Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package kubeseal for openSUSE:Factory
checked in at 2023-09-15 22:05:45
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kubeseal (Old)
and /work/SRC/openSUSE:Factory/.kubeseal.new.1766 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kubeseal"
Fri Sep 15 22:05:45 2023 rev:22 rq:1111548 version:0.24.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/kubeseal/kubeseal.changes 2023-09-07
21:14:48.945755366 +0200
+++ /work/SRC/openSUSE:Factory/.kubeseal.new.1766/kubeseal.changes
2023-09-15 22:11:15.381537486 +0200
@@ -1,0 +2,20 @@
+Fri Sep 15 11:07:12 UTC 2023 - ka...@b1-systems.de
+
+- Update to version 0.24.0:
+ * Release notes for v0.24.0 (#1322)
+ * feat: multidoc support for yaml and json (#1304)
+ * Bump golang.org/x/crypto from 0.12.0 to 0.13.0 (#1319)
+ * Update the golang version to the latest available one (#1318)
+ * Bump k8s.io/client-go from 0.28.0 to 0.28.1 (#1308)
+ * Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 (#1310)
+ * Bump k8s.io/code-generator from 0.28.0 to 0.28.1 (#1307)
+ * Delete repeating warning message (#1303)
+ * Bump k8s.io/code-generator from 0.27.4 to 0.28.0 (#1300)
+ * Bump k8s.io/client-go from 0.27.4 to 0.28.0 (#1297)
+ * Add dashboard configmap annotations (#1302)
+ * docs: updating readme to show how to get kubeseal version
+ dynamically in install (#1294)
+ * Update carvel package to v2.12.0 (#1293)
+ * Release chart 2.12.0 (#1292)
+
+-------------------------------------------------------------------
Old:
----
sealed-secrets-0.23.1.obscpio
New:
----
sealed-secrets-0.24.0.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kubeseal.spec ++++++
--- /var/tmp/diff_new_pack.YSxRyI/_old 2023-09-15 22:11:17.877626732 +0200
+++ /var/tmp/diff_new_pack.YSxRyI/_new 2023-09-15 22:11:17.889627162 +0200
@@ -21,7 +21,7 @@
%define archive_name sealed-secrets
Name: kubeseal
-Version: 0.23.1
+Version: 0.24.0
Release: 0
Summary: CLI for encrypting secrets to SealedSecrets
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.YSxRyI/_old 2023-09-15 22:11:18.181637602 +0200
+++ /var/tmp/diff_new_pack.YSxRyI/_new 2023-09-15 22:11:18.217638889 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/bitnami-labs/sealed-secrets</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.23.1</param>
+ <param name="revision">v0.24.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
@@ -17,7 +17,7 @@
<param name="compression">gz</param>
</service>
<service name="go_modules" mode="manual">
- <param name="archive">sealed-secrets-0.23.1.obscpio</param>
+ <param name="archive">sealed-secrets-0.24.0.obscpio</param>
</service>
</services>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.YSxRyI/_old 2023-09-15 22:11:18.385644897 +0200
+++ /var/tmp/diff_new_pack.YSxRyI/_new 2023-09-15 22:11:18.409645754 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/bitnami-labs/sealed-secrets</param>
- <param
name="changesrevision">daa514e978924ee31007b6213783b7e4623a08c1</param></service></servicedata>
+ <param
name="changesrevision">3344ac6b6403320c46d0c3b26124a3c27f296c3c</param></service></servicedata>
(No newline at EOF)
++++++ sealed-secrets-0.23.1.obscpio -> sealed-secrets-0.24.0.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/README.md
new/sealed-secrets-0.24.0/README.md
--- old/sealed-secrets-0.23.1/README.md 2023-08-17 14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/README.md 2023-09-15 11:42:16.000000000 +0200
@@ -385,7 +385,24 @@
sudo install -m 755 kubeseal /usr/local/bin/kubeseal
```
-where `release-tag` is the [version
tag](https://github.com/bitnami-labs/sealed-secrets/tags) of the kubeseal
release you want to use. For example: `v0.18.0`.
+If you have `curl` and `jq` installed on your machine, you can get the version
dynamically this way. This can be useful for environments used in automation
and such.
+
+```
+# Fetch the latest sealed-secrets version using GitHub API
+KUBESEAL_VERSION=$(curl -s
https://api.github.com/repos/bitnami-labs/sealed-secrets/tags | jq -r
'.[0].name' | cut -c 2-)
+
+# Check if the version was fetched successfully
+if [ -z "$KUBESEAL_VERSION" ]; then
+ echo "Failed to fetch the latest KUBESEAL_VERSION"
+ exit 1
+fi
+
+wget
"https://github.com/bitnami-labs/sealed-secrets/releases/download/v${KUBESEAL_VERSION}/kubeseal-${KUBESEAL_VERSION}-linux-amd64.tar.gz";
+tar -xvzf kubeseal-${KUBESEAL_VERSION}-linux-amd64.tar.gz kubeseal
+sudo install -m 755 kubeseal /usr/local/bin/kubeseal
+```
+
+where `KUBESEAL_VERSION` is the [version
tag](https://github.com/bitnami-labs/sealed-secrets/tags) of the kubeseal
release you want to use. For example: `v0.18.0`.
#### Installation from source
@@ -699,6 +716,10 @@
## FAQ
+### Can I encrypt multiple secrets at once, in one YAML / JSON file?
+
+Yes, you can! Drop as many secrets as you like in one file. Make sure to
separate them via `---` for YAML and as extra, single objects in JSON.
+
### Will you still be able to decrypt if you no longer have access to your
cluster?
