diff --git a/go.mod b/go.mod index 59e1711f3d..767bb1f356 100644 --- a/go.mod +++ b/go.mod @@ -13,10 +13,10 @@ replace ( require ( github.com/blang/semver/v4 v4.0.0 - github.com/cilium/charts v0.0.0-20231026172044-2ee56d76ec1a - github.com/cilium/cilium v1.15.0-pre.1.0.20231025133600-0a8f3f91f109 + github.com/cilium/charts v0.0.0-20231101091419-6a72c25e3c8e + github.com/cilium/cilium v1.15.0-pre.2 github.com/cilium/hubble v0.12.2 - github.com/cilium/tetragon/pkg/k8s v0.0.0-20231027135814-0fd246f5b760 + github.com/cilium/tetragon/pkg/k8s v0.0.0-20231106163022-09de1f83eb12 github.com/cilium/workerpool v1.2.0 github.com/cloudflare/cfssl v1.6.4 github.com/distribution/reference v0.5.0 @@ -24,10 +24,10 @@ require ( github.com/google/gops v0.3.28 github.com/mholt/archiver/v3 v3.5.1 github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 - github.com/spf13/cobra v1.7.0 + github.com/spf13/cobra v1.8.0 github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace golang.org/x/exp v0.0.0-20231006140011-7918f672742d - golang.org/x/mod v0.13.0 + golang.org/x/mod v0.14.0 google.golang.org/grpc v1.59.0 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c helm.sh/helm/v3 v3.13.1 @@ -41,7 +41,7 @@ require ( require ( github.com/Microsoft/hcsshim v0.11.0 // indirect - github.com/cilium/ebpf v0.12.0 // indirect + github.com/cilium/ebpf v0.12.2 // indirect github.com/cilium/proxy v0.0.0-20231018073547-ab187719b71b // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -53,8 +53,9 @@ require ( github.com/sourcegraph/conc v0.3.0 // indirect go.opentelemetry.io/otel/metric v1.19.0 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect - go.uber.org/dig v1.17.0 // indirect + go.uber.org/dig v1.17.1 // indirect go.uber.org/multierr v1.11.0 // indirect + go4.org/netipx v0.0.0-20230824141953-6213f710f925 // indirect google.golang.org/genproto v0.0.0-20231012201019-e917dd12ba7a // indirect google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b // indirect @@ -93,7 +94,7 @@ require ( github.com/evanphx/json-patch v5.7.0+incompatible github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect github.com/fatih/color v1.15.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-gorp/gorp/v3 v3.1.0 // indirect github.com/go-logr/logr v1.2.4 // indirect @@ -118,7 +119,7 @@ require ( github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect - github.com/google/uuid v1.3.1 // indirect + github.com/google/uuid v1.4.0 // indirect github.com/gorilla/mux v1.8.0 // indirect github.com/gosuri/uitable v0.0.4 // indirect github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect @@ -205,7 +206,7 @@ require ( golang.org/x/crypto v0.14.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/oauth2 v0.12.0 // indirect - golang.org/x/sync v0.4.0 // indirect + golang.org/x/sync v0.5.0 // indirect golang.org/x/sys v0.13.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect diff --git a/go.sum b/go.sum index 1aac30afee..1030099fe1 100644 --- a/go.sum +++ b/go.sum @@ -98,20 +98,20 @@ github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHe github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cilium/charts v0.0.0-20231026172044-2ee56d76ec1a h1:kM8ZURqmmDXWA00nAYTEVd71KkoDiRTyqwSSNGCiwnc= -github.com/cilium/charts v0.0.0-20231026172044-2ee56d76ec1a/go.mod h1:M3C9VOlFvRzuV+a01t07Tw4uFLSfkCH3L542IWjf6BU= +github.com/cilium/charts v0.0.0-20231101091419-6a72c25e3c8e h1:BPcRF2i1t1lDbw/2XL96n2N4CR4AjT4JNQx98RmzaxU= +github.com/cilium/charts v0.0.0-20231101091419-6a72c25e3c8e/go.mod h1:M3C9VOlFvRzuV+a01t07Tw4uFLSfkCH3L542IWjf6BU= github.com/cilium/checkmate v1.0.3 h1:CQC5eOmlAZeEjPrVZY3ZwEBH64lHlx9mXYdUehEwI5w= github.com/cilium/checkmate v1.0.3/go.mod h1:KiBTasf39/F2hf2yAmHw21YFl3hcEyP4Yk6filxc12A= -github.com/cilium/cilium v1.15.0-pre.1.0.20231025133600-0a8f3f91f109 h1:c4hk+SdXvz4lcnM6m3M9+qFkn6b7Uj1ua3NSbRSnyLo= -github.com/cilium/cilium v1.15.0-pre.1.0.20231025133600-0a8f3f91f109/go.mod h1:qhto6o/Ut845+E5Ooks/bzVQktic6PfH35lYuVxnCfs= -github.com/cilium/ebpf v0.12.0 h1:oQEuIQIXgYhe1v7sYUG0P9vtJTYZLLdA6tiQmrOB1mo= -github.com/cilium/ebpf v0.12.0/go.mod h1:u9H29/Iq+8cy70YqI6p5pfADkFl3vdnV2qXDg5JL0Zo= +github.com/cilium/cilium v1.15.0-pre.2 h1:VzGFTNRutaXESrGCFdLs8c5DkjyzTJuAA26bCK3A9cU= +github.com/cilium/cilium v1.15.0-pre.2/go.mod h1:RDqPn88imAQLUlE19/C5x2wpBN+KmTqNfAY/lmANtCM= +github.com/cilium/ebpf v0.12.2 h1:cP3qL4kkl19kr/F+hKqUo9F9pPMVz1oms8C7Qj0AwWk= +github.com/cilium/ebpf v0.12.2/go.mod h1:u9H29/Iq+8cy70YqI6p5pfADkFl3vdnV2qXDg5JL0Zo= github.com/cilium/hubble v0.12.2 h1:iSKm8Ezuonjke2APgMQ7vIOmUGj0L9Be7b/sRa7FuAs= github.com/cilium/hubble v0.12.2/go.mod h1:eKlcKF5Lynj+GXCCvqDCgu4UW9dUE1cAnYfQbFd0Bb0= github.com/cilium/proxy v0.0.0-20231018073547-ab187719b71b h1:NYdQn/qPPkqHNSRMKWnSwhQuy2/rJn8pAl656iMdKtw= github.com/cilium/proxy v0.0.0-20231018073547-ab187719b71b/go.mod h1:p044XccCmONGIUbx3bJ7qvHXK0RcrdvIvbTGiu/RjUA= -github.com/cilium/tetragon/pkg/k8s v0.0.0-20231027135814-0fd246f5b760 h1:m5P30gMXWEYDyQA1gv7uAEF1+lkVVgIOh0D2+zY/rEI= -github.com/cilium/tetragon/pkg/k8s v0.0.0-20231027135814-0fd246f5b760/go.mod h1:p7tU/kBj21jnOScGOWKR1uUsB/qZ6Dy6LrzV9wxWORg= +github.com/cilium/tetragon/pkg/k8s v0.0.0-20231106163022-09de1f83eb12 h1:UHXSRkoMjrwpSfQNNNuMUgNNw8rHcoSvOsRvbkzkUXg= +github.com/cilium/tetragon/pkg/k8s v0.0.0-20231106163022-09de1f83eb12/go.mod h1:SJSTUuXdE9cYNDKc2bCHGmZAYVfOXkPow6GwG7Gud6Y= github.com/cilium/workerpool v1.2.0 h1:Wc2iOPTvCgWKQXeq4L5tnx4QFEI+z5q1+bSpSS0cnAY= github.com/cilium/workerpool v1.2.0/go.mod h1:GOYJhwlnIjR+jWSDNBb5kw47G1H/XA9X4WOBpgr4pQU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -128,7 +128,7 @@ github.com/containerd/containerd v1.7.6 h1:oNAVsnhPoy4BTPQivLgTzI9Oleml9l/+eYIDY github.com/containerd/containerd v1.7.6/go.mod h1:SY6lrkkuJT40BVNO37tlYTSnKJnP5AXBc0fhx0q+TJ4= github.com/containerd/continuity v0.4.2 h1:v3y/4Yz5jwnvqPKJJ+7Wf93fyWoCB3F5EclWG023MDM= github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= -github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= @@ -185,8 +185,8 @@ github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6 github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4= github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA= github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -366,8 +366,8 @@ github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaU github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= +github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= @@ -628,8 +628,8 @@ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cast v1.5.1 h1:R+kOtfhWQE6TVQzY+4D7wJLBgkdVasCEFxSUBYBYIlA= github.com/spf13/cast v1.5.1/go.mod h1:b9PdjNptOpzXr7Rq1q9gJML/2cdGQAo69NKzQ10KN48= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= -github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= +github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace h1:9PNP1jnUjRhfmGMlkXHjYPishpcw4jpSt/V/xYY3FMA= @@ -735,10 +735,14 @@ go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lI go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= -go.uber.org/dig v1.17.0 h1:5Chju+tUvcC+N7N6EV08BJz41UZuO3BmHcN4A287ZLI= -go.uber.org/dig v1.17.0/go.mod h1:rTxpf7l5I0eBTlE6/9RL+lDybC7WFwY2QH55ZSjy1mU= +go.uber.org/dig v1.17.1 h1:Tga8Lz8PcYNsWsyHMZ1Vm0OQOUaJNDyvPImgbAu9YSc= +go.uber.org/dig v1.17.1/go.mod h1:Us0rSJiThwCv2GteUN0Q7OKvU7n5J4dxZ9JKUXozFdE= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go4.org/netipx v0.0.0-20230824141953-6213f710f925 h1:eeQDDVKFkx0g4Hyy8pHgmZaK0EqB4SD6rvKbUdN3ziQ= +go4.org/netipx v0.0.0-20230824141953-6213f710f925/go.mod h1:PLyyIXexvUFg3Owu6p/WfdlivPbZJsZdgWZlrGope/Y= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= @@ -791,8 +795,8 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= +golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -857,8 +861,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= -golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= +golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -913,7 +917,6 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= diff --git a/vendor/github.com/cilium/charts/README.md b/vendor/github.com/cilium/charts/README.md index 9d24a6f981..58b0f70d28 100644 --- a/vendor/github.com/cilium/charts/README.md +++ b/vendor/github.com/cilium/charts/README.md @@ -1,5 +1,6 @@ This repository holds helm templates for the following Cilium releases: +* [v1.15.0-pre.2](https://github.com/cilium/cilium/releases/tag/v1.15.0-pre.2) (_[source](https://github.com/cilium/cilium/tree/v1.15.0-pre.2/install/kubernetes/cilium)_) * [v1.15.0-pre.1](https://github.com/cilium/cilium/releases/tag/v1.15.0-pre.1) (_[source](https://github.com/cilium/cilium/tree/v1.15.0-pre.1/install/kubernetes/cilium)_) * [v1.15.0-pre.0](https://github.com/cilium/cilium/releases/tag/v1.15.0-pre.0) (_[source](https://github.com/cilium/cilium/tree/v1.15.0-pre.0/install/kubernetes/cilium)_) * [v1.14.3](https://github.com/cilium/cilium/releases/tag/v1.14.3) (_[source](https://github.com/cilium/cilium/tree/v1.14.3/install/kubernetes/cilium)_) @@ -168,6 +169,8 @@ This repository holds helm templates for the following Cilium releases: This repository holds helm templates for the following Tetragon releases: +* [v1.0.0](https://github.com/cilium/tetragon/releases/tag/v1.0.0) (_[source](https://github.com/cilium/tetragon/tree/v1.0.0/install/kubernetes)_) +* [v1.0.0-rc.5](https://github.com/cilium/tetragon/releases/tag/v1.0.0-rc.5) (_[source](https://github.com/cilium/tetragon/tree/v1.0.0-rc.5/install/kubernetes)_) * [v1.0.0-rc.3](https://github.com/cilium/tetragon/releases/tag/v1.0.0-rc.3) (_[source](https://github.com/cilium/tetragon/tree/v1.0.0-rc.3/install/kubernetes)_) * [v1.0.0-rc.2](https://github.com/cilium/tetragon/releases/tag/v1.0.0-rc.2) (_[source](https://github.com/cilium/tetragon/tree/v1.0.0-rc.2/install/kubernetes)_) * [v1.0.0-rc.1](https://github.com/cilium/tetragon/releases/tag/v1.0.0-rc.1) (_[source](https://github.com/cilium/tetragon/tree/v1.0.0-rc.1/install/kubernetes)_) diff --git a/vendor/github.com/cilium/charts/cilium-1.15.0-pre.2.tgz b/vendor/github.com/cilium/charts/cilium-1.15.0-pre.2.tgz new file mode 100644 index 0000000000..39d650486a Binary files /dev/null and b/vendor/github.com/cilium/charts/cilium-1.15.0-pre.2.tgz differ diff --git a/vendor/github.com/cilium/charts/index.yaml b/vendor/github.com/cilium/charts/index.yaml index 1c5894853e..ebb6716757 100644 --- a/vendor/github.com/cilium/charts/index.yaml +++ b/vendor/github.com/cilium/charts/index.yaml @@ -1,6 +1,112 @@ apiVersion: v1 entries: cilium: + - annotations: + artifacthub.io/crds: "- kind: CiliumNetworkPolicy\n version: v2\n name: ciliumnetworkpolicies.cilium.io\n + \ displayName: Cilium Network Policy\n description: |\n Cilium Network + Policies provide additional functionality beyond what\n is provided by + standard Kubernetes NetworkPolicy such as the ability\n to allow traffic + based on FQDNs, or to filter at Layer 7.\n- kind: CiliumClusterwideNetworkPolicy\n + \ version: v2\n name: ciliumclusterwidenetworkpolicies.cilium.io\n displayName: + Cilium Clusterwide Network Policy\n description: |\n Cilium Clusterwide + Network Policies support configuring network traffic\n policiies across + the entire cluster, including applying node firewalls.\n- kind: CiliumExternalWorkload\n + \ version: v2\n name: ciliumexternalworkloads.cilium.io\n displayName: Cilium + External Workload\n description: |\n Cilium External Workload supports + configuring the ability for external\n non-Kubernetes workloads to join + the cluster.\n- kind: CiliumLocalRedirectPolicy\n version: v2\n name: ciliumlocalredirectpolicies.cilium.io\n + \ displayName: Cilium Local Redirect Policy\n description: |\n Cilium + Local Redirect Policy allows local redirects to be configured\n within + a node to support use cases like Node-Local DNS or KIAM.\n- kind: CiliumNode\n + \ version: v2\n name: ciliumnodes.cilium.io\n displayName: Cilium Node\n + \ description: |\n Cilium Node represents a node managed by Cilium. It + contains a\n specification to control various node specific configuration + aspects\n and a status section to represent the status of the node.\n- + kind: CiliumIdentity\n version: v2\n name: ciliumidentities.cilium.io\n + \ displayName: Cilium Identity\n description: |\n Cilium Identity allows + introspection into security identities that\n Cilium allocates which identify + sets of labels that are assigned to\n individual endpoints in the cluster.\n- + kind: CiliumEndpoint\n version: v2\n name: ciliumendpoints.cilium.io\n displayName: + Cilium Endpoint\n description: |\n Cilium Endpoint represents the status + of individual pods or nodes in\n the cluster which are managed by Cilium, + including enforcement status,\n IP addressing and whether the networking + is successfully operational.\n- kind: CiliumEndpointSlice\n version: v2alpha1\n + \ name: ciliumendpointslices.cilium.io\n displayName: Cilium Endpoint Slice\n + \ description: |\n Cilium Endpoint Slice represents the status of groups + of pods or nodes\n in the cluster which are managed by Cilium, including + enforcement status,\n IP addressing and whether the networking is successfully + operational.\n- kind: CiliumEgressGatewayPolicy\n version: v2\n name: ciliumegressgatewaypolicies.cilium.io\n + \ displayName: Cilium Egress Gateway Policy\n description: |\n Cilium + Egress Gateway Policy provides control over the way that traffic\n leaves + the cluster and which source addresses to use for that traffic.\n- kind: CiliumClusterwideEnvoyConfig\n + \ version: v2\n name: ciliumclusterwideenvoyconfigs.cilium.io\n displayName: + Cilium Clusterwide Envoy Config\n description: |\n Cilium Clusterwide + Envoy Config specifies Envoy resources and K8s service mappings\n to be + provisioned into Cilium host proxy instances in cluster context.\n- kind: + CiliumEnvoyConfig\n version: v2\n name: ciliumenvoyconfigs.cilium.io\n displayName: + Cilium Envoy Config\n description: |\n Cilium Envoy Config specifies Envoy + resources and K8s service mappings\n to be provisioned into Cilium host + proxy instances in namespace context.\n- kind: CiliumBGPPeeringPolicy\n version: + v2alpha1\n name: ciliumbgppeeringpolicies.cilium.io\n displayName: Cilium + BGP Peering Policy\n description: |\n Cilium BGP Peering Policy instructs + Cilium to create specific BGP peering\n configurations.\n- kind: CiliumBGPClusterConfig\n + \ version: v2alpha1\n name: ciliumbgpclusterconfigs.cilium.io\n displayName: + Cilium BGP Cluster Config\n description: |\n Cilium BGP Cluster Config + instructs Cilium operator to create specific BGP cluster\n configurations.\n- + kind: CiliumBGPPeerConfig\n version: v2alpha1\n name: ciliumbgppeerconfigs.cilium.io\n + \ displayName: Cilium BGP Peer Config\n description: |\n CiliumBGPPeerConfig + is a common set of BGP peer configurations. It can be referenced \n by + multiple peers from CiliumBGPClusterConfig.\n- kind: CiliumBGPAdvertisement\n + \ version: v2alpha1\n name: ciliumbgpadvertisements.cilium.io\n displayName: + Cilium BGP Advertisement\n description: |\n CiliumBGPAdvertisement is + used to define source of BGP advertisement as well as BGP attributes \n to + be advertised with those prefixes.\n- kind: CiliumBGPNodeConfig\n version: + v2alpha1\n name: ciliumbgpnodeconfigs.cilium.io\n displayName: Cilium BGP + Node Config\n description: |\n CiliumBGPNodeConfig is read only node specific + BGP configuration. It is constructed by Cilium operator.\n It will also + contain node local BGP state information.\n- kind: CiliumBGPNodeConfigOverride\n + \ version: v2alpha1\n name: ciliumbgpnodeconfigoverrides.cilium.io\n displayName: + Cilium BGP Node Config Override\n description: |\n CiliumBGPNodeConfigOverride + can be used to override node specific BGP configuration.\n- kind: CiliumLoadBalancerIPPool\n + \ version: v2alpha1\n name: ciliumloadbalancerippools.cilium.io\n displayName: + Cilium Load Balancer IP Pool\n description: |\n Defining a Cilium Load + Balancer IP Pool instructs Cilium to assign IPs to LoadBalancer Services.\n- + kind: CiliumNodeConfig\n version: v2alpha1\n name: ciliumnodeconfigs.cilium.io\n + \ displayName: Cilium Node Configuration\n description: |\n CiliumNodeConfig + is a list of configuration key-value pairs. It is applied to\n nodes indicated + by a label selector.\n- kind: CiliumCIDRGroup\n version: v2alpha1\n name: + ciliumcidrgroups.cilium.io\n displayName: Cilium CIDR Group\n description: + |\n CiliumCIDRGroup is a list of CIDRs that can be referenced as a single + entity from CiliumNetworkPolicies.\n- kind: CiliumL2AnnouncementPolicy\n version: + v2alpha1\n name: ciliuml2announcementpolicies.cilium.io\n displayName: Cilium + L2 Announcement Policy\n description: |\n CiliumL2AnnouncementPolicy is + a policy which determines which service IPs will be announced to\n the + local area network, by which nodes, and via which interfaces.\n- kind: CiliumPodIPPool\n + \ version: v2alpha1\n name: ciliumpodippools.cilium.io\n displayName: Cilium + Pod IP Pool\n description: |\n CiliumPodIPPool defines an IP pool that + can be used for pooled IPAM (i.e. the multi-pool IPAM mode).\n" + apiVersion: v2 + appVersion: 1.15.0-pre.2 + created: "2023-10-31T17:36:41+01:00" + description: eBPF-based Networking, Security, and Observability + digest: 61a06140b714e38b516e381a911c2b645378366891df52643e71582f0c42389b + home: https://cilium.io/ + icon: https://cdn.jsdelivr.net/gh/cilium/cilium@main/Documentation/images/logo-solo.svg + keywords: + - BPF + - eBPF + - Kubernetes + - Networking + - Security + - Observability + - Troubleshooting + kubeVersion: '>= 1.16.0-0' + name: cilium + sources: + - https://github.com/cilium/cilium + urls: + - cilium-1.15.0-pre.2.tgz + version: 1.15.0-pre.2 - annotations: artifacthub.io/crds: | - kind: CiliumNetworkPolicy @@ -13835,6 +13941,26 @@ entries: - cilium-1.6-dev.tgz version: 1.6-dev tetragon: + - apiVersion: v2 + appVersion: 1.0.0 + created: "2023-11-01T10:13:22+01:00" + description: Helm chart for Tetragon + digest: 5aee59de27f057e82f915305f9bb327e2cae20356add8d8fa61c32d8c8c63189 + name: tetragon + type: application + urls: + - tetragon-1.0.0.tgz + version: 1.0.0 + - apiVersion: v2 + appVersion: 1.0.0-rc.5 + created: "2023-10-31T19:07:19+01:00" + description: Helm chart for Tetragon + digest: 1bc1c73eedfc71af85b0d9550babe3bd420974933cb1c1583f5f0cce86b1c9fc + name: tetragon + type: application + urls: + - tetragon-1.0.0-rc.5.tgz + version: 1.0.0-rc.5 - apiVersion: v2 appVersion: 1.0.0-rc.3 created: "2023-10-26T16:52:39+00:00" @@ -13945,4 +14071,4 @@ entries: urls: - tetragon-0.8.0.tgz version: 0.8.0 -generated: "2023-10-26T16:52:38.566053305Z" +generated: "2023-11-01T10:13:21.483128148+01:00" diff --git a/vendor/github.com/cilium/charts/tetragon-1.0.0-rc.5.tgz b/vendor/github.com/cilium/charts/tetragon-1.0.0-rc.5.tgz new file mode 100644 index 0000000000..de9a26dc9b Binary files /dev/null and b/vendor/github.com/cilium/charts/tetragon-1.0.0-rc.5.tgz differ diff --git a/vendor/github.com/cilium/charts/tetragon-1.0.0.tgz b/vendor/github.com/cilium/charts/tetragon-1.0.0.tgz new file mode 100644 index 0000000000..d5fe79c631 Binary files /dev/null and b/vendor/github.com/cilium/charts/tetragon-1.0.0.tgz differ diff --git a/vendor/github.com/cilium/cilium/AUTHORS b/vendor/github.com/cilium/cilium/AUTHORS index 5815296e7c..d303bf182f 100644 --- a/vendor/github.com/cilium/cilium/AUTHORS +++ b/vendor/github.com/cilium/cilium/AUTHORS @@ -69,11 +69,13 @@ Anurag Aggarwal anurag.aggarwal@flipkart.com Archana Shinde archana.m.shinde@intel.com Arika Chen eaglesora@gmail.com Arnaud Meukam ameukam@gmail.com +Arseniy Belorukov a.belorukov@team.bumble.com Arthur Chiao arthurchiao@hotmail.com ArthurChiao arthurchiao@hotmail.com Arthur Evstifeev mail@ap4y.me Arthur Outhenin-Chalandre arthur@cri.epita.fr Arvind Soni arvind@covalent.io +Ashley Reese ashley.reese@firma.seznam.cz Ashray Jain ashrayj@palantir.com Ashwin Paranjpe ashwin@covalent.io Assiya Khuzyakhmetova assiya.khuzyakhmetova@nu.edu.kz @@ -83,6 +85,7 @@ Austin Cawley-Edwards austin.cawley@gmail.com AwesomePatrol AwesomePatrol@users.noreply.github.com ayesha khaliq ayeshakhaliqrana@gmail.com Ayush Dwivedi ayush.dwivedi@accuknox.com +bakito github@bakito.ch Barun Acharya barun1024@gmail.com Basit Mustafa basit.mustafa@gmail.com Beatriz Martínez beatriz@isovalent.com @@ -175,6 +178,7 @@ David Leadbeater dgl@dgl.cx David Schlosnagle davids@palantir.com David Wolffberg 1350533+wolffberg@users.noreply.github.com Dawn lx1960753013@gmail.com +dddddai dddwq@foxmail.com Deepesha Burse deepesha.3007@gmail.com Deepesh Pathak deepshpathak@gmail.com Denis GERMAIN dgermain@deezer.com @@ -186,6 +190,7 @@ Dharma Bellamkonda dharma.bellamkonda@gmail.com Didier Durand durand.didier@gmail.com Diego Casati diego.casati@gmail.com Dima Pugachev krabradosty@gmail.com +Dipankar Das dipankardas0115@gmail.com Divine Odazie dodazie@gmail.com Divya Mohan divya.mohan0209@gmail.com Divyansh Kamboj divyansh.kamboj@accuknox.com @@ -201,6 +206,7 @@ Dom Goodwin dom.goodwin@capgemini.com Donia Chaiehloudj donia.cld@isovalent.com Dorde Lapcevic dordel@google.com Duffie Cooley dcooley@isovalent.com +dwalker-sabiogroup 100362969+dwalker-sabiogroup@users.noreply.github.com Dylan Reimerink dylan.reimerink@isovalent.com Ekene Nwobodo nwobodoe71@gmail.com Electron alokaks601@gmail.com @@ -230,6 +236,7 @@ fengshunli 1171313930@qq.com Fernand Galiana fernand.galiana@gmail.com Feroz Salam feroz.salam@isovalent.com FeynmanZhou pengfeizhou@yunify.com +Filip Nikolic oss.filipn@gmail.com Fish-pro zechun.chen@daocloud.io Florian Koch f0@users.noreply.github.com Florian Lehner dev@der-flo.net @@ -299,6 +306,7 @@ Jean Raby jean@raby.sh Jed Salazar jedsalazar@gmail.com Jef Spaleta jspaleta@gmail.com Jerry J. Muzsik jerrymuzsik@icloud.com +Jesse Haka haka.jesse@gmail.com Jess Frazelle acidburn@microsoft.com Jiang Wang jiang.wang@bytedance.com Jianlin Lv Jianlin.Lv@arm.com @@ -323,6 +331,7 @@ John Watson johnw@planetscale.com John Zheng johnzhengaz@gmail.com Jomen Xiao jomenxiao@gmail.com Jonathan Davies jpds@protonmail.com +Jonathan Grahl jonathan@keyholders.io Jones Shi shilei@hotstone.com.cn Jorik Jonker jorik.jonker@eu.equinix.com Joseph-Irving joseph.irving500@gmail.com @@ -444,9 +453,11 @@ Michael Kashin mmkashin@gmail.com Michael Petrov michael@openai.com Michael Ryan Dempsey bluestealth@bluestealth.pw michaelsaah michael.saah@segment.com +Michael Saah msaah@twilio.com Michael Schubert michael@kinvolk.io Michael Vorburger vorburger@redhat.com Michal Rostecki vadorovsky@gmail.com +Michal Siwinski siwy@google.com Michi Mutsuzaki michi@isovalent.com Mike Fedosin mfedosin@gmail.com MikeLing sabergeass@gmail.com @@ -481,9 +492,11 @@ Nikolay Nikolaev nicknickolaev@gmail.com Nirmoy Das ndas@suse.de Nishant Burte nburte@google.com Nitish Malhotra nitishm@microsoft.com +Nitish Tiwari nitish@parseable.io Noel Georgi git@frezbo.dev nrnrk noriki6t@gmail.com nuwa nuwa@yannis.codes +nxyt lolnoxy@gmail.com Odin Ugedal ougedal@palantir.com Oilbeater mengxin@alauda.io Oksana Baranova oksana.baranova@intel.com @@ -531,10 +544,12 @@ Raghu Gyambavantha raghug@bld-ml-loan4.olympus.f5net.com Rahul Jadhav nyrahul@gmail.com Rahul Joshi rkjoshi@google.com Rajat Jindal rajatjindal83@gmail.com +Ralph Bankston ralph.bankston@isovalent.com Raphael Campos raphael@accuknox.com Raphaël Pinson raphael@isovalent.com Rastislav Szabo rastislav.szabo@isovalent.com Rauan Mayemir rauan@mayemir.io +rawmind0 rawmind@gmail.com Ray Bejjani ray.bejjani@gmail.com Raymond de Jong raymond.dejong@isovalent.com Reilly Brogan reilly@reillybrogan.com @@ -569,17 +584,20 @@ Saim Safdar 59512053+Saim-Safdar@users.noreply.githu Saiyam Pathak saiyam@civo.com Salvatore Mazzarino salvatore@accuknox.com Sami Yessou fnzv@users.noreply.github.com +Samuel Lang gh@lang-sam.de Samuel Torres samuelpirestorres@gmail.com Sander Timmerman stimmerman@schubergphilis.com Sandipan Panda samparksandipan@gmail.com Sarah Corleissen sarah.corleissen@isovalent.com Sarvesh Rangnekar sarveshr@google.com +Sascha Grunert sgrunert@redhat.com Satish Matti smatti@google.com Scott Albertson ascottalbertson@gmail.com Sean Winn sean@isovalent.com Sebastian Nickel nick@nine.ch Sebastian Rojo arpagon@gmail.com Sebastian Wicki sebastian@isovalent.com +Sebastien Lafond sebastien.lafond@cdiscount.com Sebastien Thomas prune@lecentre.net Sergey Generalov sergey@isovalent.com Sergey Monakhov monakhov@puzl.ee @@ -705,6 +723,7 @@ Yurii