From cecdca34c4fffdf5992e03c0bfdaa7bef773230a Mon Sep 17 00:00:00 2001 From: Martin Maly Date: Mon, 7 Feb 2022 13:10:58 -0800 Subject: [PATCH] Porch Streamline Docker Image Building (#2752) * Use the same naming pattern * Enable nested Makefiles to inherit values from parent * Enable explicit image tagging (i.e. using `IMAGE_TAG=$(git rev-parse --short HEAD) make build-images` * Enable `make build-images` and `make push-images` Run Porch With Consistent Working Dir (#2753) `go run` doesn't support setting working directory; use `go build` instead. Add subpkgs test for porch (#2754) * Add subpkgs test for porch * Add runtime Basic e2e Test (#2755) * Basic e2e Test * Simple harness to reduce some boilerplate * Add a simple git repo test Refactor Server Startup (#2770) * Start background processing in Run function * Shut down when stopCh is closed Tidy in 1.17 compatible mode (#2769) Occasionally `make tidy` fails complaining about 1.16 vs. 1.17 golang; this should keep our mods 1.17 compatible with fewer `make tidy` failures. Create Engine using Options (#2771) Create options for the common engine configuration options. Support lazy credential resolution (#2772) * Add CredentialResolver interface * Add WithCredentialResolver engine option * Use lazy credential resolution when interacting with Git Pass Context to OpenRepository (#2773) Use Context to Drive Server Shutdown (#2774) Turns out k8s apiserver supports both and we can get the core context to listen on instead of just getting the close channel. Clean up Required/Optional API Fields (#2778) Git branch and directory can be optional (defaulting to `main` and `/` respectively, while `SecretRef.Name` is required since nameless secret reference is unhelpful. Easier deployment onto GKE (#2776) Support Creating Porch Deployment Config (#2777) * Create `deployment-config` and `push-and-deploy` make targets * Use kpt function to set images on the deployment config Update Porch Deployment and Instructions (#2782) * Set workload identity service accounts via set-annotations * Simplify instructions * Build at Git tag * Combine Deployment Config in Same Directory * Rename config files, assign 0 to CRDs. * `kubectl apply` recursively just in case we add more config later Use controller-gen v0.8.0 (#2780) Use consistent version of controller-gen (v0.8.0) crd:preserveUnknownFields marker has been removed (`false` was the required value for v1 CRDs). Set renderer when building CaDEngine (#2787) Otherwise we crash when trying to render a package. Fix missing error handling (#2784) We weren't checking errors when building a CaDEngine. Fix small typo (#2793) Don't call into kpt render if we don't have a package (#2788) When creating an empty package, we get an error otherwise (as kpt render doesn't work if it doesn't have a package). --- porch/.dockerignore | 1 + porch/Makefile | 77 ++++++- porch/README.md | 25 +-- porch/apiserver/cmd/porch/main.go | 4 +- porch/apiserver/go.mod | 2 +- porch/apiserver/go.sum | 29 --- porch/apiserver/pkg/apiserver/apiserver.go | 44 +++- porch/apiserver/pkg/cmd/server/start.go | 9 +- porch/apiserver/pkg/e2e/e2e_test.go | 196 +++++++++++++++++ porch/apiserver/pkg/e2e/suite.go | 206 ++++++++++++++++++ .../pkg/registry/porch/background.go | 28 ++- .../apiserver/pkg/registry/porch/functions.go | 15 +- .../pkg/registry/porch/packagecommon.go | 16 +- .../pkg/registry/porch/packagerevision.go | 21 +- .../porch/packagerevisionresources.go | 7 +- porch/apiserver/pkg/registry/porch/secret.go | 45 ++-- porch/apiserver/pkg/registry/porch/storage.go | 22 +- .../{0-namespace.yaml => 1-namespace.yaml} | 0 porch/config/deploy/1-service-account.yaml | 19 -- .../deploy/2-function-runner.yaml} | 2 +- ...{2-deployment.yaml => 3-porch-server.yaml} | 30 ++- porch/config/deploy/3-service.yaml | 26 --- porch/config/deploy/6-rbac-bind.yaml | 4 +- porch/config/deploy/7-auth-reader.yaml | 2 +- porch/config/deploy/8-auth-delegator.yaml | 2 +- .../deploy/9-controllers.yaml} | 12 +- porch/config/samples/oci-repository.yaml | 4 +- porch/controllers/Makefile | 9 +- .../config.porch.kpt.dev_repositories.yaml | 25 ++- .../apis/porch/v1alpha1/groupversion_info.go | 2 +- .../pkg/apis/porch/v1alpha1/types.go | 8 +- .../api/v1alpha1/groupversion_info.go | 2 +- ...g.cloud.google.com_remoterootsyncsets.yaml | 16 +- .../config/samples/hack-self-apply-rbac.yaml | 47 ++++ .../config/samples/hack-self-apply.yaml | 5 +- porch/controllers/remoterootsync/go.mod | 2 +- porch/controllers/remoterootsync/go.sum | 124 +---------- porch/controllers/remoterootsync/main.go | 2 +- porch/docs/running-on-gke.md | 59 +++++ porch/engine/go.sum | 31 --- porch/engine/pkg/engine/clone.go | 4 +- porch/engine/pkg/engine/engine.go | 83 +++---- porch/engine/pkg/engine/options.go | 104 +++++++++ porch/engine/pkg/engine/render.go | 17 +- porch/engine/pkg/kpt/fs_test.go | 54 ++++- porch/func/Dockerfile | 4 +- porch/func/Makefile | 4 +- porch/hack/Deploy-Kustomization-Template | 11 + porch/hack/Dockerfile | 2 +- porch/hack/build-image.sh | 100 --------- porch/repository/go.sum | 167 -------------- porch/repository/pkg/cache/cache.go | 19 +- porch/repository/pkg/git/draft.go | 7 +- porch/repository/pkg/git/git.go | 79 +++++-- porch/repository/pkg/git/git_test.go | 7 +- porch/repository/pkg/repository/repository.go | 11 +- 56 files changed, 1052 insertions(+), 801 deletions(-) create mode 100644 porch/apiserver/pkg/e2e/e2e_test.go create mode 100644 porch/apiserver/pkg/e2e/suite.go rename porch/config/deploy/{0-namespace.yaml => 1-namespace.yaml} (100%) delete mode 100644 porch/config/deploy/1-service-account.yaml rename porch/{func/config/deploy/function-runner.yaml => config/deploy/2-function-runner.yaml} (94%) rename porch/config/deploy/{2-deployment.yaml => 3-porch-server.yaml} (66%) delete mode 100644 porch/config/deploy/3-service.yaml rename porch/{controllers/config/deploy/manifest.yaml => config/deploy/9-controllers.yaml} (93%) create mode 100644 porch/controllers/remoterootsync/config/samples/hack-self-apply-rbac.yaml create mode 100644 porch/docs/running-on-gke.md create mode 100644 porch/engine/pkg/engine/options.go create mode 100644 porch/hack/Deploy-Kustomization-Template delete mode 100755 porch/hack/build-image.sh diff --git a/porch/.dockerignore b/porch/.dockerignore index 9b35c04495..12b36705b8 100644 --- a/porch/.dockerignore +++ b/porch/.dockerignore @@ -1,3 +1,4 @@ .build/ .cache/ default.etcd/ +apiserver.local.config/ diff --git a/porch/Makefile b/porch/Makefile index 2ed85529bc..7c9b601695 100644 --- a/porch/Makefile +++ b/porch/Makefile @@ -15,10 +15,13 @@ KUBECONFIG=$(CURDIR)/hack/local/kubeconfig BUILDDIR=$(CURDIR)/.build CACHEDIR=$(CURDIR)/.cache +DEPLOYCONFIGDIR=$(BUILDDIR)/deploy MODULES = $(shell find . -path ./.build -prune -o -path ./.cache -prune -o -name 'go.mod' -print) # GCP project to use for development -GCP_PROJECT_ID ?= $(shell gcloud config get-value project) +export GCP_PROJECT_ID ?= $(shell gcloud config get-value project) +export IMAGE_REPO ?= gcr.io/$(GCP_PROJECT_ID) +export IMAGE_TAG ?= latest .PHONY: all all: stop network start-etcd start-kube-apiserver start-function-runner run-local @@ -80,7 +83,7 @@ start-function-runner: --network=porch \ --ip 192.168.8.202 \ --name function-runner \ - function-runner + gcr.io/$(GCP_PROJECT_ID)/function-runner:latest .PHONY: generate generate: $(MODULES) @@ -88,7 +91,7 @@ generate: $(MODULES) .PHONY: tidy tidy: $(MODULES) - @for f in $(^D); do (cd $$f; echo "Tidying $$f"; go mod tidy) || exit 1; done + @for f in $(^D); do (cd $$f; echo "Tidying $$f"; go mod tidy -compat=1.17) || exit 1; done .PHONY: test test: $(MODULES) @@ -103,11 +106,13 @@ vet: $(MODULES) fmt: $(MODULES) @for f in $(^D); do (cd $$f; echo "Formatting $$f"; gofmt -s -w .); done +PORCH = $(BUILDDIR)/porch + .PHONY: run-local -run-local: +run-local: porch KUBECONFIG=$(KUBECONFIG) kubectl apply -f hack/local/localconfig.yaml KUBECONFIG=$(KUBECONFIG) kubectl apply -f controllers/pkg/apis/porch/v1alpha1/ - cd apiserver; go run ./cmd/porch \ + $(PORCH) \ --secure-port 9443 \ --standalone-debug-mode \ --kubeconfig="$(KUBECONFIG)" \ @@ -120,7 +125,7 @@ run-jaeger: .PHONY: porch porch: - cd apiserver; go build ./cmd/porch + cd apiserver; go build -o $(PORCH) ./cmd/porch .PHONY: fix-headers fix-headers: @@ -130,7 +135,65 @@ fix-headers: .PHONY: fix-all fix-all: fix-headers fmt tidy +KPTDIR = $(abspath $(CURDIR)/..) .PHONY: push-images push-images: - hack/build-image.sh --project $(GCP_PROJECT_ID) --push + docker buildx build --push --tag "$(IMAGE_REPO)/porch:$(IMAGE_TAG)" -f "${CURDIR}/hack/Dockerfile" "${KPTDIR}" make -C controllers/ push-image + make -C func/ push-image + +.PHONY: build-images +build-images: + docker buildx build --load --tag "$(IMAGE_REPO)/porch:$(IMAGE_TAG)" -f "${CURDIR}/hack/Dockerfile" "${KPTDIR}" + make -C controllers/ build-image + make -C func/ build-image + +.PHONY: apply-dev-config +apply-dev-config: + # TODO: Replace with KCC (or self-host a registry?) + gcloud services enable artifactregistry.googleapis.com + gcloud artifacts repositories describe --location=us-west1 packages --format="value(name)" || gcloud artifacts repositories create --location=us-west1 --repository-format=docker packages + + # TODO: Replace with kpt function + cat config/samples/oci-repository.yaml | sed -e s/example-google-project-id/${GCP_PROJECT_ID}/g | kubectl apply -f - + + # TODO: Replace with KCC (or self-host a registry?) + gcloud services enable artifactregistry.googleapis.com + gcloud artifacts repositories describe --location=us-west1 deployment --format="value(name)" || gcloud artifacts repositories create --location=us-west1 --repository-format=docker deployment + + # TODO: Replace with kpt function + cat config/samples/deployment-repository.yaml | sed -e s/example-google-project-id/${GCP_PROJECT_ID}/g | kubectl apply -f - + +.PHONY: deployment-config +deployment-config: + rm -rf $(DEPLOYCONFIGDIR) || true + mkdir -p $(DEPLOYCONFIGDIR)/crd + cp ./controllers/remoterootsync/config/crd/bases/config.cloud.google.com_remoterootsyncsets.yaml $(DEPLOYCONFIGDIR)/0-remoterootsyncsets.yaml + cp ./controllers/remoterootsync/config/rbac/role.yaml $(DEPLOYCONFIGDIR)/0-remoterootsync-role.yaml + cp ./controllers/pkg/apis/porch/v1alpha1/config.porch.kpt.dev_repositories.yaml $(DEPLOYCONFIGDIR)/0-repositories.yaml + cp ./config/deploy/*.yaml ./config/deploy/Kptfile $(DEPLOYCONFIGDIR) + kpt fn eval $(DEPLOYCONFIGDIR) --image set-image:unstable -- \ + "name=gcr.io/example-google-project-id/function-runner:latest" \ + "newName=$(IMAGE_REPO)/function-runner" \ + "newTag=$(IMAGE_TAG)" + kpt fn eval $(DEPLOYCONFIGDIR) --image set-image:unstable -- \ + "name=gcr.io/example-google-project-id/porch-server:latest" \ + "newName=$(IMAGE_REPO)/porch" \ + "newTag=$(IMAGE_TAG)" + kpt fn eval $(DEPLOYCONFIGDIR) --image set-image:unstable -- \ + "name=gcr.io/example-google-project-id/porch-controllers:latest" \ + "newName=$(IMAGE_REPO)/porch-controllers" \ + "newTag=$(IMAGE_TAG)" + kpt fn eval $(DEPLOYCONFIGDIR) --image set-annotations:v0.1.4 \ + --match-api-version=v1 --match-kind=ServiceAccount --match-name=porch-server --match-namespace=porch-system -- \ + "iam.gke.io/gcp-service-account=porch-server@$(GCP_PROJECT_ID).iam.gserviceaccount.com" + kpt fn eval $(DEPLOYCONFIGDIR) --image set-annotations:v0.1.4 \ + --match-api-version=v1 --match-kind=ServiceAccount --match-name=porch-controllers --match-namespace=porch-system -- \ + "iam.gke.io/gcp-service-account=porch-sync@$(GCP_PROJECT_ID).iam.gserviceaccount.com" + +.PHONY: deploy +deploy: deployment-config + kubectl apply -R -f $(DEPLOYCONFIGDIR) + +.PHONY: push-and-deploy +push-and-deploy: push-images deploy diff --git a/porch/README.md b/porch/README.md index 5ebd06c698..bad74ae15c 100644 --- a/porch/README.md +++ b/porch/README.md @@ -91,7 +91,7 @@ kubectl get packagerevisions -oyaml kubectl get packagerevisionresources -oyaml ``` -Or create a pakcage revision: +Or create a package revision: ```sh kubectl apply -f ./config/samples/bucket-label.yaml ``` @@ -118,24 +118,15 @@ Prerequisite: Build a Docker image using a script: ```sh -./hack/build-image.sh +make build-images -# Supported flags -# --repository [REPO] name of the Docker repository -# --project [PROJECT] GCP project (will translate to gcr.io/PROJECT) -# --tag [TAG] image tag, i.e. 'latest' -# --push also push the image to the repository +# Supported make variables: +# IMAGE_TAG - image tag, i.e. 