No, the private keys are only stored in the Secret managed by the controller
(unless you have some other backup of your k8s objects). There are no backdoors
- without that private key used to encrypt a given SealedSecrets, you can't
decrypt it. If you can't get to the Secrets with the encryption keys, and you
also can't get to the decrypted versions of your Secrets live in the cluster,
then you will need to regenerate new passwords for everything, seal them again
with a new sealing key, etc.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/RELEASE-NOTES.md
new/sealed-secrets-0.24.0/RELEASE-NOTES.md
--- old/sealed-secrets-0.23.1/RELEASE-NOTES.md 2023-08-17 14:19:21.000000000
+0200
+++ new/sealed-secrets-0.24.0/RELEASE-NOTES.md 2023-09-15 11:42:16.000000000
+0200
@@ -4,6 +4,22 @@
[](https://github.com/bitnami-labs/sealed-secrets/releases/latest)
+## v0.24.0
+
+### Changelog
+
+- feat: multidoc support for yaml and json
([#1304](https://github.com/bitnami-labs/sealed-secrets/pull/1304))
+- Delete repeating warning message
([#1303](https://github.com/bitnami-labs/sealed-secrets/pull/1303))
+- Add dashboard configmap annotations
([#1302](https://github.com/bitnami-labs/sealed-secrets/pull/1302))
+- Update the golang version to the latest available one
([#1318](https://github.com/bitnami-labs/sealed-secrets/pull/1318))
+- Update Linux installation process on README to have a way to dynamically get
kubeseal version number
([#1294](https://github.com/bitnami-labs/sealed-secrets/pull/1294))
+- Bump golang.org/x/crypto from 0.12.0 to 0.13.0
([#1319](https://github.com/bitnami-labs/sealed-secrets/pull/1319))
+- Bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0
([#1310](https://github.com/bitnami-labs/sealed-secrets/pull/1310))
+- Bump k8s.io/client-go from 0.28.0 to 0.28.1
([#1308](https://github.com/bitnami-labs/sealed-secrets/pull/1308))
+- Bump k8s.io/code-generator from 0.28.0 to 0.28.1
([#1307](https://github.com/bitnami-labs/sealed-secrets/pull/1307))
+- Bump k8s.io/code-generator from 0.27.4 to 0.28.0
([#1300](https://github.com/bitnami-labs/sealed-secrets/pull/1300))
+- Bump k8s.io/client-go from 0.27.4 to 0.28.0
([#1297](https://github.com/bitnami-labs/sealed-secrets/pull/1297))
+
## v0.23.1
### Changelog
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/carvel/package.yaml
new/sealed-secrets-0.24.0/carvel/package.yaml
--- old/sealed-secrets-0.23.1/carvel/package.yaml 2023-08-17
14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/carvel/package.yaml 2023-09-15
11:42:16.000000000 +0200
@@ -1,10 +1,10 @@
apiVersion: data.packaging.carvel.dev/v1alpha1
kind: Package
metadata:
- name: "sealedsecrets.bitnami.com.2.11.0"
+ name: "sealedsecrets.bitnami.com.2.12.0"
spec:
refName: "sealedsecrets.bitnami.com"
- version: "2.11.0"
+ version: "2.12.0"
valuesSchema:
openAPIv3:
title: Chart Values
@@ -45,7 +45,7 @@
tag:
type: string
description: Sealed Secrets image tag (immutable tags are
recommended)
- default: v0.23.0
+ default: v0.23.1
pullPolicy:
type: string
description: Sealed Secrets image pull policy
@@ -424,7 +424,7 @@
spec:
fetch:
- imgpkgBundle:
- image:
ghcr.io/bitnami-labs/sealed-secrets-carvel:sha256-2fcd014eab7877bba7ec295e928a19ef18ab4d9643bb2dea07a8f9e92ac94e1e.imgpkg
+ image:
ghcr.io/bitnami-labs/sealed-secrets-carvel:sha256-24b95a0df834fb46af38f5d4511d6fce0526ee4c12f03a039fc3bc02bafc3694.imgpkg
template:
- helmTemplate:
path: sealed-secrets
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/go.mod
new/sealed-secrets-0.24.0/go.mod
--- old/sealed-secrets-0.23.1/go.mod 2023-08-17 14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/go.mod 2023-09-15 11:42:16.000000000 +0200
@@ -7,17 +7,17 @@
github.com/google/renameio v0.1.0
github.com/mattn/go-isatty v0.0.19
github.com/mkmik/multierror v0.3.0
- github.com/onsi/ginkgo/v2 v2.11.0
+ github.com/onsi/ginkgo/v2 v2.12.0
github.com/onsi/gomega v1.27.10
github.com/prometheus/client_golang v1.16.0
github.com/spf13/pflag v1.0.5
github.com/throttled/throttled v2.2.5+incompatible
- golang.org/x/crypto v0.12.0
+ golang.org/x/crypto v0.13.0
gopkg.in/yaml.v2 v2.4.0
- k8s.io/api v0.27.4
- k8s.io/apimachinery v0.27.4
- k8s.io/client-go v0.27.4
- k8s.io/code-generator v0.27.4
+ k8s.io/api v0.28.1
+ k8s.io/apimachinery v0.28.1
+ k8s.io/client-go v0.28.1
+ k8s.io/code-generator v0.28.1
k8s.io/klog v1.0.0
k8s.io/klog/v2 v2.100.1
)
@@ -27,18 +27,18 @@
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
- github.com/evanphx/json-patch v4.12.0+incompatible // indirect
+ github.com/evanphx/json-patch v5.6.0+incompatible // indirect
github.com/go-logr/logr v1.2.4 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
- github.com/go-openapi/jsonreference v0.20.1 // indirect
+ github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 //
indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da //
indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/gomodule/redigo v2.0.0+incompatible // indirect
- github.com/google/gnostic v0.6.9 // indirect
- github.com/google/gofuzz v1.1.0 // indirect
+ github.com/google/gnostic-models v0.6.8 // indirect
+ github.com/google/gofuzz v1.2.0 // indirect
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/hashicorp/golang-lru v0.5.1 // indirect
@@ -54,21 +54,21 @@
github.com/prometheus/client_model v0.3.0 // indirect
github.com/prometheus/common v0.42.0 // indirect
github.com/prometheus/procfs v0.10.1 // indirect
- golang.org/x/mod v0.10.0 // indirect
- golang.org/x/net v0.12.0 // indirect
- golang.org/x/oauth2 v0.5.0 // indirect
- golang.org/x/sys v0.11.0 // indirect
- golang.org/x/term v0.11.0 // indirect
- golang.org/x/text v0.12.0 // indirect
- golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
- golang.org/x/tools v0.9.3 // indirect
+ golang.org/x/mod v0.12.0 // indirect
+ golang.org/x/net v0.14.0 // indirect
+ golang.org/x/oauth2 v0.8.0 // indirect
+ golang.org/x/sys v0.12.0 // indirect
+ golang.org/x/term v0.12.0 // indirect
+ golang.org/x/text v0.13.0 // indirect
+ golang.org/x/time v0.3.0 // indirect
+ golang.org/x/tools v0.12.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.30.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/gengo v0.0.0-20220902162205-c0856e24416d // indirect
- k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
- k8s.io/utils v0.0.0-20230209194617-a36077c30491 // indirect
+ k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
+ k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/go.sum
new/sealed-secrets-0.24.0/go.sum
--- old/sealed-secrets-0.23.1/go.sum 2023-08-17 14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/go.sum 2023-09-15 11:42:16.000000000 +0200
@@ -1,39 +1,18 @@
-cloud.google.com/go v0.26.0/go.mod
h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.34.0/go.mod
h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-github.com/BurntSushi/toml v0.3.1/go.mod
h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/OneOfOne/xxhash v1.2.2/go.mod
h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
-github.com/antihax/optional v1.0.0/go.mod
h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod
h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
-github.com/buger/jsonparser v1.1.1/go.mod
h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0=
-github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod
h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/cespare/xxhash v1.1.0/go.mod
h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
github.com/cespare/xxhash/v2 v2.2.0
h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
github.com/cespare/xxhash/v2 v2.2.0/go.mod
h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/chzyer/logex v1.1.10/go.mod
h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod
h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod
h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
-github.com/client9/misspell v0.3.4/go.mod
h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod
h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
-github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod
h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
-github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod
h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/creack/pty v1.1.9/go.mod
h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod
h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1
h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod
h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod
h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
github.com/emicklei/go-restful/v3 v3.9.0
h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE=
github.com/emicklei/go-restful/v3 v3.9.0/go.mod
h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
-github.com/envoyproxy/go-control-plane v0.9.0/go.mod
h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane
v0.9.1-0.20191026205805-5f8ba28d4473/go.mod
h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/go-control-plane v0.9.4/go.mod
h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
-github.com/envoyproxy/go-control-plane
