Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package google-osconfig-agent for
openSUSE:Factory checked in at 2025-09-16 18:19:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/google-osconfig-agent (Old)
and /work/SRC/openSUSE:Factory/.google-osconfig-agent.new.1977 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "google-osconfig-agent"
Tue Sep 16 18:19:42 2025 rev:42 rq:1305177 version:20250902.01
Changes:
--------
---
/work/SRC/openSUSE:Factory/google-osconfig-agent/google-osconfig-agent.changes
2025-08-12 17:06:01.166881954 +0200
+++
/work/SRC/openSUSE:Factory/.google-osconfig-agent.new.1977/google-osconfig-agent.changes
2025-09-16 18:20:43.308964917 +0200
@@ -1,0 +2,21 @@
+Tue Sep 16 12:12:32 UTC 2025 - John Paul Adrian Glaubitz
<[email protected]>
+
+- Update to version 20250902.01
+ * Bump github.com/googleapis/enterprise-certificate-proxy (#829)
+- from version 20250902.00
+ * update github.com/go-jose/go-jose/v4 (#869)
+ * Upgrade scalibr and other deps (#866)
+- from version 20250901.00
+ * Fix possibility of path traversal for zip and tar archival (#868)
+- from version 20250825.00
+ * set CODEOWNERS file as required by org (#863)
+- from version 20250819.00
+ * Fix/rhel10 build centos image (#860)
+- from version 20250814.00
+ * Fix/rhel10 build image (#859)
+- from version 20250813.00
+ * Fix: Add RHEL 10 support to RPM startup script (#858)
+- from version 20250811.00
+ * Remove old/sles-15-sp4-sap as image is deprecated (#857)
+
+-------------------------------------------------------------------
Old:
----
osconfig-20250729.00.tar.gz
New:
----
osconfig-20250902.01.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ google-osconfig-agent.spec ++++++
--- /var/tmp/diff_new_pack.clIz0o/_old 2025-09-16 18:20:45.561059691 +0200
+++ /var/tmp/diff_new_pack.clIz0o/_new 2025-09-16 18:20:45.581060533 +0200
@@ -24,7 +24,7 @@
%global import_path %{provider_prefix}
Name: google-osconfig-agent
-Version: 20250729.00
+Version: 20250902.01
Release: 0
Summary: Google Cloud Guest Agent
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.clIz0o/_old 2025-09-16 18:20:45.973077030 +0200
+++ /var/tmp/diff_new_pack.clIz0o/_new 2025-09-16 18:20:46.009078546 +0200
@@ -3,8 +3,8 @@
<param name="url">https://github.com/GoogleCloudPlatform/osconfig</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="versionformat">20250729.00</param>
- <param name="revision">20250729.00</param>
+ <param name="versionformat">20250902.01</param>
+ <param name="revision">20250902.01</param>
<param name="changesgenerate">enable</param>
</service>
<service name="recompress" mode="disabled">
@@ -15,7 +15,7 @@
<param name="basename">osconfig</param>
</service>
<service name="go_modules" mode="disabled">
- <param name="archive">osconfig-20250729.00.tar.gz</param>
+ <param name="archive">osconfig-20250902.01.tar.gz</param>
</service>
</services>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.clIz0o/_old 2025-09-16 18:20:46.217087299 +0200
+++ /var/tmp/diff_new_pack.clIz0o/_new 2025-09-16 18:20:46.257088982 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/GoogleCloudPlatform/osconfig</param>
- <param
name="changesrevision">6d3741d26882e1585233a875d67f466904b2ba0c</param></service></servicedata>
+ <param
name="changesrevision">8b93921c4a641333548ff98eda2e8d71356850cb</param></service></servicedata>
(No newline at EOF)
++++++ osconfig-20250729.00.tar.gz -> osconfig-20250902.01.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/CODEOWNERS
new/osconfig-20250902.01/CODEOWNERS
--- old/osconfig-20250729.00/CODEOWNERS 1970-01-01 01:00:00.000000000 +0100
+++ new/osconfig-20250902.01/CODEOWNERS 2025-09-02 16:24:05.000000000 +0200
@@ -0,0 +1,4 @@
+@burov
+@ekremenetskii
+@paulinakania
+@zoltak-g
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/agentconfig/agentconfig.go
new/osconfig-20250902.01/agentconfig/agentconfig.go
--- old/osconfig-20250729.00/agentconfig/agentconfig.go 2025-07-29
12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/agentconfig/agentconfig.go 2025-09-02
16:24:05.000000000 +0200
@@ -213,7 +213,7 @@
}
type universeJSON struct {
- UniverseDomain string `json:"universe-domain"`
+ UniverseDomain string `json:"universeDomain"`
}
type attributesJSON struct {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/agentconfig/agentconfig_test.go
new/osconfig-20250902.01/agentconfig/agentconfig_test.go
--- old/osconfig-20250729.00/agentconfig/agentconfig_test.go 2025-07-29
12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/agentconfig/agentconfig_test.go 2025-09-02
16:24:05.000000000 +0200
@@ -233,7 +233,7 @@
fmt.Fprintln(w, `{"instance": {"id": 12345,"name":
"name","zone": "fakezone","attributes": {"osconfig-endpoint":
"{zone}-dev.osconfig.googleapis.com"}}}`)
case 1:
w.Header().Set("Etag", "etag-1")
- fmt.Fprintln(w, `{"universe": {"universe-domain":
"domain.com"}, "instance": {"id": 12345,"name": "name","zone":
"fakezone","attributes": {"osconfig-endpoint":
"{zone}-dev.osconfig.googleapis.com"}}}`)
+ fmt.Fprintln(w, `{"universe": {"universeDomain":
"domain.com"}, "instance": {"id": 12345,"name": "name","zone":
"fakezone","attributes": {"osconfig-endpoint":
"{zone}-dev.osconfig.googleapis.com"}}}`)
}
}))
defer ts.Close()
@@ -277,7 +277,7 @@
switch request {
case 0:
w.Header().Set("Etag", "etag-0")
- fmt.Fprintln(w, `{"universe":{"universe-domain":
"domain.com"}}`)
+ fmt.Fprintln(w, `{"universe":{"universeDomain":
"domain.com"}}`)
case 1:
w.Header().Set("Etag", "etag-1")
fmt.Fprintln(w, `{"instance": {"zone": "fake-zone"}}`)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/e2e_tests/utils/utils.go
new/osconfig-20250902.01/e2e_tests/utils/utils.go
--- old/osconfig-20250729.00/e2e_tests/utils/utils.go 2025-07-29
12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/e2e_tests/utils/utils.go 2025-09-02
16:24:05.000000000 +0200
@@ -382,9 +382,7 @@
// TODO: enable SUSE tests to use testing pkgs after Artifact Registry
supports zypper installation from private repos
if config.AgentRepo() != "testing" {
- imgsMap = map[string]string{
- "old/sles-15-sp4-sap":
"projects/suse-sap-cloud/global/images/sles-15-sp4-sap",
- }
+ imgsMap = map[string]string{}
}
return imgsMap
}()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/go.mod
new/osconfig-20250902.01/go.mod
--- old/osconfig-20250729.00/go.mod 2025-07-29 12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/go.mod 2025-09-02 16:24:05.000000000 +0200
@@ -14,18 +14,18 @@
github.com/go-ole/go-ole v1.3.0
github.com/golang/mock v1.6.0
github.com/google/go-cmp v0.7.0
- github.com/google/osv-scalibr v0.2.0
+ github.com/google/osv-scalibr v0.2.1
github.com/kr/pretty v0.3.1
github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07
- github.com/ulikunitz/xz v0.5.12
+ github.com/ulikunitz/xz v0.5.15
golang.org/x/crypto v0.38.0
golang.org/x/oauth2 v0.27.0
golang.org/x/sys v0.33.0
google.golang.org/api v0.214.0
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697
- google.golang.org/genproto/googleapis/rpc