Komar Subreptivus@gmail.com Yusuke Suzuki yusuke-suzuki@cybozu.co.jp Yutaro Hayakawa yutaro.hayakawa@isovalent.com Yves Blusseau yves.blusseau@acoss.fr +yylt yang8518296@163.com Zang Li zangli@google.com zhanghe9702 zhanghe9702@163.com Zhang Qiang qiangzhang@qiyi.com diff --git a/vendor/github.com/cilium/cilium/pkg/clustermesh/types/addressing.go b/vendor/github.com/cilium/cilium/pkg/clustermesh/types/addressing.go index 8e30e81c8d..37135b8ed8 100644 --- a/vendor/github.com/cilium/cilium/pkg/clustermesh/types/addressing.go +++ b/vendor/github.com/cilium/cilium/pkg/clustermesh/types/addressing.go @@ -10,6 +10,8 @@ import ( "strconv" "strings" + "go4.org/netipx" + "github.com/cilium/cilium/pkg/cidr" ippkg "github.com/cilium/cilium/pkg/ip" ) @@ -343,17 +345,22 @@ func (pc PrefixCluster) String() string { return pc.prefix.String() + "@" + strconv.FormatUint(uint64(pc.clusterID), 10) } +// AsPrefix returns the IP prefix part of PrefixCluster as a netip.Prefix type. +// This function exists for keeping backward compatibility between the existing +// components which are not aware of the cluster-aware addressing. Calling +// this function against the PrefixCluster which has non-zero clusterID will +// lose the ClusterID information. It should be used with an extra care. +func (pc PrefixCluster) AsPrefix() netip.Prefix { + return netip.PrefixFrom(pc.prefix.Addr(), pc.prefix.Bits()) +} + // AsIPNet returns the IP prefix part of PrefixCluster as a net.IPNet type. This // function exists for keeping backward compatibility between the existing // components which are not aware of the cluster-aware addressing. Calling // this function against the PrefixCluster which has non-zero clusterID will // lose the ClusterID information. It should be used with an extra care. func (pc PrefixCluster) AsIPNet() net.IPNet { - addr := pc.prefix.Addr() - return net.IPNet{ - IP: addr.AsSlice(), - Mask: net.CIDRMask(pc.prefix.Bits(), addr.BitLen()), - } + return *netipx.PrefixIPNet(pc.AsPrefix()) } // This function is solely exists for annotating IPCache's key string with ClusterID. diff --git a/vendor/github.com/cilium/cilium/pkg/command/exec/exec.go b/vendor/github.com/cilium/cilium/pkg/command/exec/exec.go index f5bd6400ee..1762e5dbba 100644 --- a/vendor/github.com/cilium/cilium/pkg/command/exec/exec.go +++ b/vendor/github.com/cilium/cilium/pkg/command/exec/exec.go @@ -10,9 +10,10 @@ import ( "errors" "fmt" "os/exec" - "time" "github.com/sirupsen/logrus" + + "github.com/cilium/cilium/pkg/time" ) func warnToLog(cmd *exec.Cmd, out []byte, scopedLog *logrus.Entry, err error) { diff --git a/vendor/github.com/cilium/cilium/pkg/defaults/defaults.go b/vendor/github.com/cilium/cilium/pkg/defaults/defaults.go index 22f438024b..526b2c510d 100644 --- a/vendor/github.com/cilium/cilium/pkg/defaults/defaults.go +++ b/vendor/github.com/cilium/cilium/pkg/defaults/defaults.go @@ -178,6 +178,10 @@ const ( // ExecTimeout is a timeout for executing commands. ExecTimeout = 300 * time.Second + // MaxInternalTimerDelay does not enforce a maximum on timer values in + // the agent by default. + MaxInternalTimerDelay = 0 * time.Second + // StatusCollectorInterval is the interval between a probe invocations StatusCollectorInterval = 5 * time.Second diff --git a/vendor/github.com/cilium/cilium/pkg/health/client/modules.go b/vendor/github.com/cilium/cilium/pkg/health/client/modules.go index f3462e4fca..73ffc93132 100644 --- a/vendor/github.com/cilium/cilium/pkg/health/client/modules.go +++ b/vendor/github.com/cilium/cilium/pkg/health/client/modules.go @@ -4,9 +4,9 @@ package client import ( + "encoding/json" "fmt" "io" - "strings" "github.com/cilium/cilium/api/v1/client/daemon" "github.com/cilium/cilium/pkg/hive/cell" @@ -26,18 +26,22 @@ func GetAndFormatModulesHealth(w io.Writer, clt ModulesHealth, verbose bool) { fmt.Fprintf(w, "\t%s\n", err) return } + if resp.Payload == nil { fmt.Fprintf(w, "\tno health payload detected\n") return } if verbose { - fmt.Fprintf(w, "\n Module\tStatus\tMessage\tLast Updated\n") + fmt.Fprintln(w) for _, m := range resp.Payload.Modules { - if strings.Contains(m.Message, "\n") { - fmt.Fprintf(w, " %s\t%s\t%12s\n%s", m.ModuleID, m.Level, m.LastUpdated, m.Message) - } else { - fmt.Fprintf(w, " %s\t%s\t%s\t%12s\n", m.ModuleID, m.Level, m.Message, m.LastUpdated) + n := &cell.StatusNode{} + if err := json.Unmarshal([]byte(m.Message), n); err != nil { + panic(err) + } + if m.Level == string(cell.StatusUnknown) { + continue } + fmt.Fprintf(w, "%s", n.StringIndent(2)) } return } diff --git a/vendor/github.com/cilium/cilium/pkg/hive/cell/health.go b/vendor/github.com/cilium/cilium/pkg/hive/cell/health.go index dcf3b71ede..aa4dc93f43 100644 --- a/vendor/github.com/cilium/cilium/pkg/hive/cell/health.go +++ b/vendor/github.com/cilium/cilium/pkg/hive/cell/health.go @@ -11,6 +11,7 @@ import ( "time" "github.com/cilium/cilium/pkg/lock" + "github.com/cilium/cilium/pkg/stream" "golang.org/x/exp/maps" ) @@ -57,6 +58,25 @@ type HealthReporter interface { Degraded(reason string, err error) } +// Update represents an instantaneous health status update. +type Update interface { + // Level returns the level of the update. + Level() Level + + // String returns a string representation of the update. + String() string + + // JSON returns a JSON representation of the update, this is used by the agent + // health CLI to unmarshal health status into cell.StatusNode. + JSON() ([]byte, error) + + Timestamp() time.Time +} + +type statusNodeReporter interface { + setStatus(Update) +} + // Health provides exported functions for accessing health status data. // As well, provides unexported functions for use during module apply. type Health interface { @@ -66,42 +86,62 @@ type Health interface { // Get returns a copy of a modules status, by module ID. // This includes unknown status for modules that have not reported a status yet. - Get(FullModuleID) *Status + Get(FullModuleID) (Status, error) + + // Stats returns a map of the number of module statuses reported by level. + Stats() map[Level]uint64 // Stop stops the health provider from processing updates. Stop(context.Context) error + // Subscribe to health status updates. + Subscribe(context.Context, func(Update), func(error)) + // forModule creates a moduleID scoped reporter handle. - forModule(FullModuleID) HealthReporter + forModule(FullModuleID) statusNodeReporter // processed returns the number of updates processed. processed() uint64 } -// Update is an event that denotes the change of a modules health state. -type Update struct { - Level +type StatusResult struct { + Update FullModuleID FullModuleID - Message string - Timestamp time.Time - Err error + Stopped bool } // Status is a modules last health state, including the last update. type Status struct { // Update is the last reported update for a module. Update + + FullModuleID FullModuleID + // Stopped is true when a module has been completed, thus it contains // its last reporter status. New updates will not be processed. Stopped bool // Final is the stopped message, if the module has been stopped. - Final string + Final Update // LastOK is the time of the last OK status update. LastOK time.Time // LastUpdated is the time of the last status update. LastUpdated time.Time } +func (s *Status) JSON() ([]byte, error) { + if s.Update == nil { + return nil, nil + } + return s.Update.JSON() +} + +func (s *Status) Level() Level { + if s.Update == nil { + return StatusUnknown + } + return s.Update.Level() +} + // String returns a string representation of a Status, implements fmt.Stringer. func (s *Status) String() string { var sinceLast string @@ -110,8 +150,8 @@ func (s *Status) String() string { } else { sinceLast = time.Since(s.LastUpdated).String() + " ago" } - return fmt.Sprintf("Status{ModuleID: %s, Level: %s, Since: %s, Message: %s, Err: %v}", - s.FullModuleID, s.Level, sinceLast, s.Message, s.Err) + return fmt.Sprintf("Status{ModuleID: %s, Level: %s, Since: %s, Message: %s}", + s.FullModuleID, s.Level(), sinceLast, s.Update.String()) } // NewHealthProvider starts and returns a health status which processes @@ -119,23 +159,40 @@ func (s *Status) String() string { func NewHealthProvider() Health { p := &healthProvider{ moduleStatuses: make(map[string]Status), + byLevel: make(map[Level]uint64), running: true, } + p.obs, p.emit, p.complete = stream.Multicast[Update]() + return p } +func (p *healthProvider) Subscribe(ctx context.Context, cb func(Update), complete func(error)) { + p.obs.Observe(ctx, cb, complete) +} + func (p *healthProvider) processed() uint64 { return p.numProcessed.Load() } -func (p *healthProvider) process(u Update) { +func (p *healthProvider) updateMetricsLocked(prev Update, curr Level) { + // If an update is processed that transitions the level state of a module + // then update the level counters. + if prev.Level() != curr { + p.byLevel[curr]++ + p.byLevel[prev.Level()]-- + } +} + +func (p *healthProvider) process(id FullModuleID, u Update) { prev := func() Status { p.mu.Lock() defer p.mu.Unlock() t := time.Now() - prev := p.moduleStatuses[u.FullModuleID.String()] + prev := p.moduleStatuses[id.String()] + // If the module has been stopped, then ignore updates. if !p.running { return prev } @@ -144,22 +201,25 @@ func (p *healthProvider) process(u Update) { Update: u, LastUpdated: t, } - switch u.Level { + + switch u.Level() { case StatusOK: ns.LastOK = t case StatusStopped: // If Stopped, set that module was stopped and preserve last known status. ns = prev ns.Stopped = true - ns.Final = u.Message + ns.Final = u } - p.moduleStatuses[u.FullModuleID.String()] = ns + p.moduleStatuses[id.String()] = ns + p.updateMetricsLocked(prev.Update, u.Level()) log.WithField("status", ns.String()).Debug("Processed new health status") return prev }() p.numProcessed.Add(1) + p.emit(u) if prev.Stopped { - log.Warnf("module %q reported health status after being Stopped", u.FullModuleID) + log.Warnf("module %q reported health status after being Stopped", id) } } @@ -169,18 +229,21 @@ func (p *healthProvider) Stop(ctx context.Context) error { p.mu.Lock() defer p.mu.Unlock() p.running = false // following this, no new reporters will send. + p.complete(nil) // complete the observable, no new subscribers will receive further updates. return nil } +var NoStatus = &StatusNode{Message: "No status reported", LastLevel: StatusUnknown} + // forModule returns a module scoped status reporter handle for emitting status updates. // This is used to automatically provide declared modules with a status reported. -func (p *healthProvider) forModule(moduleID FullModuleID) HealthReporter { +func (p *healthProvider) forModule(moduleID FullModuleID) statusNodeReporter { p.mu.Lock() - p.moduleStatuses[moduleID.String()] = Status{Update: Update{ + p.moduleStatuses[moduleID.String()] = Status{ FullModuleID: moduleID, - Level: StatusUnknown, - Message: "No status reported yet"}, + Update: NoStatus, } + p.byLevel[StatusUnknown]++ p.mu.Unlock() return &reporter{ @@ -201,14 +264,22 @@ func (p *healthProvider) All() []Status { } // Get returns the latest status for a module, by module ID. -func (p *healthProvider) Get(moduleID FullModuleID) *Status { +func (p *healthProvider) Get(moduleID FullModuleID) (Status, error) { p.mu.RLock() defer p.mu.RUnlock() s, ok := p.moduleStatuses[moduleID.String()] if ok { - return &s + return s, nil } - return nil + return Status{}, fmt.Errorf("module %q not found", moduleID) +} + +func (p *healthProvider) Stats() map[Level]uint64 { + n := make(map[Level]uint64, len(p.byLevel)) + p.mu.Lock() + maps.Copy(n, p.byLevel) + p.mu.Unlock() + return n } type healthProvider struct { @@ -217,27 +288,22 @@ type healthProvider struct { running bool numProcessed atomic.Uint64 + byLevel map[Level]uint64 moduleStatuses map[string]Status + + obs stream.Observable[Update] + emit func(Update) + complete func(error) } // reporter is a handle for emitting status updates. type reporter struct { moduleID FullModuleID - process func(Update) + process func(FullModuleID, Update) } // Degraded reports a degraded status update, should be used when a module encounters a // a state that is not fully reconciled. -func (r *reporter) Degraded(reason string, err error) { - r.process(Update{FullModuleID: r.moduleID, Level: StatusDegraded, Message: reason, Err: err}) -} - -// Stopped reports that a module has stopped, further updates will not be processed. -func (r *reporter) Stopped(reason string) { - r.process(Update{FullModuleID: r.moduleID, Level: StatusStopped, Message: reason}) -} - -// OK reports that a module is in a healthy state. -func (r *reporter) OK(status string) { - r.process(Update{FullModuleID: r.moduleID, Level: StatusOK, Message: status}) +func (r *reporter) setStatus(u Update) { + r.process(r.moduleID, u) } diff --git a/vendor/github.com/cilium/cilium/pkg/hive/cell/module.go b/vendor/github.com/cilium/cilium/pkg/hive/cell/module.go index a0913fca3c..a691b3242f 100644 --- a/vendor/github.com/cilium/cilium/pkg/hive/cell/module.go +++ b/vendor/github.com/cilium/cilium/pkg/hive/cell/module.go @@ -6,11 +6,11 @@ package cell import ( "fmt" "regexp" + "slices" "strings" "github.com/sirupsen/logrus" "go.uber.org/dig" - "golang.org/x/exp/slices" "github.com/cilium/cilium/pkg/hive/cell/lifecycle" "github.com/cilium/cilium/pkg/logging/logfields" @@ -98,7 +98,7 @@ func (r *reporterHooks) Stop(ctx lifecycle.HookContext) error { } func createStructedScope(id FullModuleID, p Health, lc lifecycle.Lifecycle) Scope { - rs := rootScope(p.forModule(id)) + rs := rootScope(id, p.forModule(id)) lc.Append(&reporterHooks{rootScope: rs}) return rs } diff --git a/vendor/github.com/cilium/cilium/pkg/hive/cell/structured.go b/vendor/github.com/cilium/cilium/pkg/hive/cell/structured.go index 7cc1ed41be..d137824ed3 100644 --- a/vendor/github.com/cilium/cilium/pkg/hive/cell/structured.go +++ b/vendor/github.com/cilium/cilium/pkg/hive/cell/structured.go @@ -6,6 +6,7 @@ package cell import ( "bytes" "context" + "encoding/json" "fmt" "io" "runtime" @@ -20,6 +21,7 @@ import ( "github.com/cilium/cilium/pkg/lock" "golang.org/x/exp/maps" + "k8s.io/apimachinery/pkg/util/duration" "k8s.io/apimachinery/pkg/util/sets" ) @@ -103,17 +105,18 @@ func GetHealthReporter(parent Scope, name string) HealthReporter { } // TestScope exposes creating a root scope for testing purposes only. -func TestScope(hr HealthReporter) Scope { - switch hr.(type) { - case *reporter, *subReporter: - panic("test scope should only be used on test health reporter implementations") - } - s := rootScope(hr) +func TestScope() Scope { + return TestScopeFromProvider(FullModuleID{"test"}, NewHealthProvider()) +} + +// TestScope exposes creating a root scope from a health provider for testing purposes only. +func TestScopeFromProvider(moduleID FullModuleID, hp Health) Scope { + s := rootScope(moduleID, hp.forModule(moduleID)) s.start() return s } -func rootScope(hr HealthReporter) *scope { +func rootScope(id FullModuleID, hr statusNodeReporter) *scope { r := &subReporter{ base: &subreporterBase{ hr: hr, @@ -123,26 +126,25 @@ func rootScope(hr HealthReporter) *scope { }, } // create root node, required in case reporters are created without any subscopes. - r.id = r.base.addChild("", "", false) + r.id = r.base.addChild("", id.String(), false) r.base.rootID = r.id // Realize walks the tree and creates a updated status for the reporter. // Because this is blocking and can be expensive, we have a reconcile loop // that only performs this if the revision has changed. realize := func() { + if r.base.stopped { + return + } statusTree := r.base.getStatusTreeLocked(r.base.rootID) if r.base.stopped { - r.base.hr.Stopped("stopping scoped health reporter") + r.base.hr.setStatus(statusTree) return } if r.base.revision.Load() == 0 { return } - if statusTree.allOk() { - r.base.hr.OK(statusTree.toString(2)) - } else { - r.base.hr.Degraded(statusTree.toString(2), nil) - } + r.base.hr.setStatus(statusTree) } r.scheduleRealize = func() { @@ -195,7 +197,11 @@ func flushAndClose(rs Scope, reason string) { // Mark the module as stopped, and emit a stopped status. rs.scope().base.stopped = true - rs.scope().base.hr.Stopped(reason) + rs.scope().base.hr.setStatus(&StatusNode{ + ID: rs.scope().base.rootID, + LastLevel: StatusStopped, + Message: reason, + }) rs.scope().base.removeTreeLocked(rs.scope().id) } @@ -314,7 +320,7 @@ type subreporterBase struct { lock.Mutex // Module level health reporter, all realized status is emitted to this reporter. - hr HealthReporter + hr statusNodeReporter // idToChildren is the adjacency map of parentID to children IDs. idToChildren map[string]children @@ -347,7 +353,7 @@ func (s *subreporterBase) addChild(pid string, name string, isReporter bool) str id: id, parentID: pid, count: 1, - Update: Update{ + nodeUpdate: nodeUpdate{ Level: StatusUnknown, Timestamp: time.Now(), }, @@ -358,7 +364,7 @@ func (s *subreporterBase) addChild(pid string, name string, isReporter bool) str return id } -func (s *subreporterBase) setStatus(id string, level Level, message string) error { +func (s *subreporterBase) setStatus(id string, level Level, message string, err error) error { s.Lock() defer s.Unlock() @@ -380,6 +386,7 @@ func (s *subreporterBase) setStatus(id string, level Level, message string) erro n.Level = level n.Message = message + n.Error = err return nil } @@ -402,22 +409,40 @@ func (s *subreporterBase) removeTreeLocked(rid string) { // In the future we will want to use this to generate a structured JSON representation // of the status tree. type StatusNode struct { - ID string `json:"id"` - Level Level `json:"level,omitempty"` - Name string `json:"name"` - Message string `json:"message,omitempty"` - Timestamp time.Time `json:"timestamp"` - Count int `json:"count"` - SubStatuses []*StatusNode `json:"sub_statuses,omitempty"` + ID string `json:"id"` + LastLevel Level `json:"level,omitempty"` + Name string `json:"name"` + Message string `json:"message,omitempty"` + UpdateTimestamp time.Time `json:"timestamp"` + Count int `json:"count"` + SubStatuses []*StatusNode `json:"sub_statuses,omitempty"` +} + +var _ Update = (*StatusNode)(nil) + +func (s *StatusNode) Level() Level { + return s.LastLevel +} + +func (s *StatusNode) Timestamp() time.Time { + return s.UpdateTimestamp +} + +func (s *StatusNode) JSON() ([]byte, error) { + return json.MarshalIndent(s, "", " ") } func (s *StatusNode) allOk() bool { - return s.Level == StatusOK + return s.LastLevel == StatusOK } func (s *StatusNode) writeTo(w io.Writer, d int) { if len(s.SubStatuses) == 0 { - fmt.Fprintf(w, "%s%s\t%s\t%s\t%s ago\t(x%d)\n", strings.Repeat("\t", d), s.Name, s.Level, s.Message, time.Since(s.Timestamp), s.Count) + since := "never" + if !s.UpdateTimestamp.IsZero() { + since = duration.HumanDuration(time.Since(s.UpdateTimestamp)) + " ago" + } + fmt.Fprintf(w, "%s%s\t%s\t%s\t%s\t(x%d)\n", strings.Repeat("\t", d), s.Name, s.LastLevel, s.Message, since, s.Count) } else { fmt.Fprintf(w, "%s%s\n", strings.Repeat("\t", d), s.Name) for _, ss := range s.SubStatuses { @@ -426,7 +451,7 @@ func (s *StatusNode) writeTo(w io.Writer, d int) { } } -func (s *StatusNode) toString(ident int) string { +func (s *StatusNode) StringIndent(ident int) string { if s == nil { return "" } @@ -438,18 +463,18 @@ func (s *StatusNode) toString(ident int) string { } func (s *StatusNode) String() string { - return s.toString(0) + return s.Message } func (s *subreporterBase) getStatusTreeLocked(nid string) *StatusNode { if children, ok := s.idToChildren[nid]; ok { rn := s.nodes[nid] n := &StatusNode{ - ID: nid, - Message: rn.Message, - Name: rn.name, - Timestamp: rn.Timestamp, - Count: rn.count, + ID: nid, + Message: rn.Message, + Name: rn.name, + UpdateTimestamp: rn.Timestamp, + Count: rn.count, } allok := true childIDs := maps.Keys(children) @@ -469,12 +494,12 @@ func (s *subreporterBase) getStatusTreeLocked(nid string) *StatusNode { // case 1: Non-reporter, has no children, should be ok? // case 2: Non-reporter, has children, defer down to children. if rn.isReporter { - n.Level = rn.Level + n.LastLevel = rn.Level } else { if allok { - n.Level = StatusOK + n.LastLevel = StatusOK } else { - n.Level = StatusDegraded + n.LastLevel = StatusDegraded } } @@ -490,7 +515,13 @@ type node struct { isReporter bool count int refs int - Update + Message string + Error error + nodeUpdate +} +type nodeUpdate struct { + Level + Timestamp time.Time } func (b *subreporterBase) removeRefLocked(id string) { @@ -525,7 +556,7 @@ type subReporter struct { } func (s *subReporter) OK(message string) { - if err := s.base.setStatus(s.id, StatusOK, message); err != nil { + if err := s.base.setStatus(s.id, StatusOK, message, nil); err != nil { log.WithError(err).Warnf("could not set OK status on subreporter %q", s.id) return } @@ -533,15 +564,7 @@ func (s *subReporter) OK(message string) { } func (s *subReporter) Degraded(message string, err error) { - var m string - // TODO: For now, we just append the error to the message, this won't be ideal - // for longer errs. Figure out a better way to bubble up errors. - if err != nil { - m = message + ": " + err.Error() - } else { - m = message - } - if err := s.base.setStatus(s.id, StatusDegraded, m); err != nil { + if err := s.base.setStatus(s.id, StatusDegraded, message, err); err != nil { log.WithError(err).Warnf("could not set degraded status on subreporter %q", s.id) return } diff --git a/vendor/github.com/cilium/cilium/pkg/hive/hive.go b/vendor/github.com/cilium/cilium/pkg/hive/hive.go index be867a981b..9b228363f2 100644 --- a/vendor/github.com/cilium/cilium/pkg/hive/hive.go +++ b/vendor/github.com/cilium/cilium/pkg/hive/hive.go @@ -21,6 +21,7 @@ import ( "github.com/cilium/cilium/pkg/hive/cell" "github.com/cilium/cilium/pkg/hive/cell/lifecycle" + "github.com/cilium/cilium/pkg/hive/metrics" "github.com/cilium/cilium/pkg/logging" "github.com/cilium/cilium/pkg/logging/logfields" ) @@ -88,11 +89,27 @@ func New(cells ...cell.Cell) *Hive { log.WithError(err).Fatal("Failed to provide default objects") } + if err := metrics.Cell.Apply(h.container); err != nil { + log.WithError(err).Fatal("Failed to apply Hive metrics cell") + } + // Use a single health provider for all cells, which is used to create // module scoped health reporters. - if err := h.container.Provide(func(lc Lifecycle) cell.Health { + if err := h.container.Provide(func(healthMetrics *metrics.HealthMetrics, lc Lifecycle) cell.Health { hp := cell.NewHealthProvider() + updateStats := func() { + for l, c := range hp.Stats() { + healthMetrics.HealthStatusGauge.WithLabelValues(strings.ToLower(string(l))).Set(float64(c)) + } + } lc.Append(Hook{ + OnStart: func(ctx HookContext) error { + updateStats() + hp.Subscribe(ctx, func(u cell.Update) { + updateStats() + }, func(err error) {}) + return nil + }, OnStop: func(ctx HookContext) error { return hp.Stop(ctx) }, diff --git a/vendor/github.com/cilium/cilium/pkg/hive/metrics/health.go b/vendor/github.com/cilium/cilium/pkg/hive/metrics/health.go new file mode 100644 index 0000000000..84d72b1e9f --- /dev/null +++ b/vendor/github.com/cilium/cilium/pkg/hive/metrics/health.go @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Authors of Cilium + +package metrics + +import ( + "github.com/cilium/cilium/pkg/hive/cell" + "github.com/cilium/cilium/pkg/metrics/metric" +) + +var Cell = cell.Metric(newHealthMetrics) + +type HealthMetrics struct { + HealthStatusGauge metric.Vec[metric.Gauge] +} + +func newHealthMetrics() *HealthMetrics { + return &HealthMetrics{ + HealthStatusGauge: metric.NewGaugeVec(metric.GaugeOpts{ + ConfigName: "hive_health_status_levels", + Namespace: "cilium", + Subsystem: "hive", + Name: "status", + Help: "Counts of health status levels of Hive components", + }, []string{"status"}), + } +} diff --git a/vendor/github.com/cilium/cilium/pkg/identity/numericidentity.go b/vendor/github.com/cilium/cilium/pkg/identity/numericidentity.go index cb5526408f..889dbdf97d 100644 --- a/vendor/github.com/cilium/cilium/pkg/identity/numericidentity.go +++ b/vendor/github.com/cilium/cilium/pkg/identity/numericidentity.go @@ -7,7 +7,7 @@ import ( "errors" "fmt" "math" - "net" + "net/netip" "sort" "strconv" "unsafe" @@ -595,9 +595,9 @@ func GetAllReservedIdentities() []NumericIdentity { // GetWorldIdentityFromIP gets the correct world identity based // on the IP address version. If Cilium is not in dual-stack mode // then ReservedIdentityWorld will always be returned. -func GetWorldIdentityFromIP(ip net.IP) NumericIdentity { +func GetWorldIdentityFromIP(addr netip.Addr) NumericIdentity { if option.Config.IsDualStack() { - if ip.To4() == nil { + if addr.Is6() { return ReservedIdentityWorldIPv6 } return ReservedIdentityWorldIPv4 diff --git a/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go b/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go index 80f8d84db5..bbdb5c510c 100644 --- a/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go +++ b/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/const.go @@ -71,6 +71,11 @@ const ( // ordinal index. StatefulSetPodIndexLabel = "apps.kubernetes.io/pod-index" + // IndexedJobCompletionIndexLabel is the label name which, in-tree, is used + // to automatically label Pods that are owned by Indexed Jobs with their + // completion index. + IndexedJobCompletionIndexLabel = "batch.kubernetes.io/job-completion-index" + // CtrlPrefixPolicyStatus is the prefix used for the controllers set up // to sync the CNP with kube-apiserver. CtrlPrefixPolicyStatus = "sync-cnp-policy-status" diff --git a/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/register.go b/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/register.go index 7585346d12..23bdd7ce70 100644 --- a/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/register.go +++ b/vendor/github.com/cilium/cilium/pkg/k8s/apis/cilium.io/register.go @@ -15,5 +15,5 @@ const ( // // Maintainers: Run ./Documentation/check-crd-compat-table.sh for each release // Developers: Bump patch for each change in the CRD schema. - CustomResourceDefinitionSchemaVersion = "1.26.10" + CustomResourceDefinitionSchemaVersion = "1.26.11" ) diff --git a/vendor/github.com/cilium/cilium/pkg/labels/cidr.go b/vendor/github.com/cilium/cilium/pkg/labels/cidr.go index 1a27b6694d..557621ee20 100644 --- a/vendor/github.com/cilium/cilium/pkg/labels/cidr.go +++ b/vendor/github.com/cilium/cilium/pkg/labels/cidr.go @@ -114,7 +114,6 @@ func GetCIDRLabels(prefix netip.Prefix) Labels { nil, // avoid allocating space for the intermediate results until we need it addr, ones, - 0, ) addWorldLabel(addr, lbls) @@ -134,7 +133,7 @@ var ( mu lock.Mutex ) -const cidrLabelsCacheMaxSize = 16384 +const cidrLabelsCacheMaxSize = 8192 func addWorldLabel(addr netip.Addr, lbls Labels) { switch { @@ -155,12 +154,12 @@ var ( worldLabelV6 = Label{Source: LabelSourceReserved, Key: IDNameWorldIPv6} ) -func computeCIDRLabels(cache *simplelru.LRU[netip.Prefix, []Label], lbls Labels, results []Label, addr netip.Addr, ones, i int) []Label { - if i > ones { +func computeCIDRLabels(cache *simplelru.LRU[netip.Prefix, []Label], lbls Labels, results []Label, addr netip.Addr, ones int) []Label { + if ones < 0 { return results } - prefix := netip.PrefixFrom(addr, i) + prefix, _ := addr.Prefix(ones) mu.Lock() cachedLbls, ok := cache.Get(prefix) @@ -177,7 +176,7 @@ func computeCIDRLabels(cache *simplelru.LRU[netip.Prefix, []Label], lbls Labels, } // Compute the label for this prefix (e.g. "cidr:10.0.0.0/8") - prefixLabel := maskedIPToLabel(prefix.Masked().Addr(), i) + prefixLabel := maskedIPToLabel(prefix.Addr(), ones) lbls[prefixLabel.Key] = prefixLabel // Keep computing the rest (e.g. "cidr:10.0.0.0/7", ...). @@ -185,12 +184,12 @@ func computeCIDRLabels(cache *simplelru.LRU[netip.Prefix, []Label], lbls Labels, cache, lbls, append(results, prefixLabel), - addr, ones, i+1, + prefix.Addr(), ones-1, ) // Cache the resulting labels derived from this prefix, e.g. /8, /7, ... mu.Lock() - cache.Add(prefix, results[i:]) + cache.Add(prefix, results[len(results)-ones-1:]) mu.Unlock() return results diff --git a/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go b/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go index b58a2b4efc..436522029b 100644 --- a/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go +++ b/vendor/github.com/cilium/cilium/pkg/logging/logfields/logfields.go @@ -658,6 +658,10 @@ const ( DestinationIP = "destinationIP" + LocalIP = "localIP" + + RemoteIP = "remoteIP" + SourceCIDR = "sourceCIDR" // DestinationCIDR is a destination CIDR diff --git a/vendor/github.com/cilium/cilium/pkg/metrics/bpf.go b/vendor/github.com/cilium/cilium/pkg/metrics/bpf.go index ec5816542e..c13ca2587d 100644 --- a/vendor/github.com/cilium/cilium/pkg/metrics/bpf.go +++ b/vendor/github.com/cilium/cilium/pkg/metrics/bpf.go @@ -8,10 +8,11 @@ import ( "encoding/json" "fmt" "os/exec" - "time" "github.com/prometheus/client_golang/prometheus" "github.com/sirupsen/logrus" + + "github.com/cilium/cilium/pkg/time" ) type bpfCollector struct { diff --git a/vendor/github.com/cilium/cilium/pkg/metrics/metrics.go b/vendor/github.com/cilium/cilium/pkg/metrics/metrics.go index 4e7ef58215..45fef9c201 100644 --- a/vendor/github.com/cilium/cilium/pkg/metrics/metrics.go +++ b/vendor/github.com/cilium/cilium/pkg/metrics/metrics.go @@ -12,7 +12,6 @@ package metrics import ( "context" - "time" "github.com/prometheus/client_golang/prometheus" dto "github.com/prometheus/client_model/go" @@ -21,6 +20,7 @@ import ( "github.com/cilium/cilium/api/v1/models" "github.com/cilium/cilium/pkg/metrics/metric" "github.com/cilium/cilium/pkg/promise" + "github.com/cilium/cilium/pkg/time" "github.com/cilium/cilium/pkg/version" ) diff --git a/vendor/github.com/cilium/cilium/pkg/option/config.go b/vendor/github.com/cilium/cilium/pkg/option/config.go index 372cf3b3b3..f642f1c1e1 100644 --- a/vendor/github.com/cilium/cilium/pkg/option/config.go +++ b/vendor/github.com/cilium/cilium/pkg/option/config.go @@ -18,7 +18,6 @@ import ( "sort" "strconv" "strings" - "time" "github.com/shirou/gopsutil/v3/mem" "github.com/sirupsen/logrus" @@ -40,6 +39,7 @@ import ( "github.com/cilium/cilium/pkg/logging" "github.com/cilium/cilium/pkg/logging/logfields" "github.com/cilium/cilium/pkg/mac" + "github.com/cilium/cilium/pkg/time" "github.com/cilium/cilium/pkg/version" ) @@ -360,12 +360,6 @@ const ( // EnableIPv6Masquerade masquerades IPv6 packets from endpoints leaving the host. EnableIPv6Masquerade = "enable-ipv6-masquerade" - // EnableIPv6BIGTCP enables IPv6 BIG TCP (larger GSO/GRO limits) for the node including pods. - EnableIPv6BIGTCP = "enable-ipv6-big-tcp" - - // EnableIPv4BIGTCP enables IPv4 BIG TCP (larger GSO/GRO limits) for the node including pods. - EnableIPv4BIGTCP = "enable-ipv4-big-tcp" - // EnableBPFClockProbe selects a more efficient source clock (jiffies vs ktime) EnableBPFClockProbe = "enable-bpf-clock-probe" @@ -538,6 +532,10 @@ const ( // compatible with Tunnel=TunnelDisabled SingleClusterRouteName = "single-cluster-route" + // MaxInternalTimerDelay sets a maximum on all periodic timers in + // the agent in order to flush out timer-related bugs in the agent. + MaxInternalTimerDelay = "max-internal-timer-delay" + // MonitorAggregationName specifies the MonitorAggregationLevel on the // comandline. MonitorAggregationName = "monitor-aggregation" @@ -1563,6 +1561,10 @@ type DaemonConfig struct { CTMapEntriesTimeoutSYN time.Duration CTMapEntriesTimeoutFIN time.Duration + // MaxInternalTimerDelay sets a maximum on all periodic timers in + // the agent in order to flush out timer-related bugs in the agent. + MaxInternalTimerDelay time.Duration + // MonitorAggregationInterval configures the interval between monitor // messages when monitor aggregation is enabled. MonitorAggregationInterval time.Duration @@ -1707,12 +1709,6 @@ type DaemonConfig struct { // EnableIPv6NDP is true when NDP is enabled for IPv6 EnableIPv6NDP bool - // EnableIPv6BIGTCP enables IPv6 BIG TCP (larger GSO/GRO limits) for the node including pods. - EnableIPv6BIGTCP bool - - // EnableIPv4BIGTCP enables IPv4 BIG TCP (larger GSO/GRO limits) for the node including pods. - EnableIPv4BIGTCP bool - // EnableSRv6 is true when SRv6 encapsulation support is enabled EnableSRv6 bool @@ -3086,8 +3082,6 @@ func (c *DaemonConfig) Populate(vp *viper.Viper) { c.EnableIPv4 = vp.GetBool(EnableIPv4Name) c.EnableIPv6 = vp.GetBool(EnableIPv6Name) c.EnableIPv6NDP = vp.GetBool(EnableIPv6NDPName) - c.EnableIPv6BIGTCP = vp.GetBool(EnableIPv6BIGTCP) - c.EnableIPv4BIGTCP = vp.GetBool(EnableIPv4BIGTCP) c.EnableSRv6 = vp.GetBool(EnableSRv6) c.SRv6EncapMode = vp.GetString(SRv6EncapModeName) c.EnableSCTP = vp.GetBool(EnableSCTPName) diff --git a/vendor/github.com/cilium/cilium/pkg/policy/api/rule_validation.go b/vendor/github.com/cilium/cilium/pkg/policy/api/rule_validation.go index e012dc5ed9..27e18d1969 100644 --- a/vendor/github.com/cilium/cilium/pkg/policy/api/rule_validation.go +++ b/vendor/github.com/cilium/cilium/pkg/policy/api/rule_validation.go @@ -19,8 +19,6 @@ const ( maxICMPFields = 40 ) -type exists struct{} - // Sanitize validates and sanitizes a policy rule. Minor edits such as // capitalization of the protocol name are automatically fixed up. More // fundamental violations will cause an error to be returned. @@ -146,21 +144,16 @@ func (i *IngressRule) sanitize() error { } } - prefixLengths := map[int]exists{} for n := range i.FromCIDR { - prefixLength, err := i.FromCIDR[n].sanitize() - if err != nil { + if err := i.FromCIDR[n].sanitize(); err != nil { return err } - prefixLengths[prefixLength] = exists{} } for n := range i.FromCIDRSet { - prefixLength, err := i.FromCIDRSet[n].sanitize() - if err != nil { + if err := i.FromCIDRSet[n].sanitize(); err != nil { return err } - prefixLengths[prefixLength] = exists{} } for _, fromEntity := range i.FromEntities { @@ -255,20 +248,15 @@ func (e *EgressRule) sanitize() error { } } - prefixLengths := map[int]exists{} for i := range e.ToCIDR { - prefixLength, err := e.ToCIDR[i].sanitize() - if err != nil { + if err := e.ToCIDR[i].sanitize(); err != nil { return err } - prefixLengths[prefixLength] = exists{} } for i := range e.ToCIDRSet { - prefixLength, err := e.ToCIDRSet[i].sanitize() - if err != nil { + if err := e.ToCIDRSet[i].sanitize(); err != nil { return err } - prefixLengths[prefixLength] = exists{} } for _, toEntity := range e.ToEntities { @@ -447,44 +435,43 @@ func (ir *ICMPRule) verify() error { return nil } -// sanitize the given CIDR. If successful, returns the prefixLength specified -// in the cidr and nil. Otherwise, returns (0, nil). -func (c CIDR) sanitize() (prefixLength int, err error) { +// sanitize the given CIDR. +func (c CIDR) sanitize() error { strCIDR := string(c) if strCIDR == "" { - return 0, fmt.Errorf("IP must be specified") + return fmt.Errorf("IP must be specified") } prefix, err := netip.ParsePrefix(strCIDR) if err != nil { _, err := netip.ParseAddr(strCIDR) if err != nil { - return 0, fmt.Errorf("unable to parse CIDR: %s", err) + return fmt.Errorf("unable to parse CIDR: %s", err) } - return prefixLength, nil + return nil } - prefixLength = prefix.Bits() + prefixLength := prefix.Bits() if prefixLength < 0 { - return 0, fmt.Errorf("CIDR cannot specify non-contiguous mask %s", prefix) + return fmt.Errorf("CIDR cannot specify non-contiguous mask %s", prefix) } - return prefixLength, nil + return nil } // sanitize validates a CIDRRule by checking that the CIDR prefix itself is // valid, and ensuring that all of the exception CIDR prefixes are contained // within the allowed CIDR prefix. -func (c *CIDRRule) sanitize() (prefixLength int, err error) { +func (c *CIDRRule) sanitize() error { // Only allow notation /. Note that this differs from // the logic in api.CIDR.Sanitize(). prefix, err := netip.ParsePrefix(string(c.Cidr)) if err != nil { - return 0, fmt.Errorf("Unable to parse CIDRRule %q: %s", c.Cidr, err) + return fmt.Errorf("Unable to parse CIDRRule %q: %s", c.Cidr, err) } - prefixLength = prefix.Bits() + prefixLength := prefix.Bits() if prefixLength < 0 { - return 0, fmt.Errorf("CIDR cannot specify non-contiguous mask %s", prefix) + return fmt.Errorf("CIDR cannot specify non-contiguous mask %s", prefix) } // Ensure that each provided exception CIDR prefix is formatted correctly, @@ -493,16 +480,16 @@ func (c *CIDRRule) sanitize() (prefixLength int, err error) { for _, p := range c.ExceptCIDRs { except, err := netip.ParsePrefix(string(p)) if err != nil { - return 0, err + return err } // Note: this also checks that the allow CIDR prefix and the exception // CIDR prefixes are part of the same address family. if !prefix.Contains(except.Addr()) { - return 0, fmt.Errorf("allow CIDR prefix %s does not contain "+ + return fmt.Errorf("allow CIDR prefix %s does not contain "+ "exclude CIDR prefix %s", c.Cidr, p) } } - return prefixLength, nil + return nil } diff --git a/vendor/github.com/cilium/cilium/pkg/safetime/safetime.go b/vendor/github.com/cilium/cilium/pkg/safetime/safetime.go index 99240e6262..cc00c25ac5 100644 --- a/vendor/github.com/cilium/cilium/pkg/safetime/safetime.go +++ b/vendor/github.com/cilium/cilium/pkg/safetime/safetime.go @@ -5,11 +5,11 @@ package safetime import ( "runtime" - "time" "github.com/sirupsen/logrus" "github.com/cilium/cilium/pkg/logging/logfields" + "github.com/cilium/cilium/pkg/time" ) // TimeSinceSafe returns the duration since t. If the duration is negative, diff --git a/vendor/github.com/cilium/cilium/pkg/spanstat/spanstat.go b/vendor/github.com/cilium/cilium/pkg/spanstat/spanstat.go index e3f7dbb6cd..2557233533 100644 --- a/vendor/github.com/cilium/cilium/pkg/spanstat/spanstat.go +++ b/vendor/github.com/cilium/cilium/pkg/spanstat/spanstat.go @@ -4,12 +4,11 @@ package spanstat import ( - "time" - "github.com/cilium/cilium/pkg/lock" "github.com/cilium/cilium/pkg/logging" "github.com/cilium/cilium/pkg/logging/logfields" "github.com/cilium/cilium/pkg/safetime" + "github.com/cilium/cilium/pkg/time" ) var ( diff --git a/vendor/github.com/cilium/cilium/pkg/stream/observable.go b/vendor/github.com/cilium/cilium/pkg/stream/observable.go new file mode 100644 index 0000000000..22e96af95d --- /dev/null +++ b/vendor/github.com/cilium/cilium/pkg/stream/observable.go @@ -0,0 +1,59 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Authors of Cilium + +// The stream package provides utilities for working with observable streams. +// Any type that implements the Observable interface can be transformed and +// consumed with these utilities. +package stream + +import "context" + +// Observable defines the Observe method for observing a stream of values. +// +// Also see https://reactivex.io/documentation/observable.html for in-depth +// description of observables. +// +// For interactive diagrams see https://rxmarbles.com/. +type Observable[T any] interface { + // Observe a stream of values as long as the given context is valid. + // 'next' is called for each item, and finally 'complete' is called + // when the stream is complete, or an error has occurred. + // + // Observable implementations are allowed to call 'next' and 'complete' + // from any goroutine, but never concurrently. + Observe(ctx context.Context, next func(T), complete func(error)) +} + +// FuncObservable implements the Observable interface with a function. +// +// This provides a convenient way of creating new observables without having +// to introduce a new type: +// +// var Ones Observable[int] = +// FuncObservable[int]( +// func(ctx context.Context, next func(int), complete func(error)) { +// go func() { +// defer complete(nil) +// for ctx.Err() == nil { +// next(1) +// } +// }() +// }) +// +// versus with a new type: +// +// type onesObservable struct {} +// +// func (o onesObservable) Observe(ctx context.Context, next func(int), complete func(error)) { +// go func() { +// defer complete(nil) +// for ctx.Err() == nil { +// next(1) +// } +// }() +// } +type FuncObservable[T any] func(context.Context, func(T), func(error)) + +func (f FuncObservable[T]) Observe(ctx context.Context, next func(T), complete func(error)) { + f(ctx, next, complete) +} diff --git a/vendor/github.com/cilium/cilium/pkg/stream/operators.go b/vendor/github.com/cilium/cilium/pkg/stream/operators.go new file mode 100644 index 0000000000..694a9c82b1 --- /dev/null +++ b/vendor/github.com/cilium/cilium/pkg/stream/operators.go @@ -0,0 +1,241 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Authors of Cilium + +package stream + +import ( + "context" + + "golang.org/x/time/rate" + + "github.com/cilium/cilium/pkg/time" +) + +// +// Operators transform the observable stream. +// + +// Map applies a function onto values of an observable and emits the resulting values. +// +// Map(Range(1,4), func(x int) int { return x * 2}) +// => [2,4,6] +func Map[A, B any](src Observable[A], apply func(A) B) Observable[B] { + return FuncObservable[B]( + func(ctx context.Context, next func(B), complete func(error)) { + src.Observe( + ctx, + func(a A) { next(apply(a)) }, + complete) + }) +} + +// Filter only emits the values for which the provided predicate returns true. +// +// Filter(Range(1,4), func(x int) int { return x%2 == 0 }) +// => [2] +func Filter[T any](src Observable[T], pred func(T) bool) Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + src.Observe( + ctx, + func(x T) { + if pred(x) { + next(x) + } + }, + complete) + }) +} + +// Reduce takes an initial state, and a function 'reduce' that is called on each element +// along with a state and returns an observable with a single item: the state produced +// by the last call to 'reduce'. +// +// Reduce(Range(1,4), 0, func(sum, item int) int { return sum + item }) +// => [(0+1+2+3)] => [6] +func Reduce[Item, Result any](src Observable[Item], init Result, reduce func(Result, Item) Result) Observable[Result] { + result := init + return FuncObservable[Result]( + func(ctx context.Context, next func(Result), complete func(error)) { + src.Observe( + ctx, + func(x Item) { + result = reduce(result, x) + }, + func(err error) { + if err == nil { + next(result) + } + complete(err) + }) + }) +} + +// Distinct skips adjacent equal values. +// +// Distinct(FromSlice([]int{1,1,2,2,3}) +// => [1,2,3] +func Distinct[T comparable](src Observable[T]) Observable[T] { + var prev T + first := true + return Filter(src, func(item T) bool { + if first { + first = false + prev = item + return true + } + eq := prev == item + prev = item + return !eq + }) +} + +// RetryFunc decides whether the processing should be retried given the error +type RetryFunc func(err error) bool + +// Retry resubscribes to the observable if it completes with an error. +func Retry[T any](src Observable[T], shouldRetry RetryFunc) Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + var observe func() + observe = func() { + src.Observe( + ctx, + next, + func(err error) { + if err != nil && shouldRetry(err) { + observe() + } else { + complete(err) + } + }) + } + observe() + }) +} + +// AlwaysRetry always asks for a retry regardless of the error. +func AlwaysRetry(err error) bool { + return true +} + +// BackoffRetry retries with an exponential backoff. +func BackoffRetry(shouldRetry RetryFunc, minBackoff, maxBackoff time.Duration) RetryFunc { + backoff := minBackoff + return func(err error) bool { + time.Sleep(backoff) + backoff *= 2 + if backoff > maxBackoff { + backoff = maxBackoff + } + return shouldRetry(err) + } + +} + +// LimitRetries limits the number of retries with the given retry method. +// e.g. LimitRetries(BackoffRetry(time.Millisecond, time.Second), 5) +func LimitRetries(shouldRetry RetryFunc, numRetries int) RetryFunc { + return func(err error) bool { + if numRetries <= 0 { + return false + } + numRetries-- + return shouldRetry(err) + } +} + +// ToMulticast makes 'src' a multicast observable, e.g. each observer will observe +// the same sequence. Useful for fanning out items to multiple observers from a source +// that is consumed by the act of observing. +// +// mcast, connect := ToMulticast(FromChannel(values)) +// a := ToSlice(mcast) +// b := ToSlice(mcast) +// connect(ctx) // start! +// => a == b +func ToMulticast[T any](src Observable[T], opts ...MulticastOpt) (mcast Observable[T], connect func(context.Context)) { + mcast, next, complete := Multicast[T](opts...) + connect = func(ctx context.Context) { + src.Observe(ctx, next, complete) + } + return mcast, connect +} + +// Throttle limits the rate at which items are emitted. +func Throttle[T any](src Observable[T], ratePerSecond float64, burst int) Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + limiter := rate.NewLimiter(rate.Limit(ratePerSecond), burst) + var limiterErr error + subCtx, cancel := context.WithCancel(ctx) + src.Observe( + subCtx, + func(item T) { + limiterErr = limiter.Wait(ctx) + if limiterErr != nil { + cancel() + return + } + next(item) + }, + func(err error) { + if limiterErr != nil { + complete(limiterErr) + } else { + complete(err) + } + + }, + ) + }) +} + +// Debounce emits an item only after the specified duration has lapsed since +// the previous item was emitted. Only the latest item is emitted. +// +// In: a b c d e |-> +// Out: a d e |-> +func Debounce[T any](src Observable[T], duration time.Duration) Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + errs := make(chan error, 1) + items := ToChannel(ctx, src, WithErrorChan(errs)) + go func() { + defer close(errs) + + timer := time.NewTimer(duration) + defer timer.Stop() + + timerElapsed := true // Do not delay the first item. + var latest *T + + for { + select { + case err := <-errs: + complete(err) + return + + case item := <-items: + if timerElapsed { + next(item) + timerElapsed = false + latest = nil + timer.Reset(duration) + } else { + latest = &item + } + + case <-timer.C: + if latest != nil { + next(*latest) + latest = nil + timer.Reset(duration) + } else { + timerElapsed = true + } + } + } + }() + }) +} diff --git a/vendor/github.com/cilium/cilium/pkg/stream/sinks.go b/vendor/github.com/cilium/cilium/pkg/stream/sinks.go new file mode 100644 index 0000000000..23c5ee2270 --- /dev/null +++ b/vendor/github.com/cilium/cilium/pkg/stream/sinks.go @@ -0,0 +1,165 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Authors of Cilium + +package stream + +import ( + "context" + "io" + "sync" + "sync/atomic" +) + +// +// Sinks: operators that consume the observable to produce a value. +// + +// First returns the first item from 'src' observable and then cancels +// the subscription. Blocks until first item is observed or the stream +// is completed. If the observable completes without emitting items +// then io.EOF error is returned. +func First[T any](ctx context.Context, src Observable[T]) (item T, err error) { + subCtx, cancel := context.WithCancel(ctx) + var taken atomic.Bool + errs := make(chan error) + src.Observe(subCtx, + func(x T) { + if !taken.CompareAndSwap(false, true) { + return + } + item = x + cancel() + }, + func(err error) { + errs <- err + close(errs) + }) + + err = <-errs + + if taken.Load() { + // We got the item, ignore any error. + err = nil + } else if err == nil { + // No error and no item => EOF + err = io.EOF + } + + return +} + +// Last returns the last item from 'src' observable. Blocks until +// the stream has been completed. If no items are observed then +// io.EOF error is returned. +func Last[T any](ctx context.Context, src Observable[T]) (item T, err error) { + errs := make(chan error) + var taken atomic.Bool + src.Observe( + ctx, + func(x T) { + item = x + taken.Store(true) + }, + func(err error) { + errs <- err + close(errs) + }) + + err = <-errs + if taken.Load() { + // We got the item, ignore any error. + err = nil + } else if err == nil { + // No error and no item => EOF + err = io.EOF + } + return item, err +} + +// ToSlice converts an Observable into a slice. +// +// ToSlice(ctx, Range(1,4)) +// => ([]int{1,2,3}, nil) +func ToSlice[T any](ctx context.Context, src Observable[T]) (items []T, err error) { + errs := make(chan error) + items = make([]T, 0) + src.Observe( + ctx, + func(item T) { + items = append(items, item) + }, + func(err error) { + errs <- err + close(errs) + }) + return items, <-errs +} + +type toChannelOpts struct { + bufferSize int + errorChan chan error +} + +type ToChannelOpt func(*toChannelOpts) + +// WithBufferSize sets the buffer size of the channel returned by ToChannel. +func WithBufferSize(n int) ToChannelOpt { + return func(o *toChannelOpts) { + o.bufferSize = n + } +} + +// WithErrorChan asks ToChannel to send completion error to the provided channel. +func WithErrorChan(errCh chan error) ToChannelOpt { + return func(o *toChannelOpts) { + o.errorChan = errCh + } +} + +// ToChannel converts an observable into a channel. +// When the provided context is cancelled the underlying subscription is cancelled +// and the channel is closed. To receive completion errors use [WithErrorChan]. +// +// items <- ToChannel(ctx, Range(1,4)) +// a := <- items +// b := <- items +// c := <- items +// _, ok := <- items +// => a=1, b=2, c=3, ok=false +func ToChannel[T any](ctx context.Context, src Observable[T], opts ...ToChannelOpt) <-chan T { + var o toChannelOpts + for _, opt := range opts { + opt(&o) + } + items := make(chan T, o.bufferSize) + src.Observe( + ctx, + func(item T) { items <- item }, + func(err error) { + close(items) + if o.errorChan != nil { + o.errorChan <- err + } + }) + return items +} + +// Discard discards all items from 'src'. +func Discard[T any](ctx context.Context, src Observable[T]) { + src.Observe(ctx, + func(item T) {}, + func(err error) {}) +} + +// ObserveWithWaitGroup is like Observe(), but adds to a WaitGroup and calls +// Done() when complete. +func ObserveWithWaitGroup[T any](ctx context.Context, wg *sync.WaitGroup, src Observable[T], next func(T), complete func(error)) { + wg.Add(1) + src.Observe( + ctx, + next, + func(err error) { + complete(err) + wg.Done() + }) +} diff --git a/vendor/github.com/cilium/cilium/pkg/stream/sources.go b/vendor/github.com/cilium/cilium/pkg/stream/sources.go new file mode 100644 index 0000000000..a9e3f06e24 --- /dev/null +++ b/vendor/github.com/cilium/cilium/pkg/stream/sources.go @@ -0,0 +1,263 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Authors of Cilium + +package stream + +import ( + "context" + + "github.com/cilium/cilium/pkg/lock" +) + +// Just creates an observable that emits a single item and completes. +// +// xs, err := ToSlice(ctx, Just(1)) +// => xs == []int{1}, err == nil +func Just[T any](item T) Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + go func() { + if err := ctx.Err(); err != nil { + complete(err) + } else { + next(item) + complete(nil) + } + }() + }) +} + +// Stuck creates an observable that never emits anything and +// just waits for the context to be cancelled. +// Mainly meant for testing. +func Stuck[T any]() Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + go func() { + <-ctx.Done() + complete(ctx.Err()) + }() + }) +} + +// Error creates an observable that fails immediately with given error. +// +// failErr = errors.New("fail") +// xs, err := ToSlice(ctx, Error[int](failErr)) +// => xs == []int{}, err == failErr +func Error[T any](err error) Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + go complete(err) + }) +} + +// Empty creates an "empty" observable that completes immediately. +// +// xs, err := ToSlice(Empty[int]()) +// => xs == []int{}, err == nil +func Empty[T any]() Observable[T] { + return Error[T](nil) +} + +// FromSlice converts a slice into an Observable. +// +// ToSlice(ctx, FromSlice([]int{1,2,3}) +// => []int{1,2,3} +func FromSlice[T any](items []T) Observable[T] { + // Emit items in chunks to reduce overhead of mutex in ctx.Err(). + const chunkSize = 64 + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + go func() { + for chunk := 0; chunk < len(items); chunk += chunkSize { + if err := ctx.Err(); err != nil { + complete(err) + return + } + for i := chunk; i < len(items) && i < chunk+chunkSize; i++ { + next(items[i]) + } + } + complete(nil) + }() + }) +} + +// FromChannel creates an observable from a channel. The channel is consumed +// by the first observer. +// +// values := make(chan int) +// go func() { +// values <- 1 +// values <- 2 +// values <- 3 +// close(values) +// }() +// obs := FromChannel(values) +// xs, err := ToSlice(ctx, obs) +// => xs == []int{1,2,3}, err == nil +// +// xs, err = ToSlice(ctx, obs) +// => xs == []int{}, err == nil +func FromChannel[T any](in <-chan T) Observable[T] { + return FuncObservable[T]( + func(ctx context.Context, next func(T), complete func(error)) { + go func() { + done := ctx.Done() + for { + select { + case <-done: + complete(ctx.Err()) + return + case v, ok := <-in: + if !ok { + complete(nil) + return + } + next(v) + } + } + }() + }) +} + +// Range creates an observable that emits integers in range from...to-1. +// +// ToSlice(ctx, Range(1,2,3)) => []int{1,2,3} +func Range(from, to int) Observable[int] { + return FuncObservable[int]( + func(ctx context.Context, next func(int), complete func(error)) { + go func() { + for i := from; i < to; i++ { + if ctx.Err() != nil { + break + } + next(i) + } + complete(ctx.Err()) + }() + }) +} + +type mcastSubscriber[T any] struct { + next func(T) + complete func() +} + +type MulticastOpt func(o *mcastOpts) + +type mcastOpts struct { + emitLatest bool +} + +func (o mcastOpts) apply(opts []MulticastOpt) mcastOpts { + for _, opt := range opts { + opt(&o) + } + return o +} + +// Multicast options +var ( + // Emit the latest seen item when subscribing. + EmitLatest = func(o *mcastOpts) { o.emitLatest = true } +) + +// Multicast creates an observable that "multicasts" the emitted items to all observers. +// +// mcast, next, complete := Multicast[int]() +// next(1) // no observers, none receives this +// sub1 := ToChannel(ctx, mcast, WithBufferSize(10)) +// sub2 := ToChannel(ctx, mcast, WithBufferSize(10)) +// next(2) +// next(3) +// complete(nil) +// => sub1 == sub2 == [2,3] +// +// mcast, next, complete = Multicast[int](EmitLatest) +// next(1) +// next(2) // "EmitLatest" tells Multicast to keep this +// x, err := First(ctx, mcast) +// => x == 2, err == nil +func Multicast[T any](opts ...MulticastOpt) (mcast Observable[T], next func(T), complete func(error)) { + var ( + mu lock.Mutex + subId int + subs = make(map[int]mcastSubscriber[T]) + latestValue T + completed bool + completeErr error + haveLatest bool + opt = mcastOpts{}.apply(opts) + ) + + next = func(item T) { + mu.Lock() + defer mu.Unlock() + if completed { + return + } + if opt.emitLatest { + latestValue = item + haveLatest = true + } + for _, sub := range subs { + sub.next(item) + } + } + + complete = func(err error) { + mu.Lock() + defer mu.Unlock() + completed = true + completeErr = err + for _, sub := range subs { + sub.complete() + } + subs = nil + } + + mcast = FuncObservable[T]( + func(ctx context.Context, subNext func(T), subComplete func(error)) { + mu.Lock() + if completed { + mu.Unlock() + go subComplete(completeErr) + return + } + + subCtx, cancel := context.WithCancel(ctx) + thisId := subId + subId++ + subs[thisId] = mcastSubscriber[T]{ + subNext, + cancel, + } + + // Continue subscribing asynchronously so caller is not blocked. + go func() { + if opt.emitLatest && haveLatest { + subNext(latestValue) + } + mu.Unlock() + + // Wait for cancellation by observer, or completion from upstream. + <-subCtx.Done() + + // Remove the observer and complete. + var err error + mu.Lock() + delete(subs, thisId) + if completed { + err = completeErr + } else { + err = subCtx.Err() + } + mu.Unlock() + subComplete(err) + }() + }) + + return +} diff --git a/vendor/github.com/cilium/cilium/pkg/time/time.go b/vendor/github.com/cilium/cilium/pkg/time/time.go new file mode 100644 index 0000000000..da8c291c53 --- /dev/null +++ b/vendor/github.com/cilium/cilium/pkg/time/time.go @@ -0,0 +1,123 @@ +// SPDX-License-Identifier: Apache-2.0 +// Copyright Authors of Cilium + +// package time is a wrapper for the stdlib time library that aliases most +// underlying types, but allows overrides for testing purposes. +// +// Synced to go-1.20.7. +package time + +import ( + "time" +) + +const ( + Layout = time.Layout + ANSIC = time.ANSIC + UnixDate = time.UnixDate + RubyDate = time.RubyDate + RFC822 = time.RFC822 + RFC822Z = time.RFC822Z + RFC850 = time.RFC850 + RFC1123 = time.RFC1123 + RFC1123Z = time.RFC1123Z + RFC3339 = time.RFC3339 + RFC3339Nano = time.RFC3339Nano + Kitchen = time.Kitchen + Stamp = time.Stamp + StampMilli = time.StampMilli + StampMicro = time.StampMicro + StampNano = time.StampNano + DateTime = time.DateTime + DateOnly = time.DateOnly + TimeOnly = time.TimeOnly + + Nanosecond = time.Nanosecond + Microsecond = time.Microsecond + Millisecond = time.Millisecond + Second = time.Second + Minute = time.Minute + Hour = time.Hour +) + +var ( + ParseDuration = time.ParseDuration + Since = time.Since + Until = time.Until + FixedZone = time.FixedZone + LoadLocation = time.LoadLocation + LoadLocationFromTZData = time.LoadLocationFromTZData + Date = time.Date + Now = time.Now + Parse = time.Parse + ParseInLocation = time.ParseInLocation + Unix = time.Unix + UnixMicro = time.UnixMicro + UnixMilli = time.UnixMilli +) + +type ( + Duration = time.Duration + Location = time.Location + Month = time.Month + ParseError = time.ParseError + Ticker = time.Ticker + Time = time.Time + Timer = time.Timer + Weekday = time.Weekday +) + +var ( + MaxInternalTimerDelay time.Duration +) + +// After overrides the stdlib time.After to enforce maximum sleepiness via +// option.MaxInternalTimerDelay. +func After(d Duration) <-chan Time { + if MaxInternalTimerDelay > 0 && d > MaxInternalTimerDelay { + d = MaxInternalTimerDelay + } + return time.After(d) +} + +// Sleep overrides the stdlib time.Sleep to enforce maximum sleepiness via +// option.MaxInternalTimerDelay. +func Sleep(d time.Duration) { + if MaxInternalTimerDelay > 0 && d > MaxInternalTimerDelay { + d = MaxInternalTimerDelay + } + time.Sleep(d) +} + +// Tick overrides the stdlib time.Tick to enforce maximum sleepiness via +// option.MaxInternalTimerDelay. +func Tick(d Duration) <-chan time.Time { + return NewTicker(d).C +} + +// NewTicker overrides the stdlib time.NewTicker to enforce maximum sleepiness +// via option.MaxInternalTimerDelay. +func NewTicker(d Duration) *time.Ticker { + if MaxInternalTimerDelay > 0 && d > MaxInternalTimerDelay { + d = MaxInternalTimerDelay + } + return time.NewTicker(d) +} + +// NewTimer overrides the stdlib time.NewTimer to enforce maximum sleepiness +// va option.MaxInternalTimerDelay. +func NewTimer(d Duration) *time.Timer { + if MaxInternalTimerDelay > 0 && d > MaxInternalTimerDelay { + d = MaxInternalTimerDelay + } + return time.NewTimer(d) +} + +// AfterFunc overrides the stdlib time.AfterFunc to enforce maximum sleepiness +// via option.MaxInternalTimerDelay. +func AfterFunc(d Duration, f func()) *time.Timer { + if MaxInternalTimerDelay > 0 && d > MaxInternalTimerDelay { + d = MaxInternalTimerDelay + } + return time.AfterFunc(d, f) +} diff --git a/vendor/github.com/cilium/ebpf/btf/core.go b/vendor/github.com/cilium/ebpf/btf/core.go index a5c40d36af..dec2cc7606 100644 --- a/vendor/github.com/cilium/ebpf/btf/core.go +++ b/vendor/github.com/cilium/ebpf/btf/core.go @@ -799,7 +799,7 @@ func coreFindMember(typ composite, name string) (Member, bool, error) { if visited[target] { continue } - if len(visited) >= maxTypeDepth { + if len(visited) >= maxResolveDepth { // This check is different than libbpf, which restricts the entire // path to BPF_CORE_SPEC_MAX_LEN items. return Member{}, false, fmt.Errorf("type is nested too deep") @@ -895,7 +895,7 @@ func coreAreTypesCompatible(localType Type, targetType Type) error { ) for ; l != nil && t != nil; l, t = localTs.Shift(), targetTs.Shift() { - if depth >= maxTypeDepth { + if depth >= maxResolveDepth { return errors.New("types are nested too deep") } diff --git a/vendor/github.com/cilium/ebpf/btf/ext_info.go b/vendor/github.com/cilium/ebpf/btf/ext_info.go index 36803504be..3eae08b28e 100644 --- a/vendor/github.com/cilium/ebpf/btf/ext_info.go +++ b/vendor/github.com/cilium/ebpf/btf/ext_info.go @@ -391,13 +391,14 @@ func newFuncInfos(bfis []bpfFuncInfo, spec *Spec) (FuncInfos, error) { return fis, nil } -// LoadFuncInfos parses btf func info in wire format. +// LoadFuncInfos parses BTF func info in kernel wire format. func LoadFuncInfos(reader io.Reader, bo binary.ByteOrder, recordNum uint32, spec *Spec) (FuncInfos, error) { fis, err := parseFuncInfoRecords( reader, bo, FuncInfoSize, recordNum, + false, ) if err != nil { return FuncInfos{}, fmt.Errorf("parsing BTF func info: %w", err) @@ -441,7 +442,7 @@ func parseFuncInfos(r io.Reader, bo binary.ByteOrder, strings *stringTable) (map return nil, err } - records, err := parseFuncInfoRecords(r, bo, recordSize, infoHeader.NumInfo) + records, err := parseFuncInfoRecords(r, bo, recordSize, infoHeader.NumInfo, true) if err != nil { return nil, fmt.Errorf("section %v: %w", secName, err) } @@ -453,7 +454,7 @@ func parseFuncInfos(r io.Reader, bo binary.ByteOrder, strings *stringTable) (map // parseFuncInfoRecords parses a stream of func_infos into a funcInfos. // These records appear after a btf_ext_info_sec header in the func_info // sub-section of .BTF.ext. -func parseFuncInfoRecords(r io.Reader, bo binary.ByteOrder, recordSize uint32, recordNum uint32) ([]bpfFuncInfo, error) { +func parseFuncInfoRecords(r io.Reader, bo binary.ByteOrder, recordSize uint32, recordNum uint32, offsetInBytes bool) ([]bpfFuncInfo, error) { var out []bpfFuncInfo var fi bpfFuncInfo @@ -467,13 +468,15 @@ func parseFuncInfoRecords(r io.Reader, bo binary.ByteOrder, recordSize uint32, r return nil, fmt.Errorf("can't read function info: %v", err) } - if fi.InsnOff%asm.InstructionSize != 0 { - return nil, fmt.Errorf("offset %v is not aligned with instruction size", fi.InsnOff) - } + if offsetInBytes { + if fi.InsnOff%asm.InstructionSize != 0 { + return nil, fmt.Errorf("offset %v is not aligned with instruction size", fi.InsnOff) + } - // ELF tracks offset in bytes, the kernel expects raw BPF instructions. - // Convert as early as possible. - fi.InsnOff /= asm.InstructionSize + // ELF tracks offset in bytes, the kernel expects raw BPF instructions. + // Convert as early as possible. + fi.InsnOff /= asm.InstructionSize + } out = append(out, fi) } @@ -537,13 +540,14 @@ type bpfLineInfo struct { LineCol uint32 } -// LoadLineInfos parses btf line info in wire format. +// LoadLineInfos parses BTF line info in kernel wire format. func LoadLineInfos(reader io.Reader, bo binary.ByteOrder, recordNum uint32, spec *Spec) (LineInfos, error) { lis, err := parseLineInfoRecords( reader, bo, LineInfoSize, recordNum, + false, ) if err != nil { return LineInfos{}, fmt.Errorf("parsing BTF line info: %w", err) @@ -649,7 +653,7 @@ func parseLineInfos(r io.Reader, bo binary.ByteOrder, strings *stringTable) (map return nil, err } - records, err := parseLineInfoRecords(r, bo, recordSize, infoHeader.NumInfo) + records, err := parseLineInfoRecords(r, bo, recordSize, infoHeader.NumInfo, true) if err != nil { return nil, fmt.Errorf("section %v: %w", secName, err) } @@ -661,7 +665,7 @@ func parseLineInfos(r io.Reader, bo binary.ByteOrder, strings *stringTable) (map // parseLineInfoRecords parses a stream of line_infos into a lineInfos. // These records appear after a btf_ext_info_sec header in the line_info // sub-section of .BTF.ext. -func parseLineInfoRecords(r io.Reader, bo binary.ByteOrder, recordSize uint32, recordNum uint32) ([]bpfLineInfo, error) { +func parseLineInfoRecords(r io.Reader, bo binary.ByteOrder, recordSize uint32, recordNum uint32, offsetInBytes bool) ([]bpfLineInfo, error) { var out []bpfLineInfo var li bpfLineInfo @@ -675,13 +679,15 @@ func parseLineInfoRecords(r io.Reader, bo binary.ByteOrder, recordSize uint32, r return nil, fmt.Errorf("can't read line info: %v", err) } - if li.InsnOff%asm.InstructionSize != 0 { - return nil, fmt.Errorf("offset %v is not aligned with instruction size", li.InsnOff) - } + if offsetInBytes { + if li.InsnOff%asm.InstructionSize != 0 { + return nil, fmt.Errorf("offset %v is not aligned with instruction size", li.InsnOff) + } - // ELF tracks offset in bytes, the kernel expects raw BPF instructions. - // Convert as early as possible. - li.InsnOff /= asm.InstructionSize + // ELF tracks offset in bytes, the kernel expects raw BPF instructions. + // Convert as early as possible. + li.InsnOff /= asm.InstructionSize + } out = append(out, li) } diff --git a/vendor/github.com/cilium/ebpf/btf/format.go b/vendor/github.com/cilium/ebpf/btf/format.go index acb489cd0c..5e581b4a85 100644 --- a/vendor/github.com/cilium/ebpf/btf/format.go +++ b/vendor/github.com/cilium/ebpf/btf/format.go @@ -118,7 +118,7 @@ func (gf *GoFormatter) writeType(typ Type, depth int) error { // uint32 func (gf *GoFormatter) writeTypeLit(typ Type, depth int) error { depth++ - if depth > maxTypeDepth { + if depth > maxResolveDepth { return errNestedTooDeep } @@ -265,7 +265,7 @@ func (gf *GoFormatter) writeStructField(m Member, depth int) error { } depth++ - if depth > maxTypeDepth { + if depth > maxResolveDepth { return errNestedTooDeep } @@ -338,7 +338,7 @@ func (gf *GoFormatter) writePadding(bytes uint32) { func skipQualifiers(typ Type) Type { result := typ - for depth := 0; depth <= maxTypeDepth; depth++ { + for depth := 0; depth <= maxResolveDepth; depth++ { switch v := (result).(type) { case qualifier: result = v.qualify() diff --git a/vendor/github.com/cilium/ebpf/btf/types.go b/vendor/github.com/cilium/ebpf/btf/types.go index 5aedd72d8c..8fe329aa4e 100644 --- a/vendor/github.com/cilium/ebpf/btf/types.go +++ b/vendor/github.com/cilium/ebpf/btf/types.go @@ -5,7 +5,6 @@ import ( "fmt" "io" "math" - "reflect" "strings" "github.com/cilium/ebpf/asm" @@ -13,7 +12,9 @@ import ( "github.com/cilium/ebpf/internal/sys" ) -const maxTypeDepth = 32 +// Mirrors MAX_RESOLVE_DEPTH in libbpf. +// https://github.com/libbpf/libbpf/blob/e26b84dc330c9644c07428c271ab491b0f01f4e1/src/btf.c#L761 +const maxResolveDepth = 32 // TypeID identifies a type in a BTF section. type TypeID = sys.TypeID @@ -590,7 +591,7 @@ func Sizeof(typ Type) (int, error) { elem int64 ) - for i := 0; i < maxTypeDepth; i++ { + for i := 0; i < maxResolveDepth; i++ { switch v := typ.(type) { case *Array: if n > 0 && int64(v.Nelems) > math.MaxInt64/n { @@ -758,11 +759,11 @@ func inflateRawTypes(rawTypes []rawType, rawStrings *stringTable, base *Spec) ([ } var fixups []fixupDef - fixup := func(id TypeID, typ *Type) bool { + fixup := func(id TypeID, typ *Type) { if id < firstTypeID { if baseType, err := base.TypeByID(id); err == nil { *typ = baseType - return true + return } } @@ -770,31 +771,10 @@ func inflateRawTypes(rawTypes []rawType, rawStrings *stringTable, base *Spec) ([ if idx < len(types) { // We've already inflated this type, fix it up immediately. *typ = types[idx] - return true + return } fixups = append(fixups, fixupDef{id, typ}) - return false - } - - type assertion struct { - id TypeID - typ *Type - want reflect.Type - } - - var assertions []assertion - fixupAndAssert := func(id TypeID, typ *Type, want reflect.Type) error { - if !fixup(id, typ) { - assertions = append(assertions, assertion{id, typ, want}) - return nil - } - - // The type has already been fixed up, check the type immediately. - if reflect.TypeOf(*typ) != want { - return fmt.Errorf("type ID %d: expected %s, got %T", id, want, *typ) - } - return nil } type bitfieldFixupDef struct { @@ -955,9 +935,7 @@ func inflateRawTypes(rawTypes []rawType, rawStrings *stringTable, base *Spec) ([ case kindFunc: fn := &Func{name, nil, raw.Linkage()} - if err := fixupAndAssert(raw.Type(), &fn.Type, reflect.TypeOf((*FuncProto)(nil))); err != nil { - return nil, err - } + fixup(raw.Type(), &fn.Type) typ = fn case kindFuncProto: @@ -1066,12 +1044,6 @@ func inflateRawTypes(rawTypes []rawType, rawStrings *stringTable, base *Spec) ([ } } - for _, assertion := range assertions { - if reflect.TypeOf(*assertion.typ) != assertion.want { - return nil, fmt.Errorf("type ID %d: expected %s, got %T", assertion.id, assertion.want, *assertion.typ) - } - } - for _, dt := range declTags { switch t := dt.Type.(type) { case *Var, *Typedef: @@ -1085,7 +1057,12 @@ func inflateRawTypes(rawTypes []rawType, rawStrings *stringTable, base *Spec) ([ } case *Func: - if dt.Index >= len(t.Type.(*FuncProto).Params) { + fp, ok := t.Type.(*FuncProto) + if !ok { + return nil, fmt.Errorf("type %s: %s is not a FuncProto", dt, t.Type) + } + + if dt.Index >= len(fp.Params) { return nil, fmt.Errorf("type %s: index %d exceeds params of %s", dt, dt.Index, t) } @@ -1121,7 +1098,7 @@ func newEssentialName(name string) essentialName { // UnderlyingType skips qualifiers and Typedefs. func UnderlyingType(typ Type) Type { result := typ - for depth := 0; depth <= maxTypeDepth; depth++ { + for depth := 0; depth <= maxResolveDepth; depth++ { switch v := (result).(type) { case qualifier: result = v.qualify() @@ -1140,7 +1117,7 @@ func UnderlyingType(typ Type) Type { // Returns the zero value and false if there is no T or if the type is nested // too deeply. func as[T Type](typ Type) (T, bool) { - for depth := 0; depth <= maxTypeDepth; depth++ { + for depth := 0; depth <= maxResolveDepth; depth++ { switch v := (typ).(type) { case T: return v, true diff --git a/vendor/github.com/cilium/ebpf/internal/sysenc/marshal.go b/vendor/github.com/cilium/ebpf/internal/sysenc/marshal.go index 235a1df264..52339456aa 100644 --- a/vendor/github.com/cilium/ebpf/internal/sysenc/marshal.go +++ b/vendor/github.com/cilium/ebpf/internal/sysenc/marshal.go @@ -11,6 +11,8 @@ import ( "unsafe" "github.com/cilium/ebpf/internal" + + "golang.org/x/exp/slices" ) // Marshal turns data into a byte slice using the system's native endianness. @@ -88,6 +90,11 @@ func Unmarshal(data interface{}, buf []byte) error { *value = string(buf) return nil + case *[]byte: + // Backwards compat: unmarshaling into a slice replaces the whole slice. + *value = slices.Clone(buf) + return nil + default: if dataBuf := unsafeBackingMemory(data); len(dataBuf) == len(buf) { copy(dataBuf, buf) @@ -99,7 +106,15 @@ func Unmarshal(data interface{}, buf []byte) error { rd.Reset(buf) - return binary.Read(rd, internal.NativeEndian, value) + if err := binary.Read(rd, internal.NativeEndian, value); err != nil { + return err + } + + if rd.Len() != 0 { + return fmt.Errorf("unmarshaling %T doesn't consume all data", data) + } + + return nil } } diff --git a/vendor/github.com/cilium/ebpf/internal/vdso.go b/vendor/github.com/cilium/ebpf/internal/vdso.go index 10e639bf06..c444a41c4b 100644 --- a/vendor/github.com/cilium/ebpf/internal/vdso.go +++ b/vendor/github.com/cilium/ebpf/internal/vdso.go @@ -8,6 +8,7 @@ import ( "io" "math" "os" + "unsafe" "github.com/cilium/ebpf/internal/unix" ) @@ -19,6 +20,8 @@ var ( // vdsoVersion returns the LINUX_VERSION_CODE embedded in the vDSO library // linked into the current process image. func vdsoVersion() (uint32, error) { + const uintptrIs32bits = unsafe.Sizeof((uintptr)(0)) == 4 + // Read data from the auxiliary vector, which is normally passed directly // to the process. Go does not expose that data, so we must read it from procfs. // https://man7.org/linux/man-pages/man3/getauxval.3.html @@ -31,7 +34,7 @@ func vdsoVersion() (uint32, error) { } defer av.Close() - vdsoAddr, err := vdsoMemoryAddress(av) + vdsoAddr, err := vdsoMemoryAddress(av, NativeEndian, uintptrIs32bits) if err != nil { return 0, fmt.Errorf("finding vDSO memory address: %w", err) } @@ -52,9 +55,34 @@ func vdsoVersion() (uint32, error) { return c, nil } +type auxvPair32 struct { + Tag, Value uint32 +} + +type auxvPair64 struct { + Tag, Value uint64 +} + +func readAuxvPair(r io.Reader, order binary.ByteOrder, uintptrIs32bits bool) (tag, value uint64, _ error) { + if uintptrIs32bits { + var aux auxvPair32 + if err := binary.Read(r, order, &aux); err != nil { + return 0, 0, fmt.Errorf("reading auxv entry: %w", err) + } + return uint64(aux.Tag), uint64(aux.Value), nil + } + + var aux auxvPair64 + if err := binary.Read(r, order, &aux); err != nil { + return 0, 0, fmt.Errorf("reading auxv entry: %w", err) + } + return aux.Tag, aux.Value, nil +} + // vdsoMemoryAddress returns the memory address of the vDSO library // linked into the current process image. r is an io.Reader into an auxv blob. -func vdsoMemoryAddress(r io.Reader) (uint64, error) { +func vdsoMemoryAddress(r io.Reader, order binary.ByteOrder, uintptrIs32bits bool) (uintptr, error) { + // See https://elixir.bootlin.com/linux/v6.5.5/source/include/uapi/linux/auxvec.h const ( _AT_NULL = 0 // End of vector _AT_SYSINFO_EHDR = 33 // Offset to vDSO blob in process image @@ -62,16 +90,16 @@ func vdsoMemoryAddress(r io.Reader) (uint64, error) { // Loop through all tag/value pairs in auxv until we find `AT_SYSINFO_EHDR`, // the address of a page containing the virtual Dynamic Shared Object (vDSO). - aux := struct{ Tag, Val uint64 }{} for { - if err := binary.Read(r, NativeEndian, &aux); err != nil { - return 0, fmt.Errorf("reading auxv entry: %w", err) + tag, value, err := readAuxvPair(r, order, uintptrIs32bits) + if err != nil { + return 0, err } - switch aux.Tag { + switch tag { case _AT_SYSINFO_EHDR: - if aux.Val != 0 { - return aux.Val, nil + if value != 0 { + return uintptr(value), nil } return 0, fmt.Errorf("invalid vDSO address in auxv") // _AT_NULL is always the last tag/val pair in the aux vector diff --git