Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rekor for openSUSE:Factory checked in at 2022-10-04 20:38:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rekor (Old) and /work/SRC/openSUSE:Factory/.rekor.new.2275 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rekor" Tue Oct 4 20:38:15 2022 rev:11 rq:1007909 version:0.12.2 Changes: -------- --- /work/SRC/openSUSE:Factory/rekor/rekor.changes 2022-09-27 20:14:44.285933151 +0200 +++ /work/SRC/openSUSE:Factory/.rekor.new.2275/rekor.changes 2022-10-04 20:38:19.144966897 +0200 @@ -1,0 +2,10 @@ +Fri Sep 30 13:59:10 UTC 2022 - Marcus Meissner <meiss...@suse.com> + +- updated to rekor 0.12.2 (jsc#SLE-23476): + - add description on /api/v1/index/retrieve endpoint + - Adding e2e test coverage + - export rekor build/version information + - Use POST instead of GET for /api/log/entries/retrieve metrics. + - Search through all shards when searching by hash + +------------------------------------------------------------------- Old: ---- rekor-0.12.1.tar.gz New: ---- rekor-0.12.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rekor.spec ++++++ --- /var/tmp/diff_new_pack.GY2ztQ/_old 2022-10-04 20:38:20.108968267 +0200 +++ /var/tmp/diff_new_pack.GY2ztQ/_new 2022-10-04 20:38:20.112968273 +0200 @@ -19,9 +19,9 @@ %define apps cli server Name: rekor -Version: 0.12.1 +Version: 0.12.2 Release: 0 -%define revision 584bc16fc8eba7c7663f540dea12730a71f830c1 +%define revision a85980732bda434ba14ed24c65e4f78c6a9d3dfe Summary: Supply Chain Transparency Log License: Apache-2.0 URL: https://github.com/sigstore/rekor ++++++ rekor-0.12.1.tar.gz -> rekor-0.12.2.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/.github/workflows/build.yml new/rekor-0.12.2/.github/workflows/build.yml --- old/rekor-0.12.1/.github/workflows/build.yml 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/.github/workflows/build.yml 2022-09-29 17:43:35.000000000 +0200 @@ -35,7 +35,7 @@ steps: - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - - uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 # v2.6.0 + - uses: sigstore/cosign-installer@ced07f21fb1da67979f539bbc6304c16c0677e76 # v2.7.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/.github/workflows/codeql-analysis.yml new/rekor-0.12.2/.github/workflows/codeql-analysis.yml --- old/rekor-0.12.1/.github/workflows/codeql-analysis.yml 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/.github/workflows/codeql-analysis.yml 2022-09-29 17:43:35.000000000 +0200 @@ -43,12 +43,12 @@ # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@904260d7d935dff982205cbdb42025ce30b7a34f # v2.1.24 + uses: github/codeql-action/init@86f3159a697a097a813ad9bfa0002412d97690a4 # v2.1.25 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@904260d7d935dff982205cbdb42025ce30b7a34f # v2.1.24 + uses: github/codeql-action/autobuild@86f3159a697a097a813ad9bfa0002412d97690a4 # v2.1.25 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@904260d7d935dff982205cbdb42025ce30b7a34f # v2.1.24 + uses: github/codeql-action/analyze@86f3159a697a097a813ad9bfa0002412d97690a4 # v2.1.25 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/.github/workflows/depsreview.yml new/rekor-0.12.2/.github/workflows/depsreview.yml --- old/rekor-0.12.1/.github/workflows/depsreview.yml 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/.github/workflows/depsreview.yml 2022-09-29 17:43:35.000000000 +0200 @@ -25,4 +25,4 @@ - name: 'Checkout Repository' uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 - name: 'Dependency Review' - uses: actions/dependency-review-action@2b96ea7f03d82de498e97b42e6bee3f7cb0dafaa # v2 + uses: actions/dependency-review-action@375c5370086bfff256c37f8beec0f437e2e72ae1 # v2.4.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/.github/workflows/main.yml new/rekor-0.12.2/.github/workflows/main.yml --- old/rekor-0.12.1/.github/workflows/main.yml 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/.github/workflows/main.yml 2022-09-29 17:43:35.000000000 +0200 @@ -44,6 +44,8 @@ run: go test -v -coverprofile=coverage.txt -covermode=atomic ./... - name: Upload Coverage Report uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # v3.1.0 + with: + flags: unittests - name: Ensure no files were modified as a result of the build run: git update-index --refresh && git diff-index --quiet HEAD -- || git diff --exit-code @@ -72,13 +74,13 @@ - name: download minisign run: sudo add-apt-repository ppa:dysfunctionalprogramming/minisign && sudo apt-get update && sudo apt-get install minisign - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - - name: Docker Build - run: docker-compose build - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f # v3.1.0 with: go-version: ${{ env.GOVERSION }} + - name: install gocovmerge + run: go install github.com/wadey/gocovmerge@b5bfa59ec0adc420475f97f89b58045c721d761c - name: CLI run: ./tests/e2e-test.sh @@ -88,6 +90,11 @@ with: name: E2E Docker Compose logs path: /tmp/docker-compose.log + - name: Upload Coverage Report + uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378 # v3.1.0 + with: + files: /tmp/rekor-merged.cov + flags: e2etests sharding-e2e: runs-on: ubuntu-20.04 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/.github/workflows/milestone.yml new/rekor-0.12.2/.github/workflows/milestone.yml --- old/rekor-0.12.1/.github/workflows/milestone.yml 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/.github/workflows/milestone.yml 2022-09-29 17:43:35.000000000 +0200 @@ -23,7 +23,7 @@ statuses: none steps: - - uses: actions/github-script@c713e510dbd7d213d92d41b7a7805a986f4c5c66 # v6 + - uses: actions/github-script@d4560e157075e2d93aa3022b5b51a42a880f1f93 # v6 with: script: | if (!context.payload.pull_request.merged) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/.github/workflows/scorecard_action.yml new/rekor-0.12.2/.github/workflows/scorecard_action.yml --- old/rekor-0.12.1/.github/workflows/scorecard_action.yml 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/.github/workflows/scorecard_action.yml 2022-09-29 17:43:35.000000000 +0200 @@ -28,7 +28,7 @@ persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@865b4092859256271290c77adbd10a43f4779972 # v2.0.3 + uses: ossf/scorecard-action@e363bfca00e752f91de7b7d2a77340e2e523cb18 # v2.0.4 with: results_file: results.sarif results_format: sarif @@ -52,6 +52,6 @@ # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@904260d7d935dff982205cbdb42025ce30b7a34f # v2.1.24 + uses: github/codeql-action/upload-sarif@86f3159a697a097a813ad9bfa0002412d97690a4 # v2.1.25 with: sarif_file: results.sarif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/.gitignore new/rekor-0.12.2/.gitignore --- old/rekor-0.12.1/.gitignore 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/.gitignore 2022-09-29 17:43:35.000000000 +0200 @@ -17,3 +17,6 @@ rekorCliImagerefs trillianServerImagerefs trillianSignerImagerefs +cosign.* +signature +rekor.pub diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/CHANGELOG.md new/rekor-0.12.2/CHANGELOG.md --- old/rekor-0.12.1/CHANGELOG.md 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/CHANGELOG.md 2022-09-29 17:43:35.000000000 +0200 @@ -1,3 +1,79 @@ +# v0.12.2 + +## Enhancements +* add changelog for 0.12.0 and 0.12.1 (#1064) +* add description on /api/v1/index/retrieve endpoint (#1073) +* Adding e2e test coverage (#1071) +* export rekor build/version information (#1074) + +## Bug Fixes +* Search through all shards when searching by hash (#1082) +* Use POST instead of GET for /api/log/entries/retrieve metrics (#1083) + +## Contributors +* Bob Callaway +* Carlos Tadeu Panato Junior +* Ceridwen Driskill +* Simon Kent +* Priya Wadhwa + +# v0.12.1 + +> ** Rekor `v0.12.1` comes with a breaking change to `rekor-cli v0.12.1`. Users of rekor-cli MUST upgrade to the latest version ** +> The addition of the intotov2 created a breaking change for the `rekor-cli` + +## Enhancements + +* Adds new rekor metrics for latency and QPS. (https://github.com/sigstore/rekor/pull/1059) +* feat: add file based signer and password (https://github.com/sigstore/rekor/pull/1049) + +## Bug Fixes + +* fix: fix harness tests with intoto v0.0.2 (https://github.com/sigstore/rekor/pull/1052) + +## Contributors + +* Asra Ali (@asraa) +* Simon Kent (@var-sdk) + +# v0.12.0 + +## Enhancements + +* remove /api/v1/version endpoint (https://github.com/sigstore/rekor/pull/1022) +* Include checkpoint (STH) in entry upload and retrieve responses (https://github.com/sigstore/rekor/pull/1015) +* Validate tree ID on calls to /api/v1/log/entries/retrieve (https://github.com/sigstore/rekor/pull/1017) +* feat: add verification functions (https://github.com/sigstore/rekor/pull/986) +* Change Checkpoint origin to be "Hostname - Tree ID" (https://github.com/sigstore/rekor/pull/1013) +* Add bounds on number of elements in api/v1/log/entries/retrieve (https://github.com/sigstore/rekor/pull/1011) +* Intoto v0.0.2 (https://github.com/sigstore/rekor/pull/973) +* api.SearchLogQueryHandler thread safety (https://github.com/sigstore/rekor/pull/1006) +* enable blocking specific pluggable type versions from being inserted into the log (https://github.com/sigstore/rekor/pull/1004) +* check supportedVersions list rather than directly reading from version map (https://github.com/sigstore/rekor/pull/1003) + +## Bug Fixes + +* fix retrieve endpoint response code and add testing (https://github.com/sigstore/rekor/pull/1043) +* Fix harness tests @ main (https://github.com/sigstore/rekor/pull/1038) +* Fix rekor-cli backwards incompatibility & run harness tests against HEAD (https://github.com/sigstore/rekor/pull/1030) +* fix: use entry uuid uniformly (https://github.com/sigstore/rekor/pull/1012) + +## Others + +* Fetch all tags in harness tests (https://github.com/sigstore/rekor/pull/1039) + +## Contributors + +* Asra Ali (@asraa) +* Bob Callaway (@bobcallaway) +* Carlos Tadeu Panato Junior (@cpanato) +* Ceridwen Driskill (@cdris) +* Hayden Blauzvern (@haydentherapper) +* Kenny Leung (@k4leung4) +* Mikhail Swift (@mikhailswift) +* Parth Patel (@pxp928) +* Priya Wadhwa (@priyawadhwa) + # v0.11.0 ## Enhancements diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/Dockerfile new/rekor-0.12.2/Dockerfile --- old/rekor-0.12.1/Dockerfile 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/Dockerfile 2022-09-29 17:43:35.000000000 +0200 @@ -28,6 +28,7 @@ ARG SERVER_LDFLAGS RUN go build -ldflags "${SERVER_LDFLAGS}" ./cmd/rekor-server RUN CGO_ENABLED=0 go build -gcflags "all=-N -l" -ldflags "${SERVER_LDFLAGS}" -o rekor-server_debug ./cmd/rekor-server +RUN go test -c -ldflags "${SERVER_LDFLAGS}" -cover -covermode=count -coverpkg=./... -o rekor-server_test ./cmd/rekor-server # Multi-Stage production build FROM golang:1.19.1@sha256:2d17ffd12a2cdb25d4a633ad25f8dc29608ed84f31b3b983427d825280427095 as deploy @@ -44,3 +45,7 @@ # overwrite server and include debugger COPY --from=builder /opt/app-root/src/rekor-server_debug /usr/local/bin/rekor-server + +FROM deploy as test +# overwrite server with test build with code coverage +COPY --from=builder /opt/app-root/src/rekor-server_test /usr/local/bin/rekor-server diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/cmd/rekor-cli/main_test.go new/rekor-0.12.2/cmd/rekor-cli/main_test.go --- old/rekor-0.12.1/cmd/rekor-cli/main_test.go 1970-01-01 01:00:00.000000000 +0100 +++ new/rekor-0.12.2/cmd/rekor-cli/main_test.go 2022-09-29 17:43:35.000000000 +0200 @@ -0,0 +1,26 @@ +// +// Copyright 2022 The Sigstore Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "testing" + + "github.com/sigstore/rekor/cmd/rekor-cli/app" +) + +func TestCover(t *testing.T) { + app.Execute() +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/cmd/rekor-server/app/root.go new/rekor-0.12.2/cmd/rekor-server/app/root.go --- old/rekor-0.12.1/cmd/rekor-server/app/root.