx context.Context) error { const op = "snapshot.(snapshotJob).Run" err := runFn(ctx, c) return err diff --git a/internal/target/repository.go b/internal/target/repository.go index d1ec66708c..c91624dba5 100644 --- a/internal/target/repository.go +++ b/internal/target/repository.go @@ -22,7 +22,6 @@ import ( "github.com/hashicorp/boundary/internal/types/action" "github.com/hashicorp/boundary/internal/types/resource" "github.com/hashicorp/boundary/internal/types/scope" - "github.com/hashicorp/boundary/internal/util" "github.com/hashicorp/go-dbw" ) @@ -551,11 +550,7 @@ func (r *Repository) CreateTarget(ctx context.Context, target Target, opt ...Opt var address *Address var err error if t.GetAddress() != "" { - host, err := util.ParseAddress(ctx, t.GetAddress()) - if err != nil { - return nil, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address")) - } - t.SetAddress(host) + t.SetAddress(strings.TrimSpace(t.GetAddress())) address, err = NewAddress(ctx, t.GetPublicId(), t.GetAddress()) if err != nil { return nil, errors.Wrap(ctx, err, op) @@ -655,6 +650,7 @@ func (r *Repository) UpdateTarget(ctx context.Context, target Target, version ui return nil, db.NoRowsAffected, err } + var addressEndpoint string for _, f := range fieldMaskPaths { switch { case strings.EqualFold("name", f): @@ -667,6 +663,8 @@ func (r *Repository) UpdateTarget(ctx context.Context, target Target, version ui case strings.EqualFold("egressworkerfilter", f): case strings.EqualFold("ingressworkerfilter", f): case strings.EqualFold("address", f): + target.SetAddress(strings.TrimSpace(target.GetAddress())) + addressEndpoint = target.GetAddress() case strings.EqualFold("storagebucketid", f): case strings.EqualFold("enablesessionrecording", f): default: @@ -700,19 +698,12 @@ func (r *Repository) UpdateTarget(ctx context.Context, target Target, version ui // The Address field is not a part of the target schema in the database. It // is a part of a different table called target_address, which is why the // Address field must be filtered out of the dbMask & nullFields slices. - var addressEndpoint string var updateAddress, deleteAddress bool var filteredDbMask, filteredNullFields []string for _, f := range dbMask { switch { case strings.EqualFold("Address", f): updateAddress = true - address, err := util.ParseAddress(ctx, target.GetAddress()) - if err != nil { - return nil, db.NoRowsAffected, errors.Wrap(ctx, err, op, errors.WithCode(errors.InvalidAddress), errors.WithMsg("invalid address")) - } - target.SetAddress(address) - addressEndpoint = target.GetAddress() default: filteredDbMask = append(filteredDbMask, f) } diff --git a/internal/target/tcp/repository_tcp_target_test.go b/internal/target/tcp/repository_tcp_target_test.go index 807578e318..6341c86dbf 100644 --- a/internal/target/tcp/repository_tcp_target_test.go +++ b/internal/target/tcp/repository_tcp_target_test.go @@ -70,23 +70,6 @@ func TestRepository_CreateTarget(t *testing.T) { }, wantErr: false, }, - { - name: "with-dns-name", - args: args{ - target: func() *tcp.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-dns-name"), - target.WithDescription("with-dns-name"), - target.WithDefaultPort(uint32(22)), - target.WithAddress("www.google.com"), - ) - require.NoError(t, err) - return target.(*tcp.Target) - }(), - }, - wantErr: false, - wantAddress: "www.google.com", - }, { name: "with-ipv4-address", args: args{ @@ -100,24 +83,7 @@ func TestRepository_CreateTarget(t *testing.T) { return target }(), }, - wantErr: false, - wantAddress: "8.8.8.8", - }, - { - name: "with-invalid-ipv4-address-with-port", - args: args{ - target: func() target.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-invalid-ipv4-address-with-port"), - target.WithDescription("with-invalid-ipv4-address-with-port"), - target.WithDefaultPort(80), - target.WithAddress("8.8.8.8:80")) - require.NoError(t, err) - return target - }(), - }, - wantErr: true, - wantIsError: errors.InvalidAddress, + wantErr: false, }, { name: "with-abbreviated-ipv6-address", @@ -132,8 +98,7 @@ func TestRepository_CreateTarget(t *testing.T) { return target }(), }, - wantErr: false, - wantAddress: "2001:4860:4860::8888", + wantErr: false, }, { name: "with-ipv6-address", @@ -148,72 +113,7 @@ func TestRepository_CreateTarget(t *testing.T) { return target }(), }, - wantErr: false, - wantAddress: "2001:4860:4860::8888", - }, - { - name: "with-abbreviated-[ipv6]-address", - args: args{ - target: func() target.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-abbreviated-[ipv6]-address"), - target.WithDescription("with-abbreviated-[ipv6]-address"), - target.WithDefaultPort(80), - target.WithAddress("[2001:4860:4860::8888]")) - require.NoError(t, err) - return target - }(), - }, - wantErr: false, - wantAddress: "2001:4860:4860::8888", - }, - { - name: "with-invalid-abbreviated-[ipv6]-address-with-port", - args: args{ - target: func() target.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-invalid-abbreviated-[ipv6]-address-with-port"), - target.WithDescription("with-invalid-abbreviated-[ipv6]-address-with-port"), - target.WithDefaultPort(80), - target.WithAddress("[2001:4860:4860::8888]:80")) - require.NoError(t, err) - return target - }(), - }, - wantErr: true, - wantIsError: errors.InvalidAddress, - }, - { - name: "with-[ipv6]-address", - args: args{ - target: func() target.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-[ipv6]-address"), - target.WithDescription("with-[ipv6]-address"), - target.WithDefaultPort(80), - target.WithAddress("[2001:4860:4860:0:0:0:0:8888]")) - require.NoError(t, err) - return target - }(), - }, - wantErr: false, - wantAddress: "2001:4860:4860:0:0:0:0:8888", - }, - { - name: "with-invalid-[ipv6]-address-with-port", - args: args{ - target: func() target.Target { - target, err := target.New(ctx, tcp.Subtype, proj.PublicId, - target.WithName("with-invalid-[ipv6]-address-with-port"), - target.WithDescription("with-invalid-[ipv6]-address-with-port"), - target.WithDefaultPort(80), - target.WithAddress("[2001:4860:4860:0:0:0:0:8888]:80")) - require.NoError(t, err) - return target - }(), - }, - wantErr: true, - wantIsError: errors.InvalidAddress, + wantErr: false, }, { name: "with-address-whitespace", @@ -488,6 +388,7 @@ func TestRepository_UpdateTcpTarget(t *testing.T) { wantRowsUpdate: 1, wantHostSources: true, }, + { name: "valid-ipv4-address", args: args{ @@ -500,20 +401,6 @@ func TestRepository_UpdateTcpTarget(t *testing.T) { wantErr: false, wantRowsUpdate: 1, wantHostSources: false, - wantAddress: "8.8.8.8", - }, - { - name: "invalid-ipv4-address-with-port", - args: args{ - name: "invalid-ipv4-address-with-port" + id, - fieldMaskPaths: []string{"Name", "Address"}, - ProjectId: proj.PublicId, - address: "8.8.8.8:80", - }, - newProjectId: proj.PublicId, - wantErr: true, - wantIsError: errors.InvalidAddress, - wantErrMsg: "invalid address", }, { name: "valid-abbreviated-ipv6-address", @@ -527,7 +414,6 @@ func TestRepository_UpdateTcpTarget(t *testing.T) { wantErr: false, wantRowsUpdate: 1, wantHostSources: false, - wantAddress: "2001:4860:4860::8888", }, { name: "valid-ipv6-address", @@ -541,61 +427,6 @@ func TestRepository_UpdateTcpTarget(t *testing.T) { wantErr: false, wantRowsUpdate: 1, wantHostSources: false, - wantAddress: "2001:4860:4860::8888", - }, - { - name: "valid-abbreviated-[ipv6]-address", - args: args{ - name: "valid-abbreviated-[ipv6]-address" + id, - fieldMaskPaths: []string{"Name", "Address"}, - ProjectId: proj.PublicId, - address: "[2001:4860:4860::8888]", - }, - newProjectId: proj.PublicId, - wantErr: false, - wantRowsUpdate: 1, - wantHostSources: false, - wantAddress: "2001:4860:4860::8888", - }, - { - name: "invalid-abbreviated-[ipv6]-address-with-port", - args: args{ - name: "invalid-abbreviated-[ipv6]-address-with-port" + id, - fieldMaskPaths: []string{"Name", "Address"}, - ProjectId: proj.PublicId, - address: "[2001:4860:4860::8888]:80", - }, - newProjectId: proj.PublicId, - wantErr: true, - wantIsError: errors.InvalidAddress, - wantErrMsg: "invalid address", - }, - { - name: "valid-[ipv6]-address", - args: args{ - name: "valid-[ipv6]-address" + id, - fieldMaskPaths: []string{"Name", "Address"}, - ProjectId: proj.PublicId, - address: "[2001:4860:4860:0:0:0:0:8888]", - }, - newProjectId: proj.PublicId, - wantErr: false, - wantRowsUpdate: 1, - wantHostSources: false, - wantAddress: "2001:4860:4860:0:0:0:0:8888", - }, - { - name: "invalid-[ipv6]-address-with-port", - args: args{ - name: "invalid-[ipv6]-address-with-port" + id, - fieldMaskPaths: []string{"Name", "Address"}, - ProjectId: proj.PublicId, - address: "[2001:4860:4860:0:0:0:0:8888]:80", - }, - newProjectId: proj.PublicId, - wantErr: true, - wantIsError: errors.InvalidAddress, - wantErrMsg: "invalid address", }, { name: "null-address", diff --git a/internal/target/tcp/testing_test.go b/internal/target/tcp/testing_test.go index 24dc2a8b04..757657cc1e 100644 --- a/internal/target/tcp/testing_test.go +++ b/internal/target/tcp/testing_test.go @@ -19,116 +19,39 @@ import ( ) func Test_TestTcpTarget(t *testing.T) { - t.Parallel() - + require := require.New(t) conn, _ := db.TestSetup(t, "postgres") rw := db.New(conn) wrapper := db.TestWrapper(t) testKms := kms.TestKms(t, conn, wrapper) iamRepo := iam.TestRepo(t, conn, wrapper) + _, proj := iam.TestScopes(t, iamRepo) + ctx := context.Background() repo, err := target.NewRepository(ctx, rw, rw, testKms) - require.NoError(t, err) - - t.Run("with-host-source", func(t *testing.T) { - assert, require := assert.New(t), require.New(t) - _, proj := iam.TestScopes(t, iamRepo) - cats := static.TestCatalogs(t, conn, proj.PublicId, 1) - hsets := static.TestSets(t, conn, cats[0].GetPublicId(), 2) - var sets []string - for _, s := range hsets { - sets = append(sets, s.PublicId) - } - name := tcp.TestTargetName(t, proj.PublicId) - tar := tcp.TestTarget(ctx, t, conn, proj.PublicId, name, target.WithHostSources(sets)) - require.NotNil(t) - assert.NotEmpty(tar.GetPublicId()) - assert.Equal(name, tar.GetName()) - assert.Empty(tar.GetAddress()) + require.NoError(err) - foundTarget, err := repo.LookupTarget(context.Background(), tar.GetPublicId()) - require.NoError(err) + cats := static.TestCatalogs(t, conn, proj.PublicId, 1) + hsets := static.TestSets(t, conn, cats[0].GetPublicId(), 2) + var sets []string + for _, s := range hsets { + sets = append(sets, s.PublicId) + } + name := tcp.TestTargetName(t, proj.PublicId) + tar := tcp.TestTarget(ctx, t, conn, proj.PublicId, name, target.WithHostSources(sets)) + require.NotNil(t) + require.NotEmpty(tar.GetPublicId()) + require.Equal(name, tar.GetName()) - foundSources := foundTarget.GetHostSources() - foundIds := make([]string, 0, len(foundSources)) - for _, s := range foundSources { - foundIds = append(foundIds, s.Id()) - } - assert.ElementsMatch(sets, foundIds) - }) + foundTarget, err := repo.LookupTarget(context.Background(), tar.GetPublicId()) + foundSources := foundTarget.GetHostSources() - tests := []struct { - name string - opt []target.Option - wantAddress string - }{ - { - name: "dns-name", - opt: []target.Option{ - target.WithAddress("www.google.com"), - }, - wantAddress: "www.google.com", - }, - { - name: "ipv4-address", - opt: []target.Option{ - target.WithAddress("8.8.8.8"), - }, - wantAddress: "8.8.8.8", - }, - { - name: "ipv4-address-with-port", - opt: []target.Option{ - target.WithAddress("8.8.8.8:80"), - }, - wantAddress: "8.8.8.8:80", - }, - { - name: "ipv6-address", - opt: []target.Option{ - target.WithAddress("2001:4860:4860:0:0:0:0:8888"), - }, - wantAddress: "2001:4860:4860:0:0:0:0:8888", - }, - { - name: "ipv6-address-with-port", - opt: []target.Option{ - target.WithAddress("[2001:4860:4860:0:0:0:0:8888]:80"), - }, - wantAddress: "[2001:4860:4860:0:0:0:0:8888]:80", - }, - { - name: "abbreviated-ipv6-address", - opt: []target.Option{ - target.WithAddress("2001:4860:4860::8888"), - }, - wantAddress: "2001:4860:4860::8888", - }, - { - name: "abbreviated-ipv6-address-with-port", - opt: []target.Option{ - target.WithAddress("[2001:4860:4860::8888]:80"), - }, - wantAddress: "[2001:4860:4860::8888]:80", - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - assert, require := assert.New(t), require.New(t) - _, proj := iam.TestScopes(t, iamRepo) - name := tcp.TestTargetName(t, proj.PublicId) - tar := tcp.TestTarget(ctx, t, conn, proj.PublicId, name, tt.opt...) - require.NotNil(t) - assert.NotEmpty(tar.GetPublicId()) - assert.Equal(name, tar.GetName()) - if tt.wantAddress != "" { - assert.Equal(tt.wantAddress, tar.GetAddress()) - assert.Empty(tar.GetHostSources()) - } else { - assert.Empty(tar.GetAddress()) - } - }) + require.NoError(err) + foundIds := make([]string, 0, len(foundSources)) + for _, s := range foundSources { + foundIds = append(foundIds, s.Id()) } + require.ElementsMatch(sets, foundIds) } func Test_TestCredentialLibrary(t *testing.T) { diff --git a/internal/tests/api/targets/target_test.go b/internal/tests/api/targets/target_test.go index d00cc28d95..72a6bb1ea9 100644 --- a/internal/tests/api/targets/target_test.go +++ b/internal/tests/api/targets/target_test.go @@ -383,7 +383,7 @@ func TestTarget_AddressMutualExclusiveRelationship(t *testing.T) { targets.WithName("test-address"), targets.WithAddress("[::1]"), targets.WithTcpTargetDefaultPort(22)) require.NoError(t, err) require.NotNil(t, targetResp) - require.Equal(t, "::1", targetResp.GetItem().Address) + require.Equal(t, "[::1]", targetResp.GetItem().Address) // Setup host catalog, host set, & host resources hc, err := hostcatalogs.NewClient(client).Create(tc.Context(), "static", proj.GetPublicId()) @@ -477,7 +477,7 @@ func TestTarget_HostSourceMutualExclusiveRelationship(t *testing.T) { updateResp, err = tClient.Update(tc.Context(), targetId, version, targets.WithAddress("[::1]")) require.NoError(t, err) require.NotNil(t, updateResp) - require.Equal(t, "::1", updateResp.GetItem().Address) + require.Equal(t, "[::1]", updateResp.GetItem().Address) require.Empty(t, updateResp.GetItem().HostSourceIds) } @@ -491,29 +491,24 @@ func TestCreateTarget_DirectlyAttachedAddress(t *testing.T) { tClient := targets.NewClient(client) tests := []struct { - name string - address string - expectedAddress string + name string + address string }{ { - name: "target-ipv4-address", - address: "127.0.0.1", - expectedAddress: "127.0.0.1", + name: "target-ipv4-address", + address: "127.0.0.1", }, { - name: "target-ipv6-address", - address: "[2001:4860:4860:0:0:0:0:8888]", - expectedAddress: "2001:4860:4860:0:0:0:0:8888", + name: "target-ipv6-address", + address: "[2001:4860:4860:0:0:0:0:8888]", }, { - name: "target-abbreviated-ipv6-address", - address: "[2001:4860:4860::8888]", - expectedAddress: "2001:4860:4860::8888", + name: "target-abbreviated-ipv6-address", + address: "[2001:4860:4860::8888]", }, { - name: "target-dns-address", - address: "www.google.com", - expectedAddress: "www.google.com", + name: "target-dns-address", + address: "null", }, } for _, tt := range tests { @@ -523,14 +518,14 @@ func TestCreateTarget_DirectlyAttachedAddress(t *testing.T) { targets.WithName(tt.name), targets.WithAddress(tt.address), targets.WithTcpTargetDefaultPort(22)) require.NoError(err) require.NotNil(createResp) - assert.Equal(tt.expectedAddress, createResp.GetItem().Address) + assert.Equal(tt.address, createResp.GetItem().Address) targetId := createResp.GetItem().Id version := createResp.GetItem().Version readResp, err := tClient.Read(tc.Context(), targetId) require.NoError(err) require.NotNil(readResp) - assert.Equal(tt.expectedAddress, readResp.GetItem().Address) + assert.Equal(tt.address, readResp.GetItem().Address) updateResp, err := tClient.Update(tc.Context(), targetId, version, targets.DefaultAddress()) require.NoError(err) diff --git a/internal/tests/cluster/ipv6_listener_test.go b/internal/tests/cluster/ipv6_listener_test.go index 9d45422193..8274de0e16 100644 --- a/internal/tests/cluster/ipv6_listener_test.go +++ b/internal/tests/cluster/ipv6_listener_test.go @@ -5,8 +5,8 @@ package cluster import ( "context" - "sync" "testing" + "time" "github.com/hashicorp/boundary/api" "github.com/hashicorp/boundary/api/scopes" @@ -19,73 +19,58 @@ import ( ) func TestIPv6Listener(t *testing.T) { - t.Parallel() require := require.New(t) logger := hclog.New(&hclog.LoggerOptions{ Level: hclog.Trace, }) - conf, err := config.DevController(config.WithIPv6Enabled(true)) + conf, err := config.DevController() require.NoError(err) + for _, l := range conf.Listeners { + switch l.Purpose[0] { + case "api": + l.Address = "[::1]:9200" + + case "cluster": + l.Address = "[::1]:9201" + } + } + c1 := controller.NewTestController(t, &controller.TestControllerOpts{ Config: conf, Logger: logger.Named("c1"), }) defer c1.Shutdown() - c2 := c1.AddClusterControllerMember(t, &controller.TestControllerOpts{ - Config: conf, - Logger: c1.Config().Logger.ResetNamed("c2"), - }) - defer c2.Shutdown() + helper.ExpectWorkers(t, c1) - wg := new(sync.WaitGroup) - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2) - }() - wg.Wait() - - wconf, err := config.DevWorker(config.WithIPv6Enabled(true)) + wconf, err := config.DevWorker() require.NoError(err) w1 := worker.NewTestWorker(t, &worker.TestWorkerOpts{ Config: wconf, WorkerAuthKms: c1.Config().WorkerAuthKms, - InitialUpstreams: append(c1.ClusterAddrs(), c2.ClusterAddrs()...), + InitialUpstreams: c1.ClusterAddrs(), Logger: logger.Named("w1"), }) defer w1.Shutdown() - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1, w1) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2, w1) - }() - wg.Wait() + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1, w1) - require.NoError(w1.Worker().Shutdown()) + c2 := c1.AddClusterControllerMember(t, &controller.TestControllerOpts{ + Logger: c1.Config().Logger.ResetNamed("c2"), + }) + defer c2.Shutdown() + + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c2, w1) - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2) - }() - wg.Wait() + require.NoError(w1.Worker().Shutdown()) + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1) + helper.ExpectWorkers(t, c2) client, err := api.NewClient(nil) require.NoError(err) diff --git a/internal/tests/cluster/multi_controller_worker_test.go b/internal/tests/cluster/multi_controller_worker_test.go index 9380fda0b9..80b3c6613f 100644 --- a/internal/tests/cluster/multi_controller_worker_test.go +++ b/internal/tests/cluster/multi_controller_worker_test.go @@ -5,7 +5,6 @@ package cluster import ( "context" - "sync" "testing" "time" @@ -39,64 +38,33 @@ func TestMultiControllerMultiWorkerConnections(t *testing.T) { }) defer c2.Shutdown() - wg := new(sync.WaitGroup) - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2) - }() - wg.Wait() + helper.ExpectWorkers(t, c1) + helper.ExpectWorkers(t, c2) w1 := worker.NewTestWorker(t, &worker.TestWorkerOpts{ WorkerAuthKms: c1.Config().WorkerAuthKms, - InitialUpstreams: append(c1.ClusterAddrs(), c2.ClusterAddrs()...), + InitialUpstreams: c1.ClusterAddrs(), Logger: logger.Named("w1"), }) defer w1.Shutdown() - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1, w1) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2, w1) - }() - wg.Wait() + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1, w1) + helper.ExpectWorkers(t, c2, w1) w2 := w1.AddClusterWorkerMember(t, &worker.TestWorkerOpts{ Logger: logger.Named("w2"), }) defer w2.Shutdown() - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1, w1, w2) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2, w1, w2) - }() - wg.Wait() + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1, w1, w2) + helper.ExpectWorkers(t, c2, w1, w2) require.NoError(w1.Worker().Shutdown()) - - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1, w2) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2, w2) - }() - wg.Wait() + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1, w2) + helper.ExpectWorkers(t, c2, w2) w1 = worker.NewTestWorker(t, &worker.TestWorkerOpts{ WorkerAuthKms: c1.Config().WorkerAuthKms, @@ -105,41 +73,22 @@ func TestMultiControllerMultiWorkerConnections(t *testing.T) { }) defer w1.Shutdown() - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1, w1, w2) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2, w1, w2) - }() - wg.Wait() + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1, w1, w2) + helper.ExpectWorkers(t, c2, w1, w2) require.NoError(c2.Controller().Shutdown()) - - wg.Add(1) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1, w1, w2) - }() - wg.Wait() + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1, w1, w2) c2 = c1.AddClusterControllerMember(t, &controller.TestControllerOpts{ Logger: c1.Config().Logger.ResetNamed("c2"), }) defer c2.Shutdown() - wg.Add(2) - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c1, w1, w2) - }() - go func() { - defer wg.Done() - helper.ExpectWorkers(t, c2, w1, w2) - }() - wg.Wait() + time.Sleep(10 * time.Second) + helper.ExpectWorkers(t, c1, w1, w2) + helper.ExpectWorkers(t, c2, w1, w2) } func TestWorkerAppendInitialUpstreams(t *testing.T) { diff --git a/internal/tests/cluster/worker_bytesupdown_test.go b/internal/tests/cluster/worker_bytesupdown_test.go index 77e734587f..e9867074cb 100644 --- a/internal/tests/cluster/worker_bytesupdown_test.go +++ b/internal/tests/cluster/worker_bytesupdown_test.go @@ -31,23 +31,16 @@ func TestWorkerBytesUpDown(t *testing.T) { Level: hclog.Trace, }) - conf, err := config.DevController(config.WithIPv6Enabled(true)) + conf, err := config.DevController() require.NoError(err) - pl, err := net.Listen("tcp", "[::1]:") + pl, err := net.Listen("tcp", "localhost:0") require.NoError(err) - - // update cluster listener to utilize proxy listener address - for _, l := range conf.Listeners { - if l.Purpose[0] == "cluster" { - l.Address = pl.Addr().String() - } - } - c1 := controller.NewTestController(t, &controller.TestControllerOpts{ Config: conf, InitialResourcesSuffix: "1234567890", Logger: logger.Named("c1"), + PublicClusterAddr: pl.Addr().String(), WorkerStatusGracePeriodDuration: helper.DefaultWorkerStatusGracePeriod, }) @@ -69,9 +62,10 @@ func TestWorkerBytesUpDown(t *testing.T) { InitialUpstreams: []string{proxy.ListenerAddr()}, Logger: logger.Named("w1"), SuccessfulStatusGracePeriodDuration: helper.DefaultSuccessfulStatusGracePeriod, - EnableIPv6: true, }) + require.NoError(w1.Worker().WaitForNextSuccessfulStatusUpdate()) + require.NoError(c1.WaitForNextWorkerStatusUpdate(w1.Name())) helper.ExpectWorkers(t, c1, w1) // Use an independent context for test things that take a context so @@ -96,12 +90,7 @@ func TestWorkerBytesUpDown(t *testing.T) { require.NotNil(tgt) // Authorize a session, connect and send/recv some traffic - workerInfo := []*targets.WorkerInfo{ - { - Address: w1.ProxyAddrs()[0], - }, - } - sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890", helper.WithWorkerInfo(workerInfo)) + sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890") conn := sess.Connect(ctx, t) conn.TestSendRecvAll(t) diff --git a/internal/tests/cluster/worker_proxy_test.go b/internal/tests/cluster/worker_proxy_test.go index 7948aebf2c..585d6452f0 100644 --- a/internal/tests/cluster/worker_proxy_test.go +++ b/internal/tests/cluster/worker_proxy_test.go @@ -32,23 +32,16 @@ func TestWorkerSessionProxyMultipleConnections(t *testing.T) { Level: hclog.Trace, }) - pl, err := net.Listen("tcp", "[::1]:") + conf, err := config.DevController() require.NoError(err) - conf, err := config.DevController(config.WithIPv6Enabled(true)) + pl, err := net.Listen("tcp", "localhost:0") require.NoError(err) - - // update cluster listener to utilize proxy listener address - for _, l := range conf.Listeners { - if l.Purpose[0] == "cluster" { - l.Address = pl.Addr().String() - } - } - c1 := controller.NewTestController(t, &controller.TestControllerOpts{ Config: conf, InitialResourcesSuffix: "1234567890", Logger: logger.Named("c1"), + PublicClusterAddr: pl.Addr().String(), WorkerStatusGracePeriodDuration: helper.DefaultWorkerStatusGracePeriod, }) t.Cleanup(c1.Shutdown) @@ -73,10 +66,13 @@ func TestWorkerSessionProxyMultipleConnections(t *testing.T) { InitialUpstreams: []string{proxy.ListenerAddr()}, Logger: logger.Named("w1"), SuccessfulStatusGracePeriodDuration: helper.DefaultWorkerStatusGracePeriod, - EnableIPv6: true, }) t.Cleanup(w1.Shutdown) + err = w1.Worker().WaitForNextSuccessfulStatusUpdate() + require.NoError(err) + err = c1.WaitForNextWorkerStatusUpdate(w1.Name()) + require.NoError(err) helper.ExpectWorkers(t, c1, w1) // Use an independent context for test things that take a context so @@ -103,12 +99,7 @@ func TestWorkerSessionProxyMultipleConnections(t *testing.T) { require.NotNil(tgt) // Authorize and connect - workerInfo := []*targets.WorkerInfo{ - { - Address: w1.ProxyAddrs()[0], - }, - } - sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890", helper.WithWorkerInfo(workerInfo)) + sess := helper.NewTestSession(ctx, t, tcl, "ttcp_1234567890") sConn := sess.Connect(ctx, t) // Run initial send/receive test, make sure things are working diff --git a/internal/tests/helper/option.go b/internal/tests/helper/option.go index 4ce8e321b2..28e9b8be5f 100644 --- a/internal/tests/helper/option.go +++ b/internal/tests/helper/option.go @@ -3,8 +3,6 @@ package helper -import "github.com/hashicorp/boundary/api/targets" - // getOpts iterates the inbound Options and returns a struct and any errors func getOpts(opt ...Option) (*Options, error) { opts := getDefaultOptions() @@ -24,7 +22,6 @@ func getOpts(opt ...Option) (*Options, error) { // are parsed in various other packages. type Options struct { WithSkipSessionTeardown bool - WithWorkerInfo []*targets.WorkerInfo } // Option is a function that takes in an options struct and sets values or @@ -46,13 +43,3 @@ func WithSkipSessionTeardown(with bool) Option { return nil } } - -// WithWorkerInfo can be used to override the default worker address localhost:9202 -// for SessionAuthroizationData. This is useful when testing session connection with -// dev workers that are not utilizing default addresses. -func WithWorkerInfo(workerInfo []*targets.WorkerInfo) Option { - return func(o *Options) error { - o.WithWorkerInfo = workerInfo - return nil - } -} diff --git a/internal/tests/helper/testing_helper.go b/internal/tests/helper/testing_helper.go index ed916a4421..0392eb3f62 100644 --- a/internal/tests/helper/testing_helper.go +++ b/internal/tests/helper/testing_helper.go @@ -11,7 +11,6 @@ import ( "net" "reflect" "strconv" - "sync" "testing" "time" @@ -77,18 +76,11 @@ func NewTestSession( sessAuth, err := sar.GetSessionAuthorization() require.NoError(err) - sessAuthData, err := sessAuth.GetSessionAuthorizationData() - if len(opts.WithWorkerInfo) != 0 { - sessAuthData.WorkerInfo = opts.WithWorkerInfo - } - require.NoError(err) - proxy, err := apiproxy.New( ctx, sessAuth.AuthorizationToken, apiproxy.WithWorkerHost(sessAuth.SessionId), apiproxy.WithSkipSessionTeardown(opts.WithSkipSessionTeardown), - apiproxy.WithSessionAuthorizationData(sessAuthData), ) require.NoError(err) @@ -439,36 +431,23 @@ func NewTestTcpServer(t *testing.T) *TestTcpServer { return ts } -// ExpectWorkers is a blocking call, where the method validates that the expected workers -// can be found in the controllers status update. If the provided list of workers is empty, -// this method will sleep for 10 seconds and then validate that the controller worker status -// is empty. func ExpectWorkers(t *testing.T, c *controller.TestController, workers ...*worker.TestWorker) { - // validate the controller has no reported workers - if len(workers) == 0 { - c.Controller().WorkerStatusUpdateTimes().Clear() - time.Sleep(10 * time.Second) - assert.Eventually(t, func() bool { - empty := true - c.Controller().WorkerStatusUpdateTimes().Range(func(k, v any) bool { - empty = false - return false - }) - return empty - }, 30*time.Second, 2*time.Second) - return - } - - // validate the controller has expected workers - wg := new(sync.WaitGroup) + updateTimes := c.Controller().WorkerStatusUpdateTimes() + workerMap := map[string]*worker.TestWorker{} for _, w := range workers { - wg.Add(1) - go func() { - defer wg.Done() - require.NoError(t, c.WaitForNextWorkerStatusUpdate(w.Name())) - _, ok := c.Controller().WorkerStatusUpdateTimes().Load(w.Name()) - assert.True(t, ok) - }() + workerMap[w.Name()] = w } - wg.Wait() + updateTimes.Range(func(k, v any) bool { + require.NotNil(t, k) + require.NotNil(t, v) + if workerMap[k.(string)] == nil { + // We don't remove from updateTimes currently so if we're not + // expecting it we'll see an out-of-date entry + return true + } + assert.WithinDuration(t, time.Now(), v.(time.Time), 30*time.Second) + delete(workerMap, k.(string)) + return true + }) + assert.Empty(t, workerMap) } diff --git a/internal/util/net.go b/internal/util/net.go deleted file mode 100644 index 874929906a..0000000000 --- a/internal/util/net.go +++ /dev/null @@ -1,72 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package util - -import ( - "context" - "errors" - "net" - "regexp" - "strings" - - "github.com/hashicorp/boundary/globals" -) - -const ( - // MinAddressLength - MinAddressLength = 3 - // MaxAddressLength - MaxAddressLength = 255 -) - -// This regular expression is used to find all instances of square brackets within a string. -// This regular expression is used to remove the square brackets from an IPv6 address. -var squareBrackets = regexp.MustCompile("\\[|\\]") - -// JoinHostPort combines host and port into a network address of the form "host:port". -// If host contains a colon, as found in literal IPv6 addresses, then JoinHostPort returns "[host]:port". -func JoinHostPort(host, port string) string { - host = squareBrackets.ReplaceAllString(host, "") - return net.JoinHostPort(host, port) -} - -// SplitHostPort splits a network address of the form "host:port", "host%zone:port", "[host]:port" or "[host%zone]:port" into host or host%zone and port. -// -// A literal IPv6 address in hostport must be enclosed in square brackets, as in "[::1]:80", "[::1%lo0]:80". -func SplitHostPort(hostport string) (host string, port string, err error) { - host, port, err = net.SplitHostPort(hostport) - // use the hostport value as a backup when we have a missing port error - if err != nil && strings.Contains(err.Error(), globals.MissingPortErrStr) { - // incase the hostport value is an ipv6, we must remove the enclosed square - // brackets to retain the same behavior as the net.SplitHostPort() method - host = squareBrackets.ReplaceAllString(hostport, "") - err = nil - } - return -} - -// ParseAddress trims and validates the input address string. It checks whether -// the address is within the allowed length and attempts to split it into a host and -// port. If the address contains a port, it returns an error. The function supports -// both valid IP addresses (IPv4 or IPv6) and DNS names. If the address is valid -// and does not include a port, it returns the host (either an IP or a DNS name). -func ParseAddress(ctx context.Context, address string) (string, error) { - const op = "util.ParseAddress" - address = strings.TrimSpace(address) - if len(address) < MinAddressLength || len(address) > MaxAddressLength { - return "", errors.New("invalid address length") - } - host, port, err := SplitHostPort(address) - if err != nil { - ip := net.ParseIP(address) - if ip.To4() == nil && ip.To16() == nil { - return "", err - } - host = ip.String() - } - if port != "" { - return "", errors.New("address contains a port") - } - return host, nil -} diff --git a/internal/util/net_test.go b/internal/util/net_test.go deleted file mode 100644 index 1767a9bfe9..0000000000 --- a/internal/util/net_test.go +++ /dev/null @@ -1,385 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package util - -import ( - "context" - "net" - "strings" - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -func Test_JoinHostPort(t *testing.T) { - t.Parallel() - - // The wrapper function is used to ensure that the - // host input value is not already enclosed with - // square brackets for ipv6 addresses. This is because - // the underlying JoinHostPort() method will enclose the - // existing square brackets with another pair of square - // brackets. - t.Run("ensure-net.JoinHostPort()-behavior", func(t *testing.T) { - assert := assert.New(t) - hostport := net.JoinHostPort("[2001:4860:4860:0:0:0:0:8888]", "80") - assert.Equal("[[2001:4860:4860:0:0:0:0:8888]]:80", hostport) - }) - - tests := []struct { - name string - host string - port string - expectedAddress string - }{ - { - name: "local-ipv4", - host: "127.0.0.1", - port: "80", - expectedAddress: "127.0.0.1:80", - }, - { - name: "ipv4", - host: "8.8.8.8", - port: "80", - expectedAddress: "8.8.8.8:80", - }, - { - name: "ipv4-empty-port", - host: "8.8.8.8", - expectedAddress: "8.8.8.8:", - }, - { - name: "ipv4-square-brackets", - host: "[8.8.8.8]", - port: "80", - expectedAddress: "8.8.8.8:80", - }, - { - name: "missing-left-square-bracket", - host: "::1]", - port: "80", - expectedAddress: "[::1]:80", - }, - { - name: "missing-right-square-bracket", - host: "[::1", - port: "80", - expectedAddress: "[::1]:80", - }, - { - name: "local-no-square-brackets", - host: "::1", - port: "80", - expectedAddress: "[::1]:80", - }, - { - name: "local-no-square-brackets-missing-port", - host: "::1", - expectedAddress: "[::1]:", - }, - { - name: "ipv6-no-square-brackets", - host: "2001:4860:4860:0:0:0:0:8888", - port: "80", - expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:80", - }, - { - name: "ipv6-no-square-brackets-missing-port", - host: "2001:4860:4860:0:0:0:0:8888", - expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:", - }, - { - name: "abbreviated-ipv6-no-square-brackets", - host: "2001:4860:4860::8888", - port: "80", - expectedAddress: "[2001:4860:4860::8888]:80", - }, - { - name: "abbreviated-ipv6-no-square-brackets-missing-port", - host: "2001:4860:4860::8888", - expectedAddress: "[2001:4860:4860::8888]:", - }, - { - name: "local-square-brackets", - host: "[::1]", - port: "80", - expectedAddress: "[::1]:80", - }, - { - name: "local-double-square-brackets", - host: "[[::1]]", - port: "80", - expectedAddress: "[::1]:80", - }, - { - name: "local-square-brackets-missing-port", - host: "[::1]", - expectedAddress: "[::1]:", - }, - { - name: "local-double-square-brackets-missing-port", - host: "[[::1]]", - expectedAddress: "[::1]:", - }, - { - name: "ipv6-square-brackets", - host: "[2001:4860:4860:0:0:0:0:8888]", - port: "80", - expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:80", - }, - { - name: "ipv6-dobule-square-brackets", - host: "[[2001:4860:4860:0:0:0:0:8888]]", - port: "80", - expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:80", - }, - { - name: "ipv6-square-brackets-missing-port", - host: "[2001:4860:4860:0:0:0:0:8888]", - expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:", - }, - { - name: "ipv6-double-square-brackets-missing-port", - host: "[[2001:4860:4860:0:0:0:0:8888]]", - expectedAddress: "[2001:4860:4860:0:0:0:0:8888]:", - }, - { - name: "abbreviated-ipv6-square-brackets", - host: "[2001:4860:4860::8888]", - port: "80", - expectedAddress: "[2001:4860:4860::8888]:80", - }, - { - name: "abbreviated-ipv6-double-square-brackets", - host: "[[2001:4860:4860::8888]]", - port: "80", - expectedAddress: "[2001:4860:4860::8888]:80", - }, - { - name: "abbreviated-ipv6-square-brackets-missing-port", - host: "[2001:4860:4860::8888]", - expectedAddress: "[2001:4860:4860::8888]:", - }, - { - name: "abbreviated-ipv6-double-square-brackets-missing-port", - host: "[[2001:4860:4860::8888]]", - expectedAddress: "[2001:4860:4860::8888]:", - }, - } - for _, tt := range tests { - tt := tt - t.Run(tt.name, func(t *testing.T) { - assert := assert.New(t) - actualAddress := JoinHostPort(tt.host, tt.port) - assert.Equal(tt.expectedAddress, actualAddress) - }) - } -} - -func Test_SplitHostPort(t *testing.T) { - t.Parallel() - - // The wrapper function is used to ignore missing port error. - // We need to validate the behavior of the underlying - // SplitHostPort() method hasn't changed. - t.Run("ensure-net.SplitHostPort()-behavior", func(t *testing.T) { - require, assert := require.New(t), assert.New(t) - host, port, err := net.SplitHostPort("[2001:4860:4860:0:0:0:0:8888]") - require.Error(err) - assert.ErrorContains(err, "missing port in address") - assert.Empty(host) - assert.Empty(port) - }) - - tests := []struct { - name string - hostport string - expectedHost string - expectedPort string - expectedErrMsg string - }{ - { - name: "local-ipv4", - hostport: "127.0.0.1:80", - expectedHost: "127.0.0.1", - expectedPort: "80", - }, - { - name: "ipv4", - hostport: "8.8.8.8:80", - expectedHost: "8.8.8.8", - expectedPort: "80", - }, - { - name: "ipv4-ignore-missing-port", - hostport: "8.8.8.8", - expectedHost: "8.8.8.8", - }, - { - name: "ipv4-empty-port", - hostport: "8.8.8.8:", - expectedHost: "8.8.8.8", - }, - { - name: "ipv4-square-bracket", - hostport: "[8.8.8.8]:80", - expectedHost: "8.8.8.8", - expectedPort: "80", - }, - { - name: "ipv6-missing-square-brackets", - hostport: "::1:80", - expectedErrMsg: "address ::1:80: too many colons in address", - }, - { - name: "ipv6-ignore-missing-port", - hostport: "[::1]", - expectedHost: "::1", - }, - { - name: "ipv6-empty-port", - hostport: "[::1]:", - expectedHost: "::1", - }, - { - name: "local-ipv6", - hostport: "[::1]:80", - expectedHost: "::1", - expectedPort: "80", - }, - { - name: "ipv6", - hostport: "[2001:4860:4860:0:0:0:0:8888]:80", - expectedHost: "2001:4860:4860:0:0:0:0:8888", - expectedPort: "80", - }, - { - name: "abbreviated-ipv6", - hostport: "[2001:4860:4860::8888]:80", - expectedHost: "2001:4860:4860::8888", - expectedPort: "80", - }, - } - for _, tt := range tests { - tt := tt - t.Run(tt.name, func(t *testing.T) { - require, assert := require.New(t), assert.New(t) - actualHost, actualPort, err := SplitHostPort(tt.hostport) - if tt.expectedErrMsg != "" { - require.Error(err) - assert.ErrorContains(err, tt.expectedErrMsg) - return - } - require.NoError(err) - assert.Equal(tt.expectedHost, actualHost) - assert.Equal(tt.expectedPort, actualPort) - }) - } -} - -func Test_ParseAddress(t *testing.T) { - t.Parallel() - tests := []struct { - name string - address string - expectedAddress string - expectedErrMsg string - }{ - { - name: "empty-address", - expectedErrMsg: "invalid address length", - }, - { - name: "empty-spaces", - address: " ", - expectedErrMsg: "invalid address length", - }, - { - name: "invalid-short-address", - address: "ab", - expectedErrMsg: "invalid address length", - }, - { - name: "invalid-long-address", - address: strings.Repeat("a", 256), - expectedErrMsg: "invalid address length", - }, - { - name: "valid-dns-name", - address: "www.google.com", - expectedAddress: "www.google.com", - }, - { - name: "valid-dns-name-trim-empty-spaces", - address: " www.google.com ", - expectedAddress: "www.google.com", - }, - { - name: "valid-ipv4", - address: "127.0.0.1", - expectedAddress: "127.0.0.1", - }, - { - name: "invalid-ipv4-with-port", - address: "127.0.0.1:80", - expectedErrMsg: "address contains a port", - }, - { - name: "valid-ipv6", - address: "2001:4860:4860:0:0:0:0:8888", - expectedAddress: "2001:4860:4860::8888", - }, - { - name: "valid-[ipv6]", - address: "[2001:4860:4860:0:0:0:0:8888]", - expectedAddress: "2001:4860:4860:0:0:0:0:8888", - }, - { - name: "valid-[ipv6]:", - address: "[2001:4860:4860:0:0:0:0:8888]:", - expectedAddress: "2001:4860:4860:0:0:0:0:8888", - }, - { - name: "invalid-ipv6-with-port", - address: "[2001:4860:4860:0:0:0:0:8888]:80", - expectedErrMsg: "address contains a port", - }, - { - name: "valid-abbreviated-ipv6", - address: "2001:4860:4860::8888", - expectedAddress: "2001:4860:4860::8888", - }, - { - name: "valid-abbreviated-[ipv6]", - address: "[2001:4860:4860::8888]", - expectedAddress: "2001:4860:4860::8888", - }, - { - name: "valid-abbreviated-[ipv6]:", - address: "[2001:4860:4860::8888]:", - expectedAddress: "2001:4860:4860::8888", - }, - { - name: "invalid-abbreviated-[ipv6]-with-port", - address: "[2001:4860:4860::8888]:80", - expectedErrMsg: "address contains a port", - }, - } - for _, tt := range tests { - tt := tt - t.Run(tt.name, func(t *testing.T) { - require, assert := require.New(t), assert.New(t) - actualAddress, err := ParseAddress(context.Background(), tt.address) - if tt.expectedErrMsg != "" { - require.Error(err) - assert.ErrorContains(err, tt.expectedErrMsg) - return - } - require.NoError(err) - assert.Equal(tt.expectedAddress, actualAddress) - }) - } -} diff --git a/plugins/boundary/mains/aws/go.mod b/plugins/boundary/mains/aws/go.mod index 1d837a34d7..8d228bdc36 100644 --- a/plugins/boundary/mains/aws/go.mod +++ b/plugins/boundary/mains/aws/go.mod @@ -1,67 +1,69 @@ module github.com/hashicorp/boundary/plugins/boundary/mains/aws -go 1.23.3 +go 1.23.1 require ( - github.com/hashicorp/boundary-plugin-aws v0.4.1 - github.com/hashicorp/boundary/sdk v0.0.49 + github.com/hashicorp/boundary-plugin-aws v0.4.0 + github.com/hashicorp/boundary/sdk v0.0.43-0.20240717182311-a20aae98794a ) require ( - github.com/aws/aws-sdk-go-v2 v1.32.5 // indirect - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 // indirect - github.com/aws/aws-sdk-go-v2/config v1.28.5 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.17.46 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.20 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect - github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24 // indirect - github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0 // indirect - github.com/aws/aws-sdk-go-v2/service/iam v1.38.1 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5 // indirect - github.com/aws/aws-sdk-go-v2/service/s3 v1.69.0 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.24.6 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.33.1 // indirect - github.com/aws/smithy-go v1.22.1 // indirect + github.com/aws/aws-sdk-go-v2 v1.20.1 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.12 // indirect + github.com/aws/aws-sdk-go-v2/config v1.18.33 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.13.32 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.8 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.38 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.32 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.3.39 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.1 // indirect + github.com/aws/aws-sdk-go-v2/service/ec2 v1.99.0 // indirect + github.com/aws/aws-sdk-go-v2/service/iam v1.22.2 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.13 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.33 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.32 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.1 // indirect + github.com/aws/aws-sdk-go-v2/service/s3 v1.38.2 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.13.2 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.2 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.21.2 // indirect + github.com/aws/smithy-go v1.14.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/fatih/color v1.18.0 // indirect - github.com/golang/protobuf v1.5.4 // indirect - github.com/google/uuid v1.6.0 // indirect + github.com/fatih/color v1.15.0 // indirect + github.com/golang/protobuf v1.5.3 // indirect + github.com/google/uuid v1.4.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/eventlogger v0.2.10 // indirect + github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 // indirect github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-hclog v1.6.3 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-hclog v1.5.0 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.6.2 // indirect - github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.1.0 // indirect + github.com/hashicorp/go-plugin v1.5.2 // indirect + github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.0.0 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect - github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.7 // indirect + github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect - github.com/hashicorp/yamux v0.1.2 // indirect - github.com/kr/text v0.2.0 // indirect + github.com/hashicorp/yamux v0.1.1 // indirect + github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-isatty v0.0.19 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/pointerstructure v1.2.1 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/oklog/run v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/stretchr/testify v1.10.0 // indirect - golang.org/x/crypto v0.31.0 // indirect - golang.org/x/net v0.30.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20241021214115-324edc3d5d38 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 // indirect - google.golang.org/grpc v1.68.0 // indirect - google.golang.org/protobuf v1.35.2 // indirect + github.com/stretchr/testify v1.8.4 // indirect + golang.org/x/crypto v0.18.0 // indirect + golang.org/x/net v0.20.0 // indirect + golang.org/x/sys v0.16.0 // indirect + golang.org/x/text v0.14.0 // indirect + google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe // indirect + google.golang.org/grpc v1.61.0 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/boundary/mains/aws/go.sum b/plugins/boundary/mains/aws/go.sum index a2ddb31a59..edfabe9d5b 100644 --- a/plugins/boundary/mains/aws/go.sum +++ b/plugins/boundary/mains/aws/go.sum @@ -6,46 +6,51 @@ github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/aws/aws-sdk-go-v2 v1.32.5 h1:U8vdWJuY7ruAkzaOdD7guwJjD06YSKmnKCJs7s3IkIo= -github.com/aws/aws-sdk-go-v2 v1.32.5/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7 h1:lL7IfaFzngfx0ZwUGOZdsFFnQ5uLvR0hWqqhyE7Q9M8= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.7/go.mod h1:QraP0UcVlQJsmHfioCrveWOC1nbiWUl3ej08h4mXWoc= -github.com/aws/aws-sdk-go-v2/config v1.28.5 h1:Za41twdCXbuyyWv9LndXxZZv3QhTG1DinqlFsSuvtI0= -github.com/aws/aws-sdk-go-v2/config v1.28.5/go.mod h1:4VsPbHP8JdcdUDmbTVgNL/8w9SqOkM5jyY8ljIxLO3o= -github.com/aws/aws-sdk-go-v2/credentials v1.17.46 h1:AU7RcriIo2lXjUfHFnFKYsLCwgbz1E7Mm95ieIRDNUg= -github.com/aws/aws-sdk-go-v2/credentials v1.17.46/go.mod h1:1FmYyLGL08KQXQ6mcTlifyFXfJVCNJTVGuQP4m0d/UA= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.20 h1:sDSXIrlsFSFJtWKLQS4PUWRvrT580rrnuLydJrCQ/yA= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.20/go.mod h1:WZ/c+w0ofps+/OUqMwWgnfrgzZH1DZO1RIkktICsqnY= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24 h1:4usbeaes3yJnCFC7kfeyhkdkPtoRYPa/hTmCqMpKpLI= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.24/go.mod h1:5CI1JemjVwde8m2WG3cz23qHKPOxbpkq0HaoreEgLIY= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24 h1:N1zsICrQglfzaBnrfM0Ys00860C+QFwu6u/5+LomP+o= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.24/go.mod h1:dCn9HbJ8+K31i8IQ8EWmWj0EiIk0+vKiHNMxTTYveAg= -github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ= -github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24 h1:JX70yGKLj25+lMC5Yyh8wBtvB01GDilyRuJvXJ4piD0= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.24/go.mod h1:+Ln60j9SUTD0LEwnhEB0Xhg61DHqplBrbZpLgyjoEHg= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0 h1:RhSoBFT5/8tTmIseJUXM6INTXTQDF8+0oyxWBnozIms= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0/go.mod h1:mzj8EEjIHSN2oZRXiw1Dd+uB4HZTl7hC8nBzX9IZMWw= -github.com/aws/aws-sdk-go-v2/service/iam v1.38.1 h1:hfkzDZHBp9jAT4zcd5mtqckpU4E3Ax0LQaEWWk1VgN8= -github.com/aws/aws-sdk-go-v2/service/iam v1.38.1/go.mod h1:u36ahDtZcQHGmVm/r+0L1sfKX4fzLEMdCqiKRKkUMVM= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5 h1:gvZOjQKPxFXy1ft3QnEyXmT+IqneM9QAUWlM3r0mfqw= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.4.5/go.mod h1:DLWnfvIcm9IET/mmjdxeXbBKmTCm0ZB8p1za9BVteM8= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5 h1:wtpJ4zcwrSbwhECWQoI/g6WM9zqCcSpHDJIWSbMLOu4= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.5/go.mod h1:qu/W9HXQbbQ4+1+JcZp0ZNPV31ym537ZJN+fiS7Ti8E= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5 h1:P1doBzv5VEg1ONxnJss1Kh5ZG/ewoIE4MQtKKc6Crgg= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.5/go.mod h1:NOP+euMW7W3Ukt28tAxPuoWao4rhhqJD3QEBk7oCg7w= -github.com/aws/aws-sdk-go-v2/service/s3 v1.69.0 h1:Q2ax8S21clKOnHhhr933xm3JxdJebql+R7aNo7p7GBQ= -github.com/aws/aws-sdk-go-v2/service/s3 v1.69.0/go.mod h1:ralv4XawHjEMaHOWnTFushl0WRqim/gQWesAMF6hTow= -github.com/aws/aws-sdk-go-v2/service/sso v1.24.6 h1:3zu537oLmsPfDMyjnUS2g+F2vITgy5pB74tHI+JBNoM= -github.com/aws/aws-sdk-go-v2/service/sso v1.24.6/go.mod h1:WJSZH2ZvepM6t6jwu4w/Z45Eoi75lPN7DcydSRtJg6Y= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5 h1:K0OQAsDywb0ltlFrZm0JHPY3yZp/S9OaoLU33S7vPS8= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.5/go.mod h1:ORITg+fyuMoeiQFiVGoqB3OydVTLkClw/ljbblMq6Cc= -github.com/aws/aws-sdk-go-v2/service/sts v1.33.1 h1:6SZUVRQNvExYlMLbHdlKB48x0fLbc2iVROyaNEwBHbU= -github.com/aws/aws-sdk-go-v2/service/sts v1.33.1/go.mod h1:GqWyYCwLXnlUB1lOAXQyNSPqPLQJvmo8J0DWBzp9mtg= -github.com/aws/smithy-go v1.22.1 h1:/HPHZQ0g7f4eUeK6HKglFz8uwVfZKgoI25rb/J+dnro= -github.com/aws/smithy-go v1.22.1/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= +github.com/aws/aws-sdk-go-v2 v1.18.