'latest' (defaults to 'latest') +# GCP_PROJECT_ID - GCP project hosting gcr.io repository (will translate to gcr.io/${GCP_PROJECT_ID}) +# IMAGE_REPO - overwrites the default image repository - -# Example -./hack/build-image.sh --project=my-gcp-project --push -``` - -Or, build directly via docker: -**Note**: This must be done from the parent directory (kpt, not porch): - -```sh -docker build -t TAG -f ./porch/hack/Dockerfile . +# To push the image: +make push-images ``` ### Deploy into a Kubernetes Cluster diff --git a/porch/apiserver/cmd/porch/main.go b/porch/apiserver/cmd/porch/main.go index ebc980bd0f..1d058f1b87 100644 --- a/porch/apiserver/cmd/porch/main.go +++ b/porch/apiserver/cmd/porch/main.go @@ -48,10 +48,10 @@ func run() int { http.DefaultTransport = otelhttp.NewTransport(http.DefaultClient.Transport) http.DefaultClient.Transport = http.DefaultTransport - stopCh := genericapiserver.SetupSignalHandler() + ctx := genericapiserver.SetupSignalContext() options := server.NewPorchServerOptions(os.Stdout, os.Stderr) - cmd := server.NewCommandStartPorchServer(options, stopCh) + cmd := server.NewCommandStartPorchServer(ctx, options) code := cli.Run(cmd) return code } diff --git a/porch/apiserver/go.mod b/porch/apiserver/go.mod index 48a7a5ac5f..29d9918d8c 100644 --- a/porch/apiserver/go.mod +++ b/porch/apiserver/go.mod @@ -16,6 +16,7 @@ require ( go.opentelemetry.io/otel/sdk v0.20.0 go.opentelemetry.io/otel/sdk/metric v0.20.0 google.golang.org/grpc v1.44.0 + gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.23.3 k8s.io/apimachinery v0.23.3 k8s.io/apiserver v0.23.3 @@ -151,7 +152,6 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect k8s.io/cli-runtime v0.23.3 // indirect k8s.io/kubectl v0.22.2 // indirect diff --git a/porch/apiserver/go.sum b/porch/apiserver/go.sum index 64a6aee790..be1785c3ad 100644 --- a/porch/apiserver/go.sum +++ b/porch/apiserver/go.sum @@ -75,7 +75,6 @@ github.com/GoogleContainerTools/kpt-functions-catalog/functions/go/apply-setters github.com/GoogleContainerTools/kpt-functions-catalog/functions/go/apply-setters v0.2.0/go.mod h1:D+1CuvT4BecI7ZokGUVPdjnhT+z0z1/9NB6HGH4cTSI= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd h1:sjQovDkwrZp8u+gxLtPgKGjk5hCxuy2hrRejBTA9xFU= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= -github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -120,7 +119,6 @@ github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:C github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= @@ -158,7 +156,6 @@ github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= @@ -287,7 +284,6 @@ github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmf github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e h1:Wf6HqHfScWJN9/ZjdUKyjop4mf3Qdd+1TvvltAvM3m8= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= @@ -448,7 +444,6 @@ github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -489,8 +484,6 @@ github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Z github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/cel-go v0.9.0/go.mod h1:U7ayypeSkw23szu4GaQTPJGx66c20mx8JklMSxrmI1w= -github.com/google/cel-spec v0.6.0/go.mod h1:Nwjgxy5CbjlPrtCWjeDjUyKMl8w41YBYGjsyDdqk0xA= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -608,7 +601,6 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/igorsobreira/titlecase v0.0.0-20140109233139-4156b5b858ac/go.mod h1:KOzUkqpWM2xArNm82cehGc5PBFYV1Qadzzt81aJi7F0= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -765,7 +757,6 @@ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108 github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= -github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= @@ -775,7 +766,6 @@ github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDs github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.17.0 h1:9Luw4uT5HTjHTN8+aNcSThgH1vdXnmdJ8xIfZ4wyTRE= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -819,7 +809,6 @@ github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCko github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/philopon/go-toposort v0.0.0-20170620085441-9be86dbd762f h1:WyCn68lTiytVSkk7W1K9nBiSGTSRlUOdyTnSjwrIlok= -github.com/philopon/go-toposort v0.0.0-20170620085441-9be86dbd762f/go.mod h1:/iRjX3DdSK956SzsUdV55J+wIsQ+2IBWmBrB4RvZfk4= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -1059,7 +1048,6 @@ go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= -go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= @@ -1185,7 +1173,6 @@ golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211216030914-fe4d6282115f h1:hEYJvxw1lSnWIl8X9ofsYMklzaDs90JI2az5YMd4fPM= @@ -1328,7 +1315,6 @@ golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211029165221-6e7872819dc8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= @@ -1506,7 +1492,6 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201102152239-715cce707fb0/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -1648,26 +1633,20 @@ k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= k8s.io/api v0.22.2/go.mod h1:y3ydYpLJAaDI+BbSe2xmGcqxiWHmWjkEeIbiwHvnPR8= -k8s.io/api v0.23.0/go.mod h1:8wmDdLBHBNxtOIytwLstXt5E9PddnZb0GaMcqsvDBpg= k8s.io/api v0.23.3 h1:KNrME8KHGr12Ozjf8ytOewKzZh6hl/hHUZeHddT3a38= k8s.io/api v0.23.3/go.mod h1:w258XdGyvCmnBj/vGzQMj6kzdufJZVUwEM1U2fRJwSQ= k8s.io/apiextensions-apiserver v0.22.2/go.mod h1:2E0Ve/isxNl7tWLSUDgi6+cmwHi5fQRdwGVCxbC+KFA= -k8s.io/apiextensions-apiserver v0.23.0/go.mod h1:xIFAEEDlAZgpVBl/1VSjGDmLoXAWRG40+GsWhKhAxY4= k8s.io/apiextensions-apiserver v0.23.3 h1:JvPJA7hSEAqMRteveq4aj9semilAZYcJv+9HHFWfUdM= -k8s.io/apiextensions-apiserver v0.23.3/go.mod h1:/ZpRXdgKZA6DvIVPEmXDCZJN53YIQEUDF+hrpIQJL38= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= k8s.io/apimachinery v0.22.2/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= -k8s.io/apimachinery v0.23.0/go.mod h1:fFCTTBKvKcwTPFzjlcxp91uPFZr+JA0FubU4fLzzFYc= -k8s.io/apimachinery v0.23.1/go.mod h1:SADt2Kl8/sttJ62RRsi9MIV4o8f5S3coArm0Iu3fBno= k8s.io/apimachinery v0.23.3 h1:7IW6jxNzrXTsP0c8yXz2E5Yx/WTzVPTsHIx/2Vm0cIk= k8s.io/apimachinery v0.23.3/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= k8s.io/apiserver v0.22.2/go.mod h1:vrpMmbyjWrgdyOvZTSpsusQq5iigKNWv9o9KlDAbBHI= -k8s.io/apiserver v0.23.0/go.mod h1:Cec35u/9zAepDPPFyT+UMrgqOCjgJ5qtfVJDxjZYmt4= k8s.io/apiserver v0.23.3 h1:gWY1DmA0AdAGR/H+Q/1FtyGkFq8xqSaZOw7oLopmO8k= k8s.io/apiserver v0.23.3/go.mod h1:3HhsTmC+Pn+Jctw+Ow0LHA4dQ4oXrQ4XJDzrVDG64T4= k8s.io/cli-runtime v0.22.2/go.mod h1:tkm2YeORFpbgQHEK/igqttvPTRIHFRz5kATlw53zlMI= @@ -1677,18 +1656,13 @@ k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= k8s.io/client-go v0.22.2/go.mod h1:sAlhrkVDf50ZHx6z4K0S40wISNTarf1r800F+RlCF6U= -k8s.io/client-go v0.23.0/go.mod h1:hrDnpnK1mSr65lHHcUuIZIXDgEbzc7/683c6hyG4jTA= k8s.io/client-go v0.23.3 h1:23QYUmCQ/W6hW78xIwm3XqZrrKZM+LWDqW2zfo+szJs= k8s.io/client-go v0.23.3/go.mod h1:47oMd+YvAOqZM7pcQ6neJtBiFH7alOyfunYN48VsmwE= k8s.io/code-generator v0.22.2/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o= -k8s.io/code-generator v0.23.0/go.mod h1:vQvOhDXhuzqiVfM/YHp+dmg10WDZCchJVObc9MvowsE= -k8s.io/code-generator v0.23.1/go.mod h1:V7yn6VNTCWW8GqodYCESVo95fuiEg713S8B7WacWZDA= -k8s.io/code-generator v0.23.3/go.mod h1:S0Q1JVA+kSzTI1oUvbKAxZY/DYbA/ZUb4Uknog12ETk= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= k8s.io/component-base v0.22.2/go.mod h1:5Br2QhI9OTe79p+TzPe9JKNQYvEKbq9rTJDWllunGug= -k8s.io/component-base v0.23.0/go.mod h1:DHH5uiFvLC1edCpvcTDV++NKULdYYU6pR9Tt3HIKMKI= k8s.io/component-base v0.23.3 h1:q+epprVdylgecijVGVdf4MbizEL2feW4ssd7cdo6LVY= k8s.io/component-base v0.23.3/go.mod h1:1Smc4C60rWG7d3HjSYpIwEbySQ3YWg0uzH5a2AtaTLg= k8s.io/component-helpers v0.22.2/go.mod h1:+N61JAR9aKYSWbnLA88YcFr9K/6ISYvRNybX7QW7Rs8= @@ -1719,7 +1693,6 @@ k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210820185131-d34e5cb4466e/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211208161948-7d6a63dca704 h1:ZKMMxTvduyf5WUtREOqg5LiXaN1KO/+0oOQPRFrClpo= k8s.io/utils v0.0.0-20211208161948-7d6a63dca704/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= @@ -1729,7 +1702,6 @@ rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.25/go.mod h1:Mlj9PNLmG9bZ6BHFwFKDo5afkpWyUISkb9Me0GnK66I= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27 h1:KQOkVzXrLNb0EP6W0FD6u3CCPAwgXFYwZitbj7K0P0Y= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27/go.mod h1:tq2nT0Kx7W+/f2JVE+zxYtUhdjuELJkVpNz+x/QN5R4= sigs.k8s.io/cli-utils v0.27.0 h1:BxI7lPNn0fBZa5g4UwR+ShJyL4CCxELA6tLHbr2YrpU= @@ -1755,7 +1727,6 @@ sigs.k8s.io/kustomize/kyaml v0.13.3/go.mod h1:/ya3Gk4diiQzlE4mBh7wykyLRFZNvqlbh+ sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= -sigs.k8s.io/structured-merge-diff/v4 v4.2.0/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/porch/apiserver/pkg/apiserver/apiserver.go b/porch/apiserver/pkg/apiserver/apiserver.go index af2fa0d9a0..567a23c3d3 100644 --- a/porch/apiserver/pkg/apiserver/apiserver.go +++ b/porch/apiserver/pkg/apiserver/apiserver.go @@ -15,11 +15,15 @@ package apiserver import ( + "context" "fmt" "github.com/GoogleContainerTools/kpt/porch/api/porch/install" "github.com/GoogleContainerTools/kpt/porch/apiserver/pkg/registry/porch" configapi "github.com/GoogleContainerTools/kpt/porch/controllers/pkg/apis/porch/v1alpha1" + "github.com/GoogleContainerTools/kpt/porch/engine/pkg/engine" + "github.com/GoogleContainerTools/kpt/porch/engine/pkg/kpt" + "github.com/GoogleContainerTools/kpt/porch/repository/pkg/cache" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -74,6 +78,8 @@ type Config struct { // PorchServer contains state for a Kubernetes cluster master/api server. type PorchServer struct { GenericAPIServer *genericapiserver.GenericAPIServer + coreClient client.WithWatch + cache *cache.Cache } type completedConfig struct { @@ -151,28 +157,46 @@ func (c completedConfig) New() (*PorchServer, error) { return nil, err } - s := &PorchServer{ - GenericAPIServer: genericServer, - } - coreClient, err := c.getCoreClient() if err != nil { return nil, fmt.Errorf("failed to build client for core apiserver: %w", err) } - porchGroup, err := porch.NewRESTStorage( - Scheme, Codecs, c.GenericConfig.RESTOptionsGetter, coreClient, - c.ExtraConfig.CacheDirectory, c.ExtraConfig.FunctionRunnerAddress) + credentialResolver := porch.NewCredentialResolver(coreClient) + + renderer := kpt.NewRenderer() + + cache := cache.NewCache(c.ExtraConfig.CacheDirectory, credentialResolver) + cad, err := engine.NewCaDEngine( + engine.WithCache(cache), + engine.WithGRPCFunctionRuntime(c.ExtraConfig.FunctionRunnerAddress), + engine.WithCredentialResolver(credentialResolver), + engine.WithRenderer(renderer), + ) if err != nil { return nil, err } + porchGroup, err := porch.NewRESTStorage(Scheme, Codecs, cad, coreClient) + if err != nil { + return nil, err + } + + s := &PorchServer{ + GenericAPIServer: genericServer, + coreClient: coreClient, + cache: cache, + } + // Install the groups. - if err := s.GenericAPIServer.InstallAPIGroups( - &porchGroup, - ); err != nil { + if err := s.GenericAPIServer.InstallAPIGroups(&porchGroup); err != nil { return nil, err } return s, nil } + +func (s *PorchServer) Run(ctx context.Context) error { + porch.RunBackground(ctx, s.coreClient, s.cache) + return s.GenericAPIServer.PrepareRun().Run(ctx.Done()) +} diff --git a/porch/apiserver/pkg/cmd/server/start.go b/porch/apiserver/pkg/cmd/server/start.go index 90901009d6..d8825c19d0 100644 --- a/porch/apiserver/pkg/cmd/server/start.go +++ b/porch/apiserver/pkg/cmd/server/start.go @@ -15,6 +15,7 @@ package server import ( + "context" "fmt" "io" "net" @@ -80,7 +81,7 @@ func NewPorchServerOptions(out, errOut io.Writer) *PorchServerOptions { // NewCommandStartPorchServer provides a CLI handler for 'start master' command // with a default PorchServerOptions. -func NewCommandStartPorchServer(defaults *PorchServerOptions, stopCh <-chan struct{}) *cobra.Command { +func NewCommandStartPorchServer(ctx context.Context, defaults *PorchServerOptions) *cobra.Command { o := *defaults cmd := &cobra.Command{ Short: "Launch a porch API server", @@ -92,7 +93,7 @@ func NewCommandStartPorchServer(defaults *PorchServerOptions, stopCh <-chan stru if err := o.Validate(args); err != nil { return err } - if err := o.RunPorchServer(stopCh); err != nil { + if err := o.RunPorchServer(ctx); err != nil { return err } return nil @@ -187,7 +188,7 @@ func (o *PorchServerOptions) Config() (*apiserver.Config, error) { } // RunPorchServer starts a new PorchServer given PorchServerOptions -func (o PorchServerOptions) RunPorchServer(stopCh <-chan struct{}) error { +func (o PorchServerOptions) RunPorchServer(ctx context.Context) error { config, err := o.Config() if err != nil { return err @@ -206,7 +207,7 @@ func (o PorchServerOptions) RunPorchServer(stopCh <-chan struct{}) error { }) } - return server.GenericAPIServer.PrepareRun().Run(stopCh) + return server.Run(ctx) } func (o *PorchServerOptions) AddFlags(fs *pflag.FlagSet) { diff --git a/porch/apiserver/pkg/e2e/e2e_test.go b/porch/apiserver/pkg/e2e/e2e_test.go new file mode 100644 index 0000000000..3a74dca797 --- /dev/null +++ b/porch/apiserver/pkg/e2e/e2e_test.go @@ -0,0 +1,196 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package e2e + +import ( + "context" + "reflect" + "strings" + "testing" + + porchapi "github.com/GoogleContainerTools/kpt/porch/api/porch/v1alpha1" + configapi "github.com/GoogleContainerTools/kpt/porch/controllers/pkg/apis/porch/v1alpha1" + coreapi "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" +) + +func TestE2E(t *testing.T) { + Run(&PorchSuite{}, t) +} + +func Run(suite interface{}, t *testing.T) { + sv := reflect.ValueOf(suite) + st := reflect.TypeOf(suite) + ctx := context.Background() + + t.Run(st.Elem().Name(), func(t *testing.T) { + if init, ok := suite.(Initializer); ok { + init.Initialize(ctx, t) + } + + var ts *TestSuite = sv.Elem().FieldByName("TestSuite").Addr().Interface().(*TestSuite) + + for i, max := 0, st.NumMethod(); i < max; i++ { + m := st.Method(i) + if strings.HasPrefix(m.Name, "Test") { + t.Run(m.Name, func(t *testing.T) { + ts.T = t + m.Func.Call([]reflect.Value{sv, reflect.ValueOf(ctx)}) + }) + } + } + }) +} + +type PorchSuite struct { + TestSuite +} + +var _ Initializer = &PorchSuite{} + +func (t *PorchSuite) TestGitRepository(ctx context.Context) { + if t.ptc.Git.Repo == "" { + t.Skipf("Skipping TestGitRepository; no Git repository specified.") + } + + var secret string + if t.ptc.Git.Username != "" || t.ptc.Git.Token != "" { + const credSecret = "git-repository-auth" + immutable := true + t.CreateF(ctx, &coreapi.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: credSecret, + Namespace: t.namespace, + }, + Immutable: &immutable, + Data: map[string][]byte{ + "username": []byte(t.ptc.Git.Username), + "token": []byte(t.ptc.Git.Token), + }, + // TODO: Store as SecretTypeBasicAuth ? + Type: coreapi.SecretTypeOpaque, + }) + + secret = credSecret + + t.Cleanup(func() { + t.DeleteL(ctx, &coreapi.