v0.0.0-20241209162323-e6fa225c2576
- google.golang.org/grpc v1.70.0
- google.golang.org/protobuf v1.36.5
+ google.golang.org/genproto/googleapis/rpc
v0.0.0-20250218202821-56aae31c358a
+ google.golang.org/grpc v1.72.0
+ google.golang.org/protobuf v1.36.6
)
require (
@@ -46,14 +46,14 @@
github.com/AdamKorcz/go-118-fuzz-build
v0.0.0-20230306123547-8075edf89bb0 // indirect
github.com/BurntSushi/toml v1.3.2 // indirect
github.com/CycloneDX/cyclonedx-go v0.9.0 // indirect
-
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.25.0 // indirect
+
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.26.0 // indirect
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric
v0.49.0 // indirect
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping
v0.49.0 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/Microsoft/hcsshim v0.11.7 // indirect
github.com/anchore/go-struct-converter
v0.0.0-20230627203149-c72ef8859ca9 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
- github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78 // indirect
+ github.com/cncf/xds/go v0.0.0-20250121191232-2f005788dc42 // indirect
github.com/containerd/cgroups v1.1.0 // indirect
github.com/containerd/containerd v1.7.27 // indirect
github.com/containerd/containerd/api v1.8.0 // indirect
@@ -70,18 +70,20 @@
github.com/distribution/reference v0.6.0 // indirect
github.com/docker/cli v25.0.3+incompatible // indirect
github.com/docker/distribution v2.8.3+incompatible // indirect
- github.com/docker/docker v25.0.6+incompatible // indirect
+ github.com/docker/docker v28.0.4+incompatible // indirect
github.com/docker/docker-credential-helpers v0.8.1 // indirect
+ github.com/docker/go-connections v0.4.0 // indirect
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c //
indirect
+ github.com/docker/go-units v0.5.0 // indirect
github.com/edsrzf/mmap-go v1.1.0 // indirect
- github.com/envoyproxy/go-control-plane/envoy v1.32.3 // indirect
- github.com/envoyproxy/go-control-plane/ratelimit v0.1.0 // indirect
+ github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect
github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
github.com/erikvarga/go-rpmdb v0.0.0-20240208180226-b97e041ef9af //
indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
github.com/go-git/go-billy/v5 v5.6.2 // indirect
github.com/go-git/go-git/v5 v5.14.0 // indirect
+ github.com/go-jose/go-jose/v4 v4.0.5 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/gobwas/glob v0.2.3 // indirect
@@ -92,7 +94,7 @@
github.com/google/go-containerregistry v0.19.1 // indirect
github.com/google/s2a-go v0.1.9 // indirect
github.com/google/uuid v1.6.0 // indirect
- github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
+ github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
github.com/googleapis/gax-go/v2 v2.14.0 // indirect
github.com/groob/plist v0.1.1 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 //
indirect
@@ -101,6 +103,7 @@
github.com/kr/text v0.2.0 // indirect
github.com/mattn/go-sqlite3 v1.14.28 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
+ github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/moby/locker v1.0.1 // indirect
github.com/moby/sys/mountinfo v0.6.2 // indirect
github.com/moby/sys/sequential v0.5.0 // indirect
@@ -121,16 +124,18 @@
github.com/sirupsen/logrus v1.9.3 // indirect
github.com/spdx/gordf v0.0.0-20221230105357-b735bd5aac89 // indirect
github.com/spdx/tools-golang v0.5.3 // indirect
+ github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect
github.com/tidwall/gjson v1.18.0 // indirect
github.com/tidwall/jsonc v0.3.2 // indirect
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/pretty v1.2.0 // indirect
github.com/vbatts/tar-split v0.11.5 // indirect
+ github.com/zeebo/errs v1.4.0 // indirect
go.chromium.org/luci v0.0.0-20201204084249-3e81ee3e83fe // indirect
go.etcd.io/bbolt v1.3.10 // indirect
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
- go.opentelemetry.io/contrib/detectors/gcp v1.32.0 // indirect
+ go.opentelemetry.io/contrib/detectors/gcp v1.34.0 // indirect
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.57.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0
// indirect
go.opentelemetry.io/otel v1.35.0 // indirect
@@ -139,14 +144,13 @@
go.opentelemetry.io/otel/sdk/metric v1.35.0 // indirect
go.opentelemetry.io/otel/trace v1.35.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
- golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
golang.org/x/mod v0.21.0 // indirect
golang.org/x/net v0.40.0 // indirect
golang.org/x/sync v0.14.0 // indirect
golang.org/x/text v0.25.0 // indirect
golang.org/x/time v0.12.0 // indirect
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
- google.golang.org/genproto/googleapis/api
v0.0.0-20241202173237-19429a94021a // indirect
+ google.golang.org/genproto/googleapis/api
v0.0.0-20250218202821-56aae31c358a // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/go.sum
new/osconfig-20250902.01/go.sum
--- old/osconfig-20250729.00/go.sum 2025-07-29 12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/go.sum 2025-09-02 16:24:05.000000000 +0200
@@ -74,6 +74,8 @@
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod
h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0
h1:59MxjQVfjXsBpLy+dbd2/ELV5ofnUkUZBvWSC85sheA=
github.com/AdamKorcz/go-118-fuzz-build
v0.0.0-20230306123547-8075edf89bb0/go.mod
h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU=
+github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c
h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg=
+github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod
h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
github.com/BurntSushi/toml v0.3.1/go.mod
h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/toml v1.3.2
h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8=
github.com/BurntSushi/toml v1.3.2/go.mod
h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
@@ -82,8 +84,8 @@
github.com/CycloneDX/cyclonedx-go v0.9.0/go.mod
h1:NE/EWvzELOFlG6+ljX/QeMlVt9VKcTwu8u0ccsACEsw=
github.com/GoogleCloudPlatform/guest-logging-go
v0.0.0-20221216194522-f549ad6a1730
h1:l4Hin8i/7I1R0cvWBP+z6JdRxU4yJWFbcXvJ8mKKC70=
github.com/GoogleCloudPlatform/guest-logging-go
v0.0.0-20221216194522-f549ad6a1730/go.mod
h1:3F/urXs15KEI7RBGoOsK9/jCCJPBKHxyZH/Nzc7uldo=
-github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.25.0 h1:3c8yed4lgqTt+oTQ+JNMDo+F4xprBf+O/il4ZC0nRLw=
-github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.25.0/go.mod h1:obipzmGjfSjam60XLwGfqUkJsfiheAl+TUjG+4yzyPM=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.26.0 h1:f2Qw/Ehhimh5uO1fayV0QIW7DShEQqhtUfhYc+cBPlw=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.26.0/go.mod h1:2bIszWvQRlJVmJLiuLhukLImRjKPcYdzzsx6darK02A=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric
v0.49.0 h1:o90wcURuxekmXrtxmYWTyNla0+ZEHhud6DI1ZTxd1vI=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric
v0.49.0/go.mod h1:6fTWu4m3jocfUZLYF5KsZC1TUfRvEjs7lM4crme/irw=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/cloudmock