v0.9.9-0.20201210154907-fd9021fe5dad/go.mod
h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
-github.com/envoyproxy/go-control-plane
v0.9.9-0.20210512163311-63b5d3c536b0/go.mod
h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
-github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod
h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/evanphx/json-patch v4.12.0+incompatible
h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84=
-github.com/evanphx/json-patch v4.12.0+incompatible/go.mod
h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
-github.com/flowstack/go-jsonschema v0.1.1/go.mod
h1:yL7fNggx1o8rm9RlgXv7hTBWxdBM0rVwpMwimd3F3N0=
-github.com/ghodss/yaml v1.0.0/go.mod
h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/evanphx/json-patch v5.6.0+incompatible
h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U=
+github.com/evanphx/json-patch v5.6.0+incompatible/go.mod
h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/go-logr/logr v0.1.0/go.mod
h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
github.com/go-logr/logr v0.2.0/go.mod
h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
github.com/go-logr/logr v1.2.0/go.mod
h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
@@ -41,58 +20,40 @@
github.com/go-logr/logr v1.2.4/go.mod
h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-openapi/jsonpointer v0.19.6
h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
github.com/go-openapi/jsonpointer v0.19.6/go.mod
h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
-github.com/go-openapi/jsonreference v0.20.1
h1:FBLnyygC4/IZZr893oiomc9XaghoveYTrLC1F86HID8=
-github.com/go-openapi/jsonreference v0.20.1/go.mod
h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
+github.com/go-openapi/jsonreference v0.20.2
h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
+github.com/go-openapi/jsonreference v0.20.2/go.mod
h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
github.com/go-openapi/swag v0.22.3
h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
github.com/go-openapi/swag v0.22.3/go.mod
h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572
h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod
h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod
h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod
h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod
h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/mock v1.1.1/go.mod
h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/protobuf v1.2.0/go.mod
h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.1/go.mod
h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2/go.mod
h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.3/go.mod
h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
github.com/golang/protobuf v1.3.5/go.mod
h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
-github.com/golang/protobuf v1.4.0-rc.1/go.mod
h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
-github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod
h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
-github.com/golang/protobuf v1.4.0-rc.2/go.mod
h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
-github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod
h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
-github.com/golang/protobuf v1.4.0/go.mod
h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
-github.com/golang/protobuf v1.4.1/go.mod
h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
-github.com/golang/protobuf v1.4.2/go.mod
h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.4.3/go.mod
h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.5.0/go.mod
h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.2/go.mod
h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/protobuf v1.5.3
h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
github.com/golang/protobuf v1.5.3/go.mod
h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/gomodule/redigo v2.0.0+incompatible
h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
github.com/gomodule/redigo v2.0.0+incompatible/go.mod
h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
-github.com/google/gnostic v0.6.9
h1:ZK/5VhkoX835RikCHpSUJV9a+S3e1zLh59YnyWeBW+0=
-github.com/google/gnostic v0.6.9/go.mod
h1:Nm8234We1lq6iB9OmlgNv3nH91XLLVZHCDayfA3xq+E=
-github.com/google/go-cmp v0.2.0/go.mod
h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.3.0/go.mod
h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.3.1/go.mod
h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/gnostic-models v0.6.8
h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I=
+github.com/google/gnostic-models v0.6.8/go.mod
h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U=
github.com/google/go-cmp v0.4.0/go.mod
h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.0/go.mod
h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.5/go.mod
h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod
h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/gofuzz v1.0.0/go.mod
h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
github.com/google/gofuzz v1.1.0/go.mod
h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
+github.com/google/gofuzz v1.2.0/go.mod
h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1
h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec=
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod
h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/renameio v0.1.0
h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=
github.com/google/renameio v0.1.0/go.mod
h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
-github.com/google/uuid v1.1.2/go.mod
h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
github.com/google/uuid v1.3.0/go.mod
h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod
h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
github.com/hashicorp/golang-lru v0.5.1
h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU=
github.com/hashicorp/golang-lru v0.5.1/go.mod
h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod
h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
@@ -126,8 +87,8 @@
github.com/modern-go/reflect2 v1.0.2/go.mod
h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod
h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/onsi/ginkgo/v2 v2.11.0
h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU=
-github.com/onsi/ginkgo/v2 v2.11.0/go.mod
h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM=
+github.com/onsi/ginkgo/v2 v2.12.0
h1:UIVDowFPwpg6yMUpPjGkYvf06K3RAiJXUhCxEwQVHRI=
+github.com/onsi/ginkgo/v2 v2.12.0/go.mod
h1:ZNEzXISYlqpb8S36iN71ifqLi3vVD1rVJGvWRCJOUpQ=
github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
github.com/onsi/gomega v1.27.10/go.mod
h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
@@ -136,143 +97,81 @@
github.com/pmezard/go-difflib v1.0.0/go.mod
h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/prometheus/client_golang v1.16.0
h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8=
github.com/prometheus/client_golang v1.16.0/go.mod
h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod
h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.3.0
h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4=
github.com/prometheus/client_model v0.3.0/go.mod
h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w=
github.com/prometheus/common v0.42.0
h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM=
github.com/prometheus/common v0.42.0/go.mod
h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc=
github.com/prometheus/procfs v0.10.1
h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg=
github.com/prometheus/procfs v0.10.1/go.mod
h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM=
-github.com/rogpeppe/fastuuid v1.2.0/go.mod
h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
-github.com/rogpeppe/go-internal v1.11.0
h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
-github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod
h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/rogpeppe/go-internal v1.10.0
h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod
h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
-github.com/stoewer/go-strcase v1.2.0/go.mod
h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8=
github.com/stretchr/objx v0.1.0/go.mod
h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod
h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod
h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/testify v1.3.0/go.mod
h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.5.1/go.mod
h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.1/go.mod
h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod
h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod
h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1
h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
github.com/stretchr/testify v1.8.1/go.mod
h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.2
h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
github.com/throttled/throttled v2.2.5+incompatible