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: credSecret, + Namespace: t.namespace, + }, + }) + }) + } + + t.CreateF(ctx, &configapi.Repository{ + ObjectMeta: metav1.ObjectMeta{ + Name: "git", + Namespace: t.namespace, + }, + Spec: configapi.RepositorySpec{ + Title: "Porch Test Repository", + Description: "Porch Test Repository Description", + Type: configapi.RepositoryTypeGit, + Content: configapi.RepositoryContentPackage, + Git: &configapi.GitRepository{ + Repo: t.ptc.Git.Repo, + Branch: "main", + SecretRef: configapi.SecretRef{ + Name: secret, + }, + }, + }, + }) + + t.Cleanup(func() { + t.DeleteL(ctx, &configapi.Repository{ + ObjectMeta: metav1.ObjectMeta{ + Name: "git", + Namespace: t.namespace, + }, + }) + }) +} + +func (t *PorchSuite) TestFunctionRepository(ctx context.Context) { + t.CreateF(ctx, &configapi.Repository{ + ObjectMeta: metav1.ObjectMeta{ + Name: "function-repository", + Namespace: t.namespace, + }, + Spec: configapi.RepositorySpec{ + Title: "Function Repository", + Description: "Test Function Repository", + Type: configapi.RepositoryTypeOCI, + Content: configapi.RepositoryContentFunction, + Oci: &configapi.OciRepository{ + Registry: "gcr.io/kpt-fn", + }, + }, + }) + + t.Cleanup(func() { + t.DeleteL(ctx, &configapi.Repository{ + ObjectMeta: metav1.ObjectMeta{ + Name: "function-repository", + Namespace: t.namespace, + }, + }) + }) + + list := &porchapi.FunctionList{} + t.ListE(ctx, list) + + if got := len(list.Items); got == 0 { + t.Errorf("Found no functions in gcr.io/kpt-fn repository; expected at least one") + } +} + +func (t *PorchSuite) TestPublicGitRepository(ctx context.Context) { + const repo = "https://github.com/platkrm/demo-blueprints" + t.CreateF(ctx, &configapi.Repository{ + ObjectMeta: metav1.ObjectMeta{ + Name: "demo-blueprints", + Namespace: t.namespace, + }, + Spec: configapi.RepositorySpec{ + Title: "Public Git Repository", + Type: configapi.RepositoryTypeGit, + Content: configapi.RepositoryContentPackage, + Git: &configapi.GitRepository{ + Repo: repo, + Branch: "main", + }, + }, + }) + + t.Cleanup(func() { + t.DeleteL(ctx, &configapi.Repository{ + ObjectMeta: metav1.ObjectMeta{ + Name: "demo-blueprints", + Namespace: t.namespace, + }, + }) + }) + + var list porchapi.PackageRevisionList + t.ListE(ctx, &list) + + if got := len(list.Items); got == 0 { + t.Errorf("Found no package revisions in %s; expected at least one", repo) + } +} diff --git a/porch/apiserver/pkg/e2e/suite.go b/porch/apiserver/pkg/e2e/suite.go new file mode 100644 index 0000000000..49ada18a14 --- /dev/null +++ b/porch/apiserver/pkg/e2e/suite.go @@ -0,0 +1,206 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package e2e + +import ( + "context" + "fmt" + "io/ioutil" + "os" + "path/filepath" + "testing" + "time" + + porchapi "github.com/GoogleContainerTools/kpt/porch/api/porch/v1alpha1" + configapi "github.com/GoogleContainerTools/kpt/porch/controllers/pkg/apis/porch/v1alpha1" + "gopkg.in/yaml.v2" + coreapi "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/client/config" +) + +const ( + // TODO: accept a flag? + PorchTestConfigFile = "porch-test-config.yaml" +) + +// Format of the optional test configuration file to enable running +// the test with specified GCP project, repositories and authentication. +type PorchTestConfig struct { + Project string `json:"project"` + Git struct { + Repo string `json:"repo"` + Branch string `json:"branch"` + Directory string `json:"directory"` + Username string `json:"username"` + Token Password `json:"token"` + } `json:"git"` + Oci struct { + Registry string `json:"registry"` + } `yaml:"oci"` +} + +type Password string + +func (p Password) String() string { + return "*************" +} + +type TestSuite struct { + *testing.T + client client.Client + + // Namespace used for tests + namespace string + ptc PorchTestConfig +} + +type Initializer interface { + Initialize(ctx context.Context, t *testing.T) +} + +var _ Initializer = &TestSuite{} + +func (pt *TestSuite) Initialize(ctx context.Context, t *testing.T) { + pt.ptc = readTestConfig(t) + + cfg, err := config.GetConfig() + if err != nil { + t.Skipf("Skipping tests - cannot obtain k8s client config: %v", err) + } + + t.Logf("Testing against server: %q", cfg.Host) + cfg.UserAgent = "Porch Test" + + scheme := runtime.NewScheme() + if err := porchapi.AddToScheme(scheme); err != nil { + t.Fatalf("Failed to initialize Porch API client: %v", err) + } + if err := configapi.AddToScheme(scheme); err != nil { + t.Fatalf("Failed to initialize Config API client: %v", err) + } + if err := coreapi.AddToScheme(scheme); err != nil { + t.Fatalf("Failed to initialize Core API client: %v", err) + } + if c, err := client.New(cfg, client.Options{ + Scheme: scheme, + }); err != nil { + t.Fatalf("Failed to initialize k8s client (%s): %v", cfg.Host, err) + } else { + pt.client = c + } + + namespace := fmt.Sprintf("porch-test-%d", time.Now().UnixMicro()) + if err := pt.client.Create(ctx, &coreapi.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: namespace, + }, + }); err != nil { + t.Fatalf("Failed to create test namespace %q: %v", namespace, err) + } else { + pt.namespace = namespace + c := pt.client + t.Cleanup(func() { + if err := c.Delete(ctx, &coreapi.Namespace{ + ObjectMeta: metav1.ObjectMeta{ + Name: namespace, + }, + }); err != nil { + t.Errorf("Failed to clean up namespace %q: %v", namespace, err) + } else { + t.Logf("Successfully cleaned up namespace %q", namespace) + } + }) + } +} + +type ErrorHandler func(format string, args ...interface{}) + +func (t *TestSuite) get(ctx context.Context, key client.ObjectKey, obj client.Object, eh ErrorHandler) { + if err := t.client.Get(ctx, key, obj); err != nil { + eh("failed to get resource %s %s/%s: %v", obj.GetObjectKind().GroupVersionKind(), key.Name, key.Namespace, err) + } +} + +func (c *TestSuite) list(ctx context.Context, list client.ObjectList, opts []client.ListOption, eh ErrorHandler) { + if err := c.client.List(ctx, list, opts...); err != nil { + eh("failed to list resources %s %+v: %v", list.GetObjectKind().GroupVersionKind(), list, err) + } +} + +func (c *TestSuite) create(ctx context.Context, obj client.Object, opts []client.CreateOption, eh ErrorHandler) { + if err := c.client.Create(ctx, obj, opts...); err != nil { + eh("failed to create resource %s %s/%s: %v", obj.GetObjectKind().GroupVersionKind(), obj.GetNamespace(), obj.GetName(), err) + } +} + +func (c *TestSuite) delete(ctx context.Context, obj client.Object, opts []client.DeleteOption, eh ErrorHandler) { + if err := c.client.Delete(ctx, obj, opts...); err != nil { + eh("failed to delete resource %s %s/%s: %v", obj.GetObjectKind().GroupVersionKind(), obj.GetNamespace(), obj.GetName(), err) + } +} + +// update(ctx context.Context, obj Object, opts ...UpdateOption) error +// patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error +// deleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error + +func (c *TestSuite) GetE(ctx context.Context, key client.ObjectKey, obj client.Object) { + c.get(ctx, key, obj, ErrorHandler(c.Errorf)) +} + +func (c *TestSuite) ListE(ctx context.Context, list client.ObjectList, opts ...client.ListOption) { + c.list(ctx, list, opts, c.Errorf) +} + +func (c *TestSuite) CreateF(ctx context.Context, obj client.Object, opts ...client.CreateOption) { + c.create(ctx, obj, opts, c.Fatalf) +} + +func (c *TestSuite) CreateE(ctx context.Context, obj client.Object, opts ...client.CreateOption) { + c.create(ctx, obj, opts, c.Errorf) +} +func (c *TestSuite) DeleteE(ctx context.Context, obj client.Object, opts ...client.DeleteOption) { + c.delete(ctx, obj, opts, c.Errorf) +} + +func (c *TestSuite) DeleteL(ctx context.Context, obj client.Object, opts ...client.DeleteOption) { + c.delete(ctx, obj, opts, c.Logf) +} + +// Update(ctx context.Context, obj Object, opts ...UpdateOption) error +// Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error +// DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error + +func readTestConfig(t *testing.T) PorchTestConfig { + dir, err := os.UserConfigDir() + if err != nil { + t.Logf("Cannot get user config directory: %v; proceeding without config", err) + return PorchTestConfig{} + } + path := filepath.Join(dir, PorchTestConfigFile) + config, err := ioutil.ReadFile(path) + if err != nil { + t.Logf("Cannot read Porch test config %q: %v; proceeding without config", path, err) + return PorchTestConfig{} + } + var ptc PorchTestConfig + if err := yaml.Unmarshal(config, &ptc); err != nil { + t.Fatalf("Failed to parse Porch test config %q: %v; failing...", path, err) + return PorchTestConfig{} + } + return ptc +} diff --git a/porch/apiserver/pkg/registry/porch/background.go b/porch/apiserver/pkg/registry/porch/background.go index eefd4057b8..7803fbdd1a 100644 --- a/porch/apiserver/pkg/registry/porch/background.go +++ b/porch/apiserver/pkg/registry/porch/background.go @@ -28,14 +28,22 @@ import ( "github.com/GoogleContainerTools/kpt/porch/repository/pkg/cache" ) +func RunBackground(ctx context.Context, coreClient client.WithWatch, cache *cache.Cache) { + b := background{ + coreClient: coreClient, + cache: cache, + } + go b.run(ctx) +} + // background manages background tasks type background struct { coreClient client.WithWatch cache *cache.Cache } -// RunForever will run until ctx is done -func (b *background) RunForever(ctx context.Context) { +// run will run until ctx is done +func (b *background) run(ctx context.Context) { klog.Infof("Background routine starting ...") // Repository watch. @@ -83,7 +91,7 @@ loop: bookmark = repository.ResourceVersion klog.Infof("Bookmark: %q", bookmark) } else { - b.updateCache(ctx, event.Type, repository, b.coreClient) + b.updateCache(ctx, event.Type, repository) } } else { klog.V(5).Infof("Received unexpected watch event Object: %T", event.Object) @@ -106,11 +114,11 @@ loop: } } -func (b *background) updateCache(ctx context.Context, event watch.EventType, repository *configapi.Repository, reader client.Reader) error { +func (b *background) updateCache(ctx context.Context, event watch.EventType, repository *configapi.Repository) error { switch event { case watch.Added: klog.Infof("Repository added: %s:%s", repository.ObjectMeta.Namespace, repository.ObjectMeta.Name) - return b.cacheRepository(ctx, reader, repository) + return b.cacheRepository(ctx, repository) case watch.Modified: klog.Infof("Repository modified: %s:%s", repository.ObjectMeta.Namespace, repository.ObjectMeta.Name) // TODO: implement @@ -131,18 +139,14 @@ func (b *background) runOnce(ctx context.Context) error { } for i := range repositories.Items { - b.cacheRepository(ctx, b.coreClient, &repositories.Items[i]) + b.cacheRepository(ctx, &repositories.Items[i]) } return nil } -func (b *background) cacheRepository(ctx context.Context, reader client.Reader, repo *configapi.Repository) error { - secret, err := resolveRepositorySecret(ctx, reader, repo) - if err != nil { - return fmt.Errorf("error resolving secret: %w", err) - } - if _, err := b.cache.OpenRepository(repo, secret); err != nil { +func (b *background) cacheRepository(ctx context.Context, repo *configapi.Repository) error { + if _, err := b.cache.OpenRepository(ctx, repo); err != nil { return fmt.Errorf("error opening repository: %w", err) } return nil diff --git a/porch/apiserver/pkg/registry/porch/functions.go b/porch/apiserver/pkg/registry/porch/functions.go index 833c140ead..132334edb5 100644 --- a/porch/apiserver/pkg/registry/porch/functions.go +++ b/porch/apiserver/pkg/registry/porch/functions.go @@ -28,7 +28,6 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/endpoints/request" "k8s.io/apiserver/pkg/registry/rest" - "k8s.io/klog/v2" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -72,12 +71,7 @@ func (f *functions) List(ctx context.Context, options *metainternalversion.ListO for i := range repositories.Items { repo := &repositories.Items[i] - secret, err := resolveRepositorySecret(ctx, f.coreClient, repo) - if err != nil { - klog.Warningf("cannot resolve repository auth secret: %v", err) - continue - } - fns, err := f.cad.ListFunctions(ctx, repo, secret) + fns, err := f.cad.ListFunctions(ctx, repo) if err != nil { return nil, fmt.Errorf("failed to list repository %s functions: %w", repositories.Items[i].Name, err) } @@ -112,13 +106,8 @@ func (f *functions) Get(ctx context.Context, name string, options *metav1.GetOpt return nil, fmt.Errorf("cannot find repository %q", repositoryKey) } - secret, err := resolveRepositorySecret(ctx, f.coreClient, &repository) - if err != nil { - return nil, err - } - // TODO: implement get to avoid listing - fns, err := f.cad.ListFunctions(ctx, &repository, secret) + fns, err := f.cad.ListFunctions(ctx, &repository) if err != nil { return nil, fmt.Errorf("failed to list repository %s functions: %w", repository.Name, err) } diff --git a/porch/apiserver/pkg/registry/porch/packagecommon.go b/porch/apiserver/pkg/registry/porch/packagecommon.go index 88034cc8fa..87830cdeb9 100644 --- a/porch/apiserver/pkg/registry/porch/packagecommon.go +++ b/porch/apiserver/pkg/registry/porch/packagecommon.go @@ -25,7 +25,6 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" genericapirequest "k8s.io/apiserver/pkg/endpoints/request" - "k8s.io/klog/v2" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -51,13 +50,7 @@ func (r *packageCommon) listPackages(ctx context.Context, callback func(p reposi for i := range repositories.Items { repositoryObj := &repositories.Items[i] - secret, err := resolveRepositorySecret(ctx, r.coreClient, repositoryObj) - if err != nil { - klog.Warningf("cannot resolve repository auth secret: %w", err) - continue - } - - repository, err := r.cad.OpenRepository(repositoryObj, secret) + repository, err := r.cad.OpenRepository(ctx, repositoryObj) if err != nil { return err } @@ -95,12 +88,7 @@ func (r *packageCommon) getPackage(ctx context.Context, name string) (repository return nil, fmt.Errorf("error getting repository %v: %w", repositoryID, err) } - secret, err := resolveRepositorySecret(ctx, r.coreClient, &repositoryObj) - if err != nil { - return nil, fmt.Errorf("cannot resolve repository auth secret: %w", err) - } - - repository, err := r.cad.OpenRepository(&repositoryObj, secret) + repository, err := r.cad.OpenRepository(ctx, &repositoryObj) if err != nil { return nil, err } diff --git a/porch/apiserver/pkg/registry/porch/packagerevision.go b/porch/apiserver/pkg/registry/porch/packagerevision.go index ca54d0ed17..129fe00c3e 100644 --- a/porch/apiserver/pkg/registry/porch/packagerevision.go +++ b/porch/apiserver/pkg/registry/porch/packagerevision.go @@ -126,12 +126,7 @@ func (r *packageRevisions) Create(ctx context.Context, runtimeObject runtime.Obj return nil, apierrors.NewInternalError(fmt.Errorf("error getting repository %v: %w", repositoryID, err)) } - secret, err := resolveRepositorySecret(ctx, r.coreClient, &repositoryObj) - if err != nil { - return nil, apierrors.NewBadRequest(fmt.Sprintf("cannot resolve repository auth secret: %v", err)) - } - - rev, err := r.cad.CreatePackageRevision(ctx, &repositoryObj, secret, obj) + rev, err := r.cad.CreatePackageRevision(ctx, &repositoryObj, obj) if err != nil { return nil, apierrors.NewInternalError(err) } @@ -199,12 +194,7 @@ func (r *packageRevisions) Update(ctx context.Context, name string, objInfo rest return nil, false, apierrors.NewInternalError(fmt.Errorf("error getting repository %v: %w", repositoryID, err)) } - secret, err := resolveRepositorySecret(ctx, r.coreClient, &repositoryObj) - if err != nil { - return nil, false, apierrors.NewBadRequest(fmt.Sprintf("cannot resolve repository auth secret: %v", err)) - } - - rev, err := r.cad.UpdatePackageRevision(ctx, &repositoryObj, secret, oldPackage, oldObj, newObj) + rev, err := r.cad.UpdatePackageRevision(ctx, &repositoryObj, oldPackage, oldObj, newObj) if err != nil { return nil, false, apierrors.NewInternalError(err) } @@ -268,12 +258,7 @@ func (r *packageRevisions) Delete(ctx context.Context, name string, deleteValida return nil, false, apierrors.NewInternalError(fmt.Errorf("error getting repository %v: %w", repositoryID, err)) } - secret, err := resolveRepositorySecret(ctx, r.coreClient, &repositoryObj) - if err != nil { - return nil, false, apierrors.NewBadRequest(fmt.Sprintf("cannot resolve repository auth secret: %v", err)) - } - - if err := r.cad.DeletePackageRevision(ctx, &repositoryObj, secret, oldPackage); err != nil { + if err := r.cad.DeletePackageRevision(ctx, &repositoryObj, oldPackage); err != nil { return nil, false, apierrors.NewInternalError(err) } diff --git a/porch/apiserver/pkg/registry/porch/packagerevisionresources.go b/porch/apiserver/pkg/registry/porch/packagerevisionresources.go index 3b5b600a07..5c6ce4de6e 100644 --- a/porch/apiserver/pkg/registry/porch/packagerevisionresources.go +++ b/porch/apiserver/pkg/registry/porch/packagerevisionresources.go @@ -139,12 +139,7 @@ func (r *packageRevisionResources) Update(ctx context.Context, name string, objI return nil, false, apierrors.NewInternalError(fmt.Errorf("error getting repository %v: %w", repositoryID, err)) } - secret, err := resolveRepositorySecret(ctx, r.coreClient, &repositoryObj) - if err != nil { - return nil, false, apierrors.NewBadRequest(fmt.Sprintf("cannot resolve repository auth secret: %v", err)) - } - - rev, err := r.cad.UpdatePackageResources(ctx, &repositoryObj, secret, oldPackage, oldObj, newObj) + rev, err := r.cad.UpdatePackageResources(ctx, &repositoryObj, oldPackage, oldObj, newObj) if err != nil { return nil, false, apierrors.NewInternalError(err) } diff --git a/porch/apiserver/pkg/registry/porch/secret.go b/porch/apiserver/pkg/registry/porch/secret.go index 7d69f89145..d4f6a147da 100644 --- a/porch/apiserver/pkg/registry/porch/secret.go +++ b/porch/apiserver/pkg/registry/porch/secret.go @@ -18,42 +18,33 @@ import ( "context" "fmt" - configapi "github.com/GoogleContainerTools/kpt/porch/controllers/pkg/apis/porch/v1alpha1" + "github.com/GoogleContainerTools/kpt/porch/repository/pkg/repository" core "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) -func resolveRepositorySecret(ctx context.Context, coreClient client.Reader, spec *configapi.Repository) (map[string][]byte, error) { - var secretName string - - switch spec.Spec.Type { - case configapi.RepositoryTypeOCI: - oci := spec.Spec.Oci - if oci != nil { - secretName = oci.SecretRef.Name - } - - case configapi.RepositoryTypeGit: - git := spec.Spec.Git - if git != nil { - secretName = git.SecretRef.Name - } - - default: - return nil, fmt.Errorf("unrecognized repository type: %q", spec.Spec.Type) +func NewCredentialResolver(coreClient client.Reader) repository.CredentialResolver { + return &secretResolver{ + coreClient: coreClient, } +} - if secretName == "" { - return nil, nil - } +type secretResolver struct { + coreClient client.Reader +} + +var _ repository.CredentialResolver = &secretResolver{} +func (r *secretResolver) ResolveCredential(ctx context.Context, namespace, name string) (repository.Credential, error) { var secret core.Secret - if err := coreClient.Get(ctx, client.ObjectKey{ - Namespace: spec.Namespace, - Name: secretName, + if err := r.coreClient.Get(ctx, client.ObjectKey{ + Namespace: namespace, + Name: name, }, &secret); err != nil { - return nil, err + return repository.Credential{}, fmt.Errorf("cannot resolve credentials in a secret %s/%s: %w", namespace, name, err) } - return secret.Data, nil + return repository.Credential{ + Data: secret.Data, + }, nil } diff --git a/porch/apiserver/pkg/registry/porch/storage.go b/porch/apiserver/pkg/registry/porch/storage.go index dcd4964cf0..90e3e449e9 100644 --- a/porch/apiserver/pkg/registry/porch/storage.go +++ b/porch/apiserver/pkg/registry/porch/storage.go @@ -15,30 +15,17 @@ package porch import ( - "context" - "github.com/GoogleContainerTools/kpt/porch/api/porch" "github.com/GoogleContainerTools/kpt/porch/engine/pkg/engine" - "github.com/GoogleContainerTools/kpt/porch/repository/pkg/cache" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/serializer" - genericregistry "k8s.io/apiserver/pkg/registry/generic" "k8s.io/apiserver/pkg/registry/rest" genericapiserver "k8s.io/apiserver/pkg/server" "sigs.k8s.io/controller-runtime/pkg/client" ) -func NewRESTStorage(scheme *runtime.Scheme, codecs serializer.CodecFactory, restOptionsGetter genericregistry.RESTOptionsGetter, - coreClient client.WithWatch, cacheDirectory string, functionRunnerAddress string) (genericapiserver.APIGroupInfo, error) { - - c := cache.NewCache(cacheDirectory) - cad, err := engine.NewCaDEngine(c, functionRunnerAddress) - - if err != nil { - return genericapiserver.APIGroupInfo{}, err - } - +func NewRESTStorage(scheme *runtime.Scheme, codecs serializer.CodecFactory, cad engine.CaDEngine, coreClient client.WithWatch) (genericapiserver.APIGroupInfo, error) { packageRevisions := &packageRevisions{ TableConvertor: rest.NewDefaultTableConvertor(porch.Resource("packagerevisions")), packageCommon: packageCommon{ @@ -73,12 +60,5 @@ func NewRESTStorage(scheme *runtime.Scheme, codecs serializer.CodecFactory, rest }, } - b := background{ - coreClient: coreClient, - cache: c, - } - ctx := context.Background() // TODO: support cancellation - go b.RunForever(ctx) - return group, nil } diff --git a/porch/config/deploy/0-namespace.yaml b/porch/config/deploy/1-namespace.yaml similarity index 100% rename from porch/config/deploy/0-namespace.yaml rename to porch/config/deploy/1-namespace.yaml diff --git a/porch/config/deploy/1-service-account.yaml b/porch/config/deploy/1-service-account.yaml deleted file mode 100644 index 2711eccd74..0000000000 --- a/porch/config/deploy/1-service-account.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -kind: ServiceAccount -apiVersion: v1 -metadata: - name: apiserver - namespace: porch-system diff --git a/porch/func/config/deploy/function-runner.yaml b/porch/config/deploy/2-function-runner.yaml similarity index 94% rename from porch/func/config/deploy/function-runner.yaml rename to porch/config/deploy/2-function-runner.yaml index 6bdbc83f91..37da39d8d0 100644 --- a/porch/func/config/deploy/function-runner.yaml +++ b/porch/config/deploy/2-function-runner.yaml @@ -29,7 +29,7 @@ spec: spec: containers: - name: function-runner - image: UPDATE_ME + image: gcr.io/example-google-project-id/function-runner:latest imagePullPolicy: Always ports: - containerPort: 9445 diff --git a/porch/config/deploy/2-deployment.yaml b/porch/config/deploy/3-porch-server.yaml similarity index 66% rename from porch/config/deploy/2-deployment.yaml rename to porch/config/deploy/3-porch-server.yaml index 161ac41d3d..c1c9eb3545 100644 --- a/porch/config/deploy/2-deployment.yaml +++ b/porch/config/deploy/3-porch-server.yaml @@ -12,6 +12,15 @@ # See the License for the specific language governing permissions and # limitations under the License. + +kind: ServiceAccount +apiVersion: v1 +metadata: + name: porch-server + namespace: porch-system + +--- + apiVersion: apps/v1 kind: Deployment metadata: @@ -29,9 +38,24 @@ spec: labels: apiserver: "true" spec: - serviceAccountName: apiserver + serviceAccountName: porch-server containers: - name: porch-server - # Update image to the image of your apiserver build. - image: UPDATE_ME # for example: gcr.io/my-gcp-project/porch:0.0.1 + # Update image to the image of your porch apiserver build. + image: gcr.io/example-google-project-id/porch-server:latest imagePullPolicy: Always + +--- + +apiVersion: v1 +kind: Service +metadata: + name: api + namespace: porch-system +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 443 + selector: + apiserver: "true" diff --git a/porch/config/deploy/3-service.yaml b/porch/config/deploy/3-service.yaml deleted file mode 100644 index f9de465ec8..0000000000 --- a/porch/config/deploy/3-service.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: api - namespace: porch-system -spec: - ports: - - port: 443 - protocol: TCP - targetPort: 443 - selector: - apiserver: "true" diff --git a/porch/config/deploy/6-rbac-bind.yaml b/porch/config/deploy/6-rbac-bind.yaml index d2e473f74d..445c826d8c 100644 --- a/porch/config/deploy/6-rbac-bind.yaml +++ b/porch/config/deploy/6-rbac-bind.yaml @@ -22,5 +22,5 @@ roleRef: name: aggregated-apiserver-clusterrole subjects: - kind: ServiceAccount - name: apiserver - namespace: porch-system \ No newline at end of file + name: porch-server + namespace: porch-system diff --git a/porch/config/deploy/7-auth-reader.yaml b/porch/config/deploy/7-auth-reader.yaml index babe0918d4..a6d3fd446b 100644 --- a/porch/config/deploy/7-auth-reader.yaml +++ b/porch/config/deploy/7-auth-reader.yaml @@ -23,5 +23,5 @@ roleRef: name: extension-apiserver-authentication-reader subjects: - kind: ServiceAccount - name: apiserver + name: porch-server namespace: porch-system diff --git a/porch/config/deploy/8-auth-delegator.yaml b/porch/config/deploy/8-auth-delegator.yaml index 5f0431bf58..03044447b4 100644 --- a/porch/config/deploy/8-auth-delegator.yaml +++ b/porch/config/deploy/8-auth-delegator.yaml @@ -22,5 +22,5 @@ roleRef: name: system:auth-delegator subjects: - kind: ServiceAccount - name: apiserver + name: porch-server namespace: porch-system diff --git a/porch/controllers/config/deploy/manifest.yaml b/porch/config/deploy/9-controllers.yaml similarity index 93% rename from porch/controllers/config/deploy/manifest.yaml rename to porch/config/deploy/9-controllers.yaml index 1c5b96d935..ddefb83a47 100644 --- a/porch/controllers/config/deploy/manifest.yaml +++ b/porch/config/deploy/9-controllers.yaml @@ -12,13 +12,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: v1 -kind: Namespace -metadata: - name: porch-system - ---- - kind: ServiceAccount apiVersion: v1 metadata: @@ -49,6 +42,11 @@ spec: - name: porch-controllers # Update to the image of your porch-controllers build. image: gcr.io/example-google-project-id/porch-controllers:latest + env: + - name: GCP_PROJECT_ID + value: example-google-project-id + - name: HACK_ENABLE_LOOPBACK + value: "1" --- diff --git a/porch/config/samples/oci-repository.yaml b/porch/config/samples/oci-repository.yaml index 991e41ec1f..d8150a9b65 100644 --- a/porch/config/samples/oci-repository.yaml +++ b/porch/config/samples/oci-repository.yaml @@ -23,5 +23,5 @@ spec: content: PackageRevision type: oci oci: - # TODO: Update with your OCI repository. - registry: us-west1-docker.pkg.dev/mmaly-bc-1/blueprints + # Replace with your OCI repository. + registry: us-west1-docker.pkg.dev/example-google-project-id/packages diff --git a/porch/controllers/Makefile b/porch/controllers/Makefile index 5709021495..1a0be52ce3 100644 --- a/porch/controllers/Makefile +++ b/porch/controllers/Makefile @@ -14,7 +14,14 @@ # GCP project to use for development GCP_PROJECT_ID ?= $(shell gcloud config get-value project) +IMAGE_TAG ?= latest +IMAGE_REPO ?= gcr.io/$(GCP_PROJECT_ID) +IMAGE_NAME ?= porch-controllers .PHONY: push-image push-image: - cd ../..; docker buildx build --push --tag gcr.io/${GCP_PROJECT_ID}/porch-controllers:latest -f porch/controllers/Dockerfile . + cd ../..; docker buildx build --push --tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) -f porch/controllers/Dockerfile . + +.PHONY: build-image +build-image: + cd ../..; docker buildx build --load --tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) -f porch/controllers/Dockerfile . diff --git a/porch/controllers/pkg/apis/porch/v1alpha1/config.porch.kpt.dev_repositories.yaml b/porch/controllers/pkg/apis/porch/v1alpha1/config.porch.kpt.dev_repositories.yaml index 14134f401a..1920a325d2 100644 --- a/porch/controllers/pkg/apis/porch/v1alpha1/config.porch.kpt.dev_repositories.yaml +++ b/porch/controllers/pkg/apis/porch/v1alpha1/config.porch.kpt.dev_repositories.yaml @@ -18,7 +18,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.7.0 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null name: repositories.config.porch.kpt.dev spec: @@ -49,7 +49,7 @@ spec: type: object spec: description: "RepositorySpec defines the desired state of Repository \n - Notes: * deployment repository - in KRM API ConfigSync would be configured + Notes: * deployment repository - in KRM API ConfigSync would be configured directly? (or via this API)" properties: content: @@ -67,7 +67,7 @@ spec: branch: description: Name of the branch containig the packages. Finalized packages will be committed to this branch (if the repository - allows write access). + allows write access). If unspecified, defaults to "main". type: string directory: description: Directory within the Git repository where the packages @@ -75,7 +75,7 @@ spec: is considered a package. If unspecified, defaults to root directory. type: string repo: - description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' + description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' type: string secretRef: description: Reference to secret containing authentication credentials. @@ -85,10 +85,10 @@ spec: be located in the same namespace as the resource containing the reference. type: string + required: + - name type: object required: - - branch - - directory - repo type: object mutators: @@ -139,6 +139,8 @@ spec: be located in the same namespace as the resource containing the reference. type: string + required: + - name type: object required: - registry @@ -161,7 +163,7 @@ spec: branch: description: Name of the branch containig the packages. Finalized packages will be committed to this branch (if the repository - allows write access). + allows write access). If unspecified, defaults to "main". type: string directory: description: Directory within the Git repository where the @@ -170,7 +172,8 @@ spec: to root directory. type: string repo: - description: 'Address of the Git repository, for example: `https://github.com/GoogleCloudPlatform/blueprints.git`' + description: 'Address of the Git repository, for example: + `https://github.com/GoogleCloudPlatform/blueprints.git`' type: string secretRef: description: Reference to secret containing authentication @@ -181,10 +184,10 @@ spec: to be located in the same namespace as the resource containing the reference. type: string + required: + - name type: object required: - - branch - - directory - repo type: object oci: @@ -203,6 +206,8 @@ spec: to be located in the same namespace as the resource containing the reference. type: string + required: + - name type: object required: - registry diff --git a/porch/controllers/pkg/apis/porch/v1alpha1/groupversion_info.go b/porch/controllers/pkg/apis/porch/v1alpha1/groupversion_info.go index 2904a0589f..bd09b5b3a7 100644 --- a/porch/controllers/pkg/apis/porch/v1alpha1/groupversion_info.go +++ b/porch/controllers/pkg/apis/porch/v1alpha1/groupversion_info.go @@ -23,7 +23,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" ) -//go:generate go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.7.0 object object:headerFile="../../../../../hack/boilerplate.go.txt" crd:crdVersions=v1 output:crd:artifacts:config=. paths=./... +//go:generate