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/cmd/rekor-server/app/root.go 2022-09-29 17:43:35.000000000 +0200 @@ -61,6 +61,8 @@ rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.rekor-server.yaml)") rootCmd.PersistentFlags().StringVar(&logType, "log_type", "dev", "logger type to use (dev/prod)") rootCmd.PersistentFlags().BoolVar(&enablePprof, "enable_pprof", false, "enable pprof for profiling on port 6060") + rootCmd.PersistentFlags().Bool("enable_killswitch", false, "enable killswitch for TESTING ONLY on port 2345") + _ = rootCmd.PersistentFlags().MarkHidden("enable_killswitch") rootCmd.PersistentFlags().String("trillian_log_server.address", "127.0.0.1", "Trillian log server address") rootCmd.PersistentFlags().Uint16("trillian_log_server.port", 8090, "Trillian log server port") @@ -76,7 +78,7 @@ rootCmd.PersistentFlags().String("rekor_server.signer", "memory", `Rekor signer to use. Valid options are: [gcpkms, memory, filename containing PEM encoded private key]. - Memory and file-based signers should only be used for testing.`) +Memory and file-based signers should only be used for testing.`) rootCmd.PersistentFlags().String("rekor_server.signer-passwd", "", "Password to decrypt signer private key") rootCmd.PersistentFlags().Uint16("port", 3000, "Port to bind to") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/cmd/rekor-server/app/serve.go new/rekor-0.12.2/cmd/rekor-server/app/serve.go --- old/rekor-0.12.1/cmd/rekor-server/app/serve.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/cmd/rekor-server/app/serve.go 2022-09-29 17:43:35.000000000 +0200 @@ -123,6 +123,27 @@ _ = srv.ListenAndServe() }() + if viper.GetBool("enable_killswitch") { + go func() { + mux := http.NewServeMux() + mux.Handle("/kill", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if err := server.Shutdown(); err != nil { + log.Logger.Error(err) + } + w.WriteHeader(http.StatusOK) + })) + + srv := &http.Server{ + Addr: ":2345", + ReadTimeout: 10 * time.Second, + WriteTimeout: 10 * time.Second, + Handler: mux, + } + + _ = srv.ListenAndServe() + }() + } + if err := server.Serve(); err != nil { log.Logger.Fatal(err) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/cmd/rekor-server/main_test.go new/rekor-0.12.2/cmd/rekor-server/main_test.go --- old/rekor-0.12.1/cmd/rekor-server/main_test.go 1970-01-01 01:00:00.000000000 +0100 +++ new/rekor-0.12.2/cmd/rekor-server/main_test.go 2022-09-29 17:43:35.000000000 +0200 @@ -0,0 +1,26 @@ +// +// Copyright 2022 The Sigstore Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "testing" + + "github.com/sigstore/rekor/cmd/rekor-server/app" +) + +func TestCover(t *testing.T) { + app.Execute() +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/docker-compose.test.yml new/rekor-0.12.2/docker-compose.test.yml --- old/rekor-0.12.1/docker-compose.test.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/rekor-0.12.2/docker-compose.test.yml 2022-09-29 17:43:35.000000000 +0200 @@ -0,0 +1,39 @@ +# +# Copyright 2022 The Sigstore Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +version: '3.4' +services: + rekor-server: + build: + context: . + target: "test" + command: [ + "rekor-server", + "-test.coverprofile=rekor-server.cov", + "serve", + "--trillian_log_server.address=trillian-log-server", + "--trillian_log_server.port=8090", + "--redis_server.address=redis-server", + "--redis_server.port=6379", + "--rekor_server.address=0.0.0.0", + "--rekor_server.signer=memory", + "--enable_attestation_storage", + "--attestation_storage_bucket=file:///var/run/attestations", + "--enable_killswitch", + ] + ports: + - "3000:3000" + - "2112:2112" + - "2345:2345" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/go.mod new/rekor-0.12.2/go.mod --- old/rekor-0.12.1/go.mod 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/go.mod 2022-09-29 17:43:35.000000000 +0200 @@ -30,12 +30,12 @@ github.com/rs/cors v1.8.2 github.com/sassoftware/relic v0.0.0-20210427151427-dfb082b79b74 github.com/secure-systems-lab/go-securesystemslib v0.4.0 - github.com/sigstore/sigstore v1.4.1 + github.com/sigstore/sigstore v1.4.2 github.com/spf13/cobra v1.5.0 github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.13.0 github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613 - github.com/theupdateframework/go-tuf v0.5.0 + github.com/theupdateframework/go-tuf v0.5.1-0.20220920170306-f237d7ca5b42 github.com/transparency-dev/merkle v0.0.1 github.com/urfave/negroni v1.0.0 github.com/veraison/go-cose v1.0.0-rc.1 @@ -43,9 +43,9 @@ go.uber.org/goleak v1.2.0 go.uber.org/zap v1.23.0 gocloud.dev v0.24.1-0.20211119014450-028788aaaa4c - golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 + golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 - golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b + golang.org/x/net v0.0.0-20220909164309-bea034e7d591 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 google.golang.org/genproto v0.0.0-20220720214146-176da50484ac google.golang.org/grpc