h1:65UB52X0qNTYiT0Sohp8qLYVFwZQPDw85uSa65OljjQ=
github.com/throttled/throttled v2.2.5+incompatible/go.mod
h1:0BjlrEGQmvxps+HuXLsyRdqpSRvJpq0PNIsOtqP9Nos=
-github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod
h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
-github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod
h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
-github.com/xeipuuv/gojsonschema v1.2.0/go.mod
h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
github.com/yuin/goldmark v1.1.27/go.mod
h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod
h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-go.opentelemetry.io/proto/otlp v0.7.0/go.mod
h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod
h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod
h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod
h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
-golang.org/x/crypto v0.12.0/go.mod
h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod
h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod
h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod
h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod
h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
+golang.org/x/crypto v0.13.0/go.mod
h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
-golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod
h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc=
+golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod
h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod
h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod
h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod
h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod
h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod
h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod
h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod
h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50=
-golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod
h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod
h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.5.0 h1:HuArIo48skDwlrvM3sEdHXElYslAMsf3KwRkkW4MC4s=
-golang.org/x/oauth2 v0.5.0/go.mod
h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
+golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
+golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
+golang.org/x/oauth2 v0.8.0/go.mod
h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod
h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod
h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod
h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
-golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod
h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0=
-golang.org/x/term v0.11.0/go.mod
h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
+golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
+golang.org/x/term v0.12.0/go.mod
h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
-golang.org/x/text v0.12.0/go.mod
h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/time v0.0.0-20220210224613-90d013bbcef8
h1:vVKdlvoWBphwdxWKrFZEuM0kGgGLxUOYcY4U/2Vjg44=
-golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod
h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
+golang.org/x/text v0.13.0/go.mod
h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
+golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod
h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod
h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod
h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod
h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod
h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod
h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod
h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod
h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod
h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
-golang.org/x/tools v0.9.3/go.mod
h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
+golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss=
+golang.org/x/tools v0.12.0/go.mod
h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/appengine v1.1.0/go.mod
h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.4.0/go.mod
h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.6.7
h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
google.golang.org/appengine v1.6.7/go.mod
h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod
h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod
h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod
h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod
h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod
h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/grpc v1.19.0/go.mod
h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.23.0/go.mod
h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.25.1/go.mod
h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
-google.golang.org/grpc v1.27.0/go.mod
h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/grpc v1.33.1/go.mod
h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
-google.golang.org/grpc v1.36.0/go.mod
h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.40.0/go.mod
h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
-google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod
h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
-google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod
h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
-google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod
h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
-google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod
h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
-google.golang.org/protobuf v1.21.0/go.mod
h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
-google.golang.org/protobuf v1.22.0/go.mod
h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.0/go.mod
h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod
h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.25.0/go.mod
h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.26.0-rc.1/go.mod
h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod
h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.27.1/go.mod
h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.30.0
h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
google.golang.org/protobuf v1.30.0/go.mod
h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -281,25 +180,20 @@
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod
h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod
h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod
h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod
h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod
h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-k8s.io/api v0.27.4 h1:0pCo/AN9hONazBKlNUdhQymmnfLRbSZjd5H5H3f0bSs=
-k8s.io/api v0.27.4/go.mod h1:O3smaaX15NfxjzILfiln1D8Z3+gEYpjEpiNA/1EVK1Y=
-k8s.io/apimachinery v0.27.4 h1:CdxflD4AF61yewuid0fLl6bM4a3q04jWel0IlP+aYjs=
-k8s.io/apimachinery v0.27.4/go.mod
h1:XNfZ6xklnMCOGGFNqXG7bUrQCoR04dh/E7FprV6pb+E=
-k8s.io/client-go v0.27.4 h1:vj2YTtSJ6J4KxaC88P4pMPEQECWMY8gqPqsTgUKzvjk=
-k8s.io/client-go v0.27.4/go.mod h1:ragcly7lUlN0SRPk5/ZkGnDjPknzb37TICq07WhI6Xc=
-k8s.io/code-generator v0.27.4 h1:bw2xFEBnthhCSC7Bt6FFHhPTfWX21IJ30GXxOzywsFE=
-k8s.io/code-generator v0.27.4/go.mod
h1:DPung1sI5vBgn4AGKtlPRQAyagj/ir/4jI55ipZHVww=
+k8s.io/api v0.28.1 h1:i+0O8k2NPBCPYaMB+uCkseEbawEt/eFaiRqUx8aB108=
+k8s.io/api v0.28.1/go.mod h1:uBYwID+66wiL28Kn2tBjBYQdEU0Xk0z5qF8bIBqk/Dg=
+k8s.io/apimachinery v0.28.1 h1:EJD40og3GizBSV3mkIoXQBsws32okPOy+MkRyzh6nPY=
+k8s.io/apimachinery v0.28.1/go.mod
h1:X0xh/chESs2hP9koe+SdIAcXWcQ+RM5hy0ZynB+yEvw=
+k8s.io/client-go v0.28.1 h1:pRhMzB8HyLfVwpngWKE8hDcXRqifh1ga2Z/PU9SXVK8=
+k8s.io/client-go v0.28.1/go.mod h1:pEZA3FqOsVkCc07pFVzK076R+P/eXqsgx5zuuRWukNE=
+k8s.io/code-generator v0.28.1 h1:o0WFcqtv80GEf1iaOAzLIlrKyny9HBd2jaspJfWb5sI=
+k8s.io/code-generator v0.28.1/go.mod
h1:ueeSJZJ61NHBa0ccWLey6mwawum25vX61nRZ6WOzN9A=
k8s.io/gengo v0.0.0-20220902162205-c0856e24416d
h1:U9tB195lKdzwqicbJvyJeOXV7Klv+wNAWENRnXEGi08=
k8s.io/gengo v0.0.0-20220902162205-c0856e24416d/go.mod
h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
@@ -307,10 +201,10 @@
k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
-k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f
h1:2kWPakN3i/k81b0gvD5C5FJ2kxm1WrQFanWchyKuqGg=
-k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod
h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg=
-k8s.io/utils v0.0.0-20230209194617-a36077c30491
h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY=
-k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod
h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9
h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ=
+k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod
h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM=
+k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk=