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= +github.com/aws/aws-sdk-go-v2 v1.20.1 h1:rZBf5DWr7YGrnlTK4kgDQGn1ltqOg5orCYb/UhOFZkg= +github.com/aws/aws-sdk-go-v2 v1.20.1/go.mod h1:NU06lETsFm8fUC6ZjhgDpVBcGZTFQ6XM+LZWZxMI4ac= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.12 h1:lN6L3LrYHeZ6xCxaIYtoWCx4GMLk4nRknsh29OMSqHY= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.12/go.mod h1:TDCkEAkMTXxTs0oLBGBKpBZbk3NLh8EvAfF0Q3x8/0c= +github.com/aws/aws-sdk-go-v2/config v1.18.33 h1:JKcw5SFxFW/rpM4mOPjv0VQ11E2kxW13F3exWOy7VZU= +github.com/aws/aws-sdk-go-v2/config v1.18.33/go.mod h1:hXO/l9pgY3K5oZJldamP0pbZHdPqqk+4/maa7DSD3cA= +github.com/aws/aws-sdk-go-v2/credentials v1.13.32 h1:lIH1eKPcCY1ylR4B6PkBGRWMHO3aVenOKJHWiS4/G2w= +github.com/aws/aws-sdk-go-v2/credentials v1.13.32/go.mod h1:lL8U3v/Y79YRG69WlAho0OHIKUXCyFvSXaIvfo81sls= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.8 h1:DK/9C+UN/X+1+Wm8pqaDksQr2tSLzq+8X1/rI/ZxKEQ= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.8/go.mod h1:ce7BgLQfYr5hQFdy67oX2svto3ufGtm6oBvmsHScI1Q= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33/go.mod h1:7i0PF1ME/2eUPFcjkVIwq+DOygHEoK92t5cDqNgYbIw= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.38 h1:c8ed/T9T2K5I+h/JzmF5tpI46+OODQ74dzmdo+QnaMg= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.38/go.mod h1:qggunOChCMu9ZF/UkAfhTz25+U2rLVb3ya0Ua6TTfCA= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27/go.mod h1:UrHnn3QV/d0pBZ6QBAEQcqFLf8FAzLmoUfPVIueOvoM= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.32 h1:hNeAAymUY5gu11WrrmFb3CVIp9Dar9hbo44yzzcQpzA= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.32/go.mod h1:0ZXSqrty4FtQ7p8TEuRde/SZm9X05KT18LAUlR40Ln0= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.39 h1:fc0ukRAiP1syoSGZYu+DaE+FulSYhTiJ8WpVu5jElU4= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.39/go.mod h1:WLAW8PT7+JhjZfLSWe7WEJaJu0GNo0cKc2Zyo003RBs= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.1 h1:vUh7dBFNS3oFCtVv6CiYKh5hP9ls8+kIpKLeFruIBLk= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.1/go.mod h1:sFMeinkhj/SZKQM8BxtvNtSPjJEo0Xrz+w3g2e4FSKI= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.99.0 h1:NXi4pNJWjAaiI56P1Rl8DC9A4jMNRE00WNBsDua5WRg= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.99.0/go.mod h1:L3ZT0N/vBsw77mOAawXmRnREpEjcHd2v5Hzf7AkIH8M= +github.com/aws/aws-sdk-go-v2/service/iam v1.22.2 h1:DPFxx/6Zwes/MiadlDteVqDKov7yQ5v9vuwfhZuJm1s= +github.com/aws/aws-sdk-go-v2/service/iam v1.22.2/go.mod h1:cQTMNdo/Z5t1DDRsUnx0a2j6cPnytMBidUYZw2zks28= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.13 h1:iV/W5OMBys+66OeXJi/7xIRrKZNsu0ylsLGu+6nbmQE= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.13/go.mod h1:ReJb6xYmtGyu9KoFtRreWegbN9dZqvZIIv4vWnhcsyI= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.33 h1:QviNkc+vGSuEHx8P+pVNKOdWLXBPIwMFv7p0fphgE4U= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.33/go.mod h1:fABTUmOrAgAalG2i9WJpjBvlnk7UK8YmnYaxN+Q2CwE= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27/go.mod h1:EOwBD4J4S5qYszS5/3DpkejfuK+Z5/1uzICfPaZLtqw= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.32 h1:dGAseBFEYxth10V23b5e2mAS+tX7oVbfYHD6dnDdAsg= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.32/go.mod h1:4jwAWKEkCR0anWk5+1RbfSg1R5Gzld7NLiuaq5bTR/Y= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.1 h1:PT6PBCycRwhpEW5hJnRiceCeoWJ+r3bdgXtV+VKG7Pk= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.1/go.mod h1:TqoxCLwT2nrxrBGA+z7t6OWM7LBkgRckK3gOjYE+7JA= +github.com/aws/aws-sdk-go-v2/service/s3 v1.38.2 h1:v346f1h8sUBKXnEbrv43L37MTBlFHyKXQPIZHNAaghA= +github.com/aws/aws-sdk-go-v2/service/s3 v1.38.2/go.mod h1:cwCATiyNrXK9P2FsWdZ89g9mpsYv2rhk0UA/KByl5fY= +github.com/aws/aws-sdk-go-v2/service/sso v1.13.2 h1:A2RlEMo4SJSwbNoUUgkxTAEMduAy/8wG3eB2b2lP4gY= +github.com/aws/aws-sdk-go-v2/service/sso v1.13.2/go.mod h1:ju+nNXUunfIFamXUIZQiICjnO/TPlOmWcYhZcSy7xaE= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.2 h1:OJELEgyaT2kmaBGZ+myyZbTTLobfe3ox3FSh5eYK9Qs= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.2/go.mod h1:ubDBBaDFs1GHijSOTi8ljppML15GLG0HxhILtbjNNYQ= +github.com/aws/aws-sdk-go-v2/service/sts v1.21.2 h1:ympg1+Lnq33XLhcK/xTG4yZHPs1Oyxu+6DEWbl7qOzA= +github.com/aws/aws-sdk-go-v2/service/sts v1.21.2/go.mod h1:FQ/DQcOfESELfJi5ED+IPPAjI5xC6nxtSolVVB773jM= +github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aws/smithy-go v1.14.1 h1:EFKMUmH/iHMqLiwoEDx2rRjRQpI1YCn5jTysoaDujFs= +github.com/aws/smithy-go v1.14.1/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= @@ -55,41 +60,46 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= -github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= -github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U= -github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= +github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho= +github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= -github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/hashicorp/boundary-plugin-aws v0.4.1 h1:I64eZcRLhndx5PnuaCFNt9B30Bb0c9WV1S+HaZzBHhE= -github.com/hashicorp/boundary-plugin-aws v0.4.1/go.mod h1:LLNJ6K149OTGteink8xatHKsWohT1cZ8lqLM0kfGolQ= -github.com/hashicorp/boundary/sdk v0.0.49 h1:XOb6mSKyrU/wI20+5xTYBHQUP7eIeKcLxKSCpCs4yzM= -github.com/hashicorp/boundary/sdk v0.0.49/go.mod h1:IHP79to8aIi22FiY58pgBqJL96/U9D8ZAUhS2DdC+Us= +github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/hashicorp/boundary-plugin-aws v0.4.0 h1:n0CNeswkTvrREXxzOIoaMjCs7FVWwMHceHKiQNwz3KA= +github.com/hashicorp/boundary-plugin-aws v0.4.0/go.mod h1:p6cicTmRGFw9qKvCbABIxsbRkqJq+jjwy0Ih+Ns3RHg= +github.com/hashicorp/boundary/sdk v0.0.43-0.20240717182311-a20aae98794a h1:SwVze6sYE5o+J9qdcgj29auY1k6O8oSo9DC2+2Gb9rw= +github.com/hashicorp/boundary/sdk v0.0.43-0.20240717182311-a20aae98794a/go.mod h1:9iOT7kDM6mYcSkKxNuZlv8rP7U5BG1kXoevjLLL8lNQ= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/eventlogger v0.2.10 h1:Dddth3KVSribGE1rInGToM30tRNblvL0G1OG6N+i2pk= -github.com/hashicorp/eventlogger v0.2.10/go.mod h1:imHMTfJH4qfb8Knh9nZw4iLfL9J1bX6TJKEurSB4t+U= +github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 h1:f9oX8/3zxiQrfrWnBeyjDm4S02GAU02OBtCRoZOUwlo= +github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0/go.mod h1://CHt6/j+Q2lc0NlUB5af4aS2M0c0aVBg9/JfcpAyhM= github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 h1:iAb287bq0TaWTnhDYuN/zVqdD2EwanQg9ncVelC60Xc= github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0/go.mod h1:tMywUTIvdB/FXhwm6HMTt61C8/eODY6gitCHhXtyojg= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= -github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.6.2 h1:zdGAEd0V1lCaU0u+MxWQhtSDQmahpkwOun8U8EiRVog= -github.com/hashicorp/go-plugin v1.6.2/go.mod h1:CkgLQ5CZqNmdL9U9JzM532t8ZiYQ35+pj3b1FD37R0Q= -github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.1.0 h1:V3TJFolOHYSDqQLbTUBygXtbX4jKXyBcDoU+KNZE1Ak= -github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.1.0/go.mod h1:OeRwM2eWNW62L1Z+8GvoZM5nQJMRWBewHSoo77qmb4Y= +github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= +github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= +github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.0.0 h1:ca5TSI4AgaOncPpyzLDtCGjVEtKukONpeM95vFxXCOQ= +github.com/hashicorp/go-secure-stdlib/awsutil/v2 v2.0.0/go.mod h1:7CUvZtfTp2U0CYQCLzMtS2ngckjAZePSfwrE2aeDP1M= +github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11 h1:uPW2Wn0YlmI9RGSkZpcIplnVRwJ7BCiGpk1vnF2TMw4= @@ -98,10 +108,11 @@ github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 h1:0S0ctJ7Ra8O7ap+/3fZ github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9/go.mod h1:TNNdgtjLgVDbrgFcyCKrlAicIl3dZF94swJltyGUX2M= github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSYmuZJGizr6/x/AEizP0CQc= github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0= -github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.7 h1:oYEPhztZRmZCETTxxIo5MNa+I+DDqSDZ+biJt2o4Ncw= -github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.7/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg= +github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 h1:ZYv2XA+tEfFXIToR2jmBgVqQU9gERt0APbWqmUoNGnY= +github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg= github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 h1:SMGUnbpAcat8rIKHkBPjfv81yC46a8eCNZ2hsR2l1EI= github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1/go.mod h1:Ch/bf00Qnx77MZd49JRgHYqHQjtEmTgGU2faufpVZb0= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 h1:xbrxd0U9XQW8qL1BAz2XrAjAF/P2vcqUTAues9c24B8= @@ -113,8 +124,8 @@ github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/C github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/yamux v0.1.2 h1:XtB8kyFOyHXYVFnwT5C3+Bdo8gArse7j2AQ0DA0Uey8= -github.com/hashicorp/yamux v0.1.2/go.mod h1:C+zze2n6e/7wshOZep2A70/aQU6QBRWJO/G6FT1wIns= +github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= +github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= @@ -123,8 +134,16 @@ github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f h1:E87tDTVS5W github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f/go.mod h1:3J2qVK16Lq8V+wfiL2lPeDZ7UWMxk5LemerHa1p6N00= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= +github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= +github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -134,12 +153,14 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= -github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= +github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= +github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= @@ -153,6 +174,7 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= +github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= @@ -162,36 +184,80 @@ github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFR github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= -github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= -go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= -golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= -golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +go.uber.org/goleak v1.0.0/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= +go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= +go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= -google.golang.org/genproto/googleapis/api v0.0.0-20241021214115-324edc3d5d38 h1:2oV8dfuIkM1Ti7DwXc0BJfnwr9csz4TDXI9EmiI+Rbw= -google.golang.org/genproto/googleapis/api v0.0.0-20241021214115-324edc3d5d38/go.mod h1:vuAjtvlwkDKF6L1GQ0SokiRLCGFfeBUXWr/aFFkHACc= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 h1:zciRKQ4kBpFgpfC5QQCVtnnNAcLIqweL7plyZRQHVpI= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI= -google.golang.org/grpc v1.68.0 h1:aHQeeJbo8zAkAa3pRzrVjZlbz6uSfeOXlJNQM0RAbz0= -google.golang.org/grpc v1.68.0/go.mod h1:fmSPC5AsjSBCK54MyHRx48kpOti1/jRfOlwEWywNjWA= -google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io= -google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac h1:ZL/Teoy/ZGnzyrqK/Optxxp2pmVh+fmJ97slxSRyzUg= +google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac/go.mod h1:+Rvu7ElI+aLzyDQhpHMFMMltsD6m7nqpuWDd2CwJw3k= +google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe h1:0poefMBYvYbs7g5UkjS6HcxBPaTRAmznle9jnxYoAI8= +google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:4jWUdICTdgc3Ibxmr8nAJiiLHwQBY0UI0XZcEMaFKaA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe h1:bQnxqljG/wqi4NTXu2+DJ3n7APcEA882QZ1JvhQAq9o= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe/go.mod h1:PAREbraiVEVGVdTZsVWjSbbTtSyGbAgIIvni8a8CD5s= +google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= +google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48= diff --git a/plugins/boundary/mains/azure/go.mod b/plugins/boundary/mains/azure/go.mod index 3292eabb1d..8c62c54681 100644 --- a/plugins/boundary/mains/azure/go.mod +++ b/plugins/boundary/mains/azure/go.mod @@ -21,18 +21,18 @@ require ( github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/dimchansky/utfbom v1.1.1 // indirect - github.com/fatih/color v1.16.0 // indirect - github.com/golang-jwt/jwt/v4 v4.5.1 // indirect + github.com/fatih/color v1.14.1 // indirect + github.com/golang-jwt/jwt/v4 v4.2.0 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 // indirect github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-hclog v1.6.3 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-hclog v1.5.0 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect - github.com/hashicorp/go-retryablehttp v0.7.7 // indirect + github.com/hashicorp/go-retryablehttp v0.7.0 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect @@ -40,7 +40,7 @@ require ( github.com/hashicorp/yamux v0.1.1 // indirect github.com/manicminer/hamilton v0.46.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect @@ -51,14 +51,14 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/stretchr/testify v1.8.4 // indirect - golang.org/x/crypto v0.31.0 // indirect - golang.org/x/net v0.31.0 // indirect + golang.org/x/crypto v0.14.0 // indirect + golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.11.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/boundary/mains/azure/go.sum b/plugins/boundary/mains/azure/go.sum index 33ebff1081..d8dd90bff3 100644 --- a/plugins/boundary/mains/azure/go.sum +++ b/plugins/boundary/mains/azure/go.sum @@ -88,17 +88,16 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= -github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w= +github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho= github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= +github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= -github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -169,19 +168,18 @@ github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtng github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= -github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= -github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= +github.com/hashicorp/go-retryablehttp v0.7.0 h1:eu1EI/mbirUgP5C8hVsTNaGZreBDlYiwC1FZWkvQPQ4= github.com/hashicorp/go-retryablehttp v0.7.0/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= -github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= -github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= @@ -242,8 +240,8 @@ github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovk github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= -github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= @@ -304,8 +302,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -368,8 +366,8 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -421,9 +419,8 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -431,8 +428,8 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -478,8 +475,8 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -565,8 +562,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= diff --git a/plugins/boundary/mains/gcp/go.mod b/plugins/boundary/mains/gcp/go.mod deleted file mode 100644 index da94e04500..0000000000 --- a/plugins/boundary/mains/gcp/go.mod +++ /dev/null @@ -1,70 +0,0 @@ -module github.com/hashicorp/boundary/plugins/boundary/mains/gcp - -go 1.23.1 - -require ( - github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241217192246-c04cb367abb4 - github.com/hashicorp/boundary/sdk v0.0.47 -) - -require ( - cloud.google.com/go v0.115.1 // indirect - cloud.google.com/go/auth v0.9.3 // indirect - cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect - cloud.google.com/go/compute v1.28.0 // indirect - cloud.google.com/go/compute/metadata v0.5.0 // indirect - cloud.google.com/go/iam v1.2.0 // indirect - cloud.google.com/go/longrunning v0.6.0 // indirect - cloud.google.com/go/resourcemanager v1.10.1 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/fatih/color v1.15.0 // indirect - github.com/felixge/httpsnoop v1.0.4 // indirect - github.com/go-logr/logr v1.4.2 // indirect - github.com/go-logr/stdr v1.2.2 // indirect - github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.4 // indirect - github.com/google/s2a-go v0.1.8 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.3.3 // indirect - github.com/googleapis/gax-go/v2 v2.13.0 // indirect - github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/eventlogger v0.2.9 // indirect - github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect - github.com/hashicorp/go-hclog v1.5.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect - github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-plugin v1.5.2 // indirect - github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect - github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 // indirect - github.com/hashicorp/go-uuid v1.0.3 // indirect - github.com/hashicorp/yamux v0.1.1 // indirect - github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.19 // indirect - github.com/mitchellh/copystructure v1.2.0 // indirect - github.com/mitchellh/go-testing-interface v1.14.1 // indirect - github.com/mitchellh/mapstructure v1.5.0 // indirect - github.com/mitchellh/pointerstructure v1.2.1 // indirect - github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/oklog/run v1.1.0 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/stretchr/testify v1.9.0 // indirect - go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect - go.opentelemetry.io/otel v1.29.0 // indirect - go.opentelemetry.io/otel/metric v1.29.0 // indirect - go.opentelemetry.io/otel/trace v1.29.0 // indirect - golang.org/x/crypto v0.31.0 // indirect - golang.org/x/net v0.31.0 // indirect - golang.org/x/oauth2 v0.22.0 // indirect - golang.org/x/sync v0.10.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect - golang.org/x/time v0.6.0 // indirect - google.golang.org/api v0.196.0 // indirect - google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect - google.golang.org/grpc v1.66.