v1.49.0 @@ -122,11 +122,11 @@ go.uber.org/atomic v1.9.0 // indirect go.uber.org/multierr v1.8.0 // indirect golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094 // indirect - golang.org/x/sys v0.0.0-20220907062415-87db552b00fd // indirect + golang.org/x/sys v0.0.0-20220919091848-fb04ddd9f9c8 // indirect golang.org/x/term v0.0.0-20220526004731-065cf7ba2467 // indirect golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b // indirect golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f // indirect - google.golang.org/api v0.95.0 // indirect + google.golang.org/api v0.96.0 // indirect google.golang.org/appengine v1.6.7 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/go.sum new/rekor-0.12.2/go.sum --- old/rekor-0.12.1/go.sum 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/go.sum 2022-09-29 17:43:35.000000000 +0200 @@ -142,33 +142,33 @@ github.com/aws/aws-sdk-go v1.15.27/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.37.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= github.com/aws/aws-sdk-go v1.42.8/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= -github.com/aws/aws-sdk-go v1.44.96 h1:S9paaqnJ0AJ95t5AB+iK8RM6YNZN0W0Lek1gOVJsEr8= +github.com/aws/aws-sdk-go v1.44.102 h1:6tUCTGL2UDbFZae1TLGk8vTgeXuzkb8KbAe2FiAeKHc= github.com/aws/aws-sdk-go-v2 v1.11.0/go.mod h1:SQfA+m2ltnu1cA0soUkj4dRSsmITiVQUJvBIZjzfPyQ= -github.com/aws/aws-sdk-go-v2 v1.16.14 h1:db6GvO4Z2UqHt5gvT0lr6J5x5P+oQ7bdRzczVaRekMU= +github.com/aws/aws-sdk-go-v2 v1.16.16 h1:M1fj4FE2lB4NzRb9Y0xdWsn2P0+2UHVxwKyOa4YJNjk= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.0.0 h1:yVUAwvJC/0WNPbyl0nA3j1L6CW1CN8wBubCRqtG7JLI= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.0.0/go.mod h1:Xn6sxgRuIDflLRJFj5Ev7UxABIkNbccFPV/p8itDReM= github.com/aws/aws-sdk-go-v2/config v1.10.1/go.mod h1:auIv5pIIn3jIBHNRcVQcsczn6Pfa6Dyv80Fai0ueoJU= -github.com/aws/aws-sdk-go-v2/config v1.17.5 h1:+NS1BWvprx7nHcIk5o32LrZgifs/7Pm1V2nWjQgZ2H0= +github.com/aws/aws-sdk-go-v2/config v1.17.7 h1:odVM52tFHhpqZBKNjVW5h+Zt1tKHbhdTQRb+0WHrNtw= github.com/aws/aws-sdk-go-v2/credentials v1.6.1/go.mod h1:QyvQk1IYTqBWSi1T6UgT/W8DMxBVa5pVuLFSRLLhGf8= -github.com/aws/aws-sdk-go-v2/credentials v1.12.18 h1:HF62tbhARhgLfvmfwUbL9qZ+dkbZYzbFdxBb3l5gr7Q= +github.com/aws/aws-sdk-go-v2/credentials v1.12.20 h1:9+ZhlDY7N9dPnUmf7CDfW9In4sW5Ff3bh7oy4DzS1IE= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.8.0/go.mod h1:5E1J3/TTYy6z909QNR0QnXGBpfESYGDqd3O0zqONghU= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.15 h1:nkQ+aI0OCeYfzrBipL6ja/6VEbUnHQoZHBHtoK+Nzxw= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.17 h1:r08j4sbZu/RVi+BNxkBJwPMUYY3P8mgSDuKkZ/ZN1lE= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.7.1 h1:p9Dys1g2YdaqMalnp6AwCA+tpMMdJNGw5YYKP/u3sUk= github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.7.1/go.mod h1:wN/mvkow08GauDwJ70jnzJ1e+hE+Q3Q7TwpYLXOe9oI= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.0/go.mod h1:NO3Q5ZTTQtO2xIg2+xTXYDiT7knSejfeDm7WGDaOo0U= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.21 h1:gRIXnmAVNyoRQywdNtpAkgY+f30QNzgF53Q5OobNZZs= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.23 h1:s4g/wnzMf+qepSNgTvaQQHNxyMLKSawNhKCPNy++2xY= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.0.0/go.mod h1:anlUzBoEWglcUxUQwZA7HQOEVEnQALVZsizAapB2hq8= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.15 h1:noAhOo2mMDyYhTx99aYPvQw16T3fQ/DiKAv9fzpIKH8= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.17 h1:/K482T5A3623WJgWT8w1yRAFK4RzGzEl7y39yhtn9eA= github.com/aws/aws-sdk-go-v2/internal/ini v1.3.0/go.mod h1:6oXGy4GLpypD3uCh8wcqztigGgmhLToMfjavgh+VySg= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.22 h1:nF+E8HfYpOMw6M5oA9efB602VC00IHNQnB5CmFvZPvA= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.24 h1:wj5Rwc05hvUSvKuOF29IYb9QrCLjU+rHAy/x/o0DK2c= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.5.0 h1:lPLbw4Gn59uoKqvOfSnkJr54XWk5Ak1NK20ZEiSWb3U= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.5.0/go.mod h1:80NaCIH9YU3rzTTs/J/ECATjXuRqzo/wB6ukO6MZ0XY= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.5.0/go.mod h1:Mq6AEc+oEjCUlBuLiK5YwW4shSOAKCQ3tXN0sQeYoBA= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.15 h1:xlf0J6DUgAj/ocvKQxCmad8Bu1lJuRbt5Wu+4G1xw1g= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.17 h1:Jrd/oMh0PKQc6+BowB+pLEwLIgaQF29eYbe7E1Av9Ug= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.9.0 h1:0BOlTqnNnrEO04oYKzDxMMe68t107pmIotn18HtVonY= github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.9.0/go.mod h1:xKCZ4YFSF2s4Hnb/J0TLeOsKuGzICzcElaOKNGrVnx4= github.com/aws/aws-sdk-go-v2/service/kms v1.10.0/go.mod h1:ZkHWL8m5Nw1g9yMXqpCjnIJtSDToAmNbXXZ9gj0bO7s= -github.com/aws/aws-sdk-go-v2/service/kms v1.18.9 h1:BPMcM9DZdpQKWQ8WSXla36mpm+5YgVqP7pLF+W7TEe0= +github.com/aws/aws-sdk-go-v2/service/kms v1.18.10 h1:rl0vxqQ/DFZZMLk9+FLgIuiE/GwMPoI5BeoCkkM2DA4= github.com/aws/aws-sdk-go-v2/service/s3 v1.19.0 h1:5mRAms4TjSTOGYsqKYte5kHr1PzpMJSyLThjF3J+hw0= github.com/aws/aws-sdk-go-v2/service/s3 v1.19.0/go.mod h1:Gwz3aVctJe6mUY9T//bcALArPUaFmNAy2rTB9qN4No8= github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.10.0/go.mod h1:qAgsrzF3Z2vvV01j79fs7D75ofCMQe81/OKBJx0rjFY= @@ -176,12 +176,12 @@ github.com/aws/aws-sdk-go-v2/service/sqs v1.12.0/go.mod h1:TDqDmQnsbgL2ZMIGUf3z9xTzCMqFX7FP1geAgIlYqvA= github.com/aws/aws-sdk-go-v2/service/ssm v1.15.0/go.mod h1:kJa2uHklY03rKsNSbEsToeUgWJ1PambXBtRNacorRhg= github.com/aws/aws-sdk-go-v2/service/sso v1.6.0/go.mod h1:Q/l0ON1annSU+mc0JybDy1Gy6dnJxIcWjphO6qJPzvM= -github.com/aws/aws-sdk-go-v2/service/sso v1.11.21 h1:7jUFr+7F4MzIjCZzy7ygRtXFQcQ0kAbT0gUvtUeAdyU= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.3 h1:UTTPNP3/WzZa7hoHP3Szb/Yl0bM3NoBrf5ABy1OArUM= +github.com/aws/aws-sdk-go-v2/service/sso v1.11.23 h1:pwvCchFUEnlceKIgPUouBJwK81aCkQ8UDMORfeFtW10= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.5 h1:GUnZ62TevLqIoDyHeiWj2P7EqaosgakBKVvWriIdLQY= github.com/aws/aws-sdk-go-v2/service/sts v1.10.0/go.mod h1:jLKCFqS+1T4i7HDqCP9GM4Uk75YW1cS0o82LdxpMyOE= -github.com/aws/aws-sdk-go-v2/service/sts v1.16.17 h1:LVM2jzEQ8mhb2dhrFl4PJ3sa5+KcKT01dsMk2Ma9/FU= +github.com/aws/aws-sdk-go-v2/service/sts v1.16.19 h1:9pPi0PsFNAGILFfPCk8Y0iyEBGc6lu6OQ97U7hmdesg= github.com/aws/smithy-go v1.9.