v0.49.0 h1:jJKWl98inONJAr/IZrdFQUWcwUO95DLY1XMD1ZIut+g=
@@ -104,6 +106,8 @@
github.com/beevik/etree v1.1.0/go.mod
h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
github.com/bradleyjkemp/cupaloy/v2 v2.8.0
h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M=
github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod
h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0=
+github.com/cenkalti/backoff/v4 v4.2.1
h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
+github.com/cenkalti/backoff/v4 v4.2.1/go.mod
h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod
h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/cespare/xxhash/v2 v2.3.0
h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod
h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
@@ -112,8 +116,8 @@
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod
h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
github.com/client9/misspell v0.3.4/go.mod
h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod
h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78
h1:QVw89YDxXxEe+l8gU8ETbOasdwEV+avkR75ZzsVV9WI=
-github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78/go.mod
h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8=
+github.com/cncf/xds/go v0.0.0-20250121191232-2f005788dc42
h1:Om6kYQYDUk5wWbT0t0q6pvyM49i9XZAv9dDrkDA7gjk=
+github.com/cncf/xds/go v0.0.0-20250121191232-2f005788dc42/go.mod
h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8=
github.com/containerd/cgroups v1.1.0
h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM=
github.com/containerd/cgroups v1.1.0/go.mod
h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw=
github.com/containerd/containerd v1.7.27
h1:yFyEyojddO3MIGVER2xJLWoCIn+Up4GaHFquP7hsFII=
@@ -149,12 +153,16 @@
github.com/docker/cli v25.0.3+incompatible/go.mod
h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/distribution v2.8.3+incompatible
h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
github.com/docker/distribution v2.8.3+incompatible/go.mod
h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v25.0.6+incompatible
h1:5cPwbwriIcsua2REJe8HqQV+6WlWc1byg2QSXzBxBGg=
-github.com/docker/docker v25.0.6+incompatible/go.mod
h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v28.0.4+incompatible
h1:JNNkBctYKurkw6FrHfKqY0nKIDf5nrbxjVBtS+cdcok=
+github.com/docker/docker v28.0.4+incompatible/go.mod
h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker-credential-helpers v0.8.1
h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo=
github.com/docker/docker-credential-helpers v0.8.1/go.mod
h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
+github.com/docker/go-connections v0.4.0
h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
+github.com/docker/go-connections v0.4.0/go.mod
h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c
h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8=
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod
h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
+github.com/docker/go-units v0.5.0
h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
+github.com/docker/go-units v0.5.0/go.mod
h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
github.com/dustin/go-humanize v1.0.1
h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
github.com/dustin/go-humanize v1.0.1/go.mod
h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
github.com/edsrzf/mmap-go v1.1.0
h1:6EUwBLQ/Mcr1EYLE4Tn1VdW1A4ckqCQWZBw8Hr0kjpQ=
@@ -164,8 +172,8 @@
github.com/envoyproxy/go-control-plane v0.9.4/go.mod
h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/go-control-plane v0.13.4
h1:zEqyPVyku6IvWCFwux4x9RxkLOMUL+1vC9xUFv5l2/M=
github.com/envoyproxy/go-control-plane v0.13.4/go.mod
h1:kDfuBlDVsSj2MjrLEtRWtHlsWIFcGyB2RMO44Dc5GZA=
-github.com/envoyproxy/go-control-plane/envoy v1.32.3
h1:hVEaommgvzTjTd4xCaFd+kEQ2iYBtGxP6luyLrx6uOk=
-github.com/envoyproxy/go-control-plane/envoy v1.32.3/go.mod
h1:F6hWupPfh75TBXGKA++MCT/CZHFq5r9/uwt/kQYkZfE=
+github.com/envoyproxy/go-control-plane/envoy v1.32.4
h1:jb83lalDRZSpPWW2Z7Mck/8kXZ5CQAFYVjQcdVIr83A=
+github.com/envoyproxy/go-control-plane/envoy v1.32.4/go.mod
h1:Gzjc5k8JcJswLjAx1Zm+wSYE20UrLtt7JZMWiWQXQEw=
github.com/envoyproxy/go-control-plane/ratelimit v0.1.0
h1:/G9QYbddjL25KvtKTv3an9lx6VBE2cnb8wp1vEGNYGI=
github.com/envoyproxy/go-control-plane/ratelimit v0.1.0/go.mod
h1:Wk+tMFAFbCXaJPzVVHnPgRKdUdwW/KdbRt94AzgRee4=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod
h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
@@ -186,6 +194,8 @@
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod
h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod
h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod
h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
+github.com/go-jose/go-jose/v4 v4.0.5
h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE=
+github.com/go-jose/go-jose/v4 v4.0.5/go.mod
h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA=
github.com/go-logr/logr v1.2.2/go.mod
h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
github.com/go-logr/logr v1.4.2/go.mod
h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
@@ -198,6 +208,8 @@
github.com/gobwas/glob v0.2.3/go.mod
h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod
h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/gohugoio/hashstructure v0.5.0
h1:G2fjSBU36RdwEJBWJ+919ERvOVqAg9tfcYp47K9swqg=
+github.com/gohugoio/hashstructure v0.5.0/go.mod
h1:Ser0TniXuu/eauYmrwM4o64EBvySxNzITEOLlm4igec=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod
h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/glog v1.2.4 h1:CNNw5U8lSiiBk7druxtSHHTsRWcxKoac6kZKm2peBBc=
github.com/golang/glog v1.2.4/go.mod
h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w=
@@ -248,13 +260,15 @@
github.com/google/go-cmp v0.7.0/go.mod
h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/go-containerregistry v0.19.1
h1:yMQ62Al6/V0Z7CqIrrS1iYoA5/oQCm88DeNujc7C1KY=
github.com/google/go-containerregistry v0.19.1/go.mod
h1:YCMFNQeeXeLF+dnhhWkqDItx/JSkH01j1Kis4PsjzFI=
+github.com/google/go-cpy v0.0.0-20211218193943-a9c933c06932
h1:5/4TSDzpDnHQ8rKEEQBjRlYx77mHOvXu08oGchxej7o=
+github.com/google/go-cpy v0.0.0-20211218193943-a9c933c06932/go.mod
h1:cC6EdPbj/17GFCPDK39NRarlMI+kt+O60S12cNB5J9Y=
github.com/google/go-querystring v1.0.0/go.mod
h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
github.com/google/martian v2.1.0+incompatible
h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no=
github.com/google/martian v2.1.0+incompatible/go.mod
h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.3.3
h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
github.com/google/martian/v3 v3.3.3/go.mod
h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
-github.com/google/osv-scalibr v0.2.0
h1:nzekkAmZXIeNnLN+saBX6jJ5nzTCP/jVgU/zqyYIWEc=
-github.com/google/osv-scalibr v0.2.0/go.mod
h1:dipibNd3fpUxqJTeh76c4yS5feBa+CGLxytd77K6Ja0=
+github.com/google/osv-scalibr v0.2.1