a/vendor/github.com/cilium/ebpf/map.go b/vendor/github.com/cilium/ebpf/map.go index be732a24fa..7f6184850b 100644 --- a/vendor/github.com/cilium/ebpf/map.go +++ b/vendor/github.com/cilium/ebpf/map.go @@ -1411,11 +1411,7 @@ func (mi *MapIterator) Next(keyOut, valueOut interface{}) bool { return false } - // The user can get access to nextKey since unmarshalBytes - // does not copy when unmarshaling into a []byte. - // Make a copy to prevent accidental corruption of - // iterator state. - copy(mi.curKey, nextKey) + mi.curKey = nextKey mi.count++ mi.err = mi.target.Lookup(nextKey, valueOut) diff --git a/vendor/github.com/cilium/ebpf/types.go b/vendor/github.com/cilium/ebpf/types.go index af36519994..e9215519a2 100644 --- a/vendor/github.com/cilium/ebpf/types.go +++ b/vendor/github.com/cilium/ebpf/types.go @@ -219,7 +219,7 @@ const ( type AttachFlags uint32 // PinType determines whether a map is pinned into a BPFFS. -type PinType int +type PinType uint32 // Valid pin types. // diff --git a/vendor/github.com/cilium/ebpf/types_string.go b/vendor/github.com/cilium/ebpf/types_string.go index 5679f22543..e20c37aa4e 100644 --- a/vendor/github.com/cilium/ebpf/types_string.go +++ b/vendor/github.com/cilium/ebpf/types_string.go @@ -111,7 +111,7 @@ const _PinType_name = "PinNonePinByName" var _PinType_index = [...]uint8{0, 7, 16} func (i PinType) String() string { - if i < 0 || i >= PinType(len(_PinType_index)-1) { + if i >= PinType(len(_PinType_index)-1) { return "PinType(" + strconv.FormatInt(int64(i), 10) + ")" } return _PinType_name[_PinType_index[i]:_PinType_index[i+1]] diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go index 0423ae4631..935b68686d 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/tracing_policy_types.go @@ -97,6 +97,10 @@ type TracingPolicySpec struct { // +kubebuilder:validation:Optional // A killer spec. Killers []KillerSpec `json:"killers,omitempty"` + + // +kubebuilder:validation:Optional + // A list of overloaded options + Options []OptionSpec `json:"options,omitempty"` } func (tp *TracingPolicy) TpName() string { diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go index c202953245..8b7e03a6f7 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/types.go @@ -259,6 +259,14 @@ type ListSpec struct { Validated bool `json:"validated"` } +type OptionSpec struct { + // Name of the option + Name string `json:"name"` + // +kubebuilder:validation:Optional + // Value of the option + Value string `json:"value"` +} + type PodInfoSpec struct { // Host networking requested for this pod. Use the host's network namespace. // If this option is set, the ports that will be used must be specified. diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go index dcdaae9602..ac86a50b56 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/version.go @@ -7,4 +7,4 @@ package v1alpha1 // Used to determine if CRD needs to be updated in cluster // // Developers: Bump patch for each change in the CRD schema. -const CustomResourceDefinitionSchemaVersion = "1.0.0" +const CustomResourceDefinitionSchemaVersion = "1.1.0" diff --git a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go index 6cc4449f79..ec8f17b687 100644 --- a/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go +++ b/vendor/github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1/zz_generated.deepcopy.go @@ -307,6 +307,22 @@ func (in *NamespaceSelector) DeepCopy() *NamespaceSelector { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OptionSpec) DeepCopyInto(out *OptionSpec) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OptionSpec. +func (in *OptionSpec) DeepCopy() *OptionSpec { + if in == nil { + return nil + } + out := new(OptionSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PIDSelector) DeepCopyInto(out *PIDSelector) { *out = *in @@ -635,6 +651,11 @@ func (in *TracingPolicySpec) DeepCopyInto(out *TracingPolicySpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.Options != nil { + in, out := &in.Options, &out.Options + *out = make([]OptionSpec, len(*in)) + copy(*out, *in) + } return } diff --git a/vendor/github.com/fsnotify/fsnotify/.cirrus.yml b/vendor/github.com/fsnotify/fsnotify/.cirrus.yml new file mode 100644 index 0000000000..ffc7b992b3 --- /dev/null +++ b/vendor/github.com/fsnotify/fsnotify/.cirrus.yml @@ -0,0 +1,13 @@ +freebsd_task: + name: 'FreeBSD' + freebsd_instance: + image_family: freebsd-13-2 + install_script: + - pkg update -f + - pkg install -y go + test_script: + # run tests as user "cirrus" instead of root + - pw useradd cirrus -m + - chown -R cirrus:cirrus . + - FSNOTIFY_BUFFER=4096 sudo --preserve-env=FSNOTIFY_BUFFER -u cirrus go test -parallel 1 -race ./... + - sudo --preserve-env=FSNOTIFY_BUFFER -u cirrus go test -parallel 1 -race ./... diff --git a/vendor/github.com/fsnotify/fsnotify/.gitignore b/vendor/github.com/fsnotify/fsnotify/.gitignore index 1d89d85ce4..391cc076b1 100644 --- a/vendor/github.com/fsnotify/fsnotify/.gitignore +++ b/vendor/github.com/fsnotify/fsnotify/.gitignore @@ -4,3 +4,4 @@ # Output of go build ./cmd/fsnotify /fsnotify +/fsnotify.exe diff --git a/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md b/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md index 77f9593bd5..e0e5757549 100644 --- a/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md +++ b/vendor/github.com/fsnotify/fsnotify/CHANGELOG.md @@ -1,16 +1,87 @@ # Changelog -All notable changes to this project will be documented in this file. +Unreleased +---------- +Nothing yet. -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +1.7.0 - 2023-10-22 +------------------ +This version of fsnotify needs Go 1.17. -## [Unreleased] +### Additions -Nothing yet. +- illumos: add FEN backend to support illumos and Solaris. ([#371]) + +- all: add `NewBufferedWatcher()` to use a buffered channel, which can be useful + in cases where you can't control the kernel buffer and receive a large number + of events in bursts. ([#550], [#572]) + +- all: add `AddWith()`, which is identical to `Add()` but allows passing + options. ([#521]) + +- windows: allow setting the ReadDirectoryChangesW() buffer size with + `fsnotify.WithBufferSize()`; the default of 64K is the highest value that + works on all platforms and is enough for most purposes, but in some cases a + highest buffer is needed. ([#521]) + +### Changes and fixes + +- inotify: remove watcher if a watched path is renamed ([#518]) + + After a rename the reported name wasn't updated, or even an empty string. + Inotify doesn't provide any good facilities to update it, so just remove the + watcher. This is already how it worked on kqueue and FEN. + + On Windows this does work, and remains working. + +- windows: don't listen for file attribute changes ([#520]) + + File attribute changes are sent as `FILE_ACTION_MODIFIED` by the Windows API, + with no way to see if they're a file write or attribute change, so would show + up as a fsnotify.Write event. This is never useful, and could result in many + spurious Write events. + +- windows: return `ErrEventOverflow` if the buffer is full ([#525]) + + Before it would merely return "short read", making it hard to detect this + error. + +- kqueue: make sure events for all files are delivered properly when removing a + watched directory ([#526]) + + Previously they would get sent with `""` (empty string) or `"."` as the path + name. + +- kqueue: don't emit spurious Create events for symbolic links ([#524]) + + The link would get resolved but kqueue would "forget" it already saw the link + itself, resulting on a Create for every Write event for the directory. + +- all: return `ErrClosed` on `Add()` when the watcher is closed ([#516]) + +- other: add `Watcher.Errors` and `Watcher.Events` to the no-op `Watcher` in + `backend_other.go`, making it easier to use on unsupported platforms such as + WASM, AIX, etc. ([#528]) + +- other: use the `backend_other.go` no-op if the `appengine` build tag is set; + Google AppEngine forbids usage of the unsafe package so the inotify backend + won't compile there. -## [1.6.0] - 2022-10-13 +[#371]: https://github.com/fsnotify/fsnotify/pull/371 +[#516]: https://github.com/fsnotify/fsnotify/pull/516 +[#518]: https://github.com/fsnotify/fsnotify/pull/518 +[#520]: https://github.com/fsnotify/fsnotify/pull/520 +[#521]: https://github.com/fsnotify/fsnotify/pull/521 +[#524]: https://github.com/fsnotify/fsnotify/pull/524 +[#525]: https://github.com/fsnotify/fsnotify/pull/525 +[#526]: https://github.com/fsnotify/fsnotify/pull/526 +[#528]: https://github.com/fsnotify/fsnotify/pull/528 +[#537]: https://github.com/fsnotify/fsnotify/pull/537 +[#550]: https://github.com/fsnotify/fsnotify/pull/550 +[#572]: https://github.com/fsnotify/fsnotify/pull/572 +1.6.0 - 2022-10-13 +------------------ This version of fsnotify needs Go 1.16 (this was already the case since 1.5.1, but not documented). It also increases the minimum Linux version to 2.6.32. diff --git a/vendor/github.com/fsnotify/fsnotify/README.md b/vendor/github.com/fsnotify/fsnotify/README.md index d4e6080feb..e480733d16 100644 --- a/vendor/github.com/fsnotify/fsnotify/README.md +++ b/vendor/github.com/fsnotify/fsnotify/README.md @@ -1,29 +1,31 @@ fsnotify is a Go library to provide cross-platform filesystem notifications on -Windows, Linux, macOS, and BSD systems. +Windows, Linux, macOS, BSD, and illumos. -Go 1.16 or newer is required; the full documentation is at +Go 1.17 or newer is required; the full documentation is at https://pkg.go.dev/github.com/fsnotify/fsnotify -**It's best to read the documentation at pkg.go.dev, as it's pinned to the last -released version, whereas this README is for the last development version which -may include additions/changes.** - --- Platform support: -| Adapter | OS | Status | -| --------------------- | ---------------| -------------------------------------------------------------| -| inotify | Linux 2.6.32+ | Supported | -| kqueue | BSD, macOS | Supported | -| ReadDirectoryChangesW | Windows | Supported | -| FSEvents | macOS | [Planned](https://github.com/fsnotify/fsnotify/issues/11) | -| FEN | Solaris 11 | [In Progress](https://github.com/fsnotify/fsnotify/pull/371) | -| fanotify | Linux 5.9+ | [Maybe](https://github.com/fsnotify/fsnotify/issues/114) | -| USN Journals | Windows | [Maybe](https://github.com/fsnotify/fsnotify/issues/53) | -| Polling | *All* | [Maybe](https://github.com/fsnotify/fsnotify/issues/9) | - -Linux and macOS should include Android and iOS, but these are currently untested. +| Backend | OS | Status | +| :-------------------- | :--------- | :------------------------------------------------------------------------ | +| inotify | Linux | Supported | +| kqueue | BSD, macOS | Supported | +| ReadDirectoryChangesW | Windows | Supported | +| FEN | illumos | Supported | +| fanotify | Linux 5.9+ | [Not yet](https://github.com/fsnotify/fsnotify/issues/114) | +| AHAFS | AIX | [aix branch]; experimental due to lack of maintainer and test environment | +| FSEvents | macOS | [Needs support in x/sys/unix][fsevents] | +| USN Journals | Windows | [Needs support in x/sys/windows][usn] | +| Polling | *All* | [Not yet](https://github.com/fsnotify/fsnotify/issues/9) | + +Linux and illumos should include Android and Solaris, but these are currently +untested. + +[fsevents]: https://github.com/fsnotify/fsnotify/issues/11#issuecomment-1279133120 +[usn]: https://github.com/fsnotify/fsnotify/issues/53#issuecomment-1279829847 +[aix branch]: https://github.com/fsnotify/fsnotify/issues/353#issuecomment-1284590129 Usage ----- @@ -83,20 +85,23 @@ run with: % go run ./cmd/fsnotify +Further detailed documentation can be found in godoc: +https://pkg.go.dev/github.com/fsnotify/fsnotify + FAQ --- ### Will a file still be watched when it's moved to another directory? No, not unless you are watching the location it was moved to. -### Are subdirectories watched too? +### Are subdirectories watched? No, you must add watches for any directory you want to watch (a recursive watcher is on the roadmap: [#18]). [#18]: https://github.com/fsnotify/fsnotify/issues/18 ### Do I have to watch the Error and Event channels in a goroutine? -As of now, yes (you can read both channels in the same goroutine using `select`, -you don't need a separate goroutine for both channels; see the example). +Yes. You can read both channels in the same goroutine using `select` (you don't +need a separate goroutine for both channels; see the example). ### Why don't notifications work with NFS, SMB, FUSE, /proc, or /sys? fsnotify requires support from underlying OS to work. The current NFS and SMB @@ -107,6 +112,32 @@ This could be fixed with a polling watcher ([#9]), but it's not yet implemented. [#9]: https://github.com/fsnotify/fsnotify/issues/9 +### Why do I get many Chmod events? +Some programs may generate a lot of attribute changes; for example Spotlight on +macOS, anti-virus programs, backup applications, and some others are known to do +this. As a rule, it's typically best to ignore Chmod events. They're often not +useful, and tend to cause problems. + +Spotlight indexing on macOS can result in multiple events (see [#15]). A +temporary workaround is to add your folder(s) to the *Spotlight Privacy +settings* until we have a native FSEvents implementation (see [#11]). + +[#11]: https://github.com/fsnotify/fsnotify/issues/11 +[#15]: https://github.com/fsnotify/fsnotify/issues/15 + +### Watching a file doesn't work well +Watching individual files (rather than directories) is generally not recommended +as many programs (especially editors) update files atomically: it will write to +a temporary file which is then moved to to destination, overwriting the original +(or some variant thereof). The watcher on the original file is now lost, as that +no longer exists. + +The upshot of this is that a power failure or crash won't leave a half-written +file. + +Watch the parent directory and use `Event.Name` to filter out files you're not +interested in. There is an example of this in `cmd/fsnotify/file.go`. + Platform-specific notes ----------------------- ### Linux @@ -151,11 +182,3 @@ these platforms. The sysctl variables `kern.maxfiles` and `kern.maxfilesperproc` can be used to control the maximum number of open files. - -### macOS -Spotlight indexing on macOS can result in multiple events (see [#15]). A temporary -workaround is to add your folder(s) to the *Spotlight Privacy settings* until we -have a native FSEvents implementation (see [#11]). - -[#11]: https://github.com/fsnotify/fsnotify/issues/11 -[#15]: https://github.com/fsnotify/fsnotify/issues/15 diff --git a/vendor/github.com/fsnotify/fsnotify/backend_fen.go b/vendor/github.com/fsnotify/fsnotify/backend_fen.go index 1a95ad8e7c..28497f1dd8 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_fen.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_fen.go @@ -1,10 +1,19 @@ //go:build solaris // +build solaris +// Note: the documentation on the Watcher type and methods is generated from +// mkdoc.zsh + package fsnotify import ( "errors" + "fmt" + "os" + "path/filepath" + "sync" + + "golang.org/x/sys/unix" ) // Watcher watches a set of paths, delivering events on a channel. @@ -17,9 +26,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -33,16 +42,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -58,14 +67,20 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # macOS notes +// # Windows notes +// +// Paths can be added as "C:\path\to\dir", but forward slashes +// ("C:/path/to/dir") will also work. // -// Spotlight indexing on macOS can result in multiple events (see [#15]). A -// temporary workaround is to add your folder(s) to the "Spotlight Privacy -// Settings" until we have a native FSEvents implementation (see [#11]). +// When a watched directory is removed it will always send an event for the +// directory itself, but may not send events for all files in that directory. +// Sometimes it will send events for all times, sometimes it will send no +// events, and often only for some files. // -// [#11]: https://github.com/fsnotify/fsnotify/issues/11 -// [#15]: https://github.com/fsnotify/fsnotify/issues/15 +// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest +// value that is guaranteed to work with SMB filesystems. If you have many +// events in quick succession this may not be enough, and you will have to use +// [WithBufferSize] to increase the value. type Watcher struct { // Events sends the filesystem change events. // @@ -92,44 +107,129 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, so you - // probably want to wait until you've stopped receiving - // them (see the dedup example in cmd/fsnotify). + // you may get hundreds of Write events, and you may + // want to wait until you've stopped receiving them + // (see the dedup example in cmd/fsnotify). + // + // Some systems may send Write event for directories + // when the directory content changes. // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // and on kqueue when a file is truncated. On Windows - // it's never sent. + // when a file is truncated. On Windows it's never + // sent. Events chan Event // Errors sends any errors. + // + // ErrEventOverflow is used to indicate there are too many events: + // + // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) + // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. + // - kqueue, fen: Not used. Errors chan error + + mu sync.Mutex + port *unix.EventPort + done chan struct{} // Channel for sending a "quit message" to the reader goroutine + dirs map[string]struct{} // Explicitly watched directories + watches map[string]struct{} // Explicitly watched non-directories } // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - return nil, errors.New("FEN based watcher not yet supported for fsnotify\n") + return NewBufferedWatcher(0) } -// Close removes all watches and closes the events channel. +// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events +// channel. +// +// The main use case for this is situations with a very large number of events +// where the kernel buffer size can't be increased (e.g. due to lack of +// permissions). An unbuffered Watcher will perform better for almost all use +// cases, and whenever possible you will be better off increasing the kernel +// buffers instead of adding a large userspace buffer. +func NewBufferedWatcher(sz uint) (*Watcher, error) { + w := &Watcher{ + Events: make(chan Event, sz), + Errors: make(chan error), + dirs: make(map[string]struct{}), + watches: make(map[string]struct{}), + done: make(chan struct{}), + } + + var err error + w.port, err = unix.NewEventPort() + if err != nil { + return nil, fmt.Errorf("fsnotify.NewWatcher: %w", err) + } + + go w.readEvents() + return w, nil +} + +// sendEvent attempts to send an event to the user, returning true if the event +// was put in the channel successfully and false if the watcher has been closed. +func (w *Watcher) sendEvent(name string, op Op) (sent bool) { + select { + case w.Events <- Event{Name: name, Op: op}: + return true + case <-w.done: + return false + } +} + +// sendError attempts to send an error to the user, returning true if the error +// was put in the channel successfully and false if the watcher has been closed. +func (w *Watcher) sendError(err error) (sent bool) { + select { + case w.Errors <- err: + return true + case <-w.done: + return false + } +} + +func (w *Watcher) isClosed() bool { + select { + case <-w.done: + return true + default: + return false + } +} + +// Close removes all watches and closes the Events channel. func (w *Watcher) Close() error { - return nil + // Take the lock used by associateFile to prevent lingering events from + // being processed after the close + w.mu.Lock() + defer w.mu.Unlock() + if w.isClosed() { + return nil + } + close(w.done) + return w.port.Close() } // Add starts monitoring the path for changes. // -// A path can only be watched once; attempting to watch it more than once will -// return an error. Paths that do not yet exist on the filesystem cannot be -// added. A watch will be automatically removed if the path is deleted. +// A path can only be watched once; watching it more than once is a no-op and will +// not return an error. Paths that do not yet exist on the filesystem cannot be +// watched. // -// A path will remain watched if it gets renamed to somewhere else on the same -// filesystem, but the monitor will get removed if the path gets deleted and -// re-created, or if it's moved to a different filesystem. +// A watch will be automatically removed if the watched path is deleted or +// renamed. The exception is the Windows backend, which doesn't remove the +// watcher on renames. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // +// Returns [ErrClosed] if [Watcher.Close] was called. +// +// See [Watcher.AddWith] for a version that allows adding options. +// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -139,15 +239,63 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many tools update files atomically. Instead of "just" writing -// to the file a temporary file will be written to first, and if successful the -// temporary file is moved to to destination removing the original, or some -// variant thereof. The watcher on the original file is now lost, as it no -// longer exists. -// -// Instead, watch the parent directory and use Event.Name to filter out files -// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. -func (w *Watcher) Add(name string) error { +// recommended as many programs (especially editors) update files atomically: it +// will write to a temporary file which is then moved to to destination, +// overwriting the original (or some variant thereof). The watcher on the +// original file is now lost, as that no longer exists. +// +// The upshot of this is that a power failure or crash won't leave a +// half-written file. +// +// Watch the parent directory and use Event.Name to filter out files you're not +// interested in. There is an example of this in cmd/fsnotify/file.go. +func (w *Watcher) Add(name string) error { return w.AddWith(name) } + +// AddWith is like [Watcher.Add], but allows adding options. When using Add() +// the defaults described below are used. +// +// Possible options are: +// +// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on +// other platforms. The default is 64K (65536 bytes). +func (w *Watcher) AddWith(name string, opts ...addOpt) error { + if w.isClosed() { + return ErrClosed + } + if w.port.PathIsWatched(name) { + return nil + } + + _ = getOptions(opts...) + + // Currently we resolve symlinks that were explicitly requested to be + // watched. Otherwise we would use LStat here. + stat, err := os.Stat(name) + if err != nil { + return err + } + + // Associate all files in the directory. + if stat.IsDir() { + err := w.handleDirectory(name, stat, true, w.associateFile) + if err != nil { + return err + } + + w.mu.Lock() + w.dirs[name] = struct{}{} + w.mu.Unlock() + return nil + } + + err = w.associateFile(name, stat, true) + if err != nil { + return err + } + + w.mu.Lock() + w.watches[name] = struct{}{} + w.mu.Unlock() return nil } @@ -157,6 +305,336 @@ func (w *Watcher) Add(name string) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. +// +// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { + if w.isClosed() { + return nil + } + if !w.port.PathIsWatched(name) { + return fmt.Errorf("%w: %s", ErrNonExistentWatch, name) + } + + // The user has expressed an intent. Immediately remove this name from + // whichever watch list it might be in. If it's not in there the delete + // doesn't cause harm. + w.mu.Lock() + delete(w.watches, name) + delete(w.dirs, name) + w.mu.Unlock() + + stat, err := os.Stat(name) + if err != nil { + return err + } + + // Remove associations for every file in the directory. + if stat.IsDir() { + err := w.handleDirectory(name, stat, false, w.dissociateFile) + if err != nil { + return err + } + return nil + } + + err = w.port.DissociatePath(name) + if err != nil { + return err + } + return nil } + +// readEvents contains the main loop that runs in a goroutine watching for events. +func (w *Watcher) readEvents() { + // If this function returns, the watcher has been closed and we can close + // these channels + defer func() { + close(w.Errors) + close(w.Events) + }() + + pevents := make([]unix.PortEvent, 8) + for { + count, err := w.port.Get(pevents, 1, nil) + if err != nil && err != unix.ETIME { + // Interrupted system call (count should be 0) ignore and continue + if errors.Is(err, unix.EINTR) && count == 0 { + continue + } + // Get failed because we called w.Close() + if errors.Is(err, unix.EBADF) && w.isClosed() { + return + } + // There was an error not caused by calling w.Close() + if !w.sendError(err) { + return + } + } + + p := pevents[:count] + for _, pevent := range p { + if pevent.Source != unix.PORT_SOURCE_FILE { + // Event from unexpected source received; should never happen. + if !w.sendError(errors.New("Event from unexpected source received")) { + return + } + continue + } + + err = w.handleEvent(&pevent) + if err != nil { + if !w.sendError(err) { + return + } + } + } + } +} + +func (w *Watcher) handleDirectory(path string, stat os.FileInfo, follow bool, handler func(string, os.FileInfo, bool) error) error { + files, err := os.ReadDir(path) + if err != nil { + return err + } + + // Handle all children of the directory. + for _, entry := range files { + finfo, err := entry.Info() + if err != nil { + return err + } + err = handler(filepath.Join(path, finfo.Name()), finfo, false) + if err != nil { + return err + } + } + + // And finally handle the directory itself. + return handler(path, stat, follow) +} + +// handleEvent might need to emit more than one fsnotify event if the events +// bitmap matches more than one event type (e.g. the file was both modified and +// had the attributes changed between when the association was created and the +// when event was returned) +func (w *Watcher) handleEvent(event *unix.PortEvent) error { + var ( + events = event.Events + path = event.Path + fmode = event.Cookie.