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= -github.com/aws/smithy-go v1.13.2 h1:TBLKyeJfXTrTXRHmsv4qWt9IQGYyWThLYaJWSahTOGE= +github.com/aws/smithy-go v1.13.3 h1:l7LYxGuzK6/K+NzJ2mC+VvLUbae0sL3bXU//04MkmnA= github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= @@ -526,8 +526,8 @@ github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/vault/api v1.7.2 h1:kawHE7s/4xwrdKbkmwQi0wYaIeUhk5ueek7ljuezCVQ= -github.com/hashicorp/vault/sdk v0.5.3 h1:PWY8sq/9pRrK9vUIy75qCH2Jd8oeENAgkaa/qbhzFrs= +github.com/hashicorp/vault/api v1.8.0 h1:7765sW1XBt+qf4XKIYE4ebY9qc/yi9V2/egzGSUNMZU= +github.com/hashicorp/vault/sdk v0.6.0 h1:6Z+In5DXHiUfZvIZdMx7e2loL1PPyDjA4bVh9ZTIAhs= github.com/hashicorp/yamux v0.1.0 h1:DzDIF6Sd7GD2sX0kDFpHAsJMY4L+OfTvtuaQsOYXxzk= github.com/honeycombio/beeline-go v1.1.1 h1:sU8r4ae34uEL3/CguSl8Mr+Asz9DL1nfH9Wwk85Pc7U= github.com/honeycombio/libhoney-go v1.15.2 h1:5NGcjOxZZma13dmzNcl3OtGbF1hECA0XHJNHEb2t2ck= @@ -710,8 +710,8 @@ github.com/shibumi/go-pathspec v1.3.0 h1:QUyMZhFo0Md5B8zV8x2tesohbb5kfbpTi9rBnKh5dkI= github.com/shibumi/go-pathspec v1.3.0/go.mod h1:Xutfslp817l2I1cZvgcfeMQJG5QnU2lh5tVaaMCl3jE= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sigstore/sigstore v1.4.1 h1:e/tfXseQRymIjgiykskciGrp75AZVCfYokZ2r9tg5vw= -github.com/sigstore/sigstore v1.4.1/go.mod h1:4+s4d6oTDdoQkf5lwpZBoOlWWV+hXhur1my9WdN5PjU= +github.com/sigstore/sigstore v1.4.2 h1:fTppzuZBAmQ/skgl7FWJRLyby70pxCqJGKyWfkSuMR8= +github.com/sigstore/sigstore v1.4.2/go.mod h1:wCv58Fia7u1snVJyPcxdgIh/3uw1XdOLhxPExTwwyt4= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= @@ -761,8 +761,8 @@ github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613 h1:iGnD/q9160NWqKZZ5vY4p0dMiYMRknzctfSkqA4nBDw= github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613/go.mod h1:g6AnIpDSYMcphz193otpSIzN+11Rs+AAIIC6rm1enug= -github.com/theupdateframework/go-tuf v0.5.0 h1:aQ7i9CBw4q9QEZifCaW6G8qGQwoN23XGaZkOA+F50z4= -github.com/theupdateframework/go-tuf v0.5.0/go.mod h1:vAqWV3zEs89byeFsAYoh/Q14vJTgJkHwnnRCWBBBINY= +github.com/theupdateframework/go-tuf v0.5.1-0.20220920170306-f237d7ca5b42 h1:6XOcL5aU3UGndqoDyG/NM2y0/Piin2x5zt/pew4tR1w= +github.com/theupdateframework/go-tuf v0.5.1-0.20220920170306-f237d7ca5b42/go.mod h1:vAqWV3zEs89byeFsAYoh/Q14vJTgJkHwnnRCWBBBINY= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= @@ -867,8 +867,8 @@ golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM= -golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 h1:a5Yg6ylndHHYJqIPrdq0AhvR6KTvDTAvgBtaidhEevY= +golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -967,8 +967,8 @@ golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220617184016-355a448f1bc9/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b h1:ZmngSVLe/wycRns9MKikG9OWIEjGcGAkacif7oYQaUY= -golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20220909164309-bea034e7d591 h1:D0B/7al0LLrVC8aWF4+oxpv/m8bc7ViFfVS8/gXGdqI= +golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1097,8 +1097,9 @@ golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220907062415-87db552b00fd h1:AZeIEzg+8RCELJYq8w+ODLVxFgLMMigSwO/ffKPEd9U= -golang.org/x/sys v0.0.0-20220907062415-87db552b00fd/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220919091848-fb04ddd9f9c8 h1:h+EGohizhe9XlX18rfpa8k8RAc5XyaeamM+0VHRd4lc= +golang.org/x/sys v0.0.0-20220919091848-fb04ddd9f9c8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -1236,8 +1237,8 @@ google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o= google.golang.org/api v0.85.0/go.mod h1:AqZf8Ep9uZ2pyTvgL+x0D3Zt0eoT9b5E8fmzfu6FO2g= google.golang.org/api v0.86.0/go.mod h1:+Sem1dnrKlrXMR/X0bPnMWyluQe4RsNoYfmNLhOIkzw= -google.golang.org/api v0.95.0 h1:d1c24AAS01DYqXreBeuVV7ewY/U8Mnhh47pwtsgVtYg= -google.golang.org/api v0.95.0/go.mod h1:eADj+UBuxkh5zlrSntJghuNeg8HwQ1w5lTKkuqaETEI= +google.golang.org/api v0.96.0 h1:F60cuQPJq7K7FzsxMYHAUJSiXh2oKctHxBMbDygxhfM= +google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/hack/tools/go.mod new/rekor-0.12.2/hack/tools/go.mod --- old/rekor-0.12.1/hack/tools/go.mod 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/hack/tools/go.mod 2022-09-29 17:43:35.000000000 +0200 @@ -5,7 +5,7 @@ require ( github.com/AdaLogics/go-fuzz-headers v0.0.0-20220708163326-82d177caec6e github.com/dvyukov/go-fuzz v0.0.0-20220220162807-a217d9bdbece - github.com/go-swagger/go-swagger v0.30.2 + github.com/go-swagger/go-swagger v0.30.3 github.com/google/trillian v1.5.0 ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/hack/tools/go.sum new/rekor-0.12.2/hack/tools/go.sum --- old/rekor-0.12.1/hack/tools/go.sum 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/hack/tools/go.sum 2022-09-29 17:43:35.000000000 +0200 @@ -215,8 +215,8 @@ github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4= -github.com/go-swagger/go-swagger v0.30.2 h1:23odPUyQZdkNFZZSBJ3mqYYcdh+LnuReEbdWN18OMRo= -github.com/go-swagger/go-swagger