h1:d1SpwzXfNiRafUMNpei3tQg8dDLSWe7JAPNEHxhzxDk=
+github.com/google/osv-scalibr v0.2.1/go.mod
h1:gTmbCPgh9ooYnU55N32qPxHgFubkxgiDxsoCAMQc2Nc=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod
h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod
h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod
h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
@@ -268,8 +282,8 @@
github.com/google/uuid v1.1.2/go.mod
h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod
h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/googleapis/enterprise-certificate-proxy v0.3.4
h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw=
-github.com/googleapis/enterprise-certificate-proxy v0.3.4/go.mod
h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA=
+github.com/googleapis/enterprise-certificate-proxy v0.3.6
h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4=
+github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod
h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod
h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gax-go/v2 v2.0.5/go.mod
h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
github.com/googleapis/gax-go/v2 v2.14.0
h1:f+jMrjBPl+DL9nI4IQzLUxMq7XrAqFYB7hBPqMNIe8o=
@@ -280,6 +294,8 @@
github.com/gorilla/sessions v1.2.0/go.mod
h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
github.com/groob/plist v0.1.1 h1:JUsmXVPGJ0HqG4Ta1z3HYbO0XwOHsgc0PqahpvgU5Q0=
github.com/groob/plist v0.1.1/go.mod
h1:itkABA+w2cw7x5nYUS/pLRef6ludkZKOigbROmCTaFw=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0
h1:YBftPWNWd4WwGqtY2yeZL2ef8rHAxPBD8KFhJpmcqms=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod
h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg=
github.com/hashicorp/golang-lru v0.5.0/go.mod
h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1/go.mod
h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.3/go.mod
h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
@@ -310,6 +326,8 @@
github.com/mattn/go-sqlite3 v1.14.28/go.mod
h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/mitchellh/go-homedir v1.1.0
h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
github.com/mitchellh/go-homedir v1.1.0/go.mod
h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/moby/docker-image-spec v1.3.1
h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
+github.com/moby/docker-image-spec v1.3.1/go.mod
h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg=
github.com/moby/locker v1.0.1/go.mod
h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc=
github.com/moby/sys/mountinfo v0.6.2
h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78=
@@ -322,6 +340,12 @@
github.com/moby/sys/user v0.3.0/go.mod
h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs=
github.com/moby/sys/userns v0.1.0
h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g=
github.com/moby/sys/userns v0.1.0/go.mod
h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28=
+github.com/moby/term v0.0.0-20221205130635-1aeaba878587
h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA=
+github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod
h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw=
+github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod
h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
+github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
+github.com/morikuni/aec v1.0.0/go.mod
h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
github.com/opencontainers/go-digest v1.0.0
h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod
h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.1.0
h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
@@ -369,6 +393,8 @@
github.com/spdx/gordf v0.0.0-20221230105357-b735bd5aac89/go.mod
h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM=
github.com/spdx/tools-golang v0.5.3
h1:ialnHeEYUC4+hkm5vJm4qz2x+oEJbS0mAMFrNXdQraY=
github.com/spdx/tools-golang v0.5.3/go.mod
h1:/ETOahiAo96Ob0/RAIBmFZw6XN0yTnyr/uFZm2NTMhI=
+github.com/spiffe/go-spiffe/v2 v2.5.0
h1:N2I01KCUkv1FAjZXJMwh95KK1ZIQLYbPfhaxw8WS0hE=
+github.com/spiffe/go-spiffe/v2 v2.5.0/go.mod
h1:P+NxobPc6wXhVtINNtFjNWGBTreew1GBUCwT2wPmb7g=
github.com/stretchr/objx v0.1.0/go.mod
h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod
h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod
h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@@ -393,8 +419,8 @@
github.com/tidwall/match v1.1.1/go.mod
h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
github.com/tidwall/pretty v1.2.0
h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
github.com/tidwall/pretty v1.2.0/go.mod
h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
-github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
-github.com/ulikunitz/xz v0.5.12/go.mod
h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
+github.com/ulikunitz/xz v0.5.15 h1:9DNdB5s+SgV3bQ2ApL10xRc35ck0DuIX/isZvIk+ubY=
+github.com/ulikunitz/xz v0.5.15/go.mod
h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/urfave/cli/v2 v2.2.0/go.mod
h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ=
github.com/vbatts/tar-split v0.11.5
h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts=
github.com/vbatts/tar-split v0.11.5/go.mod
h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk=
@@ -409,6 +435,8 @@
github.com/yuin/goldmark v1.2.1/go.mod
h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.3.5/go.mod
h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
github.com/yuin/goldmark v1.4.13/go.mod
h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+github.com/zeebo/errs v1.4.0 h1:XNdoD/RRMKP7HD0UhJnIzUy74ISdGGxURlYG8HSWSfM=
+github.com/zeebo/errs v1.4.0/go.mod
h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4=
go.chromium.org/luci v0.0.0-20200722211809-bab0c30be68b/go.mod
h1:MIQewVTLvOvc0UioV0JNqTNO/RspKFS0XEeoKrOxsdM=
go.chromium.org/luci v0.0.0-20201204084249-3e81ee3e83fe
h1:qIWCxSxxiH4294whxeqOxsQ9KaW7CW0gGa3tqluP2NA=
go.chromium.org/luci v0.0.0-20201204084249-3e81ee3e83fe/go.mod
h1:MIQewVTLvOvc0UioV0JNqTNO/RspKFS0XEeoKrOxsdM=
@@ -423,14 +451,18 @@
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
go.opentelemetry.io/auto/sdk v1.1.0
h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
go.opentelemetry.io/auto/sdk v1.1.0/go.mod
h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
-go.opentelemetry.io/contrib/detectors/gcp v1.32.0
h1:P78qWqkLSShicHmAzfECaTgvslqHxblNE9j62Ws1NK8=
-go.opentelemetry.io/contrib/detectors/gcp v1.32.0/go.mod
h1:TVqo0Sda4Cv8gCIixd7LuLwW4EylumVWfhjZJjDD4DU=
+go.opentelemetry.io/contrib/detectors/gcp v1.34.0
h1:JRxssobiPg23otYU5SbWtQC//snGVIM3Tx6QRzlQBao=
+go.opentelemetry.io/contrib/detectors/gcp v1.34.0/go.mod
h1:cV4BMFcscUR/ckqLkbfQmF0PRsq8w/lMGzdbCSveBHo=
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.57.0 h1:qtFISDHKolvIxzSs0gIaiPUPR0Cucb0F2coHC7ZLdps=
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.57.0/go.mod h1:Y+Pop1Q6hCOnETWTW4NROK/q1hv50hM7yDaUTjG8lp8=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0