(os.FileMode) + reRegister = true + ) + + w.mu.Lock() + _, watchedDir := w.dirs[path] + _, watchedPath := w.watches[path] + w.mu.Unlock() + isWatched := watchedDir || watchedPath + + if events&unix.FILE_DELETE != 0 { + if !w.sendEvent(path, Remove) { + return nil + } + reRegister = false + } + if events&unix.FILE_RENAME_FROM != 0 { + if !w.sendEvent(path, Rename) { + return nil + } + // Don't keep watching the new file name + reRegister = false + } + if events&unix.FILE_RENAME_TO != 0 { + // We don't report a Rename event for this case, because Rename events + // are interpreted as referring to the _old_ name of the file, and in + // this case the event would refer to the new name of the file. This + // type of rename event is not supported by fsnotify. + + // inotify reports a Remove event in this case, so we simulate this + // here. + if !w.sendEvent(path, Remove) { + return nil + } + // Don't keep watching the file that was removed + reRegister = false + } + + // The file is gone, nothing left to do. + if !reRegister { + if watchedDir { + w.mu.Lock() + delete(w.dirs, path) + w.mu.Unlock() + } + if watchedPath { + w.mu.Lock() + delete(w.watches, path) + w.mu.Unlock() + } + return nil + } + + // If we didn't get a deletion the file still exists and we're going to have + // to watch it again. Let's Stat it now so that we can compare permissions + // and have what we need to continue watching the file + + stat, err := os.Lstat(path) + if err != nil { + // This is unexpected, but we should still emit an event. This happens + // most often on "rm -r" of a subdirectory inside a watched directory We + // get a modify event of something happening inside, but by the time we + // get here, the sudirectory is already gone. Clearly we were watching + // this path but now it is gone. Let's tell the user that it was + // removed. + if !w.sendEvent(path, Remove) { + return nil + } + // Suppress extra write events on removed directories; they are not + // informative and can be confusing. + return nil + } + + // resolve symlinks that were explicitly watched as we would have at Add() + // time. this helps suppress spurious Chmod events on watched symlinks + if isWatched { + stat, err = os.Stat(path) + if err != nil { + // The symlink still exists, but the target is gone. Report the + // Remove similar to above. + if !w.sendEvent(path, Remove) { + return nil + } + // Don't return the error + } + } + + if events&unix.FILE_MODIFIED != 0 { + if fmode.IsDir() { + if watchedDir { + if err := w.updateDirectory(path); err != nil { + return err + } + } else { + if !w.sendEvent(path, Write) { + return nil + } + } + } else { + if !w.sendEvent(path, Write) { + return nil + } + } + } + if events&unix.FILE_ATTRIB != 0 && stat != nil { + // Only send Chmod if perms changed + if stat.Mode().Perm() != fmode.Perm() { + if !w.sendEvent(path, Chmod) { + return nil + } + } + } + + if stat != nil { + // If we get here, it means we've hit an event above that requires us to + // continue watching the file or directory + return w.associateFile(path, stat, isWatched) + } + return nil +} + +func (w *Watcher) updateDirectory(path string) error { + // The directory was modified, so we must find unwatched entities and watch + // them. If something was removed from the directory, nothing will happen, + // as everything else should still be watched. + files, err := os.ReadDir(path) + if err != nil { + return err + } + + for _, entry := range files { + path := filepath.Join(path, entry.Name()) + if w.port.PathIsWatched(path) { + continue + } + + finfo, err := entry.Info() + if err != nil { + return err + } + err = w.associateFile(path, finfo, false) + if err != nil { + if !w.sendError(err) { + return nil + } + } + if !w.sendEvent(path, Create) { + return nil + } + } + return nil +} + +func (w *Watcher) associateFile(path string, stat os.FileInfo, follow bool) error { + if w.isClosed() { + return ErrClosed + } + // This is primarily protecting the call to AssociatePath but it is + // important and intentional that the call to PathIsWatched is also + // protected by this mutex. Without this mutex, AssociatePath has been seen + // to error out that the path is already associated. + w.mu.Lock() + defer w.mu.Unlock() + + if w.port.PathIsWatched(path) { + // Remove the old association in favor of this one If we get ENOENT, + // then while the x/sys/unix wrapper still thought that this path was + // associated, the underlying event port did not. This call will have + // cleared up that discrepancy. The most likely cause is that the event + // has fired but we haven't processed it yet. + err := w.port.DissociatePath(path) + if err != nil && err != unix.ENOENT { + return err + } + } + // FILE_NOFOLLOW means we watch symlinks themselves rather than their + // targets. + events := unix.FILE_MODIFIED | unix.FILE_ATTRIB | unix.FILE_NOFOLLOW + if follow { + // We *DO* follow symlinks for explicitly watched entries. + events = unix.FILE_MODIFIED | unix.FILE_ATTRIB + } + return w.port.AssociatePath(path, stat, + events, + stat.Mode()) +} + +func (w *Watcher) dissociateFile(path string, stat os.FileInfo, unused bool) error { + if !w.port.PathIsWatched(path) { + return nil + } + return w.port.DissociatePath(path) +} + +// WatchList returns all paths explicitly added with [Watcher.Add] (and are not +// yet removed). +// +// Returns nil if [Watcher.Close] was called. +func (w *Watcher) WatchList() []string { + if w.isClosed() { + return nil + } + + w.mu.Lock() + defer w.mu.Unlock() + + entries := make([]string, 0, len(w.watches)+len(w.dirs)) + for pathname := range w.dirs { + entries = append(entries, pathname) + } + for pathname := range w.watches { + entries = append(entries, pathname) + } + + return entries +} diff --git a/vendor/github.com/fsnotify/fsnotify/backend_inotify.go b/vendor/github.com/fsnotify/fsnotify/backend_inotify.go index 54c77fbb0e..921c1c1e40 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_inotify.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_inotify.go @@ -1,5 +1,8 @@ -//go:build linux -// +build linux +//go:build linux && !appengine +// +build linux,!appengine + +// Note: the documentation on the Watcher type and methods is generated from +// mkdoc.zsh package fsnotify @@ -26,9 +29,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -42,16 +45,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -67,14 +70,20 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # macOS notes +// # Windows notes +// +// Paths can be added as "C:\path\to\dir", but forward slashes +// ("C:/path/to/dir") will also work. // -// Spotlight indexing on macOS can result in multiple events (see [#15]). A -// temporary workaround is to add your folder(s) to the "Spotlight Privacy -// Settings" until we have a native FSEvents implementation (see [#11]). +// When a watched directory is removed it will always send an event for the +// directory itself, but may not send events for all files in that directory. +// Sometimes it will send events for all times, sometimes it will send no +// events, and often only for some files. // -// [#11]: https://github.com/fsnotify/fsnotify/issues/11 -// [#15]: https://github.com/fsnotify/fsnotify/issues/15 +// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest +// value that is guaranteed to work with SMB filesystems. If you have many +// events in quick succession this may not be enough, and you will have to use +// [WithBufferSize] to increase the value. type Watcher struct { // Events sends the filesystem change events. // @@ -101,36 +110,148 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, so you - // probably want to wait until you've stopped receiving - // them (see the dedup example in cmd/fsnotify). + // you may get hundreds of Write events, and you may + // want to wait until you've stopped receiving them + // (see the dedup example in cmd/fsnotify). + // + // Some systems may send Write event for directories + // when the directory content changes. // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // and on kqueue when a file is truncated. On Windows - // it's never sent. + // when a file is truncated. On Windows it's never + // sent. Events chan Event // Errors sends any errors. + // + // ErrEventOverflow is used to indicate there are too many events: + // + // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) + // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. + // - kqueue, fen: Not used. Errors chan error // Store fd here as os.File.Read() will no longer return on close after // calling Fd(). See: https://github.com/golang/go/issues/26439 fd int - mu sync.Mutex // Map access inotifyFile *os.File - watches map[string]*watch // Map of inotify watches (key: path) - paths map[int]string // Map of watched paths (key: watch descriptor) - done chan struct{} // Channel for sending a "quit message" to the reader goroutine - doneResp chan struct{} // Channel to respond to Close + watches *watches + done chan struct{} // Channel for sending a "quit message" to the reader goroutine + closeMu sync.Mutex + doneResp chan struct{} // Channel to respond to Close +} + +type ( + watches struct { + mu sync.RWMutex + wd map[uint32]*watch // wd → watch + path map[string]uint32 // pathname → wd + } + watch struct { + wd uint32 // Watch descriptor (as returned by the inotify_add_watch() syscall) + flags uint32 // inotify flags of this watch (see inotify(7) for the list of valid flags) + path string // Watch path. + } +) + +func newWatches() *watches { + return &watches{ + wd: make(map[uint32]*watch), + path: make(map[string]uint32), + } +} + +func (w *watches) len() int { + w.mu.RLock() + defer w.mu.RUnlock() + return len(w.wd) +} + +func (w *watches) add(ww *watch) { + w.mu.Lock() + defer w.mu.Unlock() + w.wd[ww.wd] = ww + w.path[ww.path] = ww.wd +} + +func (w *watches) remove(wd uint32) { + w.mu.Lock() + defer w.mu.Unlock() + delete(w.path, w.wd[wd].path) + delete(w.wd, wd) +} + +func (w *watches) removePath(path string) (uint32, bool) { + w.mu.Lock() + defer w.mu.Unlock() + + wd, ok := w.path[path] + if !ok { + return 0, false + } + + delete(w.path, path) + delete(w.wd, wd) + + return wd, true +} + +func (w *watches) byPath(path string) *watch { + w.mu.RLock() + defer w.mu.RUnlock() + return w.wd[w.path[path]] +} + +func (w *watches) byWd(wd uint32) *watch { + w.mu.RLock() + defer w.mu.RUnlock() + return w.wd[wd] +} + +func (w *watches) updatePath(path string, f func(*watch) (*watch, error)) error { + w.mu.Lock() + defer w.mu.Unlock() + + var existing *watch + wd, ok := w.path[path] + if ok { + existing = w.wd[wd] + } + + upd, err := f(existing) + if err != nil { + return err + } + if upd != nil { + w.wd[upd.wd] = upd + w.path[upd.path] = upd.wd + + if upd.wd != wd { + delete(w.wd, wd) + } + } + + return nil } // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - // Create inotify fd - // Need to set the FD to nonblocking mode in order for SetDeadline methods to work - // Otherwise, blocking i/o operations won't terminate on close + return NewBufferedWatcher(0) +} + +// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events +// channel. +// +// The main use case for this is situations with a very large number of events +// where the kernel buffer size can't be increased (e.g. due to lack of +// permissions). An unbuffered Watcher will perform better for almost all use +// cases, and whenever possible you will be better off increasing the kernel +// buffers instead of adding a large userspace buffer. +func NewBufferedWatcher(sz uint) (*Watcher, error) { + // Need to set nonblocking mode for SetDeadline to work, otherwise blocking + // I/O operations won't terminate on close. fd, errno := unix.InotifyInit1(unix.IN_CLOEXEC | unix.IN_NONBLOCK) if fd == -1 { return nil, errno @@ -139,9 +260,8 @@ func NewWatcher() (*Watcher, error) { w := &Watcher{ fd: fd, inotifyFile: os.NewFile(uintptr(fd), ""), - watches: make(map[string]*watch), - paths: make(map[int]string), - Events: make(chan Event), + watches: newWatches(), + Events: make(chan Event, sz), Errors: make(chan error), done: make(chan struct{}), doneResp: make(chan struct{}), @@ -157,8 +277,8 @@ func (w *Watcher) sendEvent(e Event) bool { case w.Events <- e: return true case <-w.done: + return false } - return false } // Returns true if the error was sent, or false if watcher is closed. @@ -180,17 +300,15 @@ func (w *Watcher) isClosed() bool { } } -// Close removes all watches and closes the events channel. +// Close removes all watches and closes the Events channel. func (w *Watcher) Close() error { - w.mu.Lock() + w.closeMu.Lock() if w.isClosed() { - w.mu.Unlock() + w.closeMu.Unlock() return nil } - - // Send 'close' signal to goroutine, and set the Watcher to closed. close(w.done) - w.mu.Unlock() + w.closeMu.Unlock() // Causes any blocking reads to return with an error, provided the file // still supports deadline operations. @@ -207,17 +325,21 @@ func (w *Watcher) Close() error { // Add starts monitoring the path for changes. // -// A path can only be watched once; attempting to watch it more than once will -// return an error. Paths that do not yet exist on the filesystem cannot be -// added. A watch will be automatically removed if the path is deleted. +// A path can only be watched once; watching it more than once is a no-op and will +// not return an error. Paths that do not yet exist on the filesystem cannot be +// watched. // -// A path will remain watched if it gets renamed to somewhere else on the same -// filesystem, but the monitor will get removed if the path gets deleted and -// re-created, or if it's moved to a different filesystem. +// A watch will be automatically removed if the watched path is deleted or +// renamed. The exception is the Windows backend, which doesn't remove the +// watcher on renames. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // +// Returns [ErrClosed] if [Watcher.Close] was called. +// +// See [Watcher.AddWith] for a version that allows adding options. +// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -227,44 +349,59 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many tools update files atomically. Instead of "just" writing -// to the file a temporary file will be written to first, and if successful the -// temporary file is moved to to destination removing the original, or some -// variant thereof. The watcher on the original file is now lost, as it no -// longer exists. -// -// Instead, watch the parent directory and use Event.Name to filter out files -// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. -func (w *Watcher) Add(name string) error { - name = filepath.Clean(name) +// recommended as many programs (especially editors) update files atomically: it +// will write to a temporary file which is then moved to to destination, +// overwriting the original (or some variant thereof). The watcher on the +// original file is now lost, as that no longer exists. +// +// The upshot of this is that a power failure or crash won't leave a +// half-written file. +// +// Watch the parent directory and use Event.Name to filter out files you're not +// interested in. There is an example of this in cmd/fsnotify/file.go. +func (w *Watcher) Add(name string) error { return w.AddWith(name) } + +// AddWith is like [Watcher.Add], but allows adding options. When using Add() +// the defaults described below are used. +// +// Possible options are: +// +// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on +// other platforms. The default is 64K (65536 bytes). +func (w *Watcher) AddWith(name string, opts ...addOpt) error { if w.isClosed() { - return errors.New("inotify instance already closed") + return ErrClosed } + name = filepath.Clean(name) + _ = getOptions(opts...) + var flags uint32 = unix.IN_MOVED_TO | unix.IN_MOVED_FROM | unix.IN_CREATE | unix.IN_ATTRIB | unix.IN_MODIFY | unix.IN_MOVE_SELF | unix.IN_DELETE | unix.IN_DELETE_SELF - w.mu.Lock() - defer w.mu.Unlock() - watchEntry := w.watches[name] - if watchEntry != nil { - flags |= watchEntry.flags | unix.IN_MASK_ADD - } - wd, errno := unix.InotifyAddWatch(w.fd, name, flags) - if wd == -1 { - return errno - } + return w.watches.updatePath(name, func(existing *watch) (*watch, error) { + if existing != nil { + flags |= existing.flags | unix.IN_MASK_ADD + } - if watchEntry == nil { - w.watches[name] = &watch{wd: uint32(wd), flags: flags} - w.paths[wd] = name - } else { - watchEntry.wd = uint32(wd) - watchEntry.flags = flags - } + wd, err := unix.InotifyAddWatch(w.fd, name, flags) + if wd == -1 { + return nil, err + } - return nil + if existing == nil { + return &watch{ + wd: uint32(wd), + path: name, + flags: flags, + }, nil + } + + existing.wd = uint32(wd) + existing.flags = flags + return existing, nil + }) } // Remove stops monitoring the path for changes. @@ -273,32 +410,22 @@ func (w *Watcher) Add(name string) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. +// +// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { - name = filepath.Clean(name) - - // Fetch the watch. - w.mu.Lock() - defer w.mu.Unlock() - watch, ok := w.watches[name] + if w.isClosed() { + return nil + } + return w.remove(filepath.Clean(name)) +} - // Remove it from inotify. +func (w *Watcher) remove(name string) error { + wd, ok := w.watches.removePath(name) if !ok { return fmt.Errorf("%w: %s", ErrNonExistentWatch, name) } - // We successfully removed the watch if InotifyRmWatch doesn't return an - // error, we need to clean up our internal state to ensure it matches - // inotify's kernel state. - delete(w.paths, int(watch.wd)) - delete(w.watches, name) - - // inotify_rm_watch will return EINVAL if the file has been deleted; - // the inotify will already have been removed. - // watches and pathes are deleted in ignoreLinux() implicitly and asynchronously - // by calling inotify_rm_watch() below. e.g. readEvents() goroutine receives IN_IGNORE - // so that EINVAL means that the wd is being rm_watch()ed or its file removed - // by another thread and we have not received IN_IGNORE event. - success, errno := unix.InotifyRmWatch(w.fd, watch.wd) + success, errno := unix.InotifyRmWatch(w.fd, wd) if success == -1 { // TODO: Perhaps it's not helpful to return an error here in every case; // The only two possible errors are: @@ -312,28 +439,28 @@ func (w *Watcher) Remove(name string) error { // are watching is deleted. return errno } - return nil } -// WatchList returns all paths added with [Add] (and are not yet removed). +// WatchList returns all paths explicitly added with [Watcher.Add] (and are not +// yet removed). +// +// Returns nil if [Watcher.Close] was called. func (w *Watcher) WatchList() []string { - w.mu.Lock() - defer w.mu.Unlock() + if w.isClosed() { + return nil + } - entries := make([]string, 0, len(w.watches)) - for pathname := range w.watches { + entries := make([]string, 0, w.watches.len()) + w.watches.mu.RLock() + for pathname := range w.watches.path { entries = append(entries, pathname) } + w.watches.mu.RUnlock() return entries } -type watch struct { - wd uint32 // Watch descriptor (as returned by the inotify_add_watch() syscall) - flags uint32 // inotify flags of this watch (see inotify(7) for the list of valid flags) -} - // readEvents reads from the inotify file descriptor, converts the // received events into Event objects and sends them via the Events channel func (w *Watcher) readEvents() { @@ -367,14 +494,11 @@ func (w *Watcher) readEvents() { if n < unix.SizeofInotifyEvent { var err error if n == 0 { - // If EOF is received. This should really never happen. - err = io.EOF + err = io.EOF // If EOF is received. This should really never happen. } else if n < 0 { - // If an error occurred while reading. - err = errno + err = errno // If an error occurred while reading. } else { - // Read was too short. - err = errors.New("notify: short read in readEvents()") + err = errors.New("notify: short read in readEvents()") // Read was too short. } if !w.sendError(err) { return @@ -403,18 +527,29 @@ func (w *Watcher) readEvents() { // doesn't append the filename to the event, but we would like to always fill the // the "Name" field with a valid filename. We retrieve the path of the watch from // the "paths" map. - w.mu.Lock() - name, ok := w.paths[int(raw.Wd)] - // IN_DELETE_SELF occurs when the file/directory being watched is removed. - // This is a sign to clean up the maps, otherwise we are no longer in sync - // with the inotify kernel state which has already deleted the watch - // automatically. - if ok && mask&unix.IN_DELETE_SELF == unix.IN_DELETE_SELF { - delete(w.paths, int(raw.Wd)) - delete(w.watches, name) + watch := w.watches.byWd(uint32(raw.Wd)) + + // inotify will automatically remove the watch on deletes; just need + // to clean our state here. + if watch != nil && mask&unix.IN_DELETE_SELF == unix.IN_DELETE_SELF { + w.watches.remove(watch.wd) + } + // We can't really update the state when a watched path is moved; + // only IN_MOVE_SELF is sent and not IN_MOVED_{FROM,TO}. So remove + // the watch. + if watch != nil && mask&unix.IN_MOVE_SELF == unix.IN_MOVE_SELF { + err := w.remove(watch.path) + if err != nil && !errors.Is(err, ErrNonExistentWatch) { + if !w.sendError(err) { + return + } + } } - w.mu.Unlock() + var name string + if watch != nil { + name = watch.path + } if nameLen > 0 { // Point "bytes" at the first byte of the filename bytes := (*[unix.PathMax]byte)(unsafe.Pointer(&buf[offset+unix.SizeofInotifyEvent]))[:nameLen:nameLen] diff --git a/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go b/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go index 29087469bf..063a0915a0 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_kqueue.go @@ -1,12 +1,14 @@ //go:build freebsd || openbsd || netbsd || dragonfly || darwin // +build freebsd openbsd netbsd dragonfly darwin +// Note: the documentation on the Watcher type and methods is generated from +// mkdoc.zsh + package fsnotify import ( "errors" "fmt" - "io/ioutil" "os" "path/filepath" "sync" @@ -24,9 +26,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -40,16 +42,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -65,14 +67,20 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # macOS notes +// # Windows notes +// +// Paths can be added as "C:\path\to\dir", but forward slashes +// ("C:/path/to/dir") will also work. // -// Spotlight indexing on macOS can result in multiple events (see [#15]). A -// temporary workaround is to add your folder(s) to the "Spotlight Privacy -// Settings" until we have a native FSEvents implementation (see [#11]). +// When a watched directory is removed it will always send an event for the +// directory itself, but may not send events for all files in that directory. +// Sometimes it will send events for all times, sometimes it will send no +// events, and often only for some files. // -// [#11]: https://github.com/fsnotify/fsnotify/issues/11 -// [#15]: https://github.com/fsnotify/fsnotify/issues/15 +// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest +// value that is guaranteed to work with SMB filesystems. If you have many +// events in quick succession this may not be enough, and you will have to use +// [WithBufferSize] to increase the value. type Watcher struct { // Events sends the filesystem change events. // @@ -99,18 +107,27 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, so you - // probably want to wait until you've stopped receiving - // them (see the dedup example in cmd/fsnotify). + // you may get hundreds of Write events, and you may + // want to wait until you've stopped receiving them + // (see the dedup example in cmd/fsnotify). + // + // Some systems may send Write event for directories + // when the directory content changes. // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // and on kqueue when a file is truncated. On Windows - // it's never sent. + // when a file is truncated. On Windows it's never + // sent. Events chan Event // Errors sends any errors. + // + // ErrEventOverflow is used to indicate there are too many events: + // + // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) + // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. + // - kqueue, fen: Not used. Errors chan error done chan struct{} @@ -133,6 +150,18 @@ type pathInfo struct { // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { + return NewBufferedWatcher(0) +} + +// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events +// channel. +// +// The main use case for this is situations with a very large number of events +// where the kernel buffer size can't be increased (e.g. due to lack of +// permissions). An unbuffered Watcher will perform better for almost all use +// cases, and whenever possible you will be better off increasing the kernel +// buffers instead of adding a large userspace buffer. +func NewBufferedWatcher(sz uint) (*Watcher, error) { kq, closepipe, err := newKqueue() if err != nil { return nil, err @@ -147,7 +176,7 @@ func NewWatcher() (*Watcher, error) { paths: make(map[int]pathInfo), fileExists: make(map[string]struct{}), userWatches: make(map[string]struct{}), - Events: make(chan Event), + Events: make(chan Event, sz), Errors: make(chan error), done: make(chan struct{}), } @@ -197,8 +226,8 @@ func (w *Watcher) sendEvent(e Event) bool { case w.Events <- e: return true case <-w.done: + return false } - return false } // Returns true if the error was sent, or false if watcher is closed. @@ -207,11 +236,11 @@ func (w *Watcher) sendError(err error) bool { case w.Errors <- err: return true case <-w.done: + return false } - return false } -// Close removes all watches and closes the events channel. +// Close removes all watches and closes the Events channel. func (w *Watcher) Close() error { w.mu.Lock() if w.isClosed { @@ -239,17 +268,21 @@ func (w *Watcher) Close() error { // Add starts monitoring the path for changes. // -// A path can only be watched once; attempting to watch it more than once will -// return an error. Paths that do not yet exist on the filesystem cannot be -// added. A watch will be automatically removed if the path is deleted. +// A path can only be watched once; watching it more than once is a no-op and will +// not return an error. Paths that do not yet exist on the filesystem cannot be +// watched. // -// A path will remain watched if it gets renamed to somewhere else on the same -// filesystem, but the monitor will get removed if the path gets deleted and -// re-created, or if it's moved to a different filesystem. +// A watch will be automatically removed if the watched path is deleted or +// renamed. The exception is the Windows backend, which doesn't remove the +// watcher on renames. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // +// Returns [ErrClosed] if [Watcher.Close] was called. +// +// See [Watcher.AddWith] for a version that allows adding options. +// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -259,15 +292,28 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many tools update files atomically. Instead of "just" writing -// to the file a temporary file will be written to first, and if successful the -// temporary file is moved to to destination removing the original, or some -// variant thereof. The watcher on the original file is now lost, as it no -// longer exists. -// -// Instead, watch the parent directory and use Event.Name to filter out files -// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. -func (w *Watcher) Add(name string) error { +// recommended as many programs (especially editors) update files atomically: it +// will write to a temporary file which is then moved to to destination, +// overwriting the original (or some variant thereof). The watcher on the +// original file is now lost, as that no longer exists. +// +// The upshot of this is that a power failure or crash won't leave a +// half-written file. +// +// Watch the parent directory and use Event.Name to filter out files you're not +// interested in. There is an example of this in cmd/fsnotify/file.go. +func (w *Watcher) Add(name string) error { return w.AddWith(name) } + +// AddWith is like [Watcher.Add], but allows adding options. When using Add() +// the defaults described below are used. +// +// Possible options are: +// +// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on +// other platforms. The default is 64K (65536 bytes). +func (w *Watcher) AddWith(name string, opts ...addOpt) error { + _ = getOptions(opts...) + w.mu.Lock() w.userWatches[name] = struct{}{} w.mu.Unlock() @@ -281,9 +327,19 @@ func (w *Watcher) Add(name string) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. +// +// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { + return w.remove(name, true) +} + +func (w *Watcher) remove(name string, unwatchFiles bool) error { name = filepath.Clean(name) w.mu.Lock() + if w.isClosed { + w.mu.Unlock() + return nil + } watchfd, ok := w.watches[name] w.mu.Unlock() if !ok { @@ -315,7 +371,7 @@ func (w *Watcher) Remove(name string) error { w.mu.Unlock() // Find all watched paths that are in this directory that are not external. - if isDir { + if unwatchFiles && isDir { var pathsToRemove []string w.mu.Lock() for fd := range w.watchesByDir[name] { @@ -326,20 +382,25 @@ func (w *Watcher) Remove(name string) error { } w.mu.Unlock() for _, name := range pathsToRemove { - // Since these are internal, not much sense in propagating error - // to the user, as that will just confuse them with an error about - // a path they did not explicitly watch themselves. + // Since these are internal, not much sense in propagating error to + // the user, as that will just confuse them with an error about a + // path they did not explicitly watch themselves. w.Remove(name) } } - return nil } -// WatchList returns all paths added with [Add] (and are not yet removed). +// WatchList returns all paths explicitly added with [Watcher.Add] (and are not +// yet removed). +// +// Returns nil if [Watcher.Close] was called. func (w *Watcher) WatchList() []string { w.mu.Lock() defer w.mu.Unlock() + if w.isClosed { + return nil + } entries := make([]string, 0, len(w.userWatches)) for pathname := range w.userWatches { @@ -352,18 +413,18 @@ func (w *Watcher) WatchList() []string { // Watch all events (except NOTE_EXTEND, NOTE_LINK, NOTE_REVOKE) const noteAllEvents = unix.NOTE_DELETE | unix.NOTE_WRITE | unix.NOTE_ATTRIB | unix.NOTE_RENAME -// addWatch adds name to the watched file set. -// The flags are interpreted as described in kevent(2). -// Returns the real path to the file which was added, if any, which may be different from the one passed in the case of symlinks. +// addWatch adds name to the watched file set; the flags are interpreted as +// described in kevent(2). +// +// Returns the real path to the file which was added, with symlinks resolved. func (w *Watcher) addWatch(name string, flags uint32) (string, error) { var isDir bool - // Make ./name and name equivalent name = filepath.Clean(name) w.mu.Lock() if w.isClosed { w.mu.Unlock() - return "", errors.New("kevent instance already closed") + return "", ErrClosed } watchfd, alreadyWatching := w.watches[name] // We already have a watch, but we can still override flags. @@ -383,27 +444,30 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { return "", nil } - // Follow Symlinks - // - // Linux can add unresolvable symlinks to the watch list without issue, - // and Windows can't do symlinks period. To maintain consistency, we - // will act like everything is fine if the link can't be resolved. - // There will simply be no file events for broken symlinks. Hence the - // returns of nil on errors. + // Follow Symlinks. if fi.Mode()&os.ModeSymlink == os.ModeSymlink { - name, err = filepath.EvalSymlinks(name) + link, err := os.Readlink(name) if err != nil { + // Return nil because Linux can add unresolvable symlinks to the + // watch list without problems, so maintain consistency with + // that. There will be no file events for broken symlinks. + // TODO: more specific check; returns os.PathError; ENOENT? return "", nil } w.mu.Lock() - _, alreadyWatching = w.watches[name] + _, alreadyWatching = w.watches[link] w.mu.Unlock() if alreadyWatching { - return name, nil + // Add to watches so we don't get spurious Create events later + // on when we diff the directories. + w.watches[name] = 0 + w.fileExists[name] = struct{}{} + return link, nil } + name = link fi, err = os.Lstat(name) if err != nil { return "", nil @@ -411,7 +475,7 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { } // Retry on EINTR; open() can return EINTR in practice on macOS. - // See #354, and go issues 11180 and 39237. + // See #354, and Go issues 11180 and 39237. for { watchfd, err = unix.Open(name, openMode, 0) if err == nil { @@ -444,14 +508,13 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { w.watchesByDir[parentName] = watchesByDir } watchesByDir[watchfd] = struct{}{} - w.paths[watchfd] = pathInfo{name: name, isDir: isDir} w.mu.Unlock() } if isDir { - // Watch the directory if it has not been watched before, - // or if it was watched before, but perhaps only a NOTE_DELETE (watchDirectoryFiles) + // Watch the directory if it has not been watched before, or if it was + // watched before, but perhaps only a NOTE_DELETE (watchDirectoryFiles) w.mu.Lock() watchDir := (flags&unix.NOTE_WRITE) == unix.NOTE_WRITE && @@ -473,13 +536,10 @@ func (w *Watcher) addWatch(name string, flags uint32) (string, error) { // Event values that it sends down the Events channel. func (w *Watcher) readEvents() { defer func() { - err := unix.Close(w.kq) - if err != nil { - w.Errors <- err - } - unix.Close(w.closepipe[0]) close(w.Events) close(w.Errors) + _ = unix.Close(w.kq) + unix.Close(w.closepipe[0]) }() eventBuffer := make([]unix.Kevent_t, 10) @@ -513,18 +573,8 @@ func (w *Watcher) readEvents() { event := w.newEvent(path.name, mask) - if path.isDir && !event.Has(Remove) { - // Double check to make sure the directory exists. This can - // happen when we do a rm -fr on a recursively watched folders - // and we receive a modification event first but the folder has - // been deleted and later receive the delete event. - if _, err := os.Lstat(event.Name); os.IsNotExist(err) { - event.Op |= Remove - } - } - if event.Has(Rename) || event.Has(Remove) { - w.Remove(event.Name) + w.remove(event.Name, false) w.mu.Lock() delete(w.fileExists, event.Name) w.mu.Unlock() @@ -540,26 +590,30 @@ func (w *Watcher) readEvents() { } if event.Has(Remove) { - // Look for a file that may have overwritten this. - // For example, mv f1 f2 will delete f2, then create f2. + // Look for a file that may have overwritten this; for example, + // mv f1 f2 will delete f2, then create f2. if path.isDir { fileDir := filepath.Clean(event.Name) w.mu.Lock() _, found := w.watches[fileDir] w.mu.Unlock() if found { - // make sure the directory exists before we watch for changes. When we - // do a recursive watch and perform rm -fr, the parent directory might - // have gone missing, ignore the missing directory and let the - // upcoming delete event remove the watch from the parent directory. - if _, err := os.Lstat(fileDir); err == nil { - w.sendDirectoryChangeEvents(fileDir) + err := w.sendDirectoryChangeEvents(fileDir) + if err != nil { + if !w.sendError(err) { + closed = true + } } } } else { filePath := filepath.Clean(event.Name) - if fileInfo, err := os.Lstat(filePath); err == nil { - w.sendFileCreatedEventIfNew(filePath, fileInfo) + if fi, err := os.Lstat(filePath); err == nil { + err := w.sendFileCreatedEventIfNew(filePath, fi) + if err != nil { + if !w.sendError(err) { + closed = true + } + } } } } @@ -582,21 +636,31 @@ func (w *Watcher) newEvent(name string, mask uint32) Event { if mask&unix.NOTE_ATTRIB == unix.NOTE_ATTRIB { e.Op |= Chmod } + // No point sending a write and delete event at the same time: if it's gone, + // then it's gone. + if e.Op.Has(Write) && e.Op.Has(Remove) { + e.Op &^= Write + } return e } // watchDirectoryFiles to mimic inotify when adding a watch on a directory func (w *Watcher) watchDirectoryFiles(dirPath string) error { // Get all files - files, err := ioutil.ReadDir(dirPath) + files, err := os.ReadDir(dirPath) if err != nil { return err } - for _, fileInfo := range files { - path := filepath.Join(dirPath, fileInfo.Name()) + for _, f := range files { + path := filepath.Join(dirPath, f.Name()) + + fi, err := f.Info() + if err != nil { + return fmt.Errorf("%q: %w", path, err) + } - cleanPath, err := w.internalWatch(path, fileInfo) + cleanPath, err := w.internalWatch(path, fi) if err != nil { // No permission to read the file; that's not a problem: just skip. // But do add it to w.fileExists to prevent it from being picked up @@ -606,7 +670,7 @@ func (w *Watcher) watchDirectoryFiles(dirPath string) error { case errors.Is(err, unix.EACCES) || errors.Is(err, unix.EPERM): cleanPath = filepath.Clean(path) default: - return fmt.Errorf("%q: %w", filepath.Join(dirPath, fileInfo.Name()), err) + return fmt.Errorf("%q: %w", path, err) } } @@ -622,26 +686,37 @@ func (w *Watcher) watchDirectoryFiles(dirPath string) error { // // This functionality is to have the BSD watcher match the inotify, which sends // a create event for files created in a watched directory. -func (w *Watcher) sendDirectoryChangeEvents(dir string) { - // Get all files - files, err := ioutil.ReadDir(dir) +func (w *Watcher) sendDirectoryChangeEvents(dir string) error { + files, err := os.ReadDir(dir) if err != nil { - if !w.sendError(fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err)) { - return + // Directory no longer exists: we can ignore this safely. kqueue will + // still give us the correct events. + if errors.Is(err, os.ErrNotExist) { + return nil } + return fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err) } - // Search for new files - for _, fi := range files { - err := w.sendFileCreatedEventIfNew(filepath.Join(dir, fi.Name()), fi) + for _, f := range files { + fi, err := f.Info() if err != nil { - return + return fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err) + } + + err = w.sendFileCreatedEventIfNew(filepath.Join(dir, fi.Name()), fi) + if err != nil { + // Don't need to send an error if this file isn't readable. + if errors.Is(err, unix.EACCES) || errors.Is(err, unix.EPERM) { + return nil + } + return fmt.Errorf("fsnotify.sendDirectoryChangeEvents: %w", err) } } + return nil } // sendFileCreatedEvent sends a create event if the file isn't already being tracked. -func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fileInfo os.FileInfo) (err error) { +func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fi os.FileInfo) (err error) { w.mu.Lock() _, doesExist := w.fileExists[filePath] w.mu.Unlock() @@ -652,7 +727,7 @@ func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fileInfo os.FileInf } // like watchDirectoryFiles (but without doing another ReadDir) - filePath, err = w.internalWatch(filePath, fileInfo) + filePath, err = w.internalWatch(filePath, fi) if err != nil { return err } @@ -664,10 +739,10 @@ func (w *Watcher) sendFileCreatedEventIfNew(filePath string, fileInfo os.FileInf return nil } -func (w *Watcher) internalWatch(name string, fileInfo os.FileInfo) (string, error) { - if fileInfo.IsDir() { - // mimic Linux providing delete events for subdirectories - // but preserve the flags used if currently watching subdirectory +func (w *Watcher) internalWatch(name string, fi os.FileInfo) (string, error) { + if fi.IsDir() { + // mimic Linux providing delete events for subdirectories, but preserve + // the flags used if currently watching subdirectory w.mu.Lock() flags := w.dirFlags[name] w.mu.Unlock() diff --git a/vendor/github.com/fsnotify/fsnotify/backend_other.go b/vendor/github.com/fsnotify/fsnotify/backend_other.go index a9bb1c3c4d..d34a23c015 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_other.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_other.go @@ -1,39 +1,169 @@ -//go:build !darwin && !dragonfly && !freebsd && !openbsd && !linux && !netbsd && !solaris && !windows -// +build !darwin,!dragonfly,!freebsd,!openbsd,!linux,!netbsd,!solaris,!windows +//go:build appengine || (!darwin && !dragonfly && !freebsd && !openbsd && !linux && !netbsd && !solaris && !windows) +// +build appengine !darwin,!dragonfly,!freebsd,!openbsd,!linux,!netbsd,!solaris,!windows + +// Note: the documentation on the Watcher type and methods is generated from +// mkdoc.zsh package fsnotify -import ( - "fmt" - "runtime" -) +import "errors" -// Watcher watches a set of files, delivering events to a channel. -type Watcher struct{} +// Watcher watches a set of paths, delivering events on a channel. +// +// A watcher should not be copied (e.g. pass it by pointer, rather than by +// value). +// +// # Linux notes +// +// When a file is removed a Remove event won't be emitted until all file +// descriptors are closed, and deletes will always emit a Chmod. For example: +// +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove +// +// This is the event that inotify sends, so not much can be changed about this. +// +// The fs.inotify.max_user_watches sysctl variable specifies the upper limit +// for the number of watches per user, and fs.inotify.max_user_instances +// specifies the maximum number of inotify instances per user. Every Watcher you +// create is an "instance", and every path you add is a "watch". +// +// These are also exposed in /proc as /proc/sys/fs/inotify/max_user_watches and +// /proc/sys/fs/inotify/max_user_instances +// +// To increase them you can use sysctl or write the value to the /proc file: +// +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 +// +// To make the changes persist on reboot edit /etc/sysctl.conf or +// /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check +// your distro's documentation): +// +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 +// +// Reaching the limit will result in a "no space left on device" or "too many open +// files" error. +// +// # kqueue notes (macOS, BSD) +// +// kqueue requires opening a file descriptor for every file that's being watched; +// so if you're watching a directory with five files then that's six file +// descriptors. You will run in to your system's "max open files" limit faster on +// these platforms. +// +// The sysctl variables kern.maxfiles and kern.maxfilesperproc can be used to +// control the maximum number of open files, as well as /etc/login.conf on BSD +// systems. +// +// # Windows notes +// +// Paths can be added as "C:\path\to\dir", but forward slashes +// ("C:/path/to/dir") will also work. +// +// When a watched directory is removed it will always send an event for the +// directory itself, but may not send events for all files in that directory. +// Sometimes it will send events for all times, sometimes it will send no +// events, and often only for some files. +// +// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest +// value that is guaranteed to work with SMB filesystems. If you have many +// events in quick succession this may not be enough, and you will have to use +// [WithBufferSize] to increase the value. +type Watcher struct { + // Events sends the filesystem change events. + // + // fsnotify can send the following events; a "path" here can refer to a + // file, directory, symbolic link, or special file like a FIFO. + // + // fsnotify.Create A new path was created; this may be followed by one + // or more Write events if data also gets written to a + // file. + // + // fsnotify.Remove A path was removed. + // + // fsnotify.Rename A path was renamed. A rename is always sent with the + // old path as Event.Name, and a Create event will be + // sent with the new name. Renames are only sent for + // paths that are currently watched; e.g. moving an + // unmonitored file into a monitored directory will + // show up as just a Create. Similarly, renaming a file + // to outside a monitored directory will show up as + // only a Rename. + // + // fsnotify.Write A file or named pipe was written to. A Truncate will + // also trigger a Write. A single "write action" + // initiated by the user may show up as one or multiple + // writes, depending on when the system syncs things to + // disk. For example when compiling a large Go program + // you may get hundreds of Write events, and you may + // want to wait until you've stopped receiving them + // (see the dedup example in cmd/fsnotify). + // + // Some systems may send Write event for directories + // when the directory content changes. + // + // fsnotify.Chmod Attributes were changed. On Linux this is also sent + // when a file is removed (or more accurately, when a + // link to an inode is removed). On kqueue it's sent + // when a file is truncated. On Windows it's never + // sent. + Events chan Event + + // Errors sends any errors. + // + // ErrEventOverflow is used to indicate there are too many events: + // + // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) + // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. + // - kqueue, fen: Not used. + Errors chan error +} // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { - return nil, fmt.Errorf("fsnotify not supported on %s", runtime.GOOS) + return nil, errors.New("fsnotify not supported on the current platform") } -// Close removes all watches and closes the events channel. -func (w *Watcher) Close() error { - return nil -} +// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events +// channel. +// +// The main use case for this is situations with a very large number of events +// where the kernel buffer size can't be increased (e.g. due to lack of +// permissions). An unbuffered Watcher will perform better for almost all use +// cases, and whenever possible you will be better off increasing the kernel +// buffers instead of adding a large userspace buffer. +func NewBufferedWatcher(sz uint) (*Watcher, error) { return NewWatcher() } + +// Close removes all watches and closes the Events channel. +func (w *Watcher) Close() error { return nil } + +// WatchList returns all paths explicitly added with [Watcher.Add] (and are not +// yet removed). +// +// Returns nil if [Watcher.Close] was called. +func (w *Watcher) WatchList() []string { return nil } // Add starts monitoring the path for changes. // -// A path can only be watched once; attempting to watch it more than once will -// return an error. Paths that do not yet exist on the filesystem cannot be -// added. A watch will be automatically removed if the path is deleted. +// A path can only be watched once; watching it more than once is a no-op and will +// not return an error. Paths that do not yet exist on the filesystem cannot be +// watched. // -// A path will remain watched if it gets renamed to somewhere else on the same -// filesystem, but the monitor will get removed if the path gets deleted and -// re-created, or if it's moved to a different filesystem. +// A watch will be automatically removed if the watched path is deleted or +// renamed. The exception is the Windows backend, which doesn't remove the +// watcher on renames. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // +// Returns [ErrClosed] if [Watcher.Close] was called. +// +// See [Watcher.AddWith] for a version that allows adding options. +// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -43,17 +173,26 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many tools update files atomically. Instead of "just" writing -// to the file a temporary file will be written to first, and if successful the -// temporary file is moved to to destination removing the original, or some -// variant thereof. The watcher on the original file is now lost, as it no -// longer exists. -// -// Instead, watch the parent directory and use Event.Name to filter out files -// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. -func (w *Watcher) Add(name string) error { - return nil -} +// recommended as many programs (especially editors) update files atomically: it +// will write to a temporary file which is then moved to to destination, +// overwriting the original (or some variant thereof). The watcher on the +// original file is now lost, as that no longer exists. +// +// The upshot of this is that a power failure or crash won't leave a +// half-written file. +// +// Watch the parent directory and use Event.Name to filter out files you're not +// interested in. There is an example of this in cmd/fsnotify/file.go. +func (w *Watcher) Add(name string) error { return nil } + +// AddWith is like [Watcher.Add], but allows adding options. When using Add() +// the defaults described below are used. +// +// Possible options are: +// +// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on +// other platforms. The default is 64K (65536 bytes). +func (w *Watcher) AddWith(name string, opts ...addOpt) error { return nil } // Remove stops monitoring the path for changes. // @@ -61,6 +200,6 @@ func (w *Watcher) Add(name string) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. -func (w *Watcher) Remove(name string) error { - return nil -} +// +// Returns nil if [Watcher.Close] was called. +func (w *Watcher) Remove(name string) error { return nil } diff --git a/vendor/github.com/fsnotify/fsnotify/backend_windows.go b/vendor/github.com/fsnotify/fsnotify/backend_windows.go index ae392867c0..9bc91e5d61 100644 --- a/vendor/github.com/fsnotify/fsnotify/backend_windows.go +++ b/vendor/github.com/fsnotify/fsnotify/backend_windows.go @@ -1,6 +1,13 @@ //go:build windows // +build windows +// Windows backend based on ReadDirectoryChangesW() +// +// https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-readdirectorychangesw +// +// Note: the documentation on the Watcher type and methods is generated from +// mkdoc.zsh + package fsnotify import ( @@ -27,9 +34,9 @@ import ( // When a file is removed a Remove event won't be emitted until all file // descriptors are closed, and deletes will always emit a Chmod. For example: // -// fp := os.Open("file") -// os.Remove("file") // Triggers Chmod -// fp.Close() // Triggers Remove +// fp := os.Open("file") +// os.Remove("file") // Triggers Chmod +// fp.Close() // Triggers Remove // // This is the event that inotify sends, so not much can be changed about this. // @@ -43,16 +50,16 @@ import ( // // To increase them you can use sysctl or write the value to the /proc file: // -// # Default values on Linux 5.18 -// sysctl fs.inotify.max_user_watches=124983 -// sysctl fs.inotify.max_user_instances=128 +// # Default values on Linux 5.18 +// sysctl fs.inotify.max_user_watches=124983 +// sysctl fs.inotify.max_user_instances=128 // // To make the changes persist on reboot edit /etc/sysctl.conf or // /usr/lib/sysctl.d/50-default.conf (details differ per Linux distro; check // your distro's documentation): // -// fs.inotify.max_user_watches=124983 -// fs.inotify.max_user_instances=128 +// fs.inotify.max_user_watches=124983 +// fs.inotify.max_user_instances=128 // // Reaching the limit will result in a "no space left on device" or "too many open // files" error. @@ -68,14 +75,20 @@ import ( // control the maximum number of open files, as well as /etc/login.conf on BSD // systems. // -// # macOS notes +// # Windows notes // -// Spotlight indexing on macOS can result in multiple events (see [#15]). A -// temporary workaround is to add your folder(s) to the "Spotlight Privacy -// Settings" until we have a native FSEvents implementation (see [#11]). +// Paths can be added as "C:\path\to\dir", but forward slashes +// ("C:/path/to/dir") will also work. // -// [#11]: https://github.com/fsnotify/fsnotify/issues/11 -// [#15]: https://github.com/fsnotify/fsnotify/issues/15 +// When a watched directory is removed it will always send an event for the +// directory itself, but may not send events for all files in that directory. +// Sometimes it will send events for all times, sometimes it will send no +// events, and often only for some files. +// +// The default ReadDirectoryChangesW() buffer size is 64K, which is the largest +// value that is guaranteed to work with SMB filesystems. If you have many +// events in quick succession this may not be enough, and you will have to use +// [WithBufferSize] to increase the value. type Watcher struct { // Events sends the filesystem change events. // @@ -102,31 +115,52 @@ type Watcher struct { // initiated by the user may show up as one or multiple // writes, depending on when the system syncs things to // disk. For example when compiling a large Go program - // you may get hundreds of Write events, so you - // probably want to wait until you've stopped receiving - // them (see the dedup example in cmd/fsnotify). + // you may get hundreds of Write events, and you may + // want to wait until you've stopped receiving them + // (see the dedup example in cmd/fsnotify). + // + // Some systems may send Write event for directories + // when the directory content changes. // // fsnotify.Chmod Attributes were changed. On Linux this is also sent // when a file is removed (or more accurately, when a // link to an inode is removed). On kqueue it's sent - // and on kqueue when a file is truncated. On Windows - // it's never sent. + // when a file is truncated. On Windows it's never + // sent. Events chan Event // Errors sends any errors. + // + // ErrEventOverflow is used to indicate there are too many events: + // + // - inotify: There are too many queued events (fs.inotify.max_queued_events sysctl) + // - windows: The buffer size is too small; WithBufferSize() can be used to increase it. + // - kqueue, fen: Not used. Errors chan error port windows.Handle // Handle to completion port input chan *input // Inputs to the reader are sent on this channel quit chan chan<- error - mu sync.Mutex // Protects access to watches, isClosed - watches watchMap // Map of watches (key: i-number) - isClosed bool // Set to true when Close() is first called + mu sync.Mutex // Protects access to watches, closed + watches watchMap // Map of watches (key: i-number) + closed bool // Set to true when Close() is first called } // NewWatcher creates a new Watcher. func NewWatcher() (*Watcher, error) { + return NewBufferedWatcher(50) +} + +// NewBufferedWatcher creates a new Watcher with a buffered Watcher.Events +// channel. +// +// The main use case for this is situations with a very large number of events +// where the kernel buffer size can't be increased (e.g. due to lack of +// permissions). An unbuffered Watcher will perform better for almost all use +// cases, and whenever possible you will be better off increasing the kernel +// buffers instead of adding a large userspace buffer. +func NewBufferedWatcher(sz uint) (*Watcher, error) { port, err := windows.CreateIoCompletionPort(windows.InvalidHandle, 0, 0, 0) if err != nil { return nil, os.NewSyscallError("CreateIoCompletionPort", err) @@ -135,7 +169,7 @@ func NewWatcher() (*Watcher, error) { port: port, watches: make(watchMap), input: make(chan *input, 1), - Events: make(chan Event, 50), + Events: make(chan Event, sz), Errors: make(chan error), quit: make(chan chan<- error, 1), } @@ -143,6 +177,12 @@ func NewWatcher() (*Watcher, error) { return w, nil } +func (w *Watcher) isClosed() bool { + w.mu.Lock() + defer w.mu.Unlock() + return w.closed +} + func (w *Watcher) sendEvent(name string, mask uint64) bool { if mask == 0 { return false @@ -167,14 +207,14 @@ func (w *Watcher) sendError(err error) bool { return false } -// Close removes all watches and closes the events channel. +// Close removes all watches and closes the Events channel. func (w *Watcher) Close() error { - w.mu.Lock() - if w.isClosed { - w.mu.Unlock() + if w.isClosed() { return nil } - w.isClosed = true + + w.mu.Lock() + w.closed = true w.mu.Unlock() // Send "quit" message to the reader goroutine @@ -188,17 +228,21 @@ func (w *Watcher) Close() error { // Add starts monitoring the path for changes. // -// A path can only be watched once; attempting to watch it more than once will -// return an error. Paths that do not yet exist on the filesystem cannot be -// added. A watch will be automatically removed if the path is deleted. +// A path can only be watched once; watching it more than once is a no-op and will +// not return an error. Paths that do not yet exist on the filesystem cannot be +// watched. // -// A path will remain watched if it gets renamed to somewhere else on the same -// filesystem, but the monitor will get removed if the path gets deleted and -// re-created, or if it's moved to a different filesystem. +// A watch will be automatically removed if the watched path is deleted or +// renamed. The exception is the Windows backend, which doesn't remove the +// watcher on renames. // // Notifications on network filesystems (NFS, SMB, FUSE, etc.) or special // filesystems (/proc, /sys, etc.) generally don't work. // +// Returns [ErrClosed] if [Watcher.Close] was called. +// +// See [Watcher.AddWith] for a version that allows adding options. +// // # Watching directories // // All files in a directory are monitored, including new files that are created @@ -208,27 +252,41 @@ func (w *Watcher) Close() error { // # Watching files // // Watching individual files (rather than directories) is generally not -// recommended as many tools update files atomically. Instead of "just" writing -// to the file a temporary file will be written to first, and if successful the -// temporary file is moved to to destination removing the original, or some -// variant thereof. The watcher on the original file is now lost, as it no -// longer exists. -// -// Instead, watch the parent directory and use Event.Name to filter out files -// you're not interested in. There is an example of this in [cmd/fsnotify/file.go]. -func (w *Watcher) Add(name string) error { - w.mu.Lock() - if w.isClosed { - w.mu.Unlock() - return errors.New("watcher already closed") +// recommended as many programs (especially editors) update files atomically: it +// will write to a temporary file which is then moved to to destination, +// overwriting the original (or some variant thereof). The watcher on the +// original file is now lost, as that no longer exists. +// +// The upshot of this is that a power failure or crash won't leave a +// half-written file. +// +// Watch the parent directory and use Event.Name to filter out files you're not +// interested in. There is an example of this in cmd/fsnotify/file.go. +func (w *Watcher) Add(name string) error { return w.AddWith(name) } + +// AddWith is like [Watcher.Add], but allows adding options. When using Add() +// the defaults described below are used. +// +// Possible options are: +// +// - [WithBufferSize] sets the buffer size for the Windows backend; no-op on +// other platforms. The default is 64K (65536 bytes). +func (w *Watcher) AddWith(name string, opts ...addOpt) error { + if w.isClosed() { + return ErrClosed + } + + with := getOptions(opts...) + if with.bufsize < 4096 { + return fmt.Errorf("fsnotify.WithBufferSize: buffer size cannot be smaller than 4096 bytes") } - w.mu.Unlock() in := &input{ - op: opAddWatch, - path: filepath.Clean(name), - flags: sysFSALLEVENTS, - reply: make(chan error), + op: opAddWatch, + path: filepath.Clean(name), + flags: sysFSALLEVENTS, + reply: make(chan error), + bufsize: with.bufsize, } w.input <- in if err := w.wakeupReader(); err != nil { @@ -243,7 +301,13 @@ func (w *Watcher) Add(name string) error { // /tmp/dir and /tmp/dir/subdir then you will need to remove both. // // Removing a path that has not yet been added returns [ErrNonExistentWatch]. +// +// Returns nil if [Watcher.Close] was called. func (w *Watcher) Remove(name string) error { + if w.isClosed() { + return nil + } + in := &input{ op: opRemoveWatch, path: filepath.Clean(name), @@ -256,8 +320,15 @@ func (w *Watcher) Remove(name string) error { return <-in.reply } -// WatchList returns all paths added with [Add] (and are not yet removed). +// WatchList returns all paths explicitly added with [Watcher.Add] (and are not +// yet removed). +// +// Returns nil if [Watcher.Close] was called. func (w *Watcher) WatchList() []string { + if w.isClosed() { + return nil + } + w.mu.Lock() defer w.mu.Unlock() @@ -279,7 +350,6 @@ func (w *Watcher) WatchList() []string { // This should all be removed at some point, and just use windows.FILE_NOTIFY_* const ( sysFSALLEVENTS = 0xfff - sysFSATTRIB = 0x4 sysFSCREATE = 0x100 sysFSDELETE = 0x200 sysFSDELETESELF = 0x400 @@ -305,9 +375,6 @@ func (w *Watcher) newEvent(name string, mask uint32) Event { if mask&sysFSMOVE == sysFSMOVE || mask&sysFSMOVESELF == sysFSMOVESELF || mask&sysFSMOVEDFROM == sysFSMOVEDFROM { e.Op |= Rename } - if mask&sysFSATTRIB == sysFSATTRIB { - e.Op |= Chmod - } return e } @@ -321,10 +388,11 @@ const ( ) type input struct { - op int - path string - flags uint32 - reply chan error + op int + path string + flags uint32 + bufsize int + reply chan error } type inode struct { @@ -334,13 +402,14 @@ type inode struct { } type watch struct { - ov windows.Overlapped - ino *inode // i-number - path string // Directory path - mask uint64 // Directory itself is being watched with these notify flags - names map[string]uint64 // Map of names being watched and their notify flags - rename string // Remembers the old name while renaming a file - buf [65536]byte // 64K buffer + ov windows.Overlapped + ino *inode // i-number + recurse bool // Recursive watch? + path string // Directory path + mask uint64 // Directory itself is being watched with these notify flags + names map[string]uint64 // Map of names being watched and their notify flags + rename string // Remembers the old name while renaming a file + buf []byte // buffer, allocated later } type ( @@ -413,7 +482,10 @@ func (m watchMap) set(ino *inode, watch *watch) { } // Must run within the I/O thread. -func (w *Watcher) addWatch(pathname string, flags uint64) error { +func (w *Watcher) addWatch(pathname string, flags uint64, bufsize int) error { + //pathname, recurse := recursivePath(pathname) + recurse := false + dir, err := w.getDir(pathname) if err != nil { return err @@ -433,9 +505,11 @@ func (w *Watcher) addWatch(pathname string, flags uint64) error { return os.NewSyscallError("CreateIoCompletionPort", err) } watchEntry = &watch{ - ino: ino, - path: dir, - names: make(map[string]uint64), + ino: ino, + path: dir, + names: make(map[string]uint64), + recurse: recurse, + buf: make([]byte, bufsize), } w.mu.Lock() w.watches.set(ino, watchEntry) @@ -465,6 +539,8 @@ func (w *Watcher) addWatch(pathname string, flags uint64) error { // Must run within the I/O thread. func (w *Watcher) remWatch(pathname string) error { + pathname, recurse := recursivePath(pathname) + dir, err := w.getDir(pathname) if err != nil { return err @@ -478,6 +554,10 @@ func (w *Watcher) remWatch(pathname string) error { watch := w.watches.get(ino) w.mu.Unlock() + if recurse && !watch.recurse { + return fmt.Errorf("can't use \\... with non-recursive watch %q", pathname) + } + err = windows.CloseHandle(ino.handle) if err != nil { w.sendError(os.NewSyscallError("CloseHandle", err)) @@ -535,8 +615,11 @@ func (w *Watcher) startRead(watch *watch) error { return nil } - rdErr := windows.ReadDirectoryChanges(watch.ino.handle, &watch.buf[0], - uint32(unsafe.Sizeof(watch.buf)), false, mask, nil, &watch.ov, 0) + // We need to pass the array, rather than the slice. + hdr := (*reflect.SliceHeader)(unsafe.Pointer(&watch.buf)) + rdErr := windows.ReadDirectoryChanges(watch.ino.handle, + (*byte)(unsafe.Pointer(hdr.Data)), uint32(hdr.Len), + watch.recurse, mask, nil, &watch.ov, 0) if rdErr != nil { err := os.NewSyscallError("ReadDirectoryChanges", rdErr) if rdErr == windows.ERROR_ACCESS_DENIED && watch.mask&provisional == 0 { @@ -563,9 +646,8 @@ func (w *Watcher) readEvents() { runtime.LockOSThread() for { + // This error is handled after the watch == nil check below. qErr := windows.GetQueuedCompletionStatus(w.port, &n, &key, &ov, windows.INFINITE) - // This error is handled after the watch == nil check below. NOTE: this - // seems odd, note sure if it's correct. watch := (*watch)(unsafe.Pointer(ov)) if watch == nil { @@ -595,7 +677,7 @@ func (w *Watcher) readEvents() { case in := <-w.input: switch in.op { case opAddWatch: - in.reply <- w.addWatch(in.path, uint64(in.flags)) + in.reply <- w.addWatch(in.path, uint64(in.flags), in.bufsize) case opRemoveWatch: in.reply <- w.remWatch(in.path) } @@ -605,6 +687,8 @@ func (w *Watcher) readEvents() { } switch qErr { + case nil: + // No error case windows.ERROR_MORE_DATA: if watch == nil { w.sendError(errors.New("ERROR_MORE_DATA has unexpectedly null lpOverlapped buffer")) @@ -626,13 +710,12 @@ func (w *Watcher) readEvents() { default: w.sendError(os.NewSyscallError("GetQueuedCompletionPort", qErr)) continue - case nil: } var offset uint32 for { if n == 0 { - w.sendError(errors.New("short read in readEvents()")) + w.sendError(ErrEventOverflow) break } @@ -703,8 +786,9 @@ func (w *Watcher) readEvents() { // Error! if offset >= n { + //lint:ignore ST1005 Windows should be capitalized w.sendError(errors.New( - "Windows system assumed buffer larger than it is, events have likely been missed.")) + "Windows system assumed buffer larger than it is, events have likely been missed")) break } } @@ -720,9 +804,6 @@ func (w *Watcher) toWindowsFlags(mask uint64) uint32 { if mask&sysFSMODIFY != 0 { m |= windows.FILE_NOTIFY_CHANGE_LAST_WRITE } - if mask&sysFSATTRIB != 0 { - m |= windows.FILE_NOTIFY_CHANGE_ATTRIBUTES - } if mask&(sysFSMOVE|sysFSCREATE|sysFSDELETE) != 0 { m |= windows.FILE_NOTIFY_CHANGE_FILE_NAME | windows.FILE_NOTIFY_CHANGE_DIR_NAME } diff --git a/vendor/github.com/fsnotify/fsnotify/fsnotify.go b/vendor/github.com/fsnotify/fsnotify/fsnotify.go index 30a5bf0f07..24c99cc499 100644 --- a/vendor/github.com/fsnotify/fsnotify/fsnotify.go +++ b/vendor/github.com/fsnotify/fsnotify/fsnotify.go @@ -1,13 +1,18 @@ -//go:build !plan9 -// +build !plan9 - // Package fsnotify provides a cross-platform interface for file system // notifications. +// +// Currently supported systems: +// +// Linux 2.6.32+ via inotify +// BSD, macOS via kqueue +// Windows via ReadDirectoryChangesW +// illumos via FEN package fsnotify import ( "errors" "fmt" + "path/filepath" "strings" ) @@ -33,34 +38,52 @@ type Op uint32 // The operations fsnotify can trigger; see the documentation on [Watcher] for a // full description, and check them with [Event.Has]. const ( + // A new pathname was created. Create Op = 1 << iota + + // The pathname was written to; this does *not* mean the write has finished, + // and a write can be followed by more writes. Write + + // The path was removed; any watches on it will be removed. Some "remove" + // operations may trigger a Rename if the file is actually moved (for + // example "remove to trash" is often a rename). Remove + + // The path was renamed to something else; any watched on it will be + // removed. Rename + + // File attributes were changed. + // + // It's generally not recommended to take action on this event, as it may + // get triggered very frequently by some software. For example, Spotlight + // indexing on macOS, anti-virus software, backup software, etc. Chmod ) -// Common errors that can be reported by a watcher +// Common errors that can be reported. var ( - ErrNonExistentWatch = errors.New("can't remove non-existent watcher") - ErrEventOverflow = errors.New("fsnotify queue overflow") + ErrNonExistentWatch = errors.New("fsnotify: can't remove non-existent watch") + ErrEventOverflow = errors.New("fsnotify: queue or buffer overflow") + ErrClosed = errors.New("fsnotify: watcher already closed") ) -func (op Op) String() string { +func (o Op) String() string { var b strings.Builder - if op.Has(Create) { + if o.Has(Create) { b.WriteString("|CREATE") } - if op.Has(Remove) { + if o.Has(Remove) { b.WriteString("|REMOVE") } - if op.Has(Write) { + if o.Has(Write) { b.WriteString("|WRITE") } - if op.Has(Rename) { + if o.Has(Rename) { b.WriteString("|RENAME") } - if op.Has(Chmod) { + if o.Has(Chmod) { b.WriteString("|CHMOD") } if b.Len() == 0 { @@ -70,7 +93,7 @@ func (op Op) String() string { } // Has reports if this operation has the given operation. -func (o Op) Has(h Op) bool { return o&h == h } +func (o Op) Has(h Op) bool { return o&h != 0 } // Has reports if this event has the given operation. func (e Event) Has(op Op) bool { return e.Op.Has(op) } @@ -79,3 +102,45 @@ func (e Event) Has(op Op) bool { return e.Op.Has(op) } func (e Event) String() string { return fmt.Sprintf("%-13s %q", e.Op.String(), e.Name) } + +type ( + addOpt func(opt *withOpts) + withOpts struct { + bufsize int + } +) + +var defaultOpts = withOpts{ + bufsize: 65536, // 64K +} + +func getOptions(opts ...addOpt) withOpts { + with := defaultOpts + for _, o := range opts { + o(&with) + } + return with +} + +// WithBufferSize sets the [ReadDirectoryChangesW] buffer size. +// +// This only has effect on Windows systems, and is a no-op for other backends. +// +// The default value is 64K (65536 bytes) which is the highest value that works +// on all filesystems and should be enough for most applications, but if you +// have a large burst of events it may not be enough. You can increase it if +// you're hitting "queue or buffer overflow" errors ([ErrEventOverflow]). +// +// [ReadDirectoryChangesW]: https://learn.microsoft.com/en-gb/windows/win32/api/winbase/nf-winbase-readdirectorychangesw +func WithBufferSize(bytes int) addOpt { + return func(opt *withOpts) { opt.bufsize = bytes } +} + +// Check if this path is recursive (ends with "/..." or "\..."), and return the +// path with the /... stripped. +func recursivePath(path string) (string, bool) { + if filepath.Base(path) == "..." { + return filepath.Dir(path), true + } + return path, false +} diff --git a/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh b/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh index b09ef76834..99012ae653 100644 --- a/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh +++ b/vendor/github.com/fsnotify/fsnotify/mkdoc.zsh @@ -2,8 +2,8 @@ [ "${ZSH_VERSION:-}" = "" ] && echo >&2 "Only works with zsh" && exit 1 setopt err_exit no_unset pipefail extended_glob -# Simple script to update the godoc comments on all watchers. Probably took me -# more time to write this than doing it manually, but ah well 🙃 +# Simple script to update the godoc comments on all watchers so you don't need +# to update the same comment 5 times. watcher=$(<_ACTIVE_HELP where is the name of the root command in upper -// case, with all - replaced by _. +// case, with all non-ASCII-alphanumeric characters replaced by `_`. // It will always return "0" if the global environment variable COBRA_ACTIVE_HELP // is set to "0". func GetActiveHelpConfig(cmd *Command) string { @@ -55,9 +58,10 @@ func GetActiveHelpConfig(cmd *Command) string { // activeHelpEnvVar returns the name of the program-specific ActiveHelp environment // variable. It has the format _ACTIVE_HELP where is the name of the -// root command in upper case, with all - replaced by _. +// root command in upper case, with all non-ASCII-alphanumeric characters replaced by `_`. func activeHelpEnvVar(name string) string { // This format should not be changed: users will be using it explicitly. activeHelpEnvVar := strings.ToUpper(fmt.Sprintf("%s%s", name, activeHelpEnvVarSuffix)) - return strings.ReplaceAll(activeHelpEnvVar, "-", "_") + activeHelpEnvVar = activeHelpEnvVarPrefixSubstRegexp.ReplaceAllString(activeHelpEnvVar, "_") + return activeHelpEnvVar } diff --git a/vendor/github.com/spf13/cobra/active_help.md b/vendor/github.com/spf13/cobra/active_help.md deleted file mode 100644 index 5e7f59af38..0000000000 --- a/vendor/github.com/spf13/cobra/active_help.md +++ /dev/null @@ -1,157 +0,0 @@ -# Active Help - -Active Help is a framework provided by Cobra which allows a