v0.30.2/go.mod h1:neDPes8r8PCz2JPvHRDj8BTULLh4VJUt7n6MpQqxhHM= +github.com/go-swagger/go-swagger v0.30.3 h1:HuzvdMRed/9Q8vmzVcfNBQByZVtT79DNZxZ18OprdoI= +github.com/go-swagger/go-swagger v0.30.3/go.mod h1:neDPes8r8PCz2JPvHRDj8BTULLh4VJUt7n6MpQqxhHM= github.com/go-swagger/scan-repo-boundary v0.0.0-20180623220736-973b3573c013 h1:l9rI6sNaZgNC0LnF3MiE+qTmyBA/tZAg1rtyrGbUMK0= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/openapi.yaml new/rekor-0.12.2/openapi.yaml --- old/rekor-0.12.1/openapi.yaml 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/openapi.yaml 2022-09-29 17:43:35.000000000 +0200 @@ -32,6 +32,11 @@ /api/v1/index/retrieve: post: summary: Searches index by entry metadata + description: > + EXPERIMENTAL - this endpoint is offered as best effort only and may be changed or removed in future releases. + + The results returned from this endpoint may be incomplete. + deprecated: true operationId: searchIndex tags: - index diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/pkg/api/entries.go new/rekor-0.12.2/pkg/api/entries.go --- old/rekor-0.12.1/pkg/api/entries.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/pkg/api/entries.go 2022-09-29 17:43:35.000000000 +0200 @@ -350,7 +350,6 @@ func SearchLogQueryHandler(params entries.SearchLogQueryParams) middleware.Responder { httpReqCtx := params.HTTPRequest.Context() resultPayload := []models.LogEntry{} - tc := NewTrillianClient(httpReqCtx) totalQueries := len(params.Entry.EntryUUIDs) + len(params.Entry.Entries()) + len(params.Entry.LogIndexes) if totalQueries > maxSearchQueries { @@ -415,23 +414,34 @@ searchHashes = append(searchHashes, hash) } - searchByHashResults := make([]*trillian.GetEntryAndProofResponse, len(searchHashes)) + searchByHashResults := make([]map[int64]*trillian.GetEntryAndProofResponse, len(searchHashes)) g, _ = errgroup.WithContext(httpReqCtx) for i, hash := range searchHashes { i, hash := i, hash // https://golang.org/doc/faq#closures_and_goroutines g.Go(func() error { - resp := tc.getLeafAndProofByHash(hash) - switch resp.status { - case codes.OK: - case codes.NotFound: - code = http.StatusNotFound - return resp.err - default: + var results map[int64]*trillian.GetEntryAndProofResponse + for _, shard := range api.logRanges.AllShards() { + tcs := NewTrillianClientFromTreeID(httpReqCtx, shard) + resp := tcs.getLeafAndProofByHash(hash) + if resp.status != codes.OK { + continue + } + if resp.err != nil { + continue + } + leafResult := resp.getLeafAndProofResult + if leafResult != nil && leafResult.Leaf != nil { + if results == nil { + results = map[int64]*trillian.GetEntryAndProofResponse{} + } + results[shard] = resp.getLeafAndProofResult + } } - leafResult := resp.getLeafAndProofResult - if leafResult != nil && leafResult.Leaf != nil { - searchByHashResults[i] = leafResult + if results == nil { + code = http.StatusNotFound + return fmt.Errorf("no responses found") } + searchByHashResults[i] = results return nil }) } @@ -440,14 +450,17 @@ return handleRekorAPIError(params, code, err, err.Error()) } - for _, leafResp := range searchByHashResults { - if leafResp != nil { - logEntry, err := logEntryFromLeaf(httpReqCtx, api.signer, tc, leafResp.Leaf, leafResp.SignedLogRoot, leafResp.Proof, api.logRanges.ActiveTreeID(), api.logRanges) + for _, hashMap := range searchByHashResults { + for shard, leafResp := range hashMap { + if leafResp == nil { + continue + } + tcs := NewTrillianClientFromTreeID(httpReqCtx, shard) + logEntry, err := logEntryFromLeaf(httpReqCtx, api.signer, tcs, leafResp.Leaf, leafResp.SignedLogRoot, leafResp.Proof, shard, api.logRanges) if err != nil { code = http.StatusInternalServerError return handleRekorAPIError(params, code, err, err.Error()) } - resultPayload = append(resultPayload, logEntry) } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/pkg/api/metrics.go new/rekor-0.12.2/pkg/api/metrics.go --- old/rekor-0.12.1/pkg/api/metrics.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/pkg/api/metrics.go 2022-09-29 17:43:35.000000000 +0200 @@ -20,6 +20,7 @@ "github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus/promauto" + "sigs.k8s.io/release-utils/version" ) var ( @@ -51,4 +52,19 @@ Name: "rekor_qps_by_api", Help: "Api QPS by path, method, and response code", }, []string{"path", "method", "code"}) + + _ = promauto.NewGaugeFunc( + prometheus.GaugeOpts{ + Namespace: "rekor", + Name: "build_info", + Help: "A metric with a constant '1' value labeled by version, revision, branch, and goversion from which rekor was built.", + ConstLabels: prometheus.Labels{ + "version": version.GetVersionInfo().GitVersion, + "revision": version.GetVersionInfo().GitCommit, + "build_date": version.GetVersionInfo().BuildDate, + "goversion": version.GetVersionInfo().GoVersion, + }, + }, + func() float64 { return 1 }, + ) ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/pkg/generated/client/index/index_client.go new/rekor-0.12.2/pkg/generated/client/index/index_client.go --- old/rekor-0.12.1/pkg/generated/client/index/index_client.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/pkg/generated/client/index/index_client.go 2022-09-29 17:43:35.000000000 +0200 @@ -50,7 +50,11 @@ } /* -SearchIndex searches index by entry metadata + SearchIndex searches index by entry metadata + + EXPERIMENTAL - this endpoint is offered as best effort only and may be changed or removed in future releases. + +The results returned from this endpoint may be incomplete. */ func (a *Client) SearchIndex(params *SearchIndexParams, opts ...ClientOption) (*SearchIndexOK, error) { // TODO: Validate the params before sending diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/pkg/generated/restapi/configure_rekor_server.go new/rekor-0.12.2/pkg/generated/restapi/configure_rekor_server.go --- old/rekor-0.12.1/pkg/generated/restapi/configure_rekor_server.