h1:DheMAlT6POBP+gh8RUH19EOTnQIor5QE0uSRPtzCpSw=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0/go.mod
h1:wZcGmeVO9nzP67aYSLDqXNWK87EZWhi7JWj1v7ZXf94=
go.opentelemetry.io/otel v1.35.0
h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ=
go.opentelemetry.io/otel v1.35.0/go.mod
h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0
h1:Mne5On7VWdx7omSrSSZvM4Kw7cS7NQkOOmLcgscI51U=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0/go.mod
h1:IPtUMKL4O3tH5y+iXVyAXqpAwMuzC1IrxVS81rummfE=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0
h1:IeMeyr1aBvBiPVYihXIaeIZba6b8E1bYp7lbdxK8CQg=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0/go.mod
h1:oVdCUtjq9MK9BlS7TtucsQwUcXcymNiEDjgDD2jMtZU=
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.29.0
h1:WDdP9acbMYjbKIyJUhTvtzj601sVJOqgWdUxSdR/Ysc=
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.29.0/go.mod
h1:BLbf7zbNIONBLPwvFnwNHGj4zge8uTCM/UPIVW1Mq2I=
go.opentelemetry.io/otel/metric v1.35.0
h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
@@ -441,6 +473,8 @@
go.opentelemetry.io/otel/sdk/metric v1.35.0/go.mod
h1:is6XYCUMpcKi+ZsOvfluY5YstFnhW0BidkR+gL+qN+w=
go.opentelemetry.io/otel/trace v1.35.0
h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs=
go.opentelemetry.io/otel/trace v1.35.0/go.mod
h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
+go.opentelemetry.io/proto/otlp v1.0.0
h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I=
+go.opentelemetry.io/proto/otlp v1.0.0/go.mod
h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod
h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod
h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
@@ -464,8 +498,6 @@
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod
h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod
h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod
h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56
h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod
h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod
h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod
h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod
h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -701,10 +733,10 @@
google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod
h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697
h1:ToEetK57OidYuqD4Q5w+vfEnPvPpuTwedCNVohYJfNk=
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697/go.mod
h1:JJrvXBWRZaFMxBufik1a4RpFw4HhgVtBBWQeQgUj2cc=
-google.golang.org/genproto/googleapis/api v0.0.0-20241202173237-19429a94021a
h1:OAiGFfOiA0v9MRYsSidp3ubZaBnteRUyn3xB2ZQ5G/E=
-google.golang.org/genproto/googleapis/api
v0.0.0-20241202173237-19429a94021a/go.mod
h1:jehYqy3+AhJU9ve55aNOaSml7wUXjF9x6z2LcCfpAhY=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576
h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY=
-google.golang.org/genproto/googleapis/rpc
v0.0.0-20241209162323-e6fa225c2576/go.mod
h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
+google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a
h1:nwKuGPlUAt+aR+pcrkfFRrTU1BVrSmYyYMxYbUIVHr0=
+google.golang.org/genproto/googleapis/api
v0.0.0-20250218202821-56aae31c358a/go.mod
h1:3kWAYMk1I75K4vykHtKt2ycnOgpA6974V7bREqbsenU=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a
h1:51aaUVRocpvUOSQKM6Q7VuoaktNIaMCLuhZB6DKksq4=
+google.golang.org/genproto/googleapis/rpc
v0.0.0-20250218202821-56aae31c358a/go.mod
h1:uRxBH1mhmO8PGhU89cMcHaXKZqO+OfakD8QQO0oYwlQ=
google.golang.org/grpc v1.19.0/go.mod
h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.20.1/go.mod
h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
google.golang.org/grpc v1.21.1/go.mod
h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
@@ -717,8 +749,8 @@
google.golang.org/grpc v1.28.0/go.mod
h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
google.golang.org/grpc v1.29.1/go.mod
h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
google.golang.org/grpc v1.33.2/go.mod
h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.70.0 h1:pWFv03aZoHzlRKHWicjsZytKAiYCtNS0dHbXnIdq7jQ=
-google.golang.org/grpc v1.70.0/go.mod
h1:ofIJqVKDXx/JiXrwr2IG4/zwdH9txy3IlF40RmcJSQw=
+google.golang.org/grpc v1.72.0 h1:S7UkcVa60b5AAQTaO6ZKamFp1zMZSU0fGDK2WZLbBnM=
+google.golang.org/grpc v1.72.0/go.mod
h1:wH5Aktxcg25y1I3w7H69nHfXdOG3UiadoBtjh3izSDM=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod
h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod
h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod
h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
@@ -731,8 +763,8 @@
google.golang.org/protobuf v1.25.0/go.mod
h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.26.0-rc.1/go.mod
h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.27.1/go.mod
h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.36.5
h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
-google.golang.org/protobuf v1.36.5/go.mod
h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.6
h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
+google.golang.org/protobuf v1.36.6/go.mod
h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/main.go
new/osconfig-20250902.01/main.go
--- old/osconfig-20250729.00/main.go 2025-07-29 12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/main.go 2025-09-02 16:24:05.000000000 +0200
@@ -98,7 +98,7 @@
func run(ctx context.Context) {
// Setup logging.
- opts := logger.LogOpts{LoggerName: "OSConfigAgent", UserAgent:
agentconfig.UserAgent(), DisableLocalLogging:
agentconfig.DisableLocalLogging(), DisableCloudLogging:
agentconfig.DisableCloudLogging()}
+ opts := logger.LogOpts{LoggerName: "OSConfigAgent", UserAgent:
agentconfig.UserAgent(), DisableLocalLogging: agentconfig.DisableLocalLogging()}
if agentconfig.Stdout() {
opts.Writers = []io.Writer{os.Stdout}
}
@@ -114,6 +114,7 @@
opts.Debug = agentconfig.Debug()
clog.DebugEnabled = agentconfig.Debug()
opts.ProjectName = agentconfig.ProjectID()
+ opts.DisableCloudLogging = agentconfig.DisableCloudLogging()
if err := logger.Init(ctx, opts); err != nil {
fmt.Printf("Error initializing logger: %v", err)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20250729.00/packagebuild/daisy_startupscript_rpm.sh
new/osconfig-20250902.01/packagebuild/daisy_startupscript_rpm.sh
--- old/osconfig-20250729.00/packagebuild/daisy_startupscript_rpm.sh
2025-07-29 12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/packagebuild/daisy_startupscript_rpm.sh
2025-09-02 16:24:05.000000000 +0200
@@ -69,6 +69,13 @@
fi
fi
+
+if [[ ${VERSION_ID} = 10 ]]; then
+ echo "Enabling CRB repo for el10"
+ dnf config-manager --set-enabled crb
+fi
+
+
try_command yum install -y $GIT rpmdevtools yum-utils python3-devel
git_checkout "$REPO_OWNER" "$REPO_NAME" "$GIT_REF"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20250729.00/packagebuild/workflows/build_el10.wf.json
new/osconfig-20250902.01/packagebuild/workflows/build_el10.wf.json
--- old/osconfig-20250729.00/packagebuild/workflows/build_el10.wf.json
2025-07-29 12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/packagebuild/workflows/build_el10.wf.json