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect -) diff --git a/plugins/boundary/mains/gcp/go.sum b/plugins/boundary/mains/gcp/go.sum deleted file mode 100644 index 1ff061fb26..0000000000 --- a/plugins/boundary/mains/gcp/go.sum +++ /dev/null @@ -1,329 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.115.1 h1:Jo0SM9cQnSkYfp44+v+NQXHpcHqlnRJk2qxh6yvxxxQ= -cloud.google.com/go v0.115.1/go.mod h1:DuujITeaufu3gL68/lOFIirVNJwQeyf5UXyi+Wbgknc= -cloud.google.com/go/auth v0.9.3 h1:VOEUIAADkkLtyfr3BLa3R8Ed/j6w1jTBmARx+wb5w5U= -cloud.google.com/go/auth v0.9.3/go.mod h1:7z6VY+7h3KUdRov5F1i8NDP5ZzWKYmEPO842BgCsmTk= -cloud.google.com/go/auth/oauth2adapt v0.2.4 h1:0GWE/FUsXhf6C+jAkWgYm7X9tK8cuEIfy19DBn6B6bY= -cloud.google.com/go/auth/oauth2adapt v0.2.4/go.mod h1:jC/jOpwFP6JBxhB3P5Rr0a9HLMC/Pe3eaL4NmdvqPtc= -cloud.google.com/go/compute v1.28.0 h1:OPtBxMcheSS+DWfci803qvPly3d4w7Eu5ztKBcFfzwk= -cloud.google.com/go/compute v1.28.0/go.mod h1:DEqZBtYrDnD5PvjsKwb3onnhX+qjdCVM7eshj1XdjV4= -cloud.google.com/go/compute/metadata v0.5.0 h1:Zr0eK8JbFv6+Wi4ilXAR8FJ3wyNdpxHKJNPos6LTZOY= -cloud.google.com/go/compute/metadata v0.5.0/go.mod h1:aHnloV2TPI38yx4s9+wAZhHykWvVCfu7hQbF+9CWoiY= -cloud.google.com/go/iam v1.2.0 h1:kZKMKVNk/IsSSc/udOb83K0hL/Yh/Gcqpz+oAkoIFN8= -cloud.google.com/go/iam v1.2.0/go.mod h1:zITGuWgsLZxd8OwAlX+eMFgZDXzBm7icj1PVTYG766Q= -cloud.google.com/go/longrunning v0.6.0 h1:mM1ZmaNsQsnb+5n1DNPeL0KwQd9jQRqSqSDEkBZr+aI= -cloud.google.com/go/longrunning v0.6.0/go.mod h1:uHzSZqW89h7/pasCWNYdUpwGz3PcVWhrWupreVPYLts= -cloud.google.com/go/resourcemanager v1.10.1 h1:fO/QoSJ1lepmTM9dCbSXYWgTIhecmQkpY0mM1X9OGN0= -cloud.google.com/go/resourcemanager v1.10.1/go.mod h1:A/ANV/Sv7y7fcjd4LSH7PJGTZcWRkO/69yN5UhYUmvE= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= -github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= -github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g= -github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= -github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= -github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= -github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= -github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= -github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= -github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= -github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= -github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= -github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= -github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= -github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho= -github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= -github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= -github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= -github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM= -github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= -github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/enterprise-certificate-proxy v0.3.3 h1:QRje2j5GZimBzlbhGA2V2QlGNgL8G6e+wGo/+/2bWI0= -github.com/googleapis/enterprise-certificate-proxy v0.3.3/go.mod h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA= -github.com/googleapis/gax-go/v2 v2.13.0 h1:yitjD5f7jQHhyDsnhKEBU52NdvvdSeGzlAnDPT0hH1s= -github.com/googleapis/gax-go/v2 v2.13.0/go.mod h1:Z/fvTZXF8/uw7Xu5GuslPw+bplx6SS338j1Is2S+B7A= -github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241120152221-baa2c7a2e742 h1:c4pftmjCNl8E58gxRo1pNmY63pGVz8qHDejeKKDtq34= -github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241120152221-baa2c7a2e742/go.mod h1:HC8FEkYf/kC0m1w0UiGcxDG6DsmEaVSNDSqFPWyspHc= -github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241217192246-c04cb367abb4 h1:TeL1WtjoBqIcJEy6HacPd1UPBUDGBv4mzwj/4hov1tE= -github.com/hashicorp/boundary-plugin-gcp v0.0.0-20241217192246-c04cb367abb4/go.mod h1:3Azvm9j8CHcmBAIX8T0plHLNgwVfkucPM73McKjQx1o= -github.com/hashicorp/boundary/sdk v0.0.47 h1:h5AXOASS2duHkCYEmNKnI9AR6YBZxD7VbFPV8BoE0z0= -github.com/hashicorp/boundary/sdk v0.0.47/go.mod h1:9iOT7kDM6mYcSkKxNuZlv8rP7U5BG1kXoevjLLL8lNQ= -github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= -github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/eventlogger v0.2.9 h1:QO8hPXNngadMp72FVNTwIduLAG9fcLP7t59bSFd7gDY= -github.com/hashicorp/eventlogger v0.2.9/go.mod h1://CHt6/j+Q2lc0NlUB5af4aS2M0c0aVBg9/JfcpAyhM= -github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 h1:iAb287bq0TaWTnhDYuN/zVqdD2EwanQg9ncVelC60Xc= -github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0/go.mod h1:tMywUTIvdB/FXhwm6HMTt61C8/eODY6gitCHhXtyojg= -github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= -github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= -github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= -github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= -github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= -github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= -github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= -github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= -github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11 h1:uPW2Wn0YlmI9RGSkZpcIplnVRwJ7BCiGpk1vnF2TMw4= -github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11/go.mod h1:uis9dCmOzXuOaRyXq+1Foh31kcvXKoWogjNnhfjHfW8= -github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 h1:0S0ctJ7Ra8O7ap+/3fZUnzJ3VzJyirWS/WnNCuOYtZY= -github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9/go.mod h1:TNNdgtjLgVDbrgFcyCKrlAicIl3dZF94swJltyGUX2M= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSYmuZJGizr6/x/AEizP0CQc= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0= -github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 h1:ZYv2XA+tEfFXIToR2jmBgVqQU9gERt0APbWqmUoNGnY= -github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg= -github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 h1:SMGUnbpAcat8rIKHkBPjfv81yC46a8eCNZ2hsR2l1EI= -github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1/go.mod h1:Ch/bf00Qnx77MZd49JRgHYqHQjtEmTgGU2faufpVZb0= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= -github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 h1:xbrxd0U9XQW8qL1BAz2XrAjAF/P2vcqUTAues9c24B8= -github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3/go.mod h1:LWq2Sy8UoKKuK4lFuCNWSjJj57MhNNf2zzBWMtkAIX4= -github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU= -github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= -github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= -github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= -github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= -github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= -github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= -github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= -github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= -github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f h1:E87tDTVS5W65euzixn7clSzK66puSt1H4I5SC0EmHH4= -github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f/go.mod h1:3J2qVK16Lq8V+wfiL2lPeDZ7UWMxk5LemerHa1p6N00= -github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= -github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= -github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= -github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= -github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= -github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= -github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= -github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= -github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= -github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= -github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= -github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/pointerstructure v1.2.1 h1:ZhBBeX8tSlRpu/FFhXH4RC4OJzFlqsQhoHZAz4x7TIw= -github.com/mitchellh/pointerstructure v1.2.1/go.mod h1:BRAsLI5zgXmw97Lf6s25bs8ohIXc3tViBH44KcwB2g4= -github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= -github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= -github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo= -github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= -github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= -github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= -github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= -github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= -github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= -go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 h1:r6I7RJCN86bpD/FQwedZ0vSixDpwuWREjW9oRMsmqDc= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0/go.mod h1:B9yO6b04uB80CzjedvewuqDhxJxi11s7/GtiGa8bAjI= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 h1:TT4fX+nBOA/+LUkobKGW1ydGcn+G3vRw9+g5HwCphpk= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0/go.mod h1:L7UH0GbB0p47T4Rri3uHjbpCFYrVrwc1I25QhNPiGK8= -go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw= -go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8= -go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc= -go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8= -go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE= -go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg= -go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4= -go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ= -go.uber.org/goleak v1.0.0/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= -go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= -golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= -golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= -golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/api v0.196.0 h1:k/RafYqebaIJBO3+SMnfEGtFVlvp5vSgqTUF54UN/zg= -google.golang.org/api v0.196.0/go.mod h1:g9IL21uGkYgvQ5BZg6BAtoGJQIm8r6EgaAbpNey5wBE= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 h1:BulPr26Jqjnd4eYDVe+YvyR7Yc2vJGkO5/0UxD0/jZU= -google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:hL97c3SYopEHblzpxRL4lSs523++l8DYxGM1FQiYmb4= -google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 h1:hjSy6tcFQZ171igDaN5QHOw2n6vx40juYbC/x67CEhc= -google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:qpvKtACPCQhAdu3PyQgV4l3LMXZEtft7y8QcarRsp9I= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c= -google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48= diff --git a/plugins/boundary/mains/gcp/main.go b/plugins/boundary/mains/gcp/main.go deleted file mode 100644 index 813d553184..0000000000 --- a/plugins/boundary/mains/gcp/main.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package main - -import ( - "fmt" - "os" - - gcp "github.com/hashicorp/boundary-plugin-gcp/plugin" - hp "github.com/hashicorp/boundary/sdk/plugins" -) - -func main() { - if err := hp.ServePlugin(gcp.NewGCPPlugin()); err != nil { - fmt.Println("Error serving plugin", err) - os.Exit(1) - } - os.Exit(0) -} diff --git a/plugins/boundary/mains/minio/go.mod b/plugins/boundary/mains/minio/go.mod index a3c448e544..2283ebb596 100644 --- a/plugins/boundary/mains/minio/go.mod +++ b/plugins/boundary/mains/minio/go.mod @@ -12,14 +12,14 @@ require ( github.com/dustin/go-humanize v1.0.1 // indirect github.com/fatih/color v1.15.0 // indirect github.com/go-ole/go-ole v1.2.6 // indirect - github.com/golang-jwt/jwt/v4 v4.5.1 // indirect + github.com/golang-jwt/jwt/v4 v4.5.0 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/uuid v1.5.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/eventlogger v0.2.6-0.20231025104552-802587e608f0 // indirect github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect @@ -63,16 +63,16 @@ require ( github.com/tklauser/go-sysconf v0.3.12 // indirect github.com/tklauser/numcpus v0.6.1 // indirect github.com/yusufpapurcu/wmi v1.2.3 // indirect - golang.org/x/crypto v0.31.0 // indirect + golang.org/x/crypto v0.22.0 // indirect golang.org/x/net v0.24.0 // indirect - golang.org/x/sync v0.10.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/sync v0.5.0 // indirect + golang.org/x/sys v0.19.0 // indirect + golang.org/x/text v0.14.0 // indirect google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20240125205218-1f4bbc51befe // indirect google.golang.org/grpc v1.61.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/boundary/mains/minio/go.sum b/plugins/boundary/mains/minio/go.sum index f1748aae7d..dd2ce2d68c 100644 --- a/plugins/boundary/mains/minio/go.sum +++ b/plugins/boundary/mains/minio/go.sum @@ -43,8 +43,8 @@ github.com/go-test/deep v1.0.4 h1:u2CU3YKy9I2pmu9pX0eq50wCgjfGIt539SqR7FbHiho= github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= -github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= +github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= @@ -75,8 +75,8 @@ github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+ github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= @@ -261,8 +261,8 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= @@ -270,8 +270,8 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.9.0 h1:KENHtAZL2y3NLMYZeHY9DW8HW8V+kQyJsY/V9JlKvCs= +golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -286,8 +286,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -311,8 +311,8 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= @@ -320,8 +320,8 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -330,8 +330,8 @@ golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapK golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4= +golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -346,8 +346,8 @@ google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/plugins/kms/mains/alicloudkms/go.mod b/plugins/kms/mains/alicloudkms/go.mod index 1fb6f1a26b..0c43eda07d 100644 --- a/plugins/kms/mains/alicloudkms/go.mod +++ b/plugins/kms/mains/alicloudkms/go.mod @@ -3,8 +3,8 @@ module github.com/hashicorp/boundary/plugins/kms/mains/alicloudkms go 1.23.0 require ( - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 - github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.3 + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 + github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.2 ) require ( @@ -13,7 +13,7 @@ require ( github.com/fatih/color v1.14.1 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect @@ -30,12 +30,12 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/stretchr/testify v1.8.4 // indirect - golang.org/x/net v0.31.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/kms/mains/alicloudkms/go.sum b/plugins/kms/mains/alicloudkms/go.sum index 585773cfb4..15082fab99 100644 --- a/plugins/kms/mains/alicloudkms/go.sum +++ b/plugins/kms/mains/alicloudkms/go.sum @@ -18,12 +18,12 @@ github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= -github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.3 h1:36Pxy8BQd7DAJ2Mk6vuJlIjqQ80e20vlO7a4Ep3RTOg= -github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.3/go.mod h1:heY2PS1SGU0cMamgv+zId/sKT+XFHaf61bLOSnP1Gb8= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= +github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.2 h1:j/2W4nWgzUMGrtRnfvFj60PdwooKBGDY4/fec7vvjhc= +github.com/hashicorp/go-kms-wrapping/wrappers/alicloudkms/v2 v2.0.2/go.mod h1:heY2PS1SGU0cMamgv+zId/sKT+XFHaf61bLOSnP1Gb8= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= @@ -90,18 +90,18 @@ github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVK github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U= go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= @@ -109,8 +109,8 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= diff --git a/plugins/kms/mains/awskms/go.mod b/plugins/kms/mains/awskms/go.mod index f40e949613..a3a7596f90 100644 --- a/plugins/kms/mains/awskms/go.mod +++ b/plugins/kms/mains/awskms/go.mod @@ -3,19 +3,19 @@ module github.com/hashicorp/boundary/plugins/kms/mains/awskms go 1.23.0 require ( - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 - github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.10 + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 + github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.8 ) require ( - github.com/aws/aws-sdk-go v1.55.5 // indirect + github.com/aws/aws-sdk-go v1.44.214 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.14.1 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect github.com/hashicorp/go-secure-stdlib/awsutil v0.1.6 // indirect @@ -31,11 +31,11 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/stretchr/testify v1.8.4 // indirect - golang.org/x/net v0.31.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/kms/mains/awskms/go.sum b/plugins/kms/mains/awskms/go.sum index 14e3ebddad..fa631a2b88 100644 --- a/plugins/kms/mains/awskms/go.sum +++ b/plugins/kms/mains/awskms/go.sum @@ -1,6 +1,6 @@ github.com/aws/aws-sdk-go v1.30.27/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= -github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU= -github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= +github.com/aws/aws-sdk-go v1.44.214 h1:YzDuC+9UtrAOUkItlK7l3BvKI9o6qAog9X8i289HORc= +github.com/aws/aws-sdk-go v1.44.214/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= @@ -26,12 +26,12 @@ github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/S github.com/hashicorp/go-hclog v0.16.2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= -github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.10 h1:YOSmJpqZt2X3KL0JUlKdih3WjpDlS9jQPyr6Etdh1GE= -github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.10/go.mod h1:eX4b0InOUfJ3NjfNWlJruBDT3rHXxOVw+7qNFmtjNbo= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= +github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.8 h1:/x3Vx8+G2bcx5J4euSphPy/5OeDC2i7C4Vtak5r8qAw= +github.com/hashicorp/go-kms-wrapping/wrappers/awskms/v2 v2.0.8/go.mod h1:DcXbvVpgNWbxGmxgmu3QN64bEydMu14Cpe34RRR30HY= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= @@ -90,25 +90,49 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= @@ -116,8 +140,8 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= diff --git a/plugins/kms/mains/azurekeyvault/go.mod b/plugins/kms/mains/azurekeyvault/go.mod index 52211cd913..a68bbd1ef6 100644 --- a/plugins/kms/mains/azurekeyvault/go.mod +++ b/plugins/kms/mains/azurekeyvault/go.mod @@ -3,14 +3,14 @@ module github.com/hashicorp/boundary/plugins/kms/mains/azurekeyvault go 1.23.0 require ( - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 - github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.11 + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 + github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.10 ) require ( - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect @@ -20,15 +20,15 @@ require ( github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/fatih/color v1.15.0 // indirect - github.com/golang-jwt/jwt/v4 v4.5.1 // indirect - github.com/golang-jwt/jwt/v5 v5.2.1 // indirect + github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v5 v5.0.0 // indirect github.com/golang/protobuf v1.5.3 // indirect - github.com/google/uuid v1.6.0 // indirect + github.com/google/uuid v1.3.1 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect @@ -38,15 +38,16 @@ require ( github.com/mattn/go-isatty v0.0.19 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/oklog/run v1.1.0 // indirect - github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect + github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/stretchr/testify v1.9.0 // indirect - golang.org/x/crypto v0.31.0 // indirect - golang.org/x/net v0.29.