+k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod
h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd
h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod
h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/structured-merge-diff/v4 v4.2.3
h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/helm/sealed-secrets/Chart.yaml
new/sealed-secrets-0.24.0/helm/sealed-secrets/Chart.yaml
--- old/sealed-secrets-0.23.1/helm/sealed-secrets/Chart.yaml 2023-08-17
14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/helm/sealed-secrets/Chart.yaml 2023-09-15
11:42:16.000000000 +0200
@@ -1,7 +1,7 @@
annotations:
category: DeveloperTools
apiVersion: v2
-appVersion: v0.23.0
+appVersion: v0.23.1
description: Helm chart for the sealed-secrets controller.
home: https://github.com/bitnami-labs/sealed-secrets
icon:
https://bitnami.com/assets/stacks/sealed-secrets/img/sealed-secrets-stack-220x234.png
@@ -14,4 +14,4 @@
url: https://github.com/bitnami-labs/sealed-secrets
name: sealed-secrets
type: application
-version: 2.11.0
+version: 2.12.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/helm/sealed-secrets/README.md
new/sealed-secrets-0.24.0/helm/sealed-secrets/README.md
--- old/sealed-secrets-0.23.1/helm/sealed-secrets/README.md 2023-08-17
14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/helm/sealed-secrets/README.md 2023-09-15
11:42:16.000000000 +0200
@@ -81,68 +81,68 @@
### Sealed Secrets Parameters
-| Name | Description
| Value
|
-| ------------------------------------------------- |
--------------------------------------------------------------------------------------
| ----------------------------------- |
-| `image.registry` | Sealed Secrets image
registry | `docker.io`
|
-| `image.repository` | Sealed Secrets image
repository |
`bitnami/sealed-secrets-controller` |
-| `image.tag` | Sealed Secrets image tag
(immutable tags are recommended) | `v0.23.0`
|
-| `image.pullPolicy` | Sealed Secrets image
pull policy |
`IfNotPresent` |
-| `image.pullSecrets` | Sealed Secrets image
pull secrets | `[]`
|
-| `revisionHistoryLimit` | Number of old history to
retain to allow rollback. Default 10 | `""`
|
-| `createController` | Specifies whether the
Sealed Secrets controller should be created | `true`
|
-| `secretName` | The name of an existing
TLS secret containing the key used to encrypt secrets |
`sealed-secrets-key` |
-| `updateStatus` | Specifies whether the
Sealed Secrets controller should update the status subresource | `true`
|
-| `skipRecreate` | Specifies whether the
Sealed Secrets controller should skip recreating removed secrets | `false`
|
-| `keyrenewperiod` | Specifies key renewal
period. Default 30 days | `""`
|
-| `rateLimit` | Number of allowed
sustained request per second for verify endpoint | `""`
|
-| `rateLimitBurst` | Number of requests
allowed to exceed the rate limit per second for verify endpoint | `""`
|
-| `additionalNamespaces` | List of namespaces used
to manage the Sealed Secrets | `[]`
|
-| `privateKeyAnnotations` | Map of annotations to be
set on the sealing keypairs | `{}`
|
-| `privateKeyLabels` | Map of labels to be set
on the sealing keypairs | `{}`
|
-| `logInfoStdout` | Specifies whether the
Sealed Secrets controller will log info to stdout | `false`
|
-| `command` | Override default
container command | `[]`
|
-| `args` | Override default
container args | `[]`
|
-| `livenessProbe.enabled` | Enable livenessProbe on
Sealed Secret containers | `true`
|
-| `livenessProbe.initialDelaySeconds` | Initial delay seconds
for livenessProbe | `0`
|
-| `livenessProbe.periodSeconds` | Period seconds for
livenessProbe | `10`
|
-| `livenessProbe.timeoutSeconds` | Timeout seconds for
livenessProbe | `1`
|
-| `livenessProbe.failureThreshold` | Failure threshold for
livenessProbe | `3`
|
-| `livenessProbe.successThreshold` | Success threshold for
livenessProbe | `1`
|
-| `readinessProbe.enabled` | Enable readinessProbe on
Sealed Secret containers | `true`
|
-| `readinessProbe.initialDelaySeconds` | Initial delay seconds
for readinessProbe | `0`
|
-| `readinessProbe.periodSeconds` | Period seconds for
readinessProbe | `10`
|
-| `readinessProbe.timeoutSeconds` | Timeout seconds for
readinessProbe | `1`
|
-| `readinessProbe.failureThreshold` | Failure threshold for
readinessProbe | `3`
|
-| `readinessProbe.successThreshold` | Success threshold for
readinessProbe | `1`
|
-| `startupProbe.enabled` | Enable startupProbe on
Sealed Secret containers | `false`
|
-| `startupProbe.initialDelaySeconds` | Initial delay seconds
for startupProbe | `0`
|
-| `startupProbe.periodSeconds` | Period seconds for
startupProbe | `10`
|
-| `startupProbe.timeoutSeconds` | Timeout seconds for
startupProbe | `1`
|
-| `startupProbe.failureThreshold` | Failure threshold for
startupProbe | `3`
|
-| `startupProbe.successThreshold` | Success threshold for
startupProbe | `1`
|
-| `customLivenessProbe` | Custom livenessProbe
that overrides the default one | `{}`
|
-| `customReadinessProbe` | Custom readinessProbe
that overrides the default one | `{}`
|
-| `customStartupProbe` | Custom startupProbe that
overrides the default one | `{}`
|
-| `resources.limits` | The resources limits for
the Sealed Secret containers | `{}`
|
-| `resources.requests` | The requested resources
for the Sealed Secret containers | `{}`
|
-| `podSecurityContext.enabled` | Enabled Sealed Secret
pods' Security Context | `true`
|
-| `podSecurityContext.fsGroup` | Set Sealed Secret pod's
Security Context fsGroup | `65534`
|
-| `containerSecurityContext.enabled` | Enabled Sealed Secret
containers' Security Context | `true`
|
-| `containerSecurityContext.readOnlyRootFilesystem` | Whether the Sealed
Secret container has a read-only root filesystem | `true`
|
-| `containerSecurityContext.runAsNonRoot` | Indicates that the
Sealed Secret container must run as a non-root user | `true`
|
-| `containerSecurityContext.runAsUser` | Set Sealed Secret
containers' Security Context runAsUser | `1001`
|
-| `containerSecurityContext.capabilities` | Adds and removes POSIX
capabilities from running containers (see `values.yaml`) |
|
-| `podLabels` | Extra labels for Sealed
Secret pods | `{}`
|
-| `podAnnotations` | Annotations for Sealed
Secret pods | `{}`
|
-| `priorityClassName` | Sealed Secret pods'
priorityClassName | `""`
|
-| `runtimeClassName` | Sealed Secret pods'
runtimeClassName | `""`
|
-| `affinity` | Affinity for Sealed
Secret pods assignment | `{}`
|
-| `nodeSelector` | Node labels for Sealed
Secret pods assignment | `{}`
|
-| `tolerations` | Tolerations for Sealed
Secret pods assignment | `[]`
|
-| `additionalVolumes` | Extra Volumes for the
Sealed Secrets Controller Deployment | `{}`
|
-| `additionalVolumeMounts` | Extra volumeMounts for
the Sealed Secrets Controller container | `{}`
|
-| `hostNetwork` | Sealed Secrets pods'
hostNetwork | `false`
|
-| `dnsPolicy` | Sealed Secrets pods'
dnsPolicy | `""`
|
+| Name | Description
|
Value |
+| ------------------------------------------------- |
-----------------------------------------------------------------------------------------------------
| ----------------------------------- |
+| `image.registry` | Sealed Secrets image
registry
| `docker.io` |
+| `image.repository` | Sealed Secrets image
repository
| `bitnami/sealed-secrets-controller` |
+| `image.tag` | Sealed Secrets image tag
(immutable tags are recommended) |
`v0.23.1` |
+| `image.pullPolicy` | Sealed Secrets image
pull policy
| `IfNotPresent` |
+| `image.pullSecrets` | Sealed Secrets image
pull secrets
| `[]` |
+| `revisionHistoryLimit` | Number of old history to
retain to allow rollback (If not set, default Kubernetes value is set to 10) |
`""` |
+| `createController` | Specifies whether the
Sealed Secrets controller should be created
| `true` |
+| `secretName` | The name of an existing
TLS secret containing the key used to encrypt secrets |
`sealed-secrets-key` |
+| `updateStatus` | Specifies whether the
Sealed Secrets controller should update the status subresource
| `true` |
+| `skipRecreate` | Specifies whether the
Sealed Secrets controller should skip recreating removed secrets
| `false` |
+| `keyrenewperiod` | Specifies key renewal
period. Default 30 days
| `""` |
+| `rateLimit` | Number of allowed
sustained request per second for verify endpoint
| `""` |
+| `rateLimitBurst` | Number of requests
allowed to exceed the rate limit per second for verify endpoint
| `""` |
+| `additionalNamespaces` | List of namespaces used
to manage the Sealed Secrets |
`[]` |
+| `privateKeyAnnotations` | Map of annotations to be
set on the sealing keypairs |
`{}` |
+| `privateKeyLabels` | Map of labels to be set
on the sealing keypairs |
`{}` |
+| `logInfoStdout` | Specifies whether the
Sealed Secrets controller will log info to stdout
| `false` |
+| `command` | Override default
container command
| `[]` |
+| `args` | Override default
container args
| `[]` |
+| `livenessProbe.enabled` | Enable livenessProbe on
Sealed Secret containers |
`true` |
+| `livenessProbe.initialDelaySeconds` | Initial delay seconds
for livenessProbe
| `0` |