2025-09-02 16:24:05.000000000 +0200
@@ -28,7 +28,7 @@
"Path": "./build_package.wf.json",
"Vars": {
"type": "rpm",
- "sourceImage": "projects/rhel-cloud/global/images/family/rhel-9",
+ "sourceImage":
"projects/bct-prod-images/global/images/family/centos-stream-10",
"gcs_path": "${gcs_path}",
"repo_owner": "${repo_owner}",
"repo_name": "${repo_name}",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20250729.00/packagebuild/workflows/build_el10_arm64.wf.json
new/osconfig-20250902.01/packagebuild/workflows/build_el10_arm64.wf.json
--- old/osconfig-20250729.00/packagebuild/workflows/build_el10_arm64.wf.json
2025-07-29 12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/packagebuild/workflows/build_el10_arm64.wf.json
2025-09-02 16:24:05.000000000 +0200
@@ -28,7 +28,7 @@
"Path": "./build_package.wf.json",
"Vars": {
"type": "rpm",
- "sourceImage":
"projects/rhel-cloud/global/images/family/rhel-9-arm64",
+ "sourceImage":
"projects/bct-prod-images/global/images/family/centos-stream-10-arm64",
"gcs_path": "${gcs_path}",
"repo_owner": "${repo_owner}",
"repo_name": "${repo_name}",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/packages/scalibr.go
new/osconfig-20250902.01/packages/scalibr.go
--- old/osconfig-20250729.00/packages/scalibr.go 2025-07-29
12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/packages/scalibr.go 2025-09-02
16:24:05.000000000 +0200
@@ -11,13 +11,13 @@
"github.com/google/osv-scalibr/extractor"
fslist "github.com/google/osv-scalibr/extractor/filesystem/list"
scalibrcos "github.com/google/osv-scalibr/extractor/filesystem/os/cos"
- scalibrdpkg "github.com/google/osv-scalibr/extractor/filesystem/os/dpkg"
+ dpkgmetadata
"github.com/google/osv-scalibr/extractor/filesystem/os/dpkg/metadata"
scalibrrpm "github.com/google/osv-scalibr/extractor/filesystem/os/rpm"
scalibrfs "github.com/google/osv-scalibr/fs"
"github.com/google/osv-scalibr/plugin"
)
-func pkgInfoFromDpkgExtractorPackage(pkg *extractor.Package, metadata
*scalibrdpkg.Metadata) *PkgInfo {
+func pkgInfoFromDpkgExtractorPackage(pkg *extractor.Package, metadata
*dpkgmetadata.Metadata) *PkgInfo {
source := Source{Name: metadata.SourceName, Version:
metadata.SourceVersion}
if source.Name == "" {
source.Name = pkg.Name
@@ -72,7 +72,7 @@
func pkgInfosFromExtractorPackages(ctx context.Context, scan
*scalibr.ScanResult, osinfo *osinfo.OSInfo) Packages {
var packages Packages
for _, pkg := range scan.Inventory.Packages {
- if metadata, ok := pkg.Metadata.(*scalibrdpkg.Metadata); ok {
+ if metadata, ok := pkg.Metadata.(*dpkgmetadata.Metadata); ok {
packages.Deb = append(packages.Deb,
pkgInfoFromDpkgExtractorPackage(pkg, metadata))
} else if metadata, ok := pkg.Metadata.(*scalibrrpm.Metadata);
ok {
packages.Rpm = append(packages.Rpm,
pkgInfoFromRpmExtractorPackage(pkg, metadata))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/packages/scalibr_test.go
new/osconfig-20250902.01/packages/scalibr_test.go
--- old/osconfig-20250729.00/packages/scalibr_test.go 2025-07-29
12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/packages/scalibr_test.go 2025-09-02
16:24:05.000000000 +0200
@@ -12,7 +12,7 @@
scalibr "github.com/google/osv-scalibr"
"github.com/google/osv-scalibr/extractor"
scalibrcos "github.com/google/osv-scalibr/extractor/filesystem/os/cos"
- scalibrdpkg "github.com/google/osv-scalibr/extractor/filesystem/os/dpkg"
+ dpkgmetadata
"github.com/google/osv-scalibr/extractor/filesystem/os/dpkg/metadata"
scalibrrpm "github.com/google/osv-scalibr/extractor/filesystem/os/rpm"
"github.com/google/osv-scalibr/inventory"
)
@@ -29,11 +29,11 @@
pkgs: []*extractor.Package{
{
Name: "7zip", Version: "24.09+dfsg-4",
- Metadata:
&scalibrdpkg.Metadata{PackageName: "7zip", Status: "install ok installed",
SourceName: "", SourceVersion: "", PackageVersion: "24.09+dfsg-4", OSID:
"debian", OSVersionCodename: "rodete", OSVersionID: "", Maintainer: "YOKOTA
Hiroshi <[email protected]>", Architecture: "amd64"},
+ Metadata:
&dpkgmetadata.Metadata{PackageName: "7zip", Status: "install ok installed",
SourceName: "", SourceVersion: "", PackageVersion: "24.09+dfsg-4", OSID:
"debian", OSVersionCodename: "rodete", OSVersionID: "", Maintainer: "YOKOTA
Hiroshi <[email protected]>", Architecture: "amd64"},
},
{
Name: "llvm-16", Version:
"1:16.0.6-27+build3",
- Metadata:
&scalibrdpkg.Metadata{PackageName: "llvm-16", Status: "install ok installed",
SourceName: "llvm-toolchain-16", SourceVersion: "", PackageVersion:
"1:16.0.6-27+build3", OSID: "debian", OSVersionCodename: "rodete", OSVersionID:
"", Maintainer: "LLVM Packaging Team <[email protected]>",
Architecture: "amd64"},
+ Metadata:
&dpkgmetadata.Metadata{PackageName: "llvm-16", Status: "install ok installed",
SourceName: "llvm-toolchain-16", SourceVersion: "", PackageVersion:
"1:16.0.6-27+build3", OSID: "debian", OSVersionCodename: "rodete", OSVersionID:
"", Maintainer: "LLVM Packaging Team <[email protected]>",
Architecture: "amd64"},
},
},
want: Packages{Deb: []*PkgInfo{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/policies/apt.go
new/osconfig-20250902.01/policies/apt.go
--- old/osconfig-20250729.00/policies/apt.go 2025-07-29 12:04:47.000000000
+0200
+++ new/osconfig-20250902.01/policies/apt.go 2025-09-02 16:24:05.000000000
+0200
@@ -39,6 +39,8 @@
agentendpointpb.AptRepository_DEB_SRC: "deb-src",
}
+var osInfoProvider osinfo.Provider = osinfo.NewProvider()
+
const aptGPGFile = "/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg"
func isArmoredGPGKey(keyData []byte) bool {
@@ -85,8 +87,8 @@
return false
}
-func readInstanceOsInfo() (string, float64, error) {
- oi, err := osinfo.Get()
+func readInstanceOsInfo(ctx context.Context) (string, float64, error) {
+ oi, err := osInfoProvider.GetOSInfo(ctx)
if err != nil {
return "", 0, fmt.Errorf("error getting osinfo: %v", err)
}
@@ -99,8 +101,8 @@
return oi.ShortName, osVersion, nil
}
-func shouldUseSignedBy() bool {
- osShortName, osVersion, err := readInstanceOsInfo()
+func shouldUseSignedBy(ctx context.Context) bool {
+ osShortName, osVersion, err := readInstanceOsInfo(ctx)
if err != nil {
return false // Default to not using signed-by approach
}
@@ -181,7 +183,7 @@
var buf bytes.Buffer
buf.WriteString("# Repo file managed by Google OSConfig agent\n")
- shouldUseSignedByBool := shouldUseSignedBy()
+ shouldUseSignedByBool := shouldUseSignedBy(ctx)
for _, repo := range repos {
line := getAptRepoLine(repo, shouldUseSignedByBool)
buf.WriteString(line + "\n")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/policies/apt_test.go
new/osconfig-20250902.01/policies/apt_test.go
--- old/osconfig-20250729.00/policies/apt_test.go 2025-07-29
12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/policies/apt_test.go 2025-09-02
16:24:05.000000000 +0200
@@ -24,6 +24,7 @@
"testing"
"cloud.google.com/go/osconfig/agentendpoint/apiv1beta/agentendpointpb"
+ "github.com/GoogleCloudPlatform/osconfig/osinfo"
)
func runAptRepositories(ctx context.Context, repos
[]*agentendpointpb.AptRepository) (string, error) {