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + github.com/rogpeppe/go-internal v1.8.1 // indirect + github.com/stretchr/testify v1.8.4 // indirect + golang.org/x/crypto v0.15.0 // indirect + golang.org/x/net v0.18.0 // indirect + golang.org/x/sys v0.14.0 // indirect + golang.org/x/text v0.14.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/kms/mains/azurekeyvault/go.sum b/plugins/kms/mains/azurekeyvault/go.sum index 6eab40fa2a..9dae6a3662 100644 --- a/plugins/kms/mains/azurekeyvault/go.sum +++ b/plugins/kms/mains/azurekeyvault/go.sum @@ -1,11 +1,9 @@ -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 h1:nyQWyZvwGTvunIMxi1Y9uXkcyr+I7TeNrr/foo4Kpk8= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0/go.mod h1:l38EPgmsp71HHLq9j7De57JcKOWPyhrsW1Awm1JS6K0= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 h1:B/dfvscEQtew9dVuoxqxrUKKv8Ih2f55PydknDamU+g= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0/go.mod h1:fiPSssYvltE08HJchL04dOy+RD4hgrjph0cwGGMntdI= -github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0 h1:+m0M/LFxN43KvULkDNfdXOgrjtg6UYJPFBJyuEcRCAw= -github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0/go.mod h1:PwOyop78lveYMRs6oCxjiVyBdyCgIYH6XHIVZO9/SFQ= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 h1:fb8kj/Dh4CSwgsOzHeZY4Xh68cFVbzXx+ONXGMY//4w= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0/go.mod h1:uReU2sSxZExRPBAg3qKzmAucSi51+SP1OhohieR821Q= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 h1:BMAjVKJM0U/CYF27gA0ZMmXGkOcvfFtD0oHVZ1TIPRI= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0/go.mod h1:1fXstnBMas5kzG+S3q8UoJcmyU6nUeunJcMDHcRYHhs= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 h1:d81/ng9rET2YqdVkVwkb6EXeRrLJIwyGnJcAlAWKwhs= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0/go.mod h1:s4kgfzA0covAXNicZHDMN58jExvcng2mC/DepXiF1EI= github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 h1:m/sWOGCREuSBqg2htVQTBY8nOZpyajYztF0vUvSZTuM= github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0/go.mod h1:Pu5Zksi2KrU7LPbZbNINx6fuVrUp/ffvpxdDj+i8LeE= github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 h1:FbH3BbSb4bvGluTesZZ+ttN/MDsnMmQP36OSnDuSXqw= @@ -28,44 +26,39 @@ github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+Z github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= -github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM= -github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= -github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= +github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1 h1:WpB/QDNLpMw72xHJc34BNNykqSOeEJDAWkhf0u12/Jk= +github.com/AzureAD/microsoft-authentication-library-for-go v1.1.1/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= -github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= -github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= -github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= +github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= +github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= +github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= -github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= -github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= +github.com/golang-jwt/jwt/v5 v5.0.0 h1:1n1XNM9hk7O9mnQoNBGolZvzebBQ7p93ULHRc28XJUE= +github.com/golang-jwt/jwt/v5 v5.0.0/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= -github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= +github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= -github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.11 h1:/7SKkYIhA8cr3l8m1EKT6Q90bPoSVqqVBuQ6HgoMIkw= -github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.11/go.mod h1:LepS5s6ESGE0qQMpYaui5lX+mQYeiYiy06VzwWRioO8= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= +github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.10 h1:g4F+mrwvfCJJIrLHbKhClClFLz/+T42zASm6S1Av38s= +github.com/hashicorp/go-kms-wrapping/wrappers/azurekeyvault/v2 v2.0.10/go.mod h1:+nZqburV15IZlvfxk29XUdwWour3PkYxRaOFesx37OI= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= @@ -77,10 +70,11 @@ github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c= github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo= -github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs= -github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw= -github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= @@ -98,14 +92,13 @@ github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJ github.com/mitchellh/go-testing-interface v1.14.1/go.mod h1:gfgS7OtZj6MA4U1UrDRp04twqAjfvlZyCfX3sDjEym8= github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= -github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ= -github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU= +github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU= +github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/redis/go-redis/v9 v9.6.1 h1:HHDteefn6ZkTtY5fGUE8tj8uy85AHk6zP7CpzIAM0y4= -github.com/redis/go-redis/v9 v9.6.1/go.mod h1:0C0c6ycQsdpVNQpxb1njEQIqkx5UcsM8FJCQLgE9+RA= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg= +github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= @@ -113,23 +106,23 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA= +golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= -golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= +golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= +golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -138,17 +131,17 @@ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= @@ -157,8 +150,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= @@ -170,11 +163,15 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= -gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/plugins/kms/mains/gcpckms/go.mod b/plugins/kms/mains/gcpckms/go.mod index e39bb72327..c4c2acdede 100644 --- a/plugins/kms/mains/gcpckms/go.mod +++ b/plugins/kms/mains/gcpckms/go.mod @@ -3,8 +3,8 @@ module github.com/hashicorp/boundary/plugins/kms/mains/gcpckms go 1.23.0 require ( - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 - github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.12 + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 + github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.10 ) require ( @@ -20,7 +20,7 @@ require ( github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect github.com/googleapis/gax-go/v2 v2.12.0 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect @@ -33,18 +33,18 @@ require ( github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/stretchr/testify v1.8.4 // indirect go.opencensus.io v0.24.0 // indirect - golang.org/x/crypto v0.31.0 // indirect - golang.org/x/net v0.31.0 // indirect + golang.org/x/crypto v0.14.0 // indirect + golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.13.0 // indirect - golang.org/x/sync v0.10.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/sync v0.4.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect google.golang.org/api v0.149.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20231016165738-49dd2c1f3d0b // indirect google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/kms/mains/gcpckms/go.sum b/plugins/kms/mains/gcpckms/go.sum index 40cbb559d0..9c0afe2c3c 100644 --- a/plugins/kms/mains/gcpckms/go.sum +++ b/plugins/kms/mains/gcpckms/go.sum @@ -61,12 +61,12 @@ github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56 github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= -github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.12 h1:PCqWzT/Hii0KL07JsBZ3lJbv/wx02IAHYlhWQq8rxRY= -github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.12/go.mod h1:HSaOaX/lv3ShCdilUYbOTPnSvmoZ9xtQhgw+8hYcZkg= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= +github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.10 h1:/HAAj2i/jeo2GqdWO1XjlutpaKzZaeBe3scvuujAJPg= +github.com/hashicorp/go-kms-wrapping/wrappers/gcpckms/v2 v2.0.10/go.mod h1:HSaOaX/lv3ShCdilUYbOTPnSvmoZ9xtQhgw+8hYcZkg= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= @@ -117,8 +117,8 @@ go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= @@ -130,16 +130,16 @@ golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= +golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -150,13 +150,13 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -196,8 +196,8 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= diff --git a/plugins/kms/mains/ocikms/go.mod b/plugins/kms/mains/ocikms/go.mod index f4b5896a1e..07fd1460eb 100644 --- a/plugins/kms/mains/ocikms/go.mod +++ b/plugins/kms/mains/ocikms/go.mod @@ -3,7 +3,7 @@ module github.com/hashicorp/boundary/plugins/kms/mains/ocikms go 1.23.0 require ( - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 github.com/hashicorp/go-kms-wrapping/wrappers/ocikms/v2 v2.0.8 ) @@ -12,7 +12,7 @@ require ( github.com/fatih/color v1.14.1 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/hashicorp/go-hclog v1.5.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect @@ -26,11 +26,11 @@ require ( github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/sony/gobreaker v0.5.0 // indirect github.com/stretchr/testify v1.8.4 // indirect - golang.org/x/net v0.31.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/kms/mains/ocikms/go.sum b/plugins/kms/mains/ocikms/go.sum index 60785c0b4f..ef5345e7f5 100644 --- a/plugins/kms/mains/ocikms/go.sum +++ b/plugins/kms/mains/ocikms/go.sum @@ -14,10 +14,10 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-kms-wrapping/wrappers/ocikms/v2 v2.0.8 h1:F2RNYvXq9yJKbXRxfHBSzOCx0YxRdkaQ8qu0EECeu5U= github.com/hashicorp/go-kms-wrapping/wrappers/ocikms/v2 v2.0.8/go.mod h1:ULlMyM1QKNuq1JIENcNCRAkgo/RYxxCkm26pjR6w/ko= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= @@ -69,18 +69,18 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= @@ -88,8 +88,8 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= diff --git a/plugins/kms/mains/transit/go.mod b/plugins/kms/mains/transit/go.mod index 6a6c24e8c5..0c29b17135 100644 --- a/plugins/kms/mains/transit/go.mod +++ b/plugins/kms/mains/transit/go.mod @@ -3,23 +3,23 @@ module github.com/hashicorp/boundary/plugins/kms/mains/transit go 1.23.0 require ( - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 - github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12 + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 + github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12-0.20240510224000-05c77e842118 ) require ( github.com/cenkalti/backoff/v3 v3.2.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/fatih/color v1.16.0 // indirect + github.com/fatih/color v1.15.0 // indirect github.com/go-jose/go-jose/v3 v3.0.3 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-hclog v1.6.3 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 // indirect + github.com/hashicorp/go-hclog v1.5.0 // indirect + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-plugin v1.5.2 // indirect - github.com/hashicorp/go-retryablehttp v0.7.7 // indirect + github.com/hashicorp/go-retryablehttp v0.7.2 // indirect github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect @@ -30,7 +30,7 @@ require ( github.com/hashicorp/vault/api v1.10.0 // indirect github.com/hashicorp/yamux v0.1.1 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.20 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect @@ -38,13 +38,13 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect github.com/stretchr/testify v1.8.4 // indirect - golang.org/x/crypto v0.31.0 // indirect + golang.org/x/crypto v0.21.0 // indirect golang.org/x/net v0.23.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/sys v0.18.0 // indirect + golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.3.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/grpc v1.59.0 // indirect - google.golang.org/protobuf v1.34.2 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/plugins/kms/mains/transit/go.sum b/plugins/kms/mains/transit/go.sum index 90ef46c18a..7be96a2a09 100644 --- a/plugins/kms/mains/transit/go.sum +++ b/plugins/kms/mains/transit/go.sum @@ -9,8 +9,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= -github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k= github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw= @@ -26,21 +26,22 @@ github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= -github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= -github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12 h1:E8pzzF7i44OZCYDol+U7VbTBmHe65/6dx1nYxS0P1k0= -github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12/go.mod h1:YRqguGarF7kbHeojTPkanH3qvjbEP2pelq5b0ifaQ1M= +github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= +github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= +github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= +github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12-0.20240510224000-05c77e842118 h1:Znp4cktSGpDSk3CQvdmluVoozB8VsgUDKEUNrmzy/Uk= +github.com/hashicorp/go-kms-wrapping/wrappers/transit/v2 v2.0.12-0.20240510224000-05c77e842118/go.mod h1:YRqguGarF7kbHeojTPkanH3qvjbEP2pelq5b0ifaQ1M= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT1G2Y= github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= -github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= -github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= +github.com/hashicorp/go-retryablehttp v0.7.2 h1:AcYqCvkpalPnPF2pn0KamgwamS42TqUDDYFRKq/RAd0= +github.com/hashicorp/go-retryablehttp v0.7.2/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= @@ -77,8 +78,8 @@ github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNx github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= -github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= @@ -99,6 +100,7 @@ github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFo github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= @@ -107,8 +109,8 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -134,11 +136,10 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= @@ -149,9 +150,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -166,8 +166,8 @@ google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/sdk/go.mod b/sdk/go.mod index 94e9fd626c..e972dd45f7 100644 --- a/sdk/go.mod +++ b/sdk/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/boundary/sdk -go 1.23.3 +go 1.23.1 require ( github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 @@ -13,14 +13,14 @@ require ( github.com/stretchr/testify v1.8.4 google.golang.org/genproto/googleapis/api v0.0.0-20240125205218-1f4bbc51befe google.golang.org/grpc v1.61.0 - google.golang.org/protobuf v1.34.2 + google.golang.org/protobuf v1.33.0 nhooyr.io/websocket v1.8.10 ) require ( github.com/Masterminds/semver/v3 v3.2.0 // indirect github.com/Masterminds/sprig/v3 v3.2.3 // indirect - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 // indirect + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/rogpeppe/go-internal v1.9.0 // indirect github.com/shopspring/decimal v1.3.1 // indirect @@ -39,7 +39,7 @@ require ( github.com/golang/protobuf v1.5.3 // indirect github.com/google/uuid v1.4.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 + github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-secure-stdlib/configutil/v2 v2.0.11 github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 // indirect @@ -65,9 +65,9 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/posener/complete v1.2.3 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect - golang.org/x/crypto v0.31.0 // indirect - golang.org/x/net v0.31.0 // indirect - golang.org/x/sys v0.28.0 // indirect - golang.org/x/text v0.21.0 // indirect + golang.org/x/crypto v0.18.0 // indirect + golang.org/x/net v0.20.0 // indirect + golang.org/x/sys v0.16.0 // indirect + golang.org/x/text v0.14.