+| `livenessProbe.periodSeconds` | Period seconds for
livenessProbe
| `10` |
+| `livenessProbe.timeoutSeconds` | Timeout seconds for
livenessProbe
| `1` |
+| `livenessProbe.failureThreshold` | Failure threshold for
livenessProbe
| `3` |
+| `livenessProbe.successThreshold` | Success threshold for
livenessProbe
| `1` |
+| `readinessProbe.enabled` | Enable readinessProbe on
Sealed Secret containers |
`true` |
+| `readinessProbe.initialDelaySeconds` | Initial delay seconds
for readinessProbe
| `0` |
+| `readinessProbe.periodSeconds` | Period seconds for
readinessProbe
| `10` |
+| `readinessProbe.timeoutSeconds` | Timeout seconds for
readinessProbe
| `1` |
+| `readinessProbe.failureThreshold` | Failure threshold for
readinessProbe
| `3` |
+| `readinessProbe.successThreshold` | Success threshold for
readinessProbe
| `1` |
+| `startupProbe.enabled` | Enable startupProbe on
Sealed Secret containers
| `false` |
+| `startupProbe.initialDelaySeconds` | Initial delay seconds
for startupProbe
| `0` |
+| `startupProbe.periodSeconds` | Period seconds for
startupProbe
| `10` |
+| `startupProbe.timeoutSeconds` | Timeout seconds for
startupProbe
| `1` |
+| `startupProbe.failureThreshold` | Failure threshold for
startupProbe
| `3` |
+| `startupProbe.successThreshold` | Success threshold for
startupProbe
| `1` |
+| `customLivenessProbe` | Custom livenessProbe
that overrides the default one
| `{}` |
+| `customReadinessProbe` | Custom readinessProbe
that overrides the default one
| `{}` |
+| `customStartupProbe` | Custom startupProbe that
overrides the default one |
`{}` |
+| `resources.limits` | The resources limits for
the Sealed Secret containers |
`{}` |
+| `resources.requests` | The requested resources
for the Sealed Secret containers |
`{}` |
+| `podSecurityContext.enabled` | Enabled Sealed Secret
pods' Security Context
| `true` |
+| `podSecurityContext.fsGroup` | Set Sealed Secret pod's
Security Context fsGroup |
`65534` |
+| `containerSecurityContext.enabled` | Enabled Sealed Secret
containers' Security Context
| `true` |
+| `containerSecurityContext.readOnlyRootFilesystem` | Whether the Sealed
Secret container has a read-only root filesystem
| `true` |
+| `containerSecurityContext.runAsNonRoot` | Indicates that the
Sealed Secret container must run as a non-root user
| `true` |
+| `containerSecurityContext.runAsUser` | Set Sealed Secret
containers' Security Context runAsUser
| `1001` |
+| `containerSecurityContext.capabilities` | Adds and removes POSIX
capabilities from running containers (see `values.yaml`)
| |
+| `podLabels` | Extra labels for Sealed
Secret pods |
`{}` |
+| `podAnnotations` | Annotations for Sealed
Secret pods
| `{}` |
+| `priorityClassName` | Sealed Secret pods'
priorityClassName
| `""` |
+| `runtimeClassName` | Sealed Secret pods'
runtimeClassName
| `""` |
+| `affinity` | Affinity for Sealed
Secret pods assignment
| `{}` |
+| `nodeSelector` | Node labels for Sealed
Secret pods assignment
| `{}` |
+| `tolerations` | Tolerations for Sealed
Secret pods assignment
| `[]` |
+| `additionalVolumes` | Extra Volumes for the
Sealed Secrets Controller Deployment
| `{}` |
+| `additionalVolumeMounts` | Extra volumeMounts for
the Sealed Secrets Controller container
| `{}` |
+| `hostNetwork` | Sealed Secrets pods'
hostNetwork
| `false` |
+| `dnsPolicy` | Sealed Secrets pods'
dnsPolicy
| `""` |
### Traffic Exposure Parameters
@@ -201,6 +201,7 @@
| `metrics.serviceMonitor.relabelings` | Specify general relabeling
| `[]` |
| `metrics.dashboards.create` | Specifies whether a ConfigMap
with a Grafana dashboard configuration should be created | `false` |
| `metrics.dashboards.labels` | Extra labels to be added to the
Grafana dashboard ConfigMap | `{}` |
+| `metrics.dashboards.annotations` | Annotations to be added to the
Grafana dashboard ConfigMap | `{}` |
| `metrics.dashboards.namespace` | Namespace where Grafana
dashboard ConfigMap is deployed | `""` |
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/sealed-secrets-0.23.1/helm/sealed-secrets/templates/configmap-dashboards.yaml
new/sealed-secrets-0.24.0/helm/sealed-secrets/templates/configmap-dashboards.yaml
---
old/sealed-secrets-0.23.1/helm/sealed-secrets/templates/configmap-dashboards.yaml
2023-08-17 14:19:21.000000000 +0200
+++
new/sealed-secrets-0.24.0/helm/sealed-secrets/templates/configmap-dashboards.yaml
2023-09-15 11:42:16.000000000 +0200
@@ -11,6 +11,10 @@
{{- if $.Values.metrics.dashboards.labels }}
{{- include "sealed-secrets.render" ( dict "value"
$.Values.metrics.dashboards.labels "context" $) | nindent 4 }}
{{- end }}
+ annotations:
+ {{- if $.Values.metrics.dashboards.annotations }}
+ {{- include "sealed-secrets.render" ( dict "value"
$.Values.metrics.dashboards.annotations "context" $) | nindent 4 }}
+ {{- end }}
data:
{{ base $path }}: |-
{{ $.Files.Get $path | indent 4 }}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/sealed-secrets-0.23.1/helm/sealed-secrets/values.yaml
new/sealed-secrets-0.24.0/helm/sealed-secrets/values.yaml
--- old/sealed-secrets-0.23.1/helm/sealed-secrets/values.yaml 2023-08-17
14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/helm/sealed-secrets/values.yaml 2023-09-15
11:42:16.000000000 +0200
@@ -34,7 +34,7 @@
image:
registry: docker.io
repository: bitnami/sealed-secrets-controller
- tag: v0.23.0
+ tag: v0.23.1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -441,6 +441,9 @@
## @param metrics.dashboards.labels Extra labels to be added to the
Grafana dashboard ConfigMap
##
labels: {}
+ ## @param metrics.dashboards.annotations Annotations to be added to the
Grafana dashboard ConfigMap
+ ##
+ annotations: {}
## @param metrics.dashboards.namespace Namespace where Grafana dashboard
ConfigMap is deployed
##
namespace: ""
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/pkg/controller/controller.go
new/sealed-secrets-0.24.0/pkg/controller/controller.go
--- old/sealed-secrets-0.23.1/pkg/controller/controller.go 2023-08-17
14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/pkg/controller/controller.go 2023-09-15
11:42:16.000000000 +0200
@@ -394,7 +394,6 @@
}
if sealedSecret.APIVersion == "" || sealedSecret.Kind == "" {
// https://github.com/operator-framework/operator-sdk/issues/727
- log.Errorf("WARNING: Empty API version & kind, filling it...")
gv := schema.GroupVersion{Group: ssv1alpha1.GroupName, Version:
"v1alpha1"}
gvk := gv.WithKind("SealedSecret")
sealedSecret.APIVersion = gvk.GroupVersion().String()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/pkg/kubeseal/kubeseal.go
new/sealed-secrets-0.24.0/pkg/kubeseal/kubeseal.go
--- old/sealed-secrets-0.23.1/pkg/kubeseal/kubeseal.go 2023-08-17
14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/pkg/kubeseal/kubeseal.go 2023-09-15
11:42:16.000000000 +0200
@@ -13,12 +13,14 @@
"net/http"
"net/url"
"os"
+ "reflect"
"strings"
"time"
+ "k8s.io/apimachinery/pkg/util/yaml"
+
ssv1alpha1
"github.com/bitnami-labs/sealed-secrets/pkg/apis/sealedsecrets/v1alpha1"
"github.com/bitnami-labs/sealed-secrets/pkg/crypto"
- "github.com/bitnami-labs/sealed-secrets/pkg/multidocyaml"
v1 "k8s.io/api/core/v1"
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -66,24 +68,6 @@
return cert, nil
}
-func readSecret(codec runtime.Decoder, r io.Reader) (*v1.Secret, error) {
- data, err := io.ReadAll(r)
- if err != nil {
- return nil, err
- }
-
- if err := multidocyaml.EnsureNotMultiDoc(data); err != nil {
- return nil, err
- }
-
- var ret v1.Secret
- if err = runtime.DecodeInto(codec, data, &ret); err != nil {
- return nil, err
- }
-
- return &ret, nil
-}
-
func prettyEncoder(codecs runtimeserializer.CodecFactory, mediaType string, gv
runtime.GroupVersioner) (runtime.Encoder, error) {
info, ok :=
runtime.SerializerInfoForMediaType(codecs.SupportedMediaTypes(), mediaType)
if !ok {
@@ -184,60 +168,112 @@
return openCertCluster(ctx, restClient, controllerNs, controllerName)
}
+func readSecrets(r io.Reader) ([]*v1.Secret, error) {
+ decoder := yaml.NewYAMLOrJSONDecoder(r, 4096)
+
+ var secrets []*v1.Secret
+ empty := v1.Secret{}
+
+ for {
+ sec := v1.Secret{}
+ err := decoder.Decode(&sec)
+ if reflect.DeepEqual(sec, empty) {
+ if errors.Is(err, io.EOF) {
+ break
+ } else {
+ continue
+ }
+ }
+ secrets = append(secrets, &sec)
+ if err != nil && err != io.EOF {
+ return nil, err
+ }
+ }
+ return secrets, nil
+}
+
+func readSealedSecrets(r io.Reader) ([]*ssv1alpha1.SealedSecret, error) {
+ decoder := yaml.NewYAMLOrJSONDecoder(r, 4096)
+
+ var secrets []*ssv1alpha1.SealedSecret
+ empty := ssv1alpha1.SealedSecret{}
+
+ for {
+ sec := ssv1alpha1.SealedSecret{}
+ err := decoder.Decode(&sec)
+ if reflect.DeepEqual(sec, empty) {
+ if errors.Is(err, io.EOF) {
+ break
+ } else {
+ continue
+ }
+ }
+ secrets = append(secrets, &sec)
+ if err != nil && err != io.EOF {
+ return nil, err
+ }
+ }
+
+ return secrets, nil
+}
+
// Seal reads a k8s Secret resource parsed from an input reader by a given
codec, encrypts all its secrets
// with a given public key, using the name and namespace found in the input
secret, unless explicitly overridden
// by the overrideName and overrideNamespace arguments.