go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0 object object:headerFile="../../../../../hack/boilerplate.go.txt" crd:crdVersions=v1 output:crd:artifacts:config=. paths=./... var ( // GroupVersion is group version used to register these objects diff --git a/porch/controllers/pkg/apis/porch/v1alpha1/types.go b/porch/controllers/pkg/apis/porch/v1alpha1/types.go index 37e6aec5bd..568eba96c3 100644 --- a/porch/controllers/pkg/apis/porch/v1alpha1/types.go +++ b/porch/controllers/pkg/apis/porch/v1alpha1/types.go @@ -86,10 +86,10 @@ type GitRepository struct { // Address of the Git repository, for example: // `https://github.com/GoogleCloudPlatform/blueprints.git` Repo string `json:"repo"` - // Name of the branch containig the packages. Finalized packages will be committed to this branch (if the repository allows write access). - Branch string `json:"branch"` + // Name of the branch containig the packages. Finalized packages will be committed to this branch (if the repository allows write access). If unspecified, defaults to "main". + Branch string `json:"branch,omitempty"` // Directory within the Git repository where the packages are stored. A subdirectory of this directory containing a Kptfile is considered a package. If unspecified, defaults to root directory. - Directory string `json:"directory"` + Directory string `json:"directory,omitempty"` // Reference to secret containing authentication credentials. SecretRef SecretRef `json:"secretRef,omitempty"` } @@ -124,7 +124,7 @@ type RepositoryRef struct { type SecretRef struct { // Name of the secret. The secret is expected to be located in the same namespace as the resource containing the reference. - Name string `json:"name,omitempty"` + Name string `json:"name"` } type FunctionEval struct { diff --git a/porch/controllers/remoterootsync/api/v1alpha1/groupversion_info.go b/porch/controllers/remoterootsync/api/v1alpha1/groupversion_info.go index f9d88ff4bd..fbf632a4e8 100644 --- a/porch/controllers/remoterootsync/api/v1alpha1/groupversion_info.go +++ b/porch/controllers/remoterootsync/api/v1alpha1/groupversion_info.go @@ -22,7 +22,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/scheme" ) -//go:generate go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.1 object object:headerFile="../../../../hack/boilerplate.go.txt" paths="./..." +//go:generate go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0 object object:headerFile="../../../../hack/boilerplate.go.txt" paths="./..." var ( // GroupVersion is group version used to register these objects diff --git a/porch/controllers/remoterootsync/config/crd/bases/config.cloud.google.com_remoterootsyncsets.yaml b/porch/controllers/remoterootsync/config/crd/bases/config.cloud.google.com_remoterootsyncsets.yaml index aeaa2bb398..64821300c8 100644 --- a/porch/controllers/remoterootsync/config/crd/bases/config.cloud.google.com_remoterootsyncsets.yaml +++ b/porch/controllers/remoterootsync/config/crd/bases/config.cloud.google.com_remoterootsyncsets.yaml @@ -18,7 +18,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.4.1 + controller-gen.kubebuilder.io/version: v0.8.0 creationTimestamp: null name: remoterootsyncsets.config.cloud.google.com spec: @@ -98,13 +98,13 @@ spec: the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, type FooStatus struct{ - \ // Represents the observations of a foo's current state. - \ // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type - \ // +patchStrategy=merge // +listType=map // - +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` - \n // other fields }" + // Represents the observations of a foo's current state. + // Known .status.conditions.type are: \"Available\", \"Progressing\", + and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields + }" properties: lastTransitionTime: description: lastTransitionTime is the last time the condition diff --git a/porch/controllers/remoterootsync/config/samples/hack-self-apply-rbac.yaml b/porch/controllers/remoterootsync/config/samples/hack-self-apply-rbac.yaml new file mode 100644 index 0000000000..dee8daced3 --- /dev/null +++ b/porch/controllers/remoterootsync/config/samples/hack-self-apply-rbac.yaml @@ -0,0 +1,47 @@ +# Copyright 2022 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: porch-controllers-self-apply +rules: +- apiGroups: + - "" + - "apps" + - "rbac.authorization.k8s.io" + - "authentication.k8s.io" + - "authorization.k8s.io" + - "apiregistration.k8s.io" + - "admissionregistration.k8s.io" + - "flowcontrol.apiserver.k8s.io" + - "mutatingwebhookconfigurations" + - "validatingwebhookconfigurations" + resources: ["*"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: porch-system:porch-controllers:porch-controllers-self-apply +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: porch-controllers-self-apply +subjects: +- kind: ServiceAccount + name: porch-controllers + namespace: porch-system diff --git a/porch/controllers/remoterootsync/config/samples/hack-self-apply.yaml b/porch/controllers/remoterootsync/config/samples/hack-self-apply.yaml index 5f9dcdd563..339135107e 100644 --- a/porch/controllers/remoterootsync/config/samples/hack-self-apply.yaml +++ b/porch/controllers/remoterootsync/config/samples/hack-self-apply.yaml @@ -23,4 +23,7 @@ spec: - apiVersion: container.cnrm.cloud.google.com/v1beta1 kind: ContainerCluster name: loopback! # TODO: This is a hack used during development, remove once we are more end-to-end enabled. - template: {} \ No newline at end of file + template: + oci: + #repository: us-west1-docker.pkg.dev/example-google-project-id/deployment/myfirstnginx:v1 + repository: us-west1-docker.pkg.dev/example-google-project-id/packages/porch:v0.0.1 diff --git a/porch/controllers/remoterootsync/go.mod b/porch/controllers/remoterootsync/go.mod index 62061d3b33..cd5c636953 100644 --- a/porch/controllers/remoterootsync/go.mod +++ b/porch/controllers/remoterootsync/go.mod @@ -90,7 +90,7 @@ require ( gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect google.golang.org/api v0.62.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/grpc v1.43.0 // indirect + google.golang.org/grpc v1.44.0 // indirect google.golang.org/protobuf v1.27.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/porch/controllers/remoterootsync/go.sum b/porch/controllers/remoterootsync/go.sum index 8092770078..1186b0dd08 100644 --- a/porch/controllers/remoterootsync/go.sum +++ b/porch/controllers/remoterootsync/go.sum @@ -78,8 +78,6 @@ github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBp github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= -github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= -github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -88,7 +86,6 @@ github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugX github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= @@ -103,19 +100,15 @@ github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:m github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= -github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= -github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= -github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= @@ -124,7 +117,6 @@ github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmV github.com/armon/go-metrics v0.3.10/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM= @@ -153,12 +145,10 @@ github.com/census-instrumentation/opencensus-proto v0.3.0 h1:t/LhUZLVitR1Ow2YOnd github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/certifi/gocertifi v0.0.0-20191021191039-0944d244cd40/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= github.com/certifi/gocertifi v0.0.0-20200922220541-2c3bb06c6054/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -304,7 +294,6 @@ github.com/danieljoos/wincred v1.1.0/go.mod h1:XYlo+eRTsVA9aHGp7NGjFkPla4m+DCL7h github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/daviddengcn/go-colortext v0.0.0-20160507010035-511bcaf42ccd/go.mod h1:dv4zxwHi5C/8AeI+4gX4dCWOIvNi7I6JCSX0HvlKPgE= github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= @@ -334,7 +323,6 @@ github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25Kn github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -350,17 +338,13 @@ github.com/envoyproxy/protoc-gen-validate v0.6.2 h1:JiO+kJTpmYGjEodY7O1Zk8oZcNz1 github.com/envoyproxy/protoc-gen-validate v0.6.2/go.mod h1:2t7qjJNvHPx8IjnBOzl9E9/baC+qXE/TeeyBRzgJDws= github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= -github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c= github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k= @@ -370,19 +354,11 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4 github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= -github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= -github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= -github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= -github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-git-fixtures/v4 v4.3.1/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= -github.com/go-git/go-git/v5 v5.4.3-0.20220119145113-935af59cf64f/go.mod h1:U7oc8MDRtQhVD6StooNkBMVsh/Y4J/2Vl36Mo4IclvM= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -395,12 +371,9 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= -github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.1/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2 h1:ahHml/yUpnlb96Rp8HCvtYVPY8ZYpxq3g7UYchIYwbs= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v0.4.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= github.com/go-logr/zapr v1.2.0 h1:n4JnPI1T3Qq1SFEi/F8rwLrZERp2bso19PJZDB9dayk= github.com/go-logr/zapr v1.2.0/go.mod h1:Qa4Bsj2Vb+FAVeAKsLD8RLQ+YRJB8YDmOAKxaBQf7Ro= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= @@ -414,7 +387,6 @@ github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= @@ -466,7 +438,6 @@ github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golangplus/testing v0.0.0-20180327235837-af21d9c3145e/go.mod h1:0AA//k/eakGydO4jKRoRL2j92ZKSzTgj9tclaCrvXHk= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= @@ -511,7 +482,6 @@ github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -585,7 +555,6 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/igorsobreira/titlecase v0.0.0-20140109233139-4156b5b858ac/go.mod h1:KOzUkqpWM2xArNm82cehGc5PBFYV1Qadzzt81aJi7F0= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -594,9 +563,7 @@ github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= -github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= @@ -615,8 +582,6 @@ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/X github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= -github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= -github.com/kevinburke/ssh_config v1.1.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= @@ -639,8 +604,6 @@ github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= -github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= @@ -650,7 +613,6 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= -github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= @@ -664,7 +626,6 @@ github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOA github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= @@ -680,7 +641,6 @@ github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrk github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= @@ -703,7 +663,6 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ= github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= @@ -715,10 +674,8 @@ github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= -github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/olekukonko/tablewriter v0.0.4/go.mod h1:zq6QwlOf5SlnkVbMSr5EoBv3636FWnp+qbPhuoO21uA= github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -727,19 +684,14 @@ github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+ github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= -github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= -github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= -github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= -github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.17.0 h1:9Luw4uT5HTjHTN8+aNcSThgH1vdXnmdJ8xIfZ4wyTRE= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -767,11 +719,6 @@ github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqi github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= -github.com/otiai10/copy v1.7.0/go.mod h1:rmRl6QPdJj6EiUqXQ/4Nn2lLXoNQjFCQbbNrxgc/t3U= -github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= -github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= -github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= -github.com/otiai10/mint v1.3.3/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= @@ -779,7 +726,6 @@ github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrap github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/philopon/go-toposort v0.0.0-20170620085441-9be86dbd762f/go.mod h1:/iRjX3DdSK956SzsUdV55J+wIsQ+2IBWmBrB4RvZfk4= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -834,7 +780,6 @@ github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40T github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= @@ -843,8 +788,6 @@ github.com/sagikazarmark/crypt v0.3.0/go.mod h1:uD/D+6UF4SrIR1uGEv7bBNkNqLGqUr43 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= -github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= @@ -886,7 +829,6 @@ github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/y github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= github.com/spf13/viper v1.10.0/go.mod h1:SoyBPwAtKDzypXNDFKN5kzH7ppppbGZtls1UpIy5AsM= -github.com/spyzhov/ajson v0.4.2/go.mod h1:63V+CGM6f1Bu/p4nLIN8885ojBdt88TbLoSFzyqMuVA= github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -926,13 +868,10 @@ github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17 github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= -github.com/xanzy/ssh-agent v0.3.1/go.mod h1:QIE4lCeL7nkC25x+yA3LBIYfwCc1TFziCtG7cBAac6w= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= -github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -984,15 +923,12 @@ go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4 go.opentelemetry.io/otel/trace v0.20.0 h1:1DL6EXUdcg95gukhuRRvLDO/4X5THh/5dIV52lqtnbw= go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= -go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5/go.mod h1:nmDLcffg48OtT/PSW0Hg7FvpRQsQh5OSqIylirxKC7o= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= -go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= @@ -1000,7 +936,6 @@ go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.19.1 h1:ue41HOKd1vGURxrmeKIgELGb3jPW9DMUDGtsinblHwI= -go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1016,9 +951,7 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5 h1:HWj/xjIHfjYU5nVXpTM0s39J9CbLn7Cc5a7IC5rwsMQ= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1108,12 +1041,9 @@ golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= -golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= -golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= @@ -1183,7 +1113,6 @@ golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191002063906-3421d5a6bb1c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1230,7 +1159,6 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1253,21 +1181,17 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210817190340-bfb29a6856f2/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211029165221-6e7872819dc8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b h1:9zKuko04nR4gjZ4+DNjHqRlAJqbJETHwiNKDqTfOjfE= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1343,7 +1267,6 @@ golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82u golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= @@ -1507,8 +1430,9 @@ google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnD google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc v1.43.0 h1:Eeu7bZtDZ2DpRCsLhUlcrLnvYaMK1Gz86a+hMVvELmM= google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg= +google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -1549,7 +1473,6 @@ gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -1579,77 +1502,49 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/api v0.22.2/go.mod h1:y3ydYpLJAaDI+BbSe2xmGcqxiWHmWjkEeIbiwHvnPR8= -k8s.io/api v0.23.0/go.mod h1:8wmDdLBHBNxtOIytwLstXt5E9PddnZb0GaMcqsvDBpg= k8s.io/api v0.23.3 h1:KNrME8KHGr12Ozjf8ytOewKzZh6hl/hHUZeHddT3a38= k8s.io/api v0.23.3/go.mod h1:w258XdGyvCmnBj/vGzQMj6kzdufJZVUwEM1U2fRJwSQ= -k8s.io/apiextensions-apiserver v0.22.2/go.mod h1:2E0Ve/isxNl7tWLSUDgi6+cmwHi5fQRdwGVCxbC+KFA= -k8s.io/apiextensions-apiserver v0.23.0/go.mod h1:xIFAEEDlAZgpVBl/1VSjGDmLoXAWRG40+GsWhKhAxY4= k8s.io/apiextensions-apiserver v0.23.3 h1:JvPJA7hSEAqMRteveq4aj9semilAZYcJv+9HHFWfUdM= k8s.io/apiextensions-apiserver v0.23.3/go.mod h1:/ZpRXdgKZA6DvIVPEmXDCZJN53YIQEUDF+hrpIQJL38= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apimachinery v0.22.2/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= -k8s.io/apimachinery v0.23.0/go.mod h1:fFCTTBKvKcwTPFzjlcxp91uPFZr+JA0FubU4fLzzFYc= -k8s.io/apimachinery v0.23.1/go.mod h1:SADt2Kl8/sttJ62RRsi9MIV4o8f5S3coArm0Iu3fBno= k8s.io/apimachinery v0.23.3 h1:7IW6jxNzrXTsP0c8yXz2E5Yx/WTzVPTsHIx/2Vm0cIk= k8s.io/apimachinery v0.23.3/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/apiserver v0.22.2/go.mod h1:vrpMmbyjWrgdyOvZTSpsusQq5iigKNWv9o9KlDAbBHI= -k8s.io/apiserver v0.23.0/go.mod h1:Cec35u/9zAepDPPFyT+UMrgqOCjgJ5qtfVJDxjZYmt4= k8s.io/apiserver v0.23.3/go.mod h1:3HhsTmC+Pn+Jctw+Ow0LHA4dQ4oXrQ4XJDzrVDG64T4= -k8s.io/cli-runtime v0.22.2/go.mod h1:tkm2YeORFpbgQHEK/igqttvPTRIHFRz5kATlw53zlMI= -k8s.io/cli-runtime v0.23.3/go.mod h1:yA00O5pDqnjkBh8fkuugBbfIfjB1nOpz+aYLotbnOfc= k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/client-go v0.22.2/go.mod h1:sAlhrkVDf50ZHx6z4K0S40wISNTarf1r800F+RlCF6U= -k8s.io/client-go v0.23.0/go.mod h1:hrDnpnK1mSr65lHHcUuIZIXDgEbzc7/683c6hyG4jTA= k8s.io/client-go v0.23.3 h1:23QYUmCQ/W6hW78xIwm3XqZrrKZM+LWDqW2zfo+szJs= k8s.io/client-go v0.23.3/go.mod h1:47oMd+YvAOqZM7pcQ6neJtBiFH7alOyfunYN48VsmwE= -k8s.io/code-generator v0.22.2/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o= -k8s.io/code-generator v0.23.0/go.mod h1:vQvOhDXhuzqiVfM/YHp+dmg10WDZCchJVObc9MvowsE= -k8s.io/code-generator v0.23.1/go.mod h1:V7yn6VNTCWW8GqodYCESVo95fuiEg713S8B7WacWZDA= k8s.io/code-generator v0.23.3/go.mod h1:S0Q1JVA+kSzTI1oUvbKAxZY/DYbA/ZUb4Uknog12ETk= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/component-base v0.22.2/go.mod h1:5Br2QhI9OTe79p+TzPe9JKNQYvEKbq9rTJDWllunGug= -k8s.io/component-base v0.23.0/go.mod h1:DHH5uiFvLC1edCpvcTDV++NKULdYYU6pR9Tt3HIKMKI= k8s.io/component-base v0.23.3 h1:q+epprVdylgecijVGVdf4MbizEL2feW4ssd7cdo6LVY= k8s.io/component-base v0.23.3/go.mod h1:1Smc4C60rWG7d3HjSYpIwEbySQ3YWg0uzH5a2AtaTLg= -k8s.io/component-helpers v0.22.2/go.mod h1:+N61JAR9aKYSWbnLA88YcFr9K/6ISYvRNybX7QW7Rs8= k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= -k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= -k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= -k8s.io/klog/v2 v2.10.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.40.1 h1:P4RRucWk/lFOlDdkAr3mc7iWFkgKrZY9qZMAgek06S4= k8s.io/klog/v2 v2.40.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= k8s.io/kube-openapi v0.0.0-20220104150652-0d48a347b383 h1:8BfasNV1dEzgebHIGV/JZyhV2jo1rUdO/shzjo15ov4= k8s.io/kube-openapi v0.0.0-20220104150652-0d48a347b383/go.mod h1:sX9MT8g7NVZM5lVL/j8QyCCJe8YSMW30QvGZWaCIDIk= -k8s.io/kubectl v0.22.2/go.mod h1:BApg2j0edxLArCOfO0ievI27EeTQqBDMNU9VQH734iQ= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/metrics v0.22.2/go.mod h1:GUcsBtpsqQD1tKFS/2wCKu4ZBowwRncLOJH1rgWs3uw= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210820185131-d34e5cb4466e/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211208161948-7d6a63dca704 h1:ZKMMxTvduyf5WUtREOqg5LiXaN1KO/+0oOQPRFrClpo= k8s.io/utils v0.0.0-20211208161948-7d6a63dca704/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= @@ -1658,29 +1553,14 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.25/go.mod h1:Mlj9PNLmG9bZ6BHFwFKDo5afkpWyUISkb9Me0GnK66I= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27/go.mod h1:tq2nT0Kx7W+/f2JVE+zxYtUhdjuELJkVpNz+x/QN5R4= -sigs.k8s.io/cli-utils v0.27.0/go.mod h1:8ll2fyx+bzjbwmwUnKBQU+2LDbMDsxy44DiDZ+drALg= -sigs.k8s.io/controller-runtime v0.10.1/go.mod h1:CQp8eyUQZ/Q7PJvnIrB6/hgfTC1kBkGylwsLgOQi1WY= sigs.k8s.io/controller-runtime v0.11.0 h1:DqO+c8mywcZLFJWILq4iktoECTyn30Bkj0CwgqMpZWQ= sigs.k8s.io/controller-runtime v0.11.0/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA= sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 h1:kDi4JBNAsJWfz1aEXhO8Jg87JJaPNLh5tIzYHgStQ9Y= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= -sigs.k8s.io/kustomize/api v0.8.11/go.mod h1:a77Ls36JdfCWojpUqR6m60pdGY1AYFix4AH83nJtY1g= -sigs.k8s.io/kustomize/api v0.10.1/go.mod h1:2FigT1QN6xKdcnGS2Ppp1uIWrtWN28Ms8A3OZUZhwr8= -sigs.k8s.io/kustomize/api v0.11.1/go.mod h1:GZuhith5YcqxIDe0GnRJNx5xxPTjlwaLTt/e+ChUtJA= -sigs.k8s.io/kustomize/cmd/config v0.9.13/go.mod h1:7547FLF8W/lTaDf0BDqFTbZxM9zqwEJqCKN9sSR0xSs= -sigs.k8s.io/kustomize/kustomize/v4 v4.2.0/go.mod h1:MOkR6fmhwG7hEDRXBYELTi5GSFcLwfqwzTRHW3kv5go= -sigs.k8s.io/kustomize/kyaml v0.11.0/go.mod h1:GNMwjim4Ypgp/MueD3zXHLRJEjz7RvtPae0AwlvEMFM= -sigs.k8s.io/kustomize/kyaml v0.12.0/go.mod h1:FTJxEZ86ScK184NpGSAQcfEqee0nul8oLCK30D47m4E= -sigs.k8s.io/kustomize/kyaml v0.13.0/go.mod h1:FTJxEZ86ScK184NpGSAQcfEqee0nul8oLCK30D47m4E= -sigs.k8s.io/kustomize/kyaml v0.13.3/go.mod h1:/ya3Gk4diiQzlE4mBh7wykyLRFZNvqlbh+JnwQ9Vhrc= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= -sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= -sigs.k8s.io/structured-merge-diff/v4 v4.2.0/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/porch/controllers/remoterootsync/main.go b/porch/controllers/remoterootsync/main.go index c2b5c81c0f..329126b9e0 100644 --- a/porch/controllers/remoterootsync/main.go +++ b/porch/controllers/remoterootsync/main.go @@ -14,7 +14,7 @@ package main -//go:generate go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.1 crd:preserveUnknownFields=false rbac:roleName=configmanagement-operator webhook paths="./..." output:crd:artifacts:config=config/crd/bases +//go:generate go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0 crd rbac:roleName=configmanagement-operator webhook paths="./..." output:crd:artifacts:config=config/crd/bases import ( "context" diff --git a/porch/docs/running-on-gke.md b/porch/docs/running-on-gke.md new file mode 100644 index 0000000000..c57bb6563c --- /dev/null +++ b/porch/docs/running-on-gke.md @@ -0,0 +1,59 @@ +# Running ok GKE + +Create a GKE cluster: + +**Note**: We need the release-channel=rapid as we depend on k8s 1.22 (because of priority and fairness APIs moving to beta2) + +``` +gcloud container clusters create-auto --region us-central1 --release-channel=rapid porch-dev +``` + +Ensure you are targeting the GKE cluster: +``` +gcloud container clusters get-credentials --region us-central1 porch-dev +``` + +Create service accounts and assign roles: +``` +GCP_PROJECT_ID=$(gcloud config get-value project) +gcloud iam service-accounts create porch-server +gcloud iam service-accounts create porch-sync + +# We want to create and delete images +gcloud projects add-iam-policy-binding ${GCP_PROJECT_ID} \ + --member "serviceAccount:porch-server@${GCP_PROJECT_ID}.iam.gserviceaccount.com" \ + --role "roles/artifactregistry.repoAdmin" +gcloud iam service-accounts add-iam-policy-binding porch-server@${GCP_PROJECT_ID}.iam.gserviceaccount.com \ + --role roles/iam.workloadIdentityUser \ + --member "serviceAccount:${GCP_PROJECT_ID}.svc.id.goog[porch-system/apiserver]" + +gcloud projects add-iam-policy-binding ${GCP_PROJECT_ID} \ + --member "serviceAccount:porch-sync@${GCP_PROJECT_ID}.iam.gserviceaccount.com" \ + --role "roles/artifactregistry.reader" +gcloud iam service-accounts add-iam-policy-binding porch-sync@${GCP_PROJECT_ID}.iam.gserviceaccount.com \ + --role roles/iam.workloadIdentityUser \ + --member "serviceAccount:${GCP_PROJECT_ID}.svc.id.goog[porch-system/porch-controllers]" +``` + +Build Porch, push images, and deploy porch server and controllers: + +``` +IMAGE_TAG=$(git rev-parse --short HEAD) make push-and-deploy +``` + +Create some example repositories / packages: + +``` +make apply-dev-config +./config/samples/create-deployment-package.sh +``` + +To test out remoterootsync self-applying: + +``` +# Grant more RBAC permissions than are normally needed (equivalent to admin permissions) +kubectl apply -f controllers/remoterootsync/config/samples/hack-self-apply-rbac.yaml + +# Apply the RemoteRootSyncSet +cat controllers/remoterootsync/config/samples/hack-self-apply.yaml | sed -e s/example-google-project-id/${GCP_PROJECT_ID}/g | kubectl apply -f - +``` diff --git a/porch/engine/go.sum b/porch/engine/go.sum index 28705d3d55..7e2cae6e00 100644 --- a/porch/engine/go.sum +++ b/porch/engine/go.sum @@ -74,7 +74,6 @@ github.com/GoogleContainerTools/kpt-functions-catalog/functions/go/apply-setters github.com/GoogleContainerTools/kpt-functions-catalog/functions/go/apply-setters v0.2.0/go.mod h1:D+1CuvT4BecI7ZokGUVPdjnhT+z0z1/9NB6HGH4cTSI= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd h1:sjQovDkwrZp8u+gxLtPgKGjk5hCxuy2hrRejBTA9xFU= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= -github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -118,7 +117,6 @@ github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:C github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= @@ -433,7 +431,6 @@ github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -473,8 +470,6 @@ github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Z github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= -github.com/google/cel-go v0.9.0/go.mod h1:U7ayypeSkw23szu4GaQTPJGx66c20mx8JklMSxrmI1w= -github.com/google/cel-spec v0.6.0/go.mod h1:Nwjgxy5CbjlPrtCWjeDjUyKMl8w41YBYGjsyDdqk0xA= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -588,7 +583,6 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/igorsobreira/titlecase v0.0.0-20140109233139-4156b5b858ac/go.mod h1:KOzUkqpWM2xArNm82cehGc5PBFYV1Qadzzt81aJi7F0= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= @@ -752,7 +746,6 @@ github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDs github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.17.0 h1:9Luw4uT5HTjHTN8+aNcSThgH1vdXnmdJ8xIfZ4wyTRE= -github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -796,7 +789,6 @@ github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCko github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/philopon/go-toposort v0.0.0-20170620085441-9be86dbd762f h1:WyCn68lTiytVSkk7W1K9nBiSGTSRlUOdyTnSjwrIlok= -github.com/philopon/go-toposort v0.0.0-20170620085441-9be86dbd762f/go.mod h1:/iRjX3DdSK956SzsUdV55J+wIsQ+2IBWmBrB4RvZfk4= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -1006,14 +998,11 @@ go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.17.0/go.mod h1:MXVU+bhUf/A7Xi2HNOnopQOrmycQ5Ih87HtOu4q5SSo= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= -go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -1131,7 +1120,6 @@ golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211216030914-fe4d6282115f h1:hEYJvxw1lSnWIl8X9ofsYMklzaDs90JI2az5YMd4fPM= @@ -1274,7 +1262,6 @@ golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211029165221-6e7872819dc8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM= @@ -1451,7 +1438,6 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201102152239-715cce707fb0/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -1592,26 +1578,19 @@ k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= k8s.io/api v0.22.2/go.mod h1:y3ydYpLJAaDI+BbSe2xmGcqxiWHmWjkEeIbiwHvnPR8= -k8s.io/api v0.23.0/go.mod h1:8wmDdLBHBNxtOIytwLstXt5E9PddnZb0GaMcqsvDBpg= k8s.io/api v0.23.3 h1:KNrME8KHGr12Ozjf8ytOewKzZh6hl/hHUZeHddT3a38= k8s.io/api v0.23.3/go.mod h1:w258XdGyvCmnBj/vGzQMj6kzdufJZVUwEM1U2fRJwSQ= k8s.io/apiextensions-apiserver v0.22.2/go.mod h1:2E0Ve/isxNl7tWLSUDgi6+cmwHi5fQRdwGVCxbC+KFA= -k8s.io/apiextensions-apiserver v0.23.0/go.mod h1:xIFAEEDlAZgpVBl/1VSjGDmLoXAWRG40+GsWhKhAxY4= -k8s.io/apiextensions-apiserver v0.23.3/go.mod h1:/ZpRXdgKZA6DvIVPEmXDCZJN53YIQEUDF+hrpIQJL38= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= k8s.io/apimachinery v0.22.2/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= -k8s.io/apimachinery v0.23.0/go.mod h1:fFCTTBKvKcwTPFzjlcxp91uPFZr+JA0FubU4fLzzFYc= -k8s.io/apimachinery v0.23.1/go.mod h1:SADt2Kl8/sttJ62RRsi9MIV4o8f5S3coArm0Iu3fBno= k8s.io/apimachinery v0.23.3 h1:7IW6jxNzrXTsP0c8yXz2E5Yx/WTzVPTsHIx/2Vm0cIk= k8s.io/apimachinery v0.23.3/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= k8s.io/apiserver v0.22.2/go.mod h1:vrpMmbyjWrgdyOvZTSpsusQq5iigKNWv9o9KlDAbBHI= -k8s.io/apiserver v0.23.0/go.mod h1:Cec35u/9zAepDPPFyT+UMrgqOCjgJ5qtfVJDxjZYmt4= -k8s.io/apiserver v0.23.3/go.mod h1:3HhsTmC+Pn+Jctw+Ow0LHA4dQ4oXrQ4XJDzrVDG64T4= k8s.io/cli-runtime v0.22.2/go.mod h1:tkm2YeORFpbgQHEK/igqttvPTRIHFRz5kATlw53zlMI= k8s.io/cli-runtime