@@ -47,37 +48,75 @@
}
func TestAptRepositories(t *testing.T) {
+ debian10 := func() (string, string, string) {
+ return "debian", "Debian", "10"
+ }
+
+ debian12 := func() (string, string, string) {
+ return "debian", "Debian", "12"
+ }
+
tests := []struct {
- desc string
- repos []*agentendpointpb.AptRepository
- want string
+ name string
+ repos []*agentendpointpb.AptRepository
+ nameAndVersionProvider func() (string, string, string)
+ want string
}{
- {"no repos", []*agentendpointpb.AptRepository{}, "# Repo file
managed by Google OSConfig agent\n"},
{
- "1 repo",
- []*agentendpointpb.AptRepository{
+ name: "No repositories",
+ nameAndVersionProvider: debian10,
+ repos:
[]*agentendpointpb.AptRepository{},
+ want: "# Repo file managed by Google
OSConfig agent\n"},
+ {
+ name: "1 repositoy, Debian 10",
+ nameAndVersionProvider: debian10,
+ repos: []*agentendpointpb.AptRepository{
{Uri: "http://repo1-url/";, Distribution:
"distribution", Components: []string{"component1"}},
},
- "# Repo file managed by Google OSConfig agent\n\ndeb
http://repo1-url/ distribution component1\n",
+ want: "# Repo file managed by Google OSConfig
agent\n\ndeb http://repo1-url/ distribution component1\n",
+ },
+ {
+ name: "1 repositoy, Debian 12",
+ nameAndVersionProvider: debian12,
+ repos: []*agentendpointpb.AptRepository{
+ {Uri: "http://repo1-url/";, Distribution:
"distribution", Components: []string{"component1"}},
+ },
+ want: "# Repo file managed by Google OSConfig
agent\n\ndeb [signed-by=/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg]
http://repo1-url/ distribution component1\n",
+ },
+ {
+ name: "2 repos, Debian 10",
+ nameAndVersionProvider: debian10,
+ repos: []*agentendpointpb.AptRepository{
+ {Uri: "http://repo1-url/";, Distribution:
"distribution", Components: []string{"component1"}, ArchiveType:
agentendpointpb.AptRepository_DEB_SRC},
+ {Uri: "http://repo2-url/";, Distribution:
"distribution", Components: []string{"component1", "component2"}, ArchiveType:
agentendpointpb.AptRepository_DEB},
+ },
+ want: "# Repo file managed by Google OSConfig
agent\n\ndeb-src http://repo1-url/ distribution component1\n\ndeb
http://repo2-url/ distribution component1 component2\n",
},
{
- "2 repos",
- []*agentendpointpb.AptRepository{
+ name: "2 repos, Debian 12",
+ nameAndVersionProvider: debian12,
+ repos: []*agentendpointpb.AptRepository{
{Uri: "http://repo1-url/";, Distribution:
"distribution", Components: []string{"component1"}, ArchiveType:
agentendpointpb.AptRepository_DEB_SRC},
{Uri: "http://repo2-url/";, Distribution:
"distribution", Components: []string{"component1", "component2"}, ArchiveType:
agentendpointpb.AptRepository_DEB},
},
- "# Repo file managed by Google OSConfig
agent\n\ndeb-src http://repo1-url/ distribution component1\n\ndeb
http://repo2-url/ distribution component1 component2\n",
+ want: "# Repo file managed by Google OSConfig
agent\n\ndeb-src [signed-by=/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg]
http://repo1-url/ distribution component1\n\ndeb
[signed-by=/etc/apt/trusted.gpg.d/osconfig_agent_managed.gpg] http://repo2-url/
distribution component1 component2\n",
},
}
for _, tt := range tests {
+ osInfoProviderActual := osInfoProvider
+ defer func() { osInfoProvider = osInfoProviderActual }()
+
+ osInfoStub := stubOsInfoProvider{nameVersionProvider:
tt.nameAndVersionProvider}
+ osInfoProvider = osInfoStub
+
got, err := runAptRepositories(context.Background(), tt.repos)
if err != nil {
t.Fatal(err)
}
if got != tt.want {
- t.Errorf("%s: got:\n%q\nwant:\n%q", tt.desc, got,
tt.want)
+ t.Errorf("%s: got:\n%q\nwant:\n%q", tt.name, got,
tt.want)
}
}
}
@@ -107,7 +146,7 @@
func TestUseSignedBy(t *testing.T) {
tests := []struct {
- desc string
+ name string
repo *agentendpointpb.AptRepository
want string
}{
@@ -128,7 +167,25 @@
aptRepoLine := getAptRepoLine(tt.repo, useSignedBy)
if aptRepoLine != tt.want {
- t.Errorf("%s: got:\n%q\nwant:\n%q", tt.desc,
aptRepoLine, tt.want)
+ t.Errorf("%s: got:\n%q\nwant:\n%q", tt.name,
aptRepoLine, tt.want)
}
}
}
+
+type stubOsInfoProvider struct {
+ nameVersionProvider func() (string, string, string)
+}
+
+func (s stubOsInfoProvider) GetOSInfo(ctx context.Context) (osinfo.OSInfo,
error) {
+ short, long, version := s.nameVersionProvider()
+
+ return osinfo.OSInfo{
+ Hostname: "test",
+ LongName: long,
+ ShortName: short,
+ Version: version,
+ KernelVersion: "test",
+ KernelRelease: "test",
+ Architecture: "x86_64",
+ }, nil
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/policies/recipes/steps.go
new/osconfig-20250902.01/policies/recipes/steps.go
--- old/osconfig-20250729.00/policies/recipes/steps.go 2025-07-29
12:04:47.000000000 +0200
+++ new/osconfig-20250902.01/policies/recipes/steps.go 2025-09-02
16:24:05.000000000 +0200
@@ -46,6 +46,8 @@
agentendpointpb.SoftwareRecipe_Step_RunScript_POWERSHELL:
".ps1",
}
+var chown = chownFunc
+
func stepCopyFile(step *agentendpointpb.SoftwareRecipe_Step_CopyFile,
artifacts map[string]string, runEnvs []string, stepDir string) error {
dest, err := util.NormPath(step.Destination)
if err != nil {
@@ -127,6 +129,55 @@
return strings.HasSuffix(name, "/")
}
+func ensureSymlinkBelongsToDir(dirPath string, symlink string) error {
+ dirAbs, err := filepath.Abs(dirPath)
+ if err != nil {
+ return err
+ }
+ symlinkAbs, err := filepath.Abs(symlink)
+ if err != nil {
+ return err
+ }
+
+ evaluatedSymlinkAbs, err := filepath.EvalSymlinks(symlinkAbs)
+ if err != nil {
+ return err
+ }
+
+ rel, err := filepath.Rel(dirAbs, evaluatedSymlinkAbs)
+ if err != nil {
+ return err
+ }
+
+ if strings.HasPrefix(rel, "..") {
+ return fmt.Errorf("symlink %s, does not belongs to dir %s, rel
%s", symlink, dirPath, rel)
+ }
+
+ return nil
+}
+
+func ensureFilePathBelongsToDir(dirPath string, filePath string) error {
+ dirAbs, err := filepath.Abs(dirPath)
+ if err != nil {
+ return err
+ }
+ fileAbs, err := filepath.Abs(filePath)
+ if err != nil {
+ return err
+ }
+
+ rel, err := filepath.Rel(dirAbs, fileAbs)
+ if err != nil {
+ return err
+ }
+
+ if strings.HasPrefix(rel, "..") {
+ return fmt.Errorf("path %s, does not belongs to dir %s, rel
%s", filePath, dirPath, rel)
+ }
+
+ return nil
+}
+
func extractZip(zipPath string, dst string) error {
zr, err := zip.OpenReader(zipPath)
if err != nil {
@@ -134,12 +185,17 @@
}
defer zr.Close()
- // Check for conflicts
+ // Check that we can extract zip
for _, f := range zr.File {
- filen, err :=
util.NormPath(util.SanitizePath(filepath.Join(dst, f.Name)))
+ filen, err := util.NormPath(filepath.Join(dst, f.Name))
if err != nil {
return err
}
+
+ if err := ensureFilePathBelongsToDir(dst, filen); err != nil {
+ return fmt.Errorf("unable to extract zip archive %s:
%w", zipPath, err)
+ }
+
stat, err := os.Stat(filen)
if os.IsNotExist(err) {
continue
@@ -151,12 +207,12 @@
// it's ok if directories already exist
continue
}
- return fmt.Errorf("file exists: %s", filen)
+ return fmt.Errorf("unable to extract zip archive %s: file %s is
already exists", zipPath, filen)
}
// Create files.