func Seal(clientConfig ClientConfig, outputFormat string, in io.Reader, out
io.Writer, codecs runtimeserializer.CodecFactory, pubKey *rsa.PublicKey, scope
ssv1alpha1.SealingScope, allowEmptyData bool, overrideName, overrideNamespace
string) error {
- secret, err := readSecret(codecs.UniversalDecoder(), in)
+ secrets, err := readSecrets(in)
if err != nil {
return err
}
- if len(secret.Data) == 0 && len(secret.StringData) == 0 &&
!allowEmptyData {
- return fmt.Errorf("secret.data is empty in input Secret,
assuming this is an error and aborting. To work with empty data,
--allow-empty-data can be used")
- }
+ for _, secret := range secrets {
+ if len(secret.Data) == 0 && len(secret.StringData) == 0 &&
!allowEmptyData {
+ return fmt.Errorf("secret.data is empty in input
Secret, assuming this is an error and aborting. To work with empty data,
--allow-empty-data can be used")
+ }
- if overrideName != "" {
- secret.Name = overrideName
- }
+ if overrideName != "" {
+ secret.Name = overrideName
+ }
- if secret.GetName() == "" {
- return fmt.Errorf("missing metadata.name in input Secret")
- }
+ if secret.GetName() == "" {
+ return fmt.Errorf("missing metadata.name in input
Secret")
+ }
- if overrideNamespace != "" {
- secret.Namespace = overrideNamespace
- }
+ if overrideNamespace != "" {
+ secret.Namespace = overrideNamespace
+ }
- if scope != ssv1alpha1.DefaultScope {
- secret.Annotations =
ssv1alpha1.UpdateScopeAnnotations(secret.Annotations, scope)
- }
+ if scope != ssv1alpha1.DefaultScope {
+ secret.Annotations =
ssv1alpha1.UpdateScopeAnnotations(secret.Annotations, scope)
+ }
- if ssv1alpha1.SecretScope(secret) != ssv1alpha1.ClusterWideScope &&
secret.GetNamespace() == "" {
- ns, _, err := clientConfig.Namespace()
- if clientcmd.IsEmptyConfig(err) {
- return fmt.Errorf("input secret has no namespace and
cannot infer the namespace automatically when no kube config is available")
- } else if err != nil {
- return err
+ if ssv1alpha1.SecretScope(secret) !=
ssv1alpha1.ClusterWideScope && secret.GetNamespace() == "" {
+ ns, _, err := clientConfig.Namespace()
+ if clientcmd.IsEmptyConfig(err) {
+ return fmt.Errorf("input secret has no
namespace and cannot infer the namespace automatically when no kube config is
available")
+ } else if err != nil {
+ return err
+ }
+ secret.SetNamespace(ns)
}
- secret.SetNamespace(ns)
- }
- // Strip read-only server-side ObjectMeta (if present)
- secret.SetSelfLink("")
- secret.SetUID("")
- secret.SetResourceVersion("")
- secret.Generation = 0
- secret.SetCreationTimestamp(metav1.Time{})
- secret.SetDeletionTimestamp(nil)
- secret.DeletionGracePeriodSeconds = nil
+ // Strip read-only server-side ObjectMeta (if present)
+ secret.SetSelfLink("")
+ secret.SetUID("")
+ secret.SetResourceVersion("")
+ secret.Generation = 0
+ secret.SetCreationTimestamp(metav1.Time{})
+ secret.SetDeletionTimestamp(nil)
+ secret.DeletionGracePeriodSeconds = nil
- ssecret, err := ssv1alpha1.NewSealedSecret(codecs, pubKey, secret)
- if err != nil {
- return err
- }
- if err = sealedSecretOutput(out, outputFormat, codecs, ssecret); err !=
nil {
- return err
+ ssecret, err := ssv1alpha1.NewSealedSecret(codecs, pubKey,
secret)
+ if err != nil {
+ return err
+ }
+ if err = sealedSecretOutput(out, outputFormat, codecs,
ssecret); err != nil {
+ return err
+ }
+ //return nil
}
return nil
}
@@ -256,11 +292,6 @@
return err
}
- content, err := io.ReadAll(in)
- if err != nil {
- return err
- }
-
req := restClient.RESTClient().Post().
Namespace(controllerNs).
Resource("services").
@@ -268,15 +299,25 @@
Name(net.JoinSchemeNamePort("http", controllerName, portName)).
Suffix("/v1/verify")
- req.Body(content)
- res := req.Do(ctx)
- if err := res.Error(); err != nil {
- if status, ok := err.(*k8serrors.StatusError); ok &&
status.Status().Code == http.StatusConflict {
- return fmt.Errorf("unable to decrypt sealed secret")
- }
- return fmt.Errorf("cannot validate sealed secret: %v", err)
+ secrets, err := readSealedSecrets(in)
+ if err != nil {
+ return fmt.Errorf("unable to decrypt sealed secret")
}
+ for _, secret := range secrets {
+ content, err := json.Marshal(secret)
+ if err != nil {
+ return fmt.Errorf("error while marshalling sealed
secret: %w", err)
+ }
+ req.Body(content)
+ res := req.Do(ctx)
+ if err := res.Error(); err != nil {
+ if status, ok := err.(*k8serrors.StatusError); ok &&
status.Status().Code == http.StatusConflict {
+ return fmt.Errorf("unable to decrypt sealed
secret: %v", secret.GetName())
+ }
+ return fmt.Errorf("cannot validate sealed secret: %v",
err)
+ }
+ }
return nil
}
@@ -294,7 +335,6 @@
return err
}
- content, err := io.ReadAll(in)
if err != nil {
return err
}
@@ -306,27 +346,38 @@
Name(net.JoinSchemeNamePort("http", controllerName, portName)).
Suffix("/v1/rotate")
- req.Body(content)
- res := req.Do(ctx)
- if err := res.Error(); err != nil {
- if status, ok := err.(*k8serrors.StatusError); ok &&
status.Status().Code == http.StatusConflict {
- return fmt.Errorf("unable to rotate secret")
- }
- return fmt.Errorf("cannot re-encrypt secret: %v", err)
- }
- body, err := res.Raw()
+ secrets, err := readSealedSecrets(in)
if err != nil {
return err
}
- ssecret := &ssv1alpha1.SealedSecret{}
- if err = json.Unmarshal(body, ssecret); err != nil {
- return err
- }
- ssecret.SetCreationTimestamp(metav1.Time{})
- ssecret.SetDeletionTimestamp(nil)
- ssecret.Generation = 0
- if err = sealedSecretOutput(out, outputFormat, codecs, ssecret); err !=
nil {
- return err
+
+ for _, secret := range secrets {
+ content, err := json.Marshal(secret)
+ if err != nil {
+ return err
+ }
+ req.Body(content)
+ res := req.Do(ctx)
+ if err := res.Error(); err != nil {
+ if status, ok := err.(*k8serrors.StatusError); ok &&
status.Status().Code == http.StatusConflict {
+ return fmt.Errorf("unable to rotate secret")
+ }
+ return fmt.Errorf("cannot re-encrypt secret: %v", err)
+ }
+ body, err := res.Raw()
+ if err != nil {
+ return err
+ }
+ ssecret := &ssv1alpha1.SealedSecret{}
+ if err = json.Unmarshal(body, ssecret); err != nil {
+ return err
+ }
+ ssecret.SetCreationTimestamp(metav1.Time{})
+ ssecret.SetDeletionTimestamp(nil)
+ ssecret.Generation = 0
+ if err = sealedSecretOutput(out, outputFormat, codecs,
ssecret); err != nil {
+ return err
+ }
}
return nil
}
@@ -350,7 +401,13 @@
return err
}
_, _ = out.Write(buf)
- fmt.Fprint(out, "\n")
+
+ switch contentType {
+ case runtime.ContentTypeJSON:
+ fmt.Fprint(out, "\n")
+ case runtime.ContentTypeYAML:
+ fmt.Fprint(out, "---\n")
+ }
return nil
}
@@ -471,19 +528,19 @@
var lst v1.List
if err = runtime.DecodeInto(scheme.Codecs.UniversalDecoder(), b, &lst);
err == nil {
for _, r := range lst.Items {
- s, err := readSecret(scheme.Codecs.UniversalDecoder(),
bytes.NewBuffer(r.Raw))
+ s, err := readSecrets(bytes.NewBuffer(r.Raw))
if err != nil {
return nil, err
}
- secrets = append(secrets, s)
+ secrets = append(secrets, s...)