v0.23.3 h1:aJiediw+uUbxkfO6BNulcAMTUoU9Om43g3R7rIkYqcw= k8s.io/cli-runtime v0.23.3/go.mod h1:yA00O5pDqnjkBh8fkuugBbfIfjB1nOpz+aYLotbnOfc= @@ -1619,18 +1598,13 @@ k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= k8s.io/client-go v0.22.2/go.mod h1:sAlhrkVDf50ZHx6z4K0S40wISNTarf1r800F+RlCF6U= -k8s.io/client-go v0.23.0/go.mod h1:hrDnpnK1mSr65lHHcUuIZIXDgEbzc7/683c6hyG4jTA= k8s.io/client-go v0.23.3 h1:23QYUmCQ/W6hW78xIwm3XqZrrKZM+LWDqW2zfo+szJs= k8s.io/client-go v0.23.3/go.mod h1:47oMd+YvAOqZM7pcQ6neJtBiFH7alOyfunYN48VsmwE= k8s.io/code-generator v0.22.2/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o= -k8s.io/code-generator v0.23.0/go.mod h1:vQvOhDXhuzqiVfM/YHp+dmg10WDZCchJVObc9MvowsE= -k8s.io/code-generator v0.23.1/go.mod h1:V7yn6VNTCWW8GqodYCESVo95fuiEg713S8B7WacWZDA= -k8s.io/code-generator v0.23.3/go.mod h1:S0Q1JVA+kSzTI1oUvbKAxZY/DYbA/ZUb4Uknog12ETk= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= k8s.io/component-base v0.22.2/go.mod h1:5Br2QhI9OTe79p+TzPe9JKNQYvEKbq9rTJDWllunGug= -k8s.io/component-base v0.23.0/go.mod h1:DHH5uiFvLC1edCpvcTDV++NKULdYYU6pR9Tt3HIKMKI= k8s.io/component-base v0.23.3 h1:q+epprVdylgecijVGVdf4MbizEL2feW4ssd7cdo6LVY= k8s.io/component-base v0.23.3/go.mod h1:1Smc4C60rWG7d3HjSYpIwEbySQ3YWg0uzH5a2AtaTLg= k8s.io/component-helpers v0.22.2/go.mod h1:+N61JAR9aKYSWbnLA88YcFr9K/6ISYvRNybX7QW7Rs8= @@ -1661,7 +1635,6 @@ k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20210820185131-d34e5cb4466e/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20211208161948-7d6a63dca704 h1:ZKMMxTvduyf5WUtREOqg5LiXaN1KO/+0oOQPRFrClpo= k8s.io/utils v0.0.0-20211208161948-7d6a63dca704/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= @@ -1671,12 +1644,9 @@ rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.22/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.25/go.mod h1:Mlj9PNLmG9bZ6BHFwFKDo5afkpWyUISkb9Me0GnK66I= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.27/go.mod h1:tq2nT0Kx7W+/f2JVE+zxYtUhdjuELJkVpNz+x/QN5R4= sigs.k8s.io/cli-utils v0.27.0 h1:BxI7lPNn0fBZa5g4UwR+ShJyL4CCxELA6tLHbr2YrpU= sigs.k8s.io/cli-utils v0.27.0/go.mod h1:8ll2fyx+bzjbwmwUnKBQU+2LDbMDsxy44DiDZ+drALg= sigs.k8s.io/controller-runtime v0.10.1/go.mod h1:CQp8eyUQZ/Q7PJvnIrB6/hgfTC1kBkGylwsLgOQi1WY= -sigs.k8s.io/controller-runtime v0.11.0/go.mod h1:KKwLiTooNGu+JmLZGn9Sl3Gjmfj66eMbCQznLP5zcqA= sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6/go.mod h1:p4QtZmO4uMYipTQNzagwnNoseA6OxSUutVw05NhYDRs= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 h1:kDi4JBNAsJWfz1aEXhO8Jg87JJaPNLh5tIzYHgStQ9Y= sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz4CVE26eOSDAeYCpfDnC2kdKMY= @@ -1695,7 +1665,6 @@ sigs.k8s.io/kustomize/kyaml v0.13.3/go.mod h1:/ya3Gk4diiQzlE4mBh7wykyLRFZNvqlbh+ sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= -sigs.k8s.io/structured-merge-diff/v4 v4.2.0/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= sigs.k8s.io/structured-merge-diff/v4 v4.2.1/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/porch/engine/pkg/engine/clone.go b/porch/engine/pkg/engine/clone.go index 8b6cbe2967..20e6b10f3a 100644 --- a/porch/engine/pkg/engine/clone.go +++ b/porch/engine/pkg/engine/clone.go @@ -81,8 +81,8 @@ func (m *clonePackageMutation) cloneFromGit(ctx context.Context, gitPackage *api defer os.RemoveAll(dir) // TODO: Add support for authentication. - var auth repository.AuthOptions = nil - r, err := git.OpenRepository("", "", &spec, auth, dir) + var credentialResolver repository.CredentialResolver = nil + r, err := git.OpenRepository(ctx, "", "", &spec, credentialResolver, dir) if err != nil { return repository.PackageResources{}, fmt.Errorf("cannot clone Git repository: %w", err) } diff --git a/porch/engine/pkg/engine/engine.go b/porch/engine/pkg/engine/engine.go index d08872ab2d..f03261a8f5 100644 --- a/porch/engine/pkg/engine/engine.go +++ b/porch/engine/pkg/engine/engine.go @@ -28,59 +28,34 @@ import ( api "github.com/GoogleContainerTools/kpt/porch/api/porch/v1alpha1" configapi "github.com/GoogleContainerTools/kpt/porch/controllers/pkg/apis/porch/v1alpha1" "github.com/GoogleContainerTools/kpt/porch/engine/pkg/kpt" - "github.com/GoogleContainerTools/kpt/porch/func/evaluator" "github.com/GoogleContainerTools/kpt/porch/repository/pkg/cache" "github.com/GoogleContainerTools/kpt/porch/repository/pkg/repository" - "google.golang.org/grpc" - "google.golang.org/grpc/credentials/insecure" - "k8s.io/klog/v2" ) type CaDEngine interface { - OpenRepository(repositorySpec *configapi.Repository, auth repository.AuthOptions) (repository.Repository, error) - CreatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, obj *api.PackageRevision) (repository.PackageRevision, error) - UpdatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, oldPackage repository.PackageRevision, old, new *api.PackageRevision) (repository.PackageRevision, error) - UpdatePackageResources(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, oldPackage repository.PackageRevision, old, new *api.PackageRevisionResources) (repository.PackageRevision, error) - DeletePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, obj repository.PackageRevision) error - ListFunctions(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions) ([]repository.Function, error) + OpenRepository(ctx context.Context, repositorySpec *configapi.Repository) (repository.Repository, error) + CreatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, obj *api.PackageRevision) (repository.PackageRevision, error) + UpdatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, oldPackage repository.PackageRevision, old, new *api.PackageRevision) (repository.PackageRevision, error) + UpdatePackageResources(ctx context.Context, repositoryObj *configapi.Repository, oldPackage repository.PackageRevision, old, new *api.PackageRevisionResources) (repository.PackageRevision, error) + DeletePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, obj repository.PackageRevision) error + ListFunctions(ctx context.Context, repositoryObj *configapi.Repository) ([]repository.Function, error) } -func NewCaDEngine(cache *cache.Cache, functionRunnerAddress string) (CaDEngine, error) { - runtime, err := createFunctionRuntime(functionRunnerAddress) - if err != nil { - return nil, fmt.Errorf("failed to create function runtime: %w", err) - } - - return &cadEngine{ - cache: cache, - renderer: kpt.NewRenderer(), - runtime: runtime, - }, nil -} - -func createFunctionRuntime(address string) (kpt.FunctionRuntime, error) { - if address == "" { - klog.Warningf("Using simple kpt function runner (in-process)") - return kpt.NewSimpleFunctionRuntime(), nil - } - - klog.Infof("Dialing grpc function runner %q", address) - - cc, err := grpc.Dial(address, grpc.WithTransportCredentials(insecure.NewCredentials())) - if err != nil { - return nil, fmt.Errorf("failed to dial grpc function evaluator: %w", err) +func NewCaDEngine(opts ...EngineOption) (CaDEngine, error) { + engine := &cadEngine{} + for _, opt := range opts { + if err := opt.apply(engine); err != nil { + return nil, err + } } - - return &grpcRuntime{ - cc: cc, - client: evaluator.NewFunctionEvaluatorClient(cc), - }, err + return engine, nil } type cadEngine struct { - cache *cache.Cache - renderer fn.Renderer - runtime fn.FunctionRuntime + cache *cache.Cache + renderer fn.Renderer + runtime fn.FunctionRuntime + credentialResolver repository.CredentialResolver } var _ CaDEngine = &cadEngine{} @@ -89,12 +64,12 @@ type mutation interface { Apply(ctx context.Context, resources repository.PackageResources) (repository.PackageResources, *api.Task, error) } -func (cad *cadEngine) OpenRepository(repositorySpec *configapi.Repository, auth repository.AuthOptions) (repository.Repository, error) { - return cad.cache.OpenRepository(repositorySpec, auth) +func (cad *cadEngine) OpenRepository(ctx context.Context, repositorySpec *configapi.Repository) (repository.Repository, error) { + return cad.cache.OpenRepository(ctx, repositorySpec) } -func (cad *cadEngine) CreatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, obj *api.PackageRevision) (repository.PackageRevision, error) { - repo, err := cad.cache.OpenRepository(repositoryObj, auth) +func (cad *cadEngine) CreatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, obj *api.PackageRevision) (repository.PackageRevision, error) { + repo, err := cad.cache.OpenRepository(ctx, repositoryObj) if err != nil { return nil, err } @@ -156,8 +131,8 @@ func (cad *cadEngine) mapTaskToMutation(ctx context.Context, obj *api.PackageRev } } -func (cad *cadEngine) UpdatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, oldPackage repository.PackageRevision, oldObj, newObj *api.PackageRevision) (repository.PackageRevision, error) { - repo, err := cad.cache.OpenRepository(repositoryObj, auth) +func (cad *cadEngine) UpdatePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, oldPackage repository.PackageRevision, oldObj, newObj *api.PackageRevision) (repository.PackageRevision, error) { + repo, err := cad.cache.OpenRepository(ctx, repositoryObj) if err != nil { return nil, err } @@ -219,8 +194,8 @@ func (cad *cadEngine) UpdatePackageRevision(ctx context.Context, repositoryObj * return updateDraft(ctx, draft, resources, mutations) } -func (cad *cadEngine) DeletePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, oldPackage repository.PackageRevision) error { - repo, err := cad.cache.OpenRepository(repositoryObj, auth) +func (cad *cadEngine) DeletePackageRevision(ctx context.Context, repositoryObj *configapi.Repository, oldPackage repository.PackageRevision) error { + repo, err := cad.cache.OpenRepository(ctx, repositoryObj) if err != nil { return err } @@ -232,8 +207,8 @@ func (cad *cadEngine) DeletePackageRevision(ctx context.Context, repositoryObj * return nil } -func (cad *cadEngine) UpdatePackageResources(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions, oldPackage repository.PackageRevision, old, new *api.PackageRevisionResources) (repository.PackageRevision, error) { - repo, err := cad.cache.OpenRepository(repositoryObj, auth) +func (cad *cadEngine) UpdatePackageResources(ctx context.Context, repositoryObj *configapi.Repository, oldPackage repository.PackageRevision, old, new *api.PackageRevisionResources) (repository.PackageRevision, error) { + repo, err := cad.cache.OpenRepository(ctx, repositoryObj) if err != nil { return nil, err } @@ -281,8 +256,8 @@ func updateDraft(ctx context.Context, draft repository.PackageDraft, baseResourc return draft.Close(ctx) } -func (cad *cadEngine) ListFunctions(ctx context.Context, repositoryObj *configapi.Repository, auth repository.AuthOptions) ([]repository.Function, error) { - repo, err := cad.cache.OpenRepository(repositoryObj, auth) +func (cad *cadEngine) ListFunctions(ctx context.Context, repositoryObj *configapi.Repository) ([]repository.Function, error) { + repo, err := cad.cache.OpenRepository(ctx, repositoryObj) if err != nil { return nil, err } diff --git a/porch/engine/pkg/engine/options.go b/porch/engine/pkg/engine/options.go new file mode 100644 index 0000000000..624339e168 --- /dev/null +++ b/porch/engine/pkg/engine/options.go @@ -0,0 +1,104 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package engine + +import ( + "fmt" + + "github.com/GoogleContainerTools/kpt/pkg/fn" + "github.com/GoogleContainerTools/kpt/porch/engine/pkg/kpt" + "github.com/GoogleContainerTools/kpt/porch/func/evaluator" + "github.com/GoogleContainerTools/kpt/porch/repository/pkg/cache" + "github.com/GoogleContainerTools/kpt/porch/repository/pkg/repository" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials/insecure" + "k8s.io/klog/v2" +) + +type EngineOption interface { + apply(engine *cadEngine) error +} + +type EngineOptionFunc func(engine *cadEngine) error + +var _ EngineOption = EngineOptionFunc(nil) + +func (f EngineOptionFunc) apply(engine *cadEngine) error { + return f(engine) +} + +func WithCache(cache *cache.Cache) EngineOption { + return EngineOptionFunc(func(engine *cadEngine) error { + engine.cache = cache + return nil + }) +} + +func WithGRPCFunctionRuntime(address string) EngineOption { + return EngineOptionFunc(func(engine *cadEngine) error { + runtime, err := createFunctionRuntime(address) + if err != nil { + return fmt.Errorf("failed to create function runtime: %w", err) + } + engine.runtime = runtime + return nil + }) +} + +func WithFunctionRuntime(runtime fn.FunctionRuntime) EngineOption { + return EngineOptionFunc(func(engine *cadEngine) error { + engine.runtime = runtime + return nil + }) +} + +func WithSimpleFunctionRuntime() EngineOption { + return EngineOptionFunc(func(engine *cadEngine) error { + engine.runtime = kpt.NewSimpleFunctionRuntime() + return nil + }) +} + +func WithRenderer(renderer fn.Renderer) EngineOption { + return EngineOptionFunc(func(engine *cadEngine) error { + engine.renderer = renderer + return nil + }) +} + +func WithCredentialResolver(resolver repository.CredentialResolver) EngineOption { + return EngineOptionFunc(func(engine *cadEngine) error { + engine.credentialResolver = resolver + return nil + }) +} + +func createFunctionRuntime(address string) (kpt.FunctionRuntime, error) { + if address == "" { + return nil, fmt.Errorf("address is required to instantiate gRPC function runtime") + } + + klog.Infof("Dialing grpc function runner %q", address) + + cc, err := grpc.Dial(address, grpc.WithTransportCredentials(insecure.NewCredentials())) + if err != nil { + return nil, fmt.Errorf("failed to dial grpc function evaluator: %w", err) + } + + return &grpcRuntime{ + cc: cc, + client: evaluator.NewFunctionEvaluatorClient(cc), + }, err +} diff --git a/porch/engine/pkg/engine/render.go b/porch/engine/pkg/engine/render.go index 347cda5460..3f42055e74 100644 --- a/porch/engine/pkg/engine/render.go +++ b/porch/engine/pkg/engine/render.go @@ -23,6 +23,7 @@ import ( "github.com/GoogleContainerTools/kpt/pkg/fn" api "github.com/GoogleContainerTools/kpt/porch/api/porch/v1alpha1" "github.com/GoogleContainerTools/kpt/porch/repository/pkg/repository" + "k8s.io/klog/v2" "sigs.k8s.io/kustomize/kyaml/filesys" ) @@ -41,11 +42,17 @@ func (m *renderPackageMutation) Apply(ctx context.Context, resources repository. return repository.PackageResources{}, nil, err } - if err := m.renderer.Render(ctx, fs, fn.RenderOptions{ - PkgPath: pkgPath, - Runtime: m.runtime, - }); err != nil { - return repository.PackageResources{}, nil, err + if pkgPath == "" { + // We need this for the no-resources case + // TODO: we should handle this better + klog.Warningf("skipping render as no package was found") + } else { + if err := m.renderer.Render(ctx, fs, fn.RenderOptions{ + PkgPath: pkgPath, + Runtime: m.runtime, + }); err != nil { + return repository.PackageResources{}, nil, err + } } result, err := readResources(fs) diff --git a/porch/engine/pkg/kpt/fs_test.go b/porch/engine/pkg/kpt/fs_test.go index b2ccf2aebd..7a8e81a172 100644 --- a/porch/engine/pkg/kpt/fs_test.go +++ b/porch/engine/pkg/kpt/fs_test.go @@ -20,7 +20,6 @@ import ( "github.com/GoogleContainerTools/kpt/internal/fnruntime" "github.com/GoogleContainerTools/kpt/internal/printer/fake" "github.com/GoogleContainerTools/kpt/internal/util/render" - "github.com/google/go-cmp/cmp" "sigs.k8s.io/kustomize/kyaml/filesys" ) @@ -120,7 +119,6 @@ spec: } } -// TODO: Make this test work by uncommenting the portions func TestMemFSRenderSubpkgs(t *testing.T) { appResources := `apiVersion: apps/v1 kind: Deployment @@ -149,6 +147,25 @@ pipeline: configMap: tier: db` + dbResources := `apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: db +spec: + replicas: 3` + dbKptfile := `apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: db +pipeline: + mutators: + - image: gcr.io/kpt-fn/set-namespace:v0.2.0 + configMap: + namespace: db + - image: gcr.io/kpt-fn/set-labels:v0.1.5 + configMap: + app: backend` + expectedAppResources := `apiVersion: apps/v1 kind: Deployment metadata: @@ -168,10 +185,21 @@ metadata: tier: db spec: image: nginx:1.2.3 +` + expectedDbResources := `apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: db + namespace: staging + labels: + app: backend + tier: db +spec: + replicas: 3 ` fs := filesys.MakeFsInMemory() - if err := fs.MkdirAll("app"); err != nil { - t.Errorf(`MkdirAll("a/b/c") failed %v`, err) + if err := fs.MkdirAll("app/db"); err != nil { + t.Errorf(`MkdirAll("app/db") failed %v`, err) } if err := fs.WriteFile("/app/resources.yaml", []byte(appResources)); err != nil { t.Errorf("Failed to write file: %v", err) @@ -179,6 +207,12 @@ spec: if err := fs.WriteFile("/app/Kptfile", []byte(appKptfile)); err != nil { t.Errorf("Failed to write file: %v", err) } + if err := fs.WriteFile("/app/db/resources.yaml", []byte(dbResources)); err != nil { + t.Errorf("Failed to write file: %v", err) + } + if err := fs.WriteFile("/app/db/Kptfile", []byte(dbKptfile)); err != nil { + t.Errorf("Failed to write file: %v", err) + } r := render.Renderer{ PkgPath: "/app", @@ -191,12 +225,16 @@ spec: t.Errorf("Failed to render: %v", err) } - rr, _ := fs.ReadFile("/app/resources.yaml") - println(string(rr)) - if res, err := fs.ReadFile("/app/resources.yaml"); err != nil { t.Errorf("Failed to read file: %v", err) } else if got, want := string(res), expectedAppResources; got != want { - t.Errorf("unexpected file contents: got %q, want %q\n%s", got, want, cmp.Diff(want, got)) + println(got) + t.Errorf("unexpected file contents: got %q, want %q", got, want) + } + + if res, err := fs.ReadFile("/app/db/resources.yaml"); err != nil { + t.Errorf("Failed to read file: %v", err) + } else if got, want := string(res), expectedDbResources; got != want { + t.Errorf("unexpected file contents: got %q, want %q", got, want) } } diff --git a/porch/func/Dockerfile b/porch/func/Dockerfile index f5536b7da8..ce500d53ab 100644 --- a/porch/func/Dockerfile +++ b/porch/func/Dockerfile @@ -25,8 +25,8 @@ FROM gcr.io/kpt-fn/upsert-resource:v0.2.0 as upsert-resource FROM golang:1.17.6-alpine3.15 as builder WORKDIR /build COPY . ./func -RUN cd ./func ; go mod download -RUN cd ./func ; go build -o /server ./server +RUN cd ./func ; go mod download -x +RUN cd ./func ; go build -v -o /server ./server FROM alpine:3.15 diff --git a/porch/func/Makefile b/porch/func/Makefile index 7c6eba62af..5331af36b8 100644 --- a/porch/func/Makefile +++ b/porch/func/Makefile @@ -30,8 +30,8 @@ $(COMPILED_PROTO): evaluator/evaluator.proto .PHONY: build-image build-image: - docker buildx build --tag $(IMAGE_NAME):$(IMAGE_TAG) --tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) . + docker buildx build --load --tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) . .PHONY: push-image push-image: - docker buildx build --push --tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) . \ No newline at end of file + docker buildx build --push --tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) . diff --git a/porch/hack/Deploy-Kustomization-Template b/porch/hack/Deploy-Kustomization-Template new file mode 100644 index 0000000000..6b8a5c2187 --- /dev/null +++ b/porch/hack/Deploy-Kustomization-Template @@ -0,0 +1,11 @@ +# Kustomization file template used to create Porch deployment configuration +# The file is instantiated from ../.build/deploy so paths are relative to that location. +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +bases: +- ../../controllers +- ../../config/deploy +images: +- name: gcr.io/example-google-project-id/function-runner:latest +- name: gcr.io/example-google-project-id/porch-controllers:latest +- name: gcr.io/example-google-project-id/porch-server:latest diff --git a/porch/hack/Dockerfile b/porch/hack/Dockerfile index dfd227354a..3b1338cdd8 100644 --- a/porch/hack/Dockerfile +++ b/porch/hack/Dockerfile @@ -60,7 +60,7 @@ COPY porch/apiserver porch/apiserver COPY porch/controllers porch/controllers COPY porch/engine porch/engine COPY porch/repository porch/repository - +COPY porch/func porch/func RUN cd porch/apiserver; go build -v -o /porch ./cmd/porch diff --git a/porch/hack/build-image.sh b/porch/hack/build-image.sh deleted file mode 100755 index 131ceed460..0000000000 --- a/porch/hack/build-image.sh +++ /dev/null @@ -1,100 +0,0 @@ -#!/usr/bin/env bash -# Copyright 2022 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - - -BASE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../.." && pwd )" - -# Parse arguments - -TAG="${TAG:-latest}" -PROJECT="${PROJECT}" -REPOSITORY="${REPOSITORY}" - -while [[ $# -gt 0 ]]; do - key="${1}" - - case "${key}" in - --project) - PROJECT="${2}" - shift 2 - ;; - - --project=*) - PROJECT="${key#*=}" - shift - ;; - - --tag) - TAG="${2}" - shift 2 - ;; - - --tag=*) - TAG="${key#*=}" - shift - ;; - - --repository) - REPOSITORY="${2}" - shift 2 - ;; - - --repository=*) - REPOSITORY="${key#*=}" - shift - ;; - - --push) - PUSH=Yes - shift - ;; - - *) - echo "Invalid argument: ${key}" - exit 1 - ;; - - esac -done - -function error() { - echo $1 - cat </oci/ (so we don't need to pull to read resources) // * We poll the repositories (every minute) and Cache the discovered images in memory. type Cache struct { - mutex sync.Mutex - repositories map[string]*cachedRepository - cacheDir string + mutex sync.Mutex + repositories map[string]*cachedRepository + cacheDir string + credentialResolver repository.CredentialResolver } -func NewCache(cacheDir string) *Cache { +func NewCache(cacheDir string, credentialResolver repository.CredentialResolver) *Cache { return &Cache{ - repositories: make(map[string]*cachedRepository), - cacheDir: cacheDir, + repositories: make(map[string]*cachedRepository), + cacheDir: cacheDir, + credentialResolver: credentialResolver, } } -func (c *Cache) OpenRepository(repositorySpec *configapi.Repository, auth repository.AuthOptions) (*cachedRepository, error) { +func (c *Cache) OpenRepository(ctx context.Context, repositorySpec *configapi.Repository) (*cachedRepository, error) { switch repositoryType := repositorySpec.Spec.Type; repositoryType { case configapi.RepositoryTypeOCI: ociSpec := repositorySpec.Spec.Oci @@ -90,7 +93,7 @@ func (c *Cache) OpenRepository(repositorySpec *configapi.Repository, auth reposi cr := c.repositories[key] if cr == nil { - if r, err := git.OpenRepository(repositorySpec.Name, repositorySpec.Namespace, gitSpec, auth, filepath.Join(c.cacheDir, "git")); err != nil { + if r, err := git.OpenRepository(ctx, repositorySpec.Name, repositorySpec.Namespace, gitSpec, c.credentialResolver, filepath.Join(c.cacheDir, "git")); err != nil { return nil, err } else { cr = newRepository(key, r) diff --git a/porch/repository/pkg/git/draft.go b/porch/repository/pkg/git/draft.go index 33aece1f63..d9c7459ee4 100644 --- a/porch/repository/pkg/git/draft.go +++ b/porch/repository/pkg/git/draft.go @@ -93,10 +93,15 @@ func (d *gitPackageDraft) Close(ctx context.Context) (repository.PackageRevision refSpec := config.RefSpec(fmt.Sprintf("%s:%s", d.draft.Name(), d.draft.Name().String())) klog.Infof("pushing refspec %v", refSpec) + auth, err := d.parent.getAuthMethod(ctx) + if err != nil { + return nil, fmt.Errorf("failed to obtain git credentials: %w", err) + } + if err := d.parent.repo.Push(&git.PushOptions{ RemoteName: "origin", RefSpecs: []config.RefSpec{refSpec}, - Auth: d.parent.auth, + Auth: auth, RequireRemoteRefs: []config.RefSpec{}, }); err != nil { return nil, fmt.Errorf("failed to push to git: %w", err) diff --git a/porch/repository/pkg/git/git.go b/porch/repository/pkg/git/git.go index 95f51649fa..c219087f03 100644 --- a/porch/repository/pkg/git/git.go +++ b/porch/repository/pkg/git/git.go @@ -51,17 +51,25 @@ type GitRepository interface { GetPackage(ref, path string) (repository.PackageRevision, kptfilev1.GitLock, error) } -func OpenRepository(name, namespace string, spec *configapi.GitRepository, authOpts repository.AuthOptions, root string) (GitRepository, error) { +func OpenRepository(ctx context.Context, name, namespace string, spec *configapi.GitRepository, resolver repository.CredentialResolver, root string) (GitRepository, error) { replace := strings.NewReplacer("/", "-", ":", "-") dir := filepath.Join(root, replace.Replace(spec.Repo)) - auth := createAuth(authOpts) var repo *gogit.Repository + var auth transport.AuthMethod if fi, err := os.Stat(dir); err != nil { if !os.IsNotExist(err) { return nil, err } + + if secret := spec.SecretRef.Name; secret != "" && resolver != nil { + auth, err = resolveCredential(ctx, namespace, secret, resolver) + if err != nil { + return nil, err + } + } + opts := gogit.CloneOptions{ URL: spec.Repo, Auth: auth, @@ -106,33 +114,41 @@ func OpenRepository(name, namespace string, spec *configapi.GitRepository, authO } return &gitRepository{ - name: name, - namespace: namespace, - repo: repo, - auth: auth, + name: name, + namespace: namespace, + repo: repo, + secret: spec.SecretRef.Name, + credentialResolver: resolver, + cachedCredentials: auth, }, nil } -func createAuth(auth repository.AuthOptions) transport.AuthMethod { - if auth == nil { - return nil +func resolveCredential(ctx context.Context, namespace, name string, resolver repository.CredentialResolver) (transport.AuthMethod, error) { + cred, err := resolver.ResolveCredential(ctx, namespace, name) + if err != nil { + return nil, fmt.Errorf("failed to obtain credential from secret %s/%s: %w", namespace, name, err) } - if username, uok := auth["username"]; uok { - if token, tok := auth["token"]; tok { - return &http.BasicAuth{ - Username: string(username), - Password: string(token), - } - } + + username := cred.Data["username"] + password, ok := cred.Data["password"] + if !ok { + // Try "token" for back-compat; TODO: remove + password = cred.Data["token"] } - return nil + + return &http.BasicAuth{ + Username: string(username), + Password: string(password), + }, nil } type gitRepository struct { - name string - namespace string - repo *gogit.Repository - auth transport.AuthMethod + name string + namespace string + secret string + repo *gogit.Repository + cachedCredentials transport.AuthMethod + credentialResolver repository.CredentialResolver } func (r *gitRepository) ListPackageRevisions(ctx context.Context) ([]repository.PackageRevision, error) { @@ -237,6 +253,11 @@ func (r *gitRepository) ApprovePackageRevision(ctx context.Context, path, revisi return nil, fmt.Errorf("cannot find draft package branch %q: %w", refName, err) } + auth, err := r.getAuthMethod(ctx) + if err != nil { + return nil, fmt.Errorf("failed to obtain git credentials: %w", err) + } + approvedName := createApprovedRefName(path, revision) newRef := plumbing.NewHashReference(approvedName, oldRef.Hash()) @@ -244,7 +265,7 @@ func (r *gitRepository) ApprovePackageRevision(ctx context.Context, path, revisi options := &git.PushOptions{ RemoteName: "origin", RefSpecs: []config.RefSpec{}, - Auth: r.auth, + Auth: auth, RequireRemoteRefs: []config.RefSpec{}, } @@ -523,3 +544,17 @@ func (r *gitRepository) dumpAllRefs() { } } } + +func (r *gitRepository) getAuthMethod(ctx context.Context) (transport.AuthMethod, error) { + if r.cachedCredentials == nil { + if r.secret != "" { + if auth, err := resolveCredential(ctx, r.namespace, r.secret, r.credentialResolver); err != nil { + return nil, err + } else { + r.cachedCredentials = auth + } + } + } + + return r.cachedCredentials, nil +} diff --git a/porch/repository/pkg/git/git_test.go b/porch/repository/pkg/git/git_test.go index 088efdb276..48e5f23a07 100644 --- a/porch/repository/pkg/git/git_test.go +++ b/porch/repository/pkg/git/git_test.go @@ -106,10 +106,11 @@ func TestGitPackageRoundTrip(t *testing.T) { spec := &configapi.GitRepository{ Repo: gitServerURL, } - authOpts := repository.AuthOptions{} + + var credentialResolver repository.CredentialResolver root := filepath.Join(tempdir, "work") - repo, err := OpenRepository(name, namespace, spec, authOpts, root) + repo, err := OpenRepository(ctx, name, namespace, spec, credentialResolver, root) if err != nil { t.Fatalf("failed to open repository: %v", err) } @@ -161,7 +162,7 @@ func TestGitPackageRoundTrip(t *testing.T) { // We reopen to refetch // TODO: This is pretty hacky... - repo, err = OpenRepository(name, namespace, spec, authOpts, root) + repo, err = OpenRepository(ctx, name, namespace, spec, credentialResolver, root) if err != nil { t.Fatalf("failed to open repository: %v", err) } diff --git a/porch/repository/pkg/repository/repository.go b/porch/repository/pkg/repository/repository.go index 96c4f1206c..803ef5f5bd 100644 --- a/porch/repository/pkg/repository/repository.go +++ b/porch/repository/pkg/repository/repository.go @@ -20,8 +20,6 @@ import ( "github.com/GoogleContainerTools/kpt/porch/api/porch/v1alpha1" ) -type AuthOptions map[string][]byte - // TODO: "sigs.k8s.io/kustomize/kyaml/filesys" FileSystem? type PackageResources struct { Contents map[string]string @@ -69,3 +67,12 @@ type FunctionRepository interface { // TODO: Should repository understand functions, or just packages (and function is just a package in an OCI repo?) ListFunctions(ctx context.Context) ([]Function, error) } + +type Credential struct { + // TODO: support different credential types + Data map[string][]byte +} + +type CredentialResolver interface { + ResolveCredential(ctx context.Context, namespace, name string) (Credential, error) +}