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/pkg/generated/restapi/configure_rekor_server.go 2022-09-29 17:43:35.000000000 +0200 @@ -125,7 +125,7 @@ recordMetricsForAPI(api, "GET", "/api/v1/log/entries") recordMetricsForAPI(api, "POST", "/api/v1/log/entries") recordMetricsForAPI(api, "GET", "/api/v1/log/entries/{entryUUID}") - recordMetricsForAPI(api, "GET", "/api/v1/log/entries/retrieve") + recordMetricsForAPI(api, "POST", "/api/v1/log/entries/retrieve") return setupGlobalMiddleware(api.Serve(setupMiddlewares)) } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/pkg/generated/restapi/embedded_spec.go new/rekor-0.12.2/pkg/generated/restapi/embedded_spec.go --- old/rekor-0.12.1/pkg/generated/restapi/embedded_spec.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/pkg/generated/restapi/embedded_spec.go 2022-09-29 17:43:35.000000000 +0200 @@ -53,11 +53,13 @@ "paths": { "/api/v1/index/retrieve": { "post": { + "description": "EXPERIMENTAL - this endpoint is offered as best effort only and may be changed or removed in future releases.\nThe results returned from this endpoint may be incomplete.\n", "tags": [ "index" ], "summary": "Searches index by entry metadata", "operationId": "searchIndex", + "deprecated": true, "parameters": [ { "name": "query", @@ -955,11 +957,13 @@ "paths": { "/api/v1/index/retrieve": { "post": { + "description": "EXPERIMENTAL - this endpoint is offered as best effort only and may be changed or removed in future releases.\nThe results returned from this endpoint may be incomplete.\n", "tags": [ "index" ], "summary": "Searches index by entry metadata", "operationId": "searchIndex", + "deprecated": true, "parameters": [ { "name": "query", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/pkg/generated/restapi/operations/index/search_index.go new/rekor-0.12.2/pkg/generated/restapi/operations/index/search_index.go --- old/rekor-0.12.1/pkg/generated/restapi/operations/index/search_index.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/pkg/generated/restapi/operations/index/search_index.go 2022-09-29 17:43:35.000000000 +0200 @@ -48,7 +48,10 @@ /* SearchIndex swagger:route POST /api/v1/index/retrieve index searchIndex -Searches index by entry metadata +# Searches index by entry metadata + +EXPERIMENTAL - this endpoint is offered as best effort only and may be changed or removed in future releases. +The results returned from this endpoint may be incomplete. */ type SearchIndex struct { Context *middleware.Context diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/pkg/sharding/ranges.go new/rekor-0.12.2/pkg/sharding/ranges.go --- old/rekor-0.12.1/pkg/sharding/ranges.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/pkg/sharding/ranges.go 2022-09-29 17:43:35.000000000 +0200 @@ -138,6 +138,15 @@ return l.inactive == nil } +// AllShards returns all shards, starting with the active shard and then the inactive shards +func (l *LogRanges) AllShards() []int64 { + shards := []int64{l.ActiveTreeID()} + for _, in := range l.GetInactive() { + shards = append(shards, in.TreeID) + } + return shards +} + // TotalInactiveLength returns the total length across all inactive shards; // we don't know the length of the active shard. func (l *LogRanges) TotalInactiveLength() int64 { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/tests/apk.go new/rekor-0.12.2/tests/apk.go --- old/rekor-0.12.1/tests/apk.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/tests/apk.go 2022-09-29 17:43:35.000000000 +0200 @@ -1,3 +1,4 @@ +//go:build e2e // +build e2e // @@ -51,7 +52,7 @@ datahash := sha256.Sum256(dataTGZBuf.Bytes()) ctlData := strings.Builder{} - ctlData.WriteString("name = " + randomRpmSuffix()) + ctlData.WriteString("name = " + randomSuffix(16)) ctlData.WriteRune('\n') ctlData.WriteString("datahash = " + hex.EncodeToString(datahash[:])) ctlData.WriteRune('\n') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/tests/e2e-test.sh new/rekor-0.12.2/tests/e2e-test.sh --- old/rekor-0.12.1/tests/e2e-test.sh 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/tests/e2e-test.sh 2022-09-29 17:43:35.000000000 +0200 @@ -17,12 +17,14 @@ set -e testdir=$(dirname "$0") +rm -f /tmp/rekor-*.cov + echo "starting services" -docker-compose up -d +docker-compose -f docker-compose.yml -f docker-compose.test.yml up -d --force-recreate --build echo "building CLI and server" -go build -o rekor-cli ./cmd/rekor-cli -go build -o rekor-server ./cmd/rekor-server +go test -c ./cmd/rekor-cli -o rekor-cli -cover -covermode=count -coverpkg=./... +go test -c ./cmd/rekor-server -o rekor-server -covermode=count -coverpkg=./... count=0 @@ -54,3 +56,18 @@ docker-compose logs --no-color > /tmp/docker-compose.log exit 1 fi + +echo "generating code coverage" +curl -X GET 0.0.0.0:2345/kill +sleep 5 + +if ! docker cp $(docker ps -aqf "name=rekor_rekor-server"):go/rekor-server.cov /tmp/rekor-server.cov ; then + # failed to copy code coverage report from server + echo "Failed to retrieve server code coverage report" + docker-compose logs --no-color > /tmp/docker-compose.log + exit 1 +fi + +# merging coverage reports and filtering out /pkg/generated from final report +gocovmerge /tmp/rekor-*.cov | grep -v "/pkg/generated/" > /tmp/rekor-merged.cov +echo "code coverage $(go tool cover -func=/tmp/rekor-merged.cov | grep -E '^total\:' | sed -E 's/\s+/ /g')" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/tests/jar.go new/rekor-0.12.2/tests/jar.go --- old/rekor-0.12.1/tests/jar.