}
} else {
// try to parse it as json/yaml encoded secret
- s, err := readSecret(scheme.Codecs.UniversalDecoder(),
bytes.NewBuffer(b))
+ s, err := readSecrets(bytes.NewBuffer(b))
if err != nil {
return nil, err
}
- secrets = append(secrets, s)
+ secrets = append(secrets, s...)
}
var keys []*rsa.PrivateKey
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/pkg/kubeseal/kubeseal_test.go
new/sealed-secrets-0.24.0/pkg/kubeseal/kubeseal_test.go
--- old/sealed-secrets-0.23.1/pkg/kubeseal/kubeseal_test.go 2023-08-17
14:19:21.000000000 +0200
+++ new/sealed-secrets-0.24.0/pkg/kubeseal/kubeseal_test.go 2023-09-15
11:42:16.000000000 +0200
@@ -19,6 +19,9 @@
"testing"
"time"
+ "k8s.io/apimachinery/pkg/util/yaml"
+ "k8s.io/utils/strings/slices"
+
flag "github.com/spf13/pflag"
"github.com/google/go-cmp/cmp"
@@ -177,6 +180,86 @@
}
}
+func TestSealWithMultiDocSecrets(t *testing.T) {
+ key, err := ParseKey(strings.NewReader(testCert))
+ if err != nil {
+ t.Fatalf("Failed to parse gotSecrets key: %v", err)
+ }
+
+ testCases := []struct {
+ name string
+ asYaml bool
+ inputSeparator string
+ outputFormat string
+ }{
+ {
+ name: "multi-doc json",
+ asYaml: false,
+ inputSeparator: "\n",
+ outputFormat: "json",
+ },
+ {
+ name: "multi-doc yaml",
+ asYaml: true,
+ inputSeparator: "---\n",
+ outputFormat: "yaml",
+ },
+ }
+
+ for _, tc := range testCases {
+ t.Run(tc.name, func(t *testing.T) {
+ s1 := mkTestSecret(t, "foo", "1", withSecretName("s1"),
asYAML(tc.asYaml))
+ s2 := mkTestSecret(t, "bar", "2", withSecretName("s2"),
asYAML(tc.asYaml))
+ multiDocYaml := fmt.Sprintf("%s%s%s", s1,
tc.inputSeparator, s2)
+
+ clientConfig := testClientConfig()
+ outputFormat := tc.outputFormat
+ inbuf := bytes.Buffer{}
+ _, err =
bytes.NewBuffer([]byte(multiDocYaml)).WriteTo(&inbuf)
+ if err != nil {
+ t.Fatalf("Error writing to buffer: %v", err)
+ }
+
+ t.Logf("input is: %s", inbuf.String())
+
+ outbuf := bytes.Buffer{}
+ if err := Seal(clientConfig, outputFormat, &inbuf,
&outbuf, scheme.Codecs, key, ssv1alpha1.NamespaceWideScope, false, "", ""); err
!= nil {
+ t.Fatalf("seal() returned error: %v", err)
+ }
+
+ outBytes := outbuf.Bytes()
+ t.Logf("output is %s", outBytes)
+
+ decoder :=
yaml.NewYAMLOrJSONDecoder(bytes.NewReader(outBytes), 4096)
+ var gotSecrets []*ssv1alpha1.SealedSecret
+ for {
+ s := ssv1alpha1.SealedSecret{}
+ err := decoder.Decode(&s)
+ if err != nil {
+ if err == io.EOF {
+ break
+ }
+ t.Fatalf("Failed to parse result: %v",
err)
+ }
+ gotSecrets = append(gotSecrets, &s)
+ }
+
+ if got, want := len(gotSecrets), 2; got != want {
+ t.Errorf("Wrong element output length: got: %d,
want: %d", got, want)
+ }
+
+ for _, gotSecret := range gotSecrets {
+ if got, want := gotSecret.GetNamespace(),
"testns"; got != want {
+ t.Errorf("got: %q, want: %q", got, want)
+ }
+ if got, want := gotSecret.GetName(),
[]string{"s1", "s2"}; !slices.Contains(want, got) {
+ t.Errorf("got: %q, want: %q", got, want)
+ }
+ }
+ })
+ }
+}
+
func TestSeal(t *testing.T) {
key, err := ParseKey(strings.NewReader(testCert))
if err != nil {
@@ -520,13 +603,15 @@
t.Fatal(err)
}
- secret, err := readSecret(scheme.Codecs.UniversalDecoder(), &buf)
+ secret, err := readSecrets(&buf)
if err != nil {
t.Fatal(err)
}
- if got, want := string(secret.Data[secretItemKey]), secretItemValue;
got != want {
- t.Fatalf("got: %q, want: %q", got, want)
+ for _, secret := range secret {
+ if got, want := string(secret.Data[secretItemKey]),
secretItemValue; got != want {
+ t.Fatalf("got: %q, want: %q", got, want)
+ }
}
}
@@ -579,13 +664,15 @@
t.Fatal(err)
}
- secret, err := readSecret(scheme.Codecs.UniversalDecoder(), &buf)
+ secret, err := readSecrets(&buf)
if err != nil {
t.Fatal(err)
}
- if got, want := string(secret.Data[secretItemKey]), secretItemValue;
got != want {
- t.Fatalf("got: %q, want: %q", got, want)
+ for _, secret := range secret {
+ if got, want := string(secret.Data[secretItemKey]),
secretItemValue; got != want {
+ t.Fatalf("got: %q, want: %q", got, want)
+ }
}
}
@@ -887,17 +974,6 @@
}
}
-func TestYAMLStream(t *testing.T) {
- s1 := mkTestSecret(t, "foo", "1", withSecretName("s1"), asYAML(true))
- s2 := mkTestSecret(t, "var", "2", withSecretName("s2"), asYAML(true))
- bad := fmt.Sprintf("%s\n---\n%s\n", s1, s2)
-
- _, err := readSecret(scheme.Codecs.UniversalDecoder(),
strings.NewReader(bad))
- if err == nil {
- t.Fatalf("error expected")
- }
-}
-
func TestReadPrivKeyPEM(t *testing.T) {
_, pkw := newTestKeyPairSingle(t)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/sealed-secrets-0.23.1/versions.env
new/sealed-secrets-0.24.0/versions.env
--- old/sealed-secrets-0.23.1/versions.env 2023-08-17 14:19:21.000000000
+0200
+++ new/sealed-secrets-0.24.0/versions.env 2023-09-15 11:42:16.000000000
+0200
@@ -1,2 +1,2 @@
-GO_VERSION=1.20.3
+GO_VERSION=1.21.1
GO_VERSION_LIST="[\"$GO_VERSION\"]"
++++++ sealed-secrets.obsinfo ++++++
--- /var/tmp/diff_new_pack.YSxRyI/_old 2023-09-15 22:11:18.713656624 +0200
+++ /var/tmp/diff_new_pack.YSxRyI/_new 2023-09-15 22:11:18.717656767 +0200
@@ -1,5 +1,5 @@
name: sealed-secrets
-version: 0.23.1
-mtime: 1692274761
-commit: daa514e978924ee31007b6213783b7e4623a08c1
+version: 0.24.0
+mtime: 1694770936
+commit: 3344ac6b6403320c46d0c3b26124a3c27f296c3c
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/kubeseal/vendor.tar.gz
/work/SRC/openSUSE:Factory/.kubeseal.new.1766/vendor.tar.gz differ: char 5,
line 1