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/sdk/go.sum b/sdk/go.sum index b589746d75..ac13d53c2a 100644 --- a/sdk/go.sum +++ b/sdk/go.sum @@ -47,10 +47,10 @@ github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e github.com/hashicorp/eventlogger/filters/encrypt v0.1.8-0.20231025104552-802587e608f0/go.mod h1:tMywUTIvdB/FXhwm6HMTt61C8/eODY6gitCHhXtyojg= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7 h1:gM4OwbF16Cmfxt2QMkoGMQbRTfYFZLvDMPgU3rM3KIo= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.7/go.mod h1:7ZMHVluyqgHgEuTADeDzFNWoA9mnyPfdiK8Tk2Bct1c= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16 h1:WZeXfD26QMWYC35at25KgE021SF9L3u9UMHK8fJAdV0= -github.com/hashicorp/go-kms-wrapping/v2 v2.0.16/go.mod h1:ZiKZctjRTLEppuRwrttWkp71VYMbTTCkazK4xT7U/NQ= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= +github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= @@ -169,8 +169,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= -golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= @@ -186,8 +186,8 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo= -golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM= +golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -209,8 +209,8 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= -golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= @@ -218,8 +218,8 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= +golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -242,8 +242,8 @@ google.golang.org/grpc v1.61.0 h1:TOvOcuXn30kRao+gfcvsebNEa5iZIiLkisYEkf7R7o0= google.golang.org/grpc v1.61.0/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/testing/internal/e2e/boundary/host.go b/testing/internal/e2e/boundary/host.go index f85df4eeab..a98277874d 100644 --- a/testing/internal/e2e/boundary/host.go +++ b/testing/internal/e2e/boundary/host.go @@ -240,9 +240,9 @@ func CreateAwsHostCatalogCli(t testing.TB, ctx context.Context, projectId, acces return hostCatalogId, nil } -// CreatePluginHostSetCli uses the cli to create a new host set from a dynamic host catalog. +// CreateAwsHostSetCli uses the cli to create a new host set from an AWS dynamic host catalog. // Returns the id of the new host set. -func CreatePluginHostSetCli(t testing.TB, ctx context.Context, hostCatalogId string, filter string) (string, error) { +func CreateAwsHostSetCli(t testing.TB, ctx context.Context, hostCatalogId string, filter string) (string, error) { name, err := base62.Random(16) if err != nil { return "", err @@ -359,53 +359,3 @@ func WaitForNumberOfHostsInHostSetCli(t testing.TB, ctx context.Context, hostSet ) require.NoError(t, err) } - -// CreateGcpHostCatalogCli uses the cli to create a new GCP dynamic host catalog. -// Returns the id of the new host catalog. -func CreateGcpHostCatalogCli( - t testing.TB, - ctx context.Context, - projectId string, - gcpProjectId string, - clientEmail string, - privateKeyId string, - privateKey string, - zone string, -) (string, error) { - name, err := base62.Random(16) - if err != nil { - return "", err - } - - output := e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "host-catalogs", "create", "plugin", - "-scope-id", projectId, - "-plugin-name", "gcp", - "-attr", "disable_credential_rotation=true", - "-attr", fmt.Sprintf("project_id=%s", gcpProjectId), - "-attr", fmt.Sprintf("client_email=%s", clientEmail), - "-attr", fmt.Sprintf("zone=%s", zone), - "-secret", "private_key_id=env://E2E_GCP_PRIVATE_KEY_ID", - "-secret", "private_key=env://E2E_GCP_PRIVATE_KEY", - "-name", fmt.Sprintf("e2e Host Catalog %s", name), - "-description", "e2e", - "-format", "json", - ), - e2e.WithEnv("E2E_GCP_PRIVATE_KEY_ID", privateKeyId), - e2e.WithEnv("E2E_GCP_PRIVATE_KEY", privateKey), - ) - if output.Err != nil { - return "", fmt.Errorf("%w: %s", output.Err, string(output.Stderr)) - } - - var createHostCatalogResult hostcatalogs.HostCatalogCreateResult - err = json.Unmarshal(output.Stdout, &createHostCatalogResult) - if err != nil { - return "", err - } - - hostCatalogId := createHostCatalogResult.Item.Id - t.Logf("Created Host Catalog: %s", hostCatalogId) - return hostCatalogId, nil -} diff --git a/testing/internal/e2e/infra/docker.go b/testing/internal/e2e/infra/docker.go index 1a412f97f7..97bb76bafe 100644 --- a/testing/internal/e2e/infra/docker.go +++ b/testing/internal/e2e/infra/docker.go @@ -172,7 +172,7 @@ func StartBoundary(t testing.TB, pool *dockertest.Pool, network *dockertest.Netw Mounts: []string{path.Dir(boundaryConfigFilePath) + ":/boundary/"}, Name: "boundary", Networks: []*dockertest.Network{network}, - ExposedPorts: []string{"9200/tcp", "9201/tcp", "9202/tcp", "9203/tcp"}, + ExposedPorts: []string{"9200", "9201", "9202", "9203"}, PortBindings: map[docker.Port][]docker.PortBinding{ "9200/tcp": {{HostIP: "localhost", HostPort: "9200/tcp"}}, "9201/tcp": {{HostIP: "localhost", HostPort: "9201/tcp"}}, @@ -212,7 +212,7 @@ func StartVault(t testing.TB, pool *dockertest.Pool, network *dockertest.Network }, Name: "vault", Networks: []*dockertest.Network{network}, - ExposedPorts: []string{"8200/tcp"}, + ExposedPorts: []string{"8200"}, PortBindings: map[docker.Port][]docker.PortBinding{ "8200/tcp": {{HostIP: "localhost", HostPort: "8210/tcp"}}, }, diff --git a/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_empty_test.go b/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_empty_test.go index a37f517d49..11a5f4dfe9 100644 --- a/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_empty_test.go +++ b/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_empty_test.go @@ -42,7 +42,7 @@ func TestCliCreateAwsDynamicHostCatalogWithEmptyHostSet(t *testing.T) { require.NoError(t, err) // Set up a host set - hostSetId, err := boundary.CreatePluginHostSetCli(t, ctx, hostCatalogId, "tag:empty_test=true") + hostSetId, err := boundary.CreateAwsHostSetCli(t, ctx, hostCatalogId, "tag:empty_test=true") require.NoError(t, err) // Check that there are no hosts in the host set diff --git a/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_test.go b/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_test.go index 517fec504d..8d413b1c6f 100644 --- a/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_test.go +++ b/testing/internal/e2e/tests/aws/dynamichostcatalog_host_set_test.go @@ -47,7 +47,7 @@ func TestCliCreateAwsDynamicHostCatalogWithHostSet(t *testing.T) { require.NoError(t, err) // Set up a host set - hostSetId1, err := boundary.CreatePluginHostSetCli(t, ctx, hostCatalogId, c.AwsHostSetFilter1) + hostSetId1, err := boundary.CreateAwsHostSetCli(t, ctx, hostCatalogId, c.AwsHostSetFilter1) require.NoError(t, err) var targetIps1 []string err = json.Unmarshal([]byte(c.AwsHostSetIps1), &targetIps1) @@ -56,7 +56,7 @@ func TestCliCreateAwsDynamicHostCatalogWithHostSet(t *testing.T) { boundary.WaitForNumberOfHostsInHostSetCli(t, ctx, hostSetId1, expectedHostSetCount1) // Set up another host set - hostSetId2, err := boundary.CreatePluginHostSetCli(t, ctx, hostCatalogId, c.AwsHostSetFilter2) + hostSetId2, err := boundary.CreateAwsHostSetCli(t, ctx, hostCatalogId, c.AwsHostSetFilter2) require.NoError(t, err) var targetIps2 []string err = json.Unmarshal([]byte(c.AwsHostSetIps2), &targetIps2) diff --git a/testing/internal/e2e/tests/base/search_test.go b/testing/internal/e2e/tests/base/search_test.go index 5a1c9e8aad..56594ece79 100644 --- a/testing/internal/e2e/tests/base/search_test.go +++ b/testing/internal/e2e/tests/base/search_test.go @@ -33,11 +33,11 @@ func TestCliSearch(t *testing.T) { ctx := context.Background() - // If cache is already running, stop it so that we can start it with a + // If daemon is already running, stop it so that we can start it with a // shorter refresh interval output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "status", "-format", "json")) if output.Err == nil { - t.Log("Stopping cache...") + t.Log("Stopping daemon...") output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "stop")) require.NoError(t, output.Err, string(output.Stderr)) } @@ -54,8 +54,8 @@ func TestCliSearch(t *testing.T) { require.NoError(t, output.Err, string(output.Stderr)) }) - // Wait for cache to be up and running - t.Log("Waiting for cache to start...") + // Wait for daemon to be up and running + t.Log("Waiting for daemon to start...") var statusResult clientcache.StatusResult err = backoff.RetryNotify( func() error { @@ -80,7 +80,7 @@ func TestCliSearch(t *testing.T) { require.Equal(t, statusResult.StatusCode, 200) require.GreaterOrEqual(t, statusResult.Item.Uptime, 0*time.Second) - // Confirm cache version matches CLI version + // Confirm daemon version matches CLI version output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs("version", "-format", "json")) require.NoError(t, output.Err, string(output.Stderr)) var versionResult version.Info @@ -102,48 +102,19 @@ func TestCliSearch(t *testing.T) { require.NoError(t, err) // Get current number of targets - var currentCount int - err = backoff.RetryNotify( - func() error { - output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "status", "-format", "json")) - if output.Err != nil { - return backoff.Permanent(errors.New(string(output.Stderr))) - } - - statusResult = clientcache.StatusResult{} - err = json.Unmarshal(output.Stdout, &statusResult) - if err != nil { - return errors.New("Failed to unmarshal status result") - } - - if len(statusResult.Item.Users) == 0 { - output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation)) - t.Log("Printing cache log...") - t.Log(string(output.Stdout)) - return errors.New("No users are appearing in the status") - } - idx := slices.IndexFunc( - statusResult.Item.Users[0].Resources, - func(r clientcache.ResourceStatus) bool { - return r.Name == "target" - }, - ) - if idx == -1 { - output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation)) - t.Log("Printing cache log...") - t.Log(string(output.Stdout)) - return errors.New("Targets not found in cache") - } - currentCount = statusResult.Item.Users[0].Resources[idx].Count - - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) + output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs("cache", "status", "-format", "json")) + require.NoError(t, output.Err, string(output.Stderr)) + statusResult = clientcache.StatusResult{} + err = json.Unmarshal(output.Stdout, &statusResult) + require.Len(t, statusResult.Item.Users, 1) + idx := slices.IndexFunc( + statusResult.Item.Users[0].Resources, + func(r clientcache.ResourceStatus) bool { + return r.Name == "target" }, ) - require.NoError(t, err) + require.NotEqual(t, idx, -1) + currentCount := statusResult.Item.Users[0].Resources[idx].Count // Create enough targets to overflow a single page. // Use the API to make creation faster. @@ -195,9 +166,6 @@ func TestCliSearch(t *testing.T) { } if len(statusResult.Item.Users) == 0 { - output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation)) - t.Log("Printing cache log...") - t.Log(string(output.Stdout)) return errors.New("No users are appearing in the status") } @@ -208,9 +176,6 @@ func TestCliSearch(t *testing.T) { }, ) if idx == -1 { - output = e2e.RunCommand(ctx, "cat", e2e.WithArgs(statusResult.Item.LogLocation)) - t.Log("Printing cache log...") - t.Log(string(output.Stdout)) return errors.New("No targets are appearing in the status") } @@ -235,7 +200,7 @@ func TestCliSearch(t *testing.T) { require.NoError(t, err) // Search for targets that contain the target prefix. - // This requests data from the client cache. + // This requests data from the client cache daemon. t.Log("Searching targets...") output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs( diff --git a/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go b/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go index 9e9c6c9dc1..af939ac6be 100644 --- a/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go +++ b/testing/internal/e2e/tests/base_with_worker/target_tcp_worker_connect_ssh_test.go @@ -6,13 +6,10 @@ package base_with_worker_test import ( "context" "encoding/json" - "errors" "fmt" "strings" "testing" - "time" - "github.com/cenkalti/backoff/v4" "github.com/hashicorp/boundary/api/workers" "github.com/hashicorp/boundary/internal/target" "github.com/hashicorp/boundary/testing/internal/e2e" @@ -237,32 +234,19 @@ func TestCliTcpTargetWorkerConnectTarget(t *testing.T) { ), ) require.NoError(t, output.Err, string(output.Stderr)) - err = backoff.RetryNotify( - func() error { - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "connect", "ssh", - "-target-id", targetId, - "-remote-command", "hostname -i", - "--", - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - ), - ) - if output.Err != nil { - return errors.New(string(output.Stderr)) - } - - require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) - }, + output = e2e.RunCommand(ctx, "boundary", + e2e.WithArgs( + "connect", "ssh", + "-target-id", targetId, + "-remote-command", "hostname -i", + "--", + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + ), ) - require.NoError(t, err) + require.NoError(t, output.Err, string(output.Stderr)) + require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) t.Log("Successfully connected to target with new filter") // Update worker to have a different tag. This should result in a failed connection @@ -309,32 +293,19 @@ func TestCliTcpTargetWorkerConnectTarget(t *testing.T) { ), ) require.NoError(t, output.Err, string(output.Stderr)) - err = backoff.RetryNotify( - func() error { - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "connect", "ssh", - "-target-id", targetId, - "-remote-command", "hostname -i", - "--", - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - ), - ) - if output.Err != nil { - return errors.New(string(output.Stderr)) - } - - require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) - }, + output = e2e.RunCommand(ctx, "boundary", + e2e.WithArgs( + "connect", "ssh", + "-target-id", targetId, + "-remote-command", "hostname -i", + "--", + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + ), ) - require.NoError(t, err) + require.NoError(t, output.Err, string(output.Stderr)) + require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) t.Log("Successfully connected to target with new filter") // Remove API tags @@ -388,36 +359,22 @@ func TestCliTcpTargetWorkerConnectTarget(t *testing.T) { ), ) require.NoError(t, output.Err, string(output.Stderr)) - err = backoff.RetryNotify( - func() error { - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "connect", "ssh", - "-target-id", targetId, - "-remote-command", "hostname -i", - "--", - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - ), - ) - if output.Err != nil { - return errors.New(string(output.Stderr)) - } - - require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) - }, + output = e2e.RunCommand(ctx, "boundary", + e2e.WithArgs( + "connect", "ssh", + "-target-id", targetId, + "-remote-command", "hostname -i", + "--", + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + ), ) - require.NoError(t, err) + require.NoError(t, output.Err, string(output.Stderr)) + require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) t.Log("Successfully connected to target") // Remove API tag - t.Log("Removing API tag...") output = e2e.RunCommand(ctx, "boundary", e2e.WithArgs( "workers", "remove-worker-tags", @@ -426,31 +383,18 @@ func TestCliTcpTargetWorkerConnectTarget(t *testing.T) { ), ) require.NoError(t, output.Err, string(output.Stderr)) - err = backoff.RetryNotify( - func() error { - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "connect", "ssh", - "-target-id", targetId, - "-remote-command", "hostname -i", - "--", - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - ), - ) - if output.Err != nil { - return errors.New(string(output.Stderr)) - } - - require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) - }, + output = e2e.RunCommand(ctx, "boundary", + e2e.WithArgs( + "connect", "ssh", + "-target-id", targetId, + "-remote-command", "hostname -i", + "--", + "-o", "UserKnownHostsFile=/dev/null", + "-o", "StrictHostKeyChecking=no", + "-o", "IdentitiesOnly=yes", // forces the use of the provided key + ), ) - require.NoError(t, err) + require.NoError(t, output.Err, string(output.Stderr)) + require.Equal(t, c.TargetAddress, strings.TrimSpace(string(output.Stdout))) t.Log("Successfully connected to target") } diff --git a/testing/internal/e2e/tests/database/migration_test.go b/testing/internal/e2e/tests/database/migration_test.go index 7e6c89558b..2912536628 100644 --- a/testing/internal/e2e/tests/database/migration_test.go +++ b/testing/internal/e2e/tests/database/migration_test.go @@ -181,17 +181,16 @@ func setupEnvironment(t testing.TB, c *config, boundaryRepo, boundaryTag string) t.Log("Waiting for Boundary to finish loading...") err = pool.Retry(func() error { - response, err := http.Get(fmt.Sprintf("%s/health", b.UriLocalhost)) + response, err := http.Get(b.UriLocalhost) if err != nil { - t.Logf("Could not access health endpoint: %s. Retrying...", err.Error()) + t.Logf("Could not access Boundary URL: %s. Retrying...", err.Error()) return err } if response.StatusCode != http.StatusOK { - return fmt.Errorf("Health check returned an error. Status Code: %d", response.StatusCode) + return fmt.Errorf("Could not connect to %s. Status Code: %d", b.UriLocalhost, response.StatusCode) } - response.Body.Close() return nil }) require.NoError(t, err) @@ -243,7 +242,7 @@ func populateBoundaryDatabase(t testing.TB, ctx context.Context, c *config, te T // Create AWS dynamic host catalog awsHostCatalogId, err := boundary.CreateAwsHostCatalogCli(t, ctx, projectId, c.AwsAccessKeyId, c.AwsSecretAccessKey, c.AwsRegion) require.NoError(t, err) - awsHostSetId, err := boundary.CreatePluginHostSetCli(t, ctx, awsHostCatalogId, c.AwsHostSetFilter) + awsHostSetId, err := boundary.CreateAwsHostSetCli(t, ctx, awsHostCatalogId, c.AwsHostSetFilter) require.NoError(t, err) boundary.WaitForHostsInHostSetCli(t, ctx, awsHostSetId) diff --git a/testing/internal/e2e/tests/database/testdata/boundary-config.hcl b/testing/internal/e2e/tests/database/testdata/boundary-config.hcl index f191c22575..d814774170 100644 --- a/testing/internal/e2e/tests/database/testdata/boundary-config.hcl +++ b/testing/internal/e2e/tests/database/testdata/boundary-config.hcl @@ -91,7 +91,7 @@ events { ] file { - path = "/boundary/logs" + path = "/logs" file_name = "audit.log" } diff --git a/testing/internal/e2e/tests/gcp/dynamichostcatalog_host_set_empty_test.go b/testing/internal/e2e/tests/gcp/dynamichostcatalog_host_set_empty_test.go deleted file mode 100644 index 6b96a1c14b..0000000000 --- a/testing/internal/e2e/tests/gcp/dynamichostcatalog_host_set_empty_test.go +++ /dev/null @@ -1,138 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package gcp_test - -import ( - "context" - "encoding/json" - "fmt" - "net/http" - "os" - "testing" - "time" - - "github.com/hashicorp/boundary/api/hostcatalogs" - "github.com/hashicorp/boundary/api/hostsets" - "github.com/hashicorp/boundary/testing/internal/e2e" - "github.com/hashicorp/boundary/testing/internal/e2e/boundary" - "github.com/stretchr/testify/require" -) - -// TestCliCreateGcpDynamicHostCatalogWithEmptyHostSet uses the boundary cli to create a host catalog with the GCP -// plugin. The test sets up an GCP dynamic host catalog, creates some host sets, sets up a target to -// one of the host sets, and attempts to connect to the target. -func TestCliCreateGcpDynamicHostCatalogWithEmptyHostSet(t *testing.T) { - e2e.MaybeSkipTest(t) - c, err := loadTestConfig() - require.NoError(t, err) - - ctx := context.Background() - boundary.AuthenticateAdminCli(t, ctx) - orgId, err := boundary.CreateOrgCli(t, ctx) - require.NoError(t, err) - t.Cleanup(func() { - ctx := context.Background() - boundary.AuthenticateAdminCli(t, ctx) - output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("scopes", "delete", "-id", orgId)) - require.NoError(t, output.Err, string(output.Stderr)) - }) - projectId, err := boundary.CreateProjectCli(t, ctx, orgId) - require.NoError(t, err) - hostCatalogId, err := boundary.CreateGcpHostCatalogCli(t, ctx, projectId, c.GcpProjectId, c.GcpClientEmail, c.GcpPrivateKeyId, c.GcpPrivateKey, c.GcpZone) - require.NoError(t, err) - - // Set up a host set - hostSetId, err := boundary.CreatePluginHostSetCli(t, ctx, hostCatalogId, "labels.empty_test=true") - require.NoError(t, err) - - // Check that there are no hosts in the host set - t.Logf("Looking for items in the host set...") - var actualHostSetCount int - for i := 0; i < 3; i++ { - if i != 0 { - time.Sleep(3 * time.Second) - } - - output := e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "host-sets", "read", - "-id", hostSetId, - "-format", "json", - ), - ) - require.NoError(t, output.Err, string(output.Stderr)) - var hostSetsReadResult hostsets.HostSetReadResult - err := json.Unmarshal(output.Stdout, &hostSetsReadResult) - require.NoError(t, err) - - actualHostSetCount = len(hostSetsReadResult.Item.HostIds) - require.Equal(t, 0, actualHostSetCount, - fmt.Sprintf("Detected incorrect number of hosts. Expected: 0, Actual: %d", actualHostSetCount), - ) - } - t.Log("Successfully detected zero hosts in the host set") - - // Check that there are no hosts in the host catalog - t.Logf("Looking for items in the host catalog...") - var actualHostCatalogCount int - for i := 0; i < 3; i++ { - if i != 0 { - time.Sleep(3 * time.Second) - } - - output := e2e.RunCommand(ctx, "boundary", - e2e.WithArgs("hosts", "list", "-host-catalog-id", hostCatalogId, "-format", "json"), - ) - require.NoError(t, output.Err, string(output.Stderr)) - var hostCatalogListResult hostcatalogs.HostCatalogListResult - err := json.Unmarshal(output.Stdout, &hostCatalogListResult) - require.NoError(t, err) - - actualHostCatalogCount = len(hostCatalogListResult.Items) - require.Equal(t, 0, actualHostCatalogCount, - fmt.Sprintf("Detected incorrect number of hosts. Expected: 0, Actual: %d", actualHostCatalogCount), - ) - } - t.Log("Successfully detected zero hosts in the host catalog") - - // Create target - targetId, err := boundary.CreateTargetCli(t, ctx, projectId, c.GcpTargetPort) - require.NoError(t, err) - err = boundary.AddHostSourceToTargetCli(t, ctx, targetId, hostSetId) - require.NoError(t, err) - - // Create a temporary file to store the SSH key string - tempFile, err := os.CreateTemp("./", "ssh-key.pem") - require.NoError(t, err) - defer os.Remove(tempFile.Name()) - - // Write the SSH key string to the temporary file - _, err = tempFile.WriteString(c.GcpTargetSshKey) - require.NoError(t, err) - err = tempFile.Close() - require.NoError(t, err) - - // Attempt to connect to target - output := e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "connect", - "-target-id", targetId, - "-format", "json", - "-exec", "/usr/bin/ssh", "--", - "-l", c.GcpTargetSshUser, - "-i", tempFile.Name(), - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - "-p", "{{boundary.port}}", // this is provided by boundary - "{{boundary.ip}}", - "hostname", "-i", - ), - ) - var response boundary.CliError - err = json.Unmarshal(output.Stderr, &response) - require.NoError(t, err) - require.Equal(t, http.StatusNotFound, response.Status, "Expected to error when connecting to a target with zero hosts") - t.Log("Successfully failed to connect to target") -} diff --git a/testing/internal/e2e/tests/gcp/dynamichostcatalog_host_set_test.go b/testing/internal/e2e/tests/gcp/dynamichostcatalog_host_set_test.go deleted file mode 100644 index 0ac7274059..0000000000 --- a/testing/internal/e2e/tests/gcp/dynamichostcatalog_host_set_test.go +++ /dev/null @@ -1,281 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package gcp_test - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "os" - "strings" - "testing" - "time" - - "github.com/cenkalti/backoff/v4" - "github.com/hashicorp/boundary/api/hostcatalogs" - "github.com/hashicorp/boundary/api/hosts" - "github.com/hashicorp/boundary/api/hostsets" - "github.com/hashicorp/boundary/api/scopes" - "github.com/hashicorp/boundary/testing/internal/e2e" - "github.com/hashicorp/boundary/testing/internal/e2e/boundary" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -// TestCliCreateGcpDynamicHostCatalogWithHostSet uses the boundary cli to create a host catalog with the GCP -// plugin. The test sets up an GCP dynamic host catalog, creates some host sets, sets up a target to -// one of the host sets, and attempts to connect to the target. -func TestCliCreateGcpDynamicHostCatalogWithHostSet(t *testing.T) { - e2e.MaybeSkipTest(t) - c, err := loadTestConfig() - require.NoError(t, err) - - ctx := context.Background() - boundary.AuthenticateAdminCli(t, ctx) - orgId, err := boundary.CreateOrgCli(t, ctx) - require.NoError(t, err) - t.Cleanup(func() { - ctx := context.Background() - boundary.AuthenticateAdminCli(t, ctx) - output := e2e.RunCommand(ctx, "boundary", e2e.WithArgs("scopes", "delete", "-id", orgId)) - require.NoError(t, output.Err, string(output.Stderr)) - }) - projectId, err := boundary.CreateProjectCli(t, ctx, orgId) - require.NoError(t, err) - hostCatalogId, err := boundary.CreateGcpHostCatalogCli(t, ctx, projectId, c.GcpProjectId, c.GcpClientEmail, c.GcpPrivateKeyId, c.GcpPrivateKey, c.GcpZone) - require.NoError(t, err) - - // Set up a host set - hostSetId1, err := boundary.CreatePluginHostSetCli(t, ctx, hostCatalogId, c.GcpHostSetFilter1) - require.NoError(t, err) - boundary.WaitForNumberOfHostsInHostSetCli(t, ctx, hostSetId1, 1) - - // Set up another host set - hostSetId2, err := boundary.CreatePluginHostSetCli(t, ctx, hostCatalogId, c.GcpHostSetFilter2) - require.NoError(t, err) - boundary.WaitForNumberOfHostsInHostSetCli(t, ctx, hostSetId2, 1) - - // Update host set with a different filter - t.Log("Updating host set 2 with host set 1's filter...") - output := e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "host-sets", "update", "plugin", - "-id", hostSetId2, - "-attr", fmt.Sprintf("filters=%s", c.GcpHostSetFilter1), - ), - ) - require.NoError(t, output.Err, string(output.Stderr)) - boundary.WaitForNumberOfHostsInHostSetCli(t, ctx, hostSetId2, 1) - - // update host set to use preferred endpoints - t.Log("Updating host set 1 to use preferred endpoint...") - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "host-sets", "update", "plugin", - "-id", hostSetId1, - "-preferred-endpoint", fmt.Sprintf("cidr:%s/32", c.GcpTargetAddress), - ), - ) - require.NoError(t, output.Err, string(output.Stderr)) - - // Get list of all hosts from host catalog - t.Logf("Looking for items in the host catalog...") - var actualHostCatalogCount int - err = backoff.RetryNotify( - func() error { - output := e2e.RunCommand(ctx, "boundary", - e2e.WithArgs("hosts", "list", "-host-catalog-id", hostCatalogId, "-format", "json"), - ) - if output.Err != nil { - return backoff.Permanent(errors.New(string(output.Stderr))) - } - - var hostCatalogListResult hostcatalogs.HostCatalogListResult - err := json.Unmarshal(output.Stdout, &hostCatalogListResult) - if err != nil { - return backoff.Permanent(err) - } - - t.Logf("Found %v host(s)", len(hostCatalogListResult.GetItems())) - - actualHostCatalogCount = len(hostCatalogListResult.Items) - if actualHostCatalogCount == 0 { - return errors.New("No items are appearing in the host catalog") - } - - t.Logf("Found %d host(s)", actualHostCatalogCount) - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) - }, - ) - require.NoError(t, err) - assert.Equal(t, 1, actualHostCatalogCount, "Numbers of hosts in host catalog did not match expected amount") - - // Create target - targetId, err := boundary.CreateTargetCli(t, ctx, projectId, c.GcpTargetPort) - require.NoError(t, err) - err = boundary.AddHostSourceToTargetCli(t, ctx, targetId, hostSetId1) - require.NoError(t, err) - - // Create a temporary file to store the SSH key string - tempFile, err := os.CreateTemp("./", "ssh-key.pem") - require.NoError(t, err) - defer os.Remove(tempFile.Name()) - - // Write the SSH key string to the temporary file - _, err = tempFile.WriteString(c.GcpTargetSshKey) - require.NoError(t, err) - err = tempFile.Close() - require.NoError(t, err) - - // Connect to target - output = e2e.RunCommand(ctx, "boundary", - e2e.WithArgs( - "connect", - "-target-id", targetId, - "-exec", "/usr/bin/ssh", "--", - "-l", c.GcpTargetSshUser, - "-i", tempFile.Name(), - "-o", "UserKnownHostsFile=/dev/null", - "-o", "StrictHostKeyChecking=no", - "-o", "IdentitiesOnly=yes", // forces the use of the provided key - "-p", "{{boundary.port}}", // this is provided by boundary - "{{boundary.ip}}", - "hostname", "-i", - ), - ) - require.NoError(t, output.Err, string(output.Stderr)) - - parts := strings.Fields(string(output.Stdout)) - hostIp := parts[len(parts)-1] - t.Log("Successfully connected to the target") - - // Check if connected host exists in the host set - var targetIps []string - err = json.Unmarshal([]byte(c.GcpHostSetIps), &targetIps) - require.NoError(t, err) - hostIpInList := false - for _, v := range targetIps { - if v == hostIp { - hostIpInList = true - } - } - require.True(t, hostIpInList, fmt.Sprintf("Connected host (%s) is not in expected list (%s)", hostIp, targetIps)) -} - -// TestApiCreateGcpDynamicHostCatalog uses the Go api to create a host catalog with the GCP plugin. -// The test sets up an GCP dynamic host catalog, creates a host set, and sets up a target to the -// host set. -func TestApiCreateGCPDynamicHostCatalog(t *testing.T) { - e2e.MaybeSkipTest(t) - c, err := loadTestConfig() - require.NoError(t, err) - - client, err := boundary.NewApiClient() - require.NoError(t, err) - ctx := context.Background() - - orgId, err := boundary.CreateOrgApi(t, ctx, client) - require.NoError(t, err) - t.Cleanup(func() { - scopeClient := scopes.NewClient(client) - _, err := scopeClient.Delete(ctx, orgId) - require.NoError(t, err) - }) - projectId, err := boundary.CreateProjectApi(t, ctx, client, orgId) - require.NoError(t, err) - - // Create a dynamic host catalog - hcClient := hostcatalogs.NewClient(client) - newHostCatalogResult, err := hcClient.Create(ctx, "plugin", projectId, - hostcatalogs.WithName("e2e Automated Test Host Catalog"), - hostcatalogs.WithPluginName("gcp"), - hostcatalogs.WithAttributes(map[string]any{ - "disable_credential_rotation": true, - "project_id": c.GcpProjectId, - "client_email": c.GcpClientEmail, - "zone": c.GcpZone, - }), - hostcatalogs.WithSecrets(map[string]any{ - "private_key_id": c.GcpPrivateKeyId, - "private_key": c.GcpPrivateKey, - }), - ) - require.NoError(t, err) - newHostCatalogId := newHostCatalogResult.Item.Id - t.Logf("Created Host Catalog: %s", newHostCatalogId) - - // Create a host set and add to catalog - hsClient := hostsets.NewClient(client) - newHostSetResult, err := hsClient.Create(ctx, newHostCatalogId, - hostsets.WithAttributes(map[string]any{ - "filters": c.GcpHostSetFilter1, - }), - hostsets.WithName("e2e Automated Test Host Set"), - ) - require.NoError(t, err) - newHostSetId := newHostSetResult.Item.Id - t.Logf("Created Host Set: %s", newHostSetId) - - // Get list of hosts in host set - // Retry is needed here since it can take a few tries before hosts start appearing - t.Logf("Looking for items in the host set...") - var actualHostSetCount int - err = backoff.RetryNotify( - func() error { - hostSetReadResult, err := hsClient.Read(ctx, newHostSetId) - if err != nil { - return backoff.Permanent(err) - } - - actualHostSetCount = len(hostSetReadResult.Item.HostIds) - if actualHostSetCount == 0 { - return errors.New("No items are appearing in the host set") - } - - t.Logf("Found %d hosts", actualHostSetCount) - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) - }, - ) - require.NoError(t, err) - t.Log("Successfully found items in the host set") - assert.Equal(t, 1, actualHostSetCount, "Numbers of hosts in host set did not match expected amount") - - // Get list of all hosts from host catalog - // Retry is needed here since it can take a few tries before hosts start appearing - t.Logf("Looking for items in the host catalog...") - var actualHostCatalogCount int - hClient := hosts.NewClient(client) - err = backoff.RetryNotify( - func() error { - hostListResult, err := hClient.List(ctx, newHostCatalogId) - if err != nil { - return backoff.Permanent(err) - } - - actualHostCatalogCount = len(hostListResult.Items) - if actualHostCatalogCount == 0 { - return errors.New("No items are appearing in the host catalog") - } - - t.Logf("Found %d hosts", actualHostCatalogCount) - return nil - }, - backoff.WithMaxRetries(backoff.NewConstantBackOff(3*time.Second), 5), - func(err error, td time.Duration) { - t.Logf("%s. Retrying...", err.Error()) - }, - ) - require.NoError(t, err) - t.Log("Successfully found items in the host catalog") - assert.Equal(t, 1, actualHostCatalogCount, "Numbers of hosts in host catalog did not match expected amount") -} diff --git a/testing/internal/e2e/tests/gcp/env_test.go b/testing/internal/e2e/tests/gcp/env_test.go deleted file mode 100644 index 4df85fa915..0000000000 --- a/testing/internal/e2e/tests/gcp/env_test.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: BUSL-1.1 - -package gcp_test - -import "github.com/kelseyhightower/envconfig" - -type config struct { - GcpPrivateKeyId string `envconfig:"E2E_GCP_PRIVATE_KEY_ID" required:"true"` - GcpPrivateKey string `envconfig:"E2E_GCP_PRIVATE_KEY" required:"true"` - GcpZone string `envconfig:"E2E_GCP_ZONE" required:"true"` // e.g. "us-central1-a" - GcpProjectId string `envconfig:"E2E_GCP_PROJECT_ID" required:"true"` // e.g. "my-project" - GcpClientEmail string `envconfig:"E2E_GCP_CLIENT_EMAIL" required:"true"` - GcpHostSetFilter1 string `envconfig:"E2E_GCP_HOST_SET_FILTER1" required:"true"` - GcpHostSetFilter2 string `envconfig:"E2E_GCP_HOST_SET_FILTER2" required:"true"` - GcpHostSetIps string `envconfig:"E2E_GCP_HOST_SET_IPS" required:"true"` - GcpTargetSshKey string `envconfig:"E2E_GCP_TARGET_SSH_KEY" required:"true"` - GcpTargetAddress string `envconfig:"E2E_TARGET_ADDRESS" required:"true"` // e.g. "192.168.0.1" - GcpTargetSshUser string `envconfig:"E2E_SSH_USER" required:"true"` // e.g. "ubuntu" - GcpTargetPort string `envconfig:"E2E_TARGET_PORT" required:"true"` // e.g. "22" -} - -func loadTestConfig() (*config, error) { - var c config - err := envconfig.Process("", &c) - if err != nil { - return nil, err - } - - return &c, nil -} diff --git a/version/VERSION b/version/VERSION index 3f46c4d182..47d04a5288 100644 --- a/version/VERSION +++ b/version/VERSION @@ -1 +1 @@ -0.19.0 \ No newline at end of file +0.18.0 \ No newline at end of file