for _, f := range zr.File {
- filen, err :=
util.NormPath(util.SanitizePath(filepath.Join(dst, f.Name)))
+ filen, err := util.NormPath(filepath.Join(dst, f.Name))
if err != nil {
return err
}
@@ -240,6 +296,11 @@
if err != nil {
return err
}
+
+ if err := ensureFilePathBelongsToDir(dst, filen); err != nil {
+ return err
+ }
+
stat, err := os.Stat(filen)
if os.IsNotExist(err) {
continue
@@ -270,7 +331,7 @@
tr := tar.NewReader(decompressed)
if err := checkForConflicts(tr, dst); err != nil {
- return err
+ return fmt.Errorf("unable to extract tar archive %s: %s",
tarName, err)
}
file.Seek(0, 0)
@@ -289,10 +350,15 @@
if err != nil {
return err
}
- filen, err := util.NormPath(filepath.Join(dst,
util.SanitizePath(header.Name)))
+ filen, err := util.NormPath(filepath.Join(dst, header.Name))
if err != nil {
return err
}
+
+ if err := ensureFilePathBelongsToDir(dst, filen); err != nil {
+ return err
+ }
+
filedir := filepath.Dir(filen)
if err := os.MkdirAll(filedir, 0700); err != nil {
@@ -324,11 +390,23 @@
return err
}
case tar.TypeLink:
+ if err := ensureSymlinkBelongsToDir(dst,
header.Linkname); err != nil {
+ clog.Infof(ctx,
+ "link %s resolved outside of
destination %s, for the security reason it is not allowed", header.Linkname,
dst)
+ continue
+ }
+
if err := os.Link(header.Linkname, filen); err != nil {
return err
}
continue
case tar.TypeSymlink:
+ if err := ensureSymlinkBelongsToDir(dst,
header.Linkname); err != nil {
+ clog.Infof(ctx,
+ "symlink %s resolved outside of
destination %s, for the security reason it is not allowed", header.Linkname,
dst)
+ continue
+ }
+
if err := os.Symlink(header.Linkname, filen); err !=
nil {
return err
}
@@ -506,7 +584,7 @@
return err
}
-func chown(file string, uid, gid int) error {
+func chownFunc(file string, uid, gid int) error {
// os.Chown unsupported on windows
if runtime.GOOS == "windows" {
return nil
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20250729.00/policies/recipes/steps_test.go
new/osconfig-20250902.01/policies/recipes/steps_test.go
--- old/osconfig-20250729.00/policies/recipes/steps_test.go 1970-01-01
01:00:00.000000000 +0100
+++ new/osconfig-20250902.01/policies/recipes/steps_test.go 2025-09-02
16:24:05.000000000 +0200
@@ -0,0 +1,218 @@
+package recipes
+
+import (
+ "archive/tar"
+ "archive/zip"
+ "context"
+ "fmt"
+ "os"
+ "path/filepath"
+ "regexp"
+ "testing"
+ "time"
+
+ "cloud.google.com/go/osconfig/agentendpoint/apiv1beta/agentendpointpb"
+)
+
+type fileEntry struct {
+ name string
+ content []byte
+}
+
+func Test_extractTar(t *testing.T) {
+ chownActual := chownFunc
+ chown = func(string, int, int) error {
+ return nil
+ }
+
+ defer func() { chown = chownActual }()
+
+ tests := []struct {
+ name string
+ entries []fileEntry
+ wantErrRegexp *regexp.Regexp
+ }{
+ {
+ name: "base case scenario",
+ entries: []fileEntry{
+ {
+ name: "test1", content: []byte("test1"),
+ },
+ {
+ name: "test2", content: []byte("test2"),
+ },
+ },
+ wantErrRegexp: nil,
+ },
+ {
+ name: "tar with vulnerable path, fail with expected
error",
+ entries: []fileEntry{
+ {
+ name: "../test1", content:
[]byte("test1"),
+ },
+ {
+ name: "test2", content: []byte("test2"),
+ },
+ },
+ wantErrRegexp: regexp.MustCompile("^unable to extract
tar archive /tmp/[0-9]+/extractTar.tar: path /tmp/test1, does not belongs to
dir /tmp/[0-9]+, rel ../test1$"),
+ },
+ {
+ name: "tar with advance vulnerable path, fail with
expected error",
+ entries: []fileEntry{
+ {
+ name: "....//test1", content:
[]byte("test1"),
+ },
+ {
+ name: "test2", content: []byte("test2"),
+ },
+ },
+ wantErrRegexp: regexp.MustCompile("^unable to extract
tar archive /tmp/[0-9]+/extractTar.tar: path /tmp/[0-9]+/..../test1, does not
belongs to dir /tmp/[0-9]+, rel ..../test1$"),
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+
+ tmpDir, tmpFile, err := getTempDirAndFile(t,
"extractTar.tar")
+ if err != nil {
+ t.Errorf("unable to create tmp file: %s", err)
+ }
+
+ ensureTar(t, tmpFile.Name(), tt.entries)
+
+ ctx := context.Background()
+ err = extractTar(ctx, tmpFile.Name(), tmpDir,
agentendpointpb.SoftwareRecipe_Step_ExtractArchive_TAR)
+ if tt.wantErrRegexp == nil && err == nil {
+ return
+ }
+
+ msg := fmt.Sprintf("%s", err)
+ if !tt.wantErrRegexp.MatchString(msg) {
+ t.Errorf("Unexpecte error, expect message to
match regexp %s, got %s", tt.wantErrRegexp, err)
+ }
+ })
+
+ }
+}
+func Test_extractZip(t *testing.T) {
+ tests := []struct {
+ name string
+ entries []fileEntry
+ wantErrRegexp *regexp.Regexp
+ }{
+ {
+ name: "base case scenario",
+ entries: []fileEntry{
+ {
+ name: "test1", content: []byte("test1"),
+ },
+ {
+ name: "test2", content: []byte("test2"),
+ },
+ },
+ wantErrRegexp: nil,
+ },
+ {
+ name: "zip with vulnerable path, fail with expected
error",
+ entries: []fileEntry{
+ {
+ name: "../test1", content:
[]byte("test1"),
+ },
+ {
+ name: "test2", content: []byte("test2"),
+ },
+ },
+ wantErrRegexp: regexp.MustCompile("^unable to extract
zip archive /tmp/[0-9]+/extractZip.zip: path /tmp/test1, does not belongs to
dir /tmp/[0-9]+, rel ../test1$"),
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+
+ tmpDir, tmpFile, err := getTempDirAndFile(t,
"extractZip.zip")
+ if err != nil {
+ t.Errorf("unable to create tmp file: %s", err)
+ }
+
+ ensureZip(t, tmpFile.Name(), tt.entries)
+
+ err = extractZip(tmpFile.Name(), tmpDir)
+ if tt.wantErrRegexp == nil && err == nil {
+ return
+ }
+
+ msg := fmt.Sprintf("%s", err)
+ if !tt.wantErrRegexp.MatchString(msg) {
+ t.Errorf("Unexpecte error, expect message to
match regexp %s, got %s", tt.wantErrRegexp, err)
+ }
+ })
+
+ }
+}
+
+func getTempDirAndFile(t *testing.T, fileName string) (dir string, file
*os.File, err error) {
+ tmpDir := filepath.Join(os.TempDir(), fmt.Sprintf("%d",
time.Now().UnixNano()))
+ if err := os.MkdirAll(tmpDir, os.ModePerm); err != nil {
+ t.Errorf("unable to create tmp dir: %s", err)
+ return "", nil, err
+ }
+
+ tmpFile, err := os.OpenFile(filepath.Join(tmpDir, fileName),
os.O_CREATE|os.O_RDWR, os.ModePerm)
+ if err != nil {
+ t.Errorf("unable to create tmp file: %s", err)
+ return "", nil, err
+ }
+
+ return tmpDir, tmpFile, nil
+}
+
+func ensureZip(t *testing.T, dst string, entries []fileEntry) {
+ fd, err := os.OpenFile(dst, os.O_RDWR, os.ModePerm)
+ if err != nil {
+ t.Errorf("unable to open file: %s", err)
+ }
+ w := zip.NewWriter(fd)
+
+ for _, entry := range entries {
+ f, err := w.Create(entry.name)
+ if err != nil {
+ t.Errorf("unable to create file: %s", err)
+ }
+
+ if _, err = f.Write(entry.content); err != nil {
+ t.Errorf("unable to write content to file: %s", err)
+ }
+ }
+
+ if err := w.Close(); err != err {
+ t.Errorf("unable to close file: %s", err)
+ }
+}
+
+func ensureTar(t *testing.T, dst string, entries []fileEntry) {
+ fd, err := os.OpenFile(dst, os.O_RDWR, os.ModePerm)
+ if err != nil {
+ t.Errorf("unable to open file: %s", err)
+ }
+ w := tar.NewWriter(fd)
+
+ for _, entry := range entries {
+ hdr := &tar.Header{
+ Name: entry.name,
+ Mode: 0600,
+ Size: int64(len(entry.content)),
+ }
+
+ if err := w.WriteHeader(hdr); err != nil {
+ t.Errorf("unable to create file: %s", err)
+ }
+
+ if _, err = w.Write(entry.content); err != nil {
+ t.Errorf("unable to write content to file: %s", err)
+ }
+ }
+
+ if err := w.Close(); err != err {
+ t.Errorf("unable to close file: %s", err)
+ }
+}
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/google-osconfig-agent/vendor.tar.gz
/work/SRC/openSUSE:Factory/.google-osconfig-agent.new.1977/vendor.tar.gz
differ: char 13, line 1