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/tests/jar.go 2022-09-29 17:43:35.000000000 +0200 @@ -13,6 +13,7 @@ // See the License for the specific language governing permissions and // limitations under the License. +//go:build e2e // +build e2e package e2e @@ -60,7 +61,7 @@ if err != nil { t.Fatal(err) } - randManifest := strings.Replace(manifest, "REPLACE", randomRpmSuffix(), 1) + randManifest := strings.Replace(manifest, "REPLACE", randomSuffix(16), 1) mf.Write([]byte(randManifest)) if err := zw.Close(); err != nil { t.Fatal(err) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/tests/rpm.go new/rekor-0.12.2/tests/rpm.go --- old/rekor-0.12.1/tests/rpm.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/tests/rpm.go 2022-09-29 17:43:35.000000000 +0200 @@ -1,3 +1,4 @@ +//go:build e2e // +build e2e // @@ -20,28 +21,17 @@ import ( "bytes" "io/ioutil" - "math/rand" "os" "testing" "github.com/google/rpmpack" ) -func randomRpmSuffix() string { - const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" - - b := make([]byte, 16) - for i := range b { - b[i] = letterBytes[rand.Intn(len(letterBytes))] - } - return string(b) -} - func createSignedRpm(t *testing.T, artifactPath string) { t.Helper() rpmMetadata := rpmpack.RPMMetaData{ - Name: "test-rpm-" + randomRpmSuffix(), + Name: "test-rpm-" + randomSuffix(16), Epoch: 0, Version: "1", Release: "2", @@ -57,7 +47,7 @@ data := randomData(t, 100) rpm.AddFile(rpmpack.RPMFile{ - Name: randomRpmSuffix(), + Name: randomSuffix(16), Body: data, Type: rpmpack.GenericFile, Owner: "testOwner", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/tests/sharding-e2e-test.sh new/rekor-0.12.2/tests/sharding-e2e-test.sh --- old/rekor-0.12.1/tests/sharding-e2e-test.sh 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/tests/sharding-e2e-test.sh 2022-09-29 17:43:35.000000000 +0200 @@ -24,7 +24,6 @@ echo "Installing createtree..." go install github.com/google/trillian/cmd/createtree@latest - echo "starting services" docker-compose up -d rm ~/.rekor/state.json || true @@ -34,6 +33,7 @@ REKOR_CLI=$(pwd)/rekor-cli go build -o rekor-server ./cmd/rekor-server + function check_log_index () { logIndex=$1 # make sure we can get this log index from rekor @@ -251,6 +251,11 @@ NUM_ELEMENTS=$(curl -f http://localhost:3000/api/v1/log/entries/retrieve -H "Content-Type: application/json" -H "Accept: application/json" -d "{ \"entryUUIDs\": [\"$ENTRY_ID_1\"]}" | jq '. | length') stringsMatch $NUM_ELEMENTS "1" +# Make sure we can verify the entry we entered into the now-inactive shard +pushd tests +$REKOR_CLI verify --artifact test_file.txt --signature test_file.sig --public-key test_public_key.key --rekor_server http://localhost:3000 +popd + # -f makes sure we exit on failure NUM_ELEMENTS=$(curl -f http://localhost:3000/api/v1/log/entries/retrieve -H "Content-Type: application/json" -H "Accept: application/json" -d "{ \"entryUUIDs\": [\"$ENTRY_ID_1\", \"$ENTRY_ID_2\"]}" | jq '. | length') stringsMatch $NUM_ELEMENTS "2" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rekor-0.12.1/tests/util.go new/rekor-0.12.2/tests/util.go --- old/rekor-0.12.1/tests/util.go 2022-09-21 13:38:41.000000000 +0200 +++ new/rekor-0.12.2/tests/util.go 2022-09-29 17:43:35.000000000 +0200 @@ -47,6 +47,9 @@ func run(t *testing.T, stdin, cmd string, arg ...string) string { t.Helper() + // Coverage flag must be the first arg passed to coverage binary + // No impact when running with regular binary + arg = append([]string{coverageFlag()}, arg...) c := exec.Command(cmd, arg...) if stdin != "" { c.Stdin = strings.NewReader(stdin) @@ -60,8 +63,7 @@ t.Log(string(b)) t.Fatal(err) } - - return string(b) + return stripCoverageOutput(string(b)) } func runCli(t *testing.T, arg ...string) string { @@ -76,6 +78,9 @@ func runCliStdout(t *testing.T, arg ...string) string { t.Helper() + // Coverage flag must be the first arg passed to coverage binary + // No impact when running with regular binary + arg = append([]string{coverageFlag()}, arg...) arg = append(arg, rekorServerFlag()) c := exec.Command(cli, arg...) @@ -88,11 +93,14 @@ t.Log(string(b)) t.Fatal(err) } - return string(b) + return stripCoverageOutput(string(b)) } func runCliErr(t *testing.T, arg ...string) string { t.Helper() + // Coverage flag must be the first arg passed to coverage binary + // No impact when running with regular binary + arg = append([]string{coverageFlag()}, arg...) arg = append(arg, rekorServerFlag()) // use a blank config file to ensure no collision if os.Getenv("REKORTMPDIR") != "" { @@ -104,7 +112,7 @@ t.Log(string(b)) t.Fatalf("expected error, got %s", string(b)) } - return string(b) + return stripCoverageOutput(string(b)) } func rekorServerFlag() string { @@ -118,6 +126,14 @@ return "http://localhost:3000"; } +func coverageFlag() string { + return "-test.coverprofile=/tmp/rekor-cli."+randomSuffix(8)+".cov" +} + +func stripCoverageOutput(out string) string { + return strings.Split(strings.Split(out, "PASS")[0], "FAIL")[0] +} + func readFile(t *testing.T, p string) string { b, err := ioutil.ReadFile(p) if err != nil { @@ -126,6 +142,16 @@ return strings.TrimSpace(string(b)) } +func randomSuffix(n int) string { + const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" + + b := make([]byte, n) + for i := range b { + b[i] = letterBytes[rand.Intn(len(letterBytes))] + } + return string(b) +} + func randomData(t *testing.T, n int) []byte { t.Helper() rand.Seed(time.Now().UnixNano()) ++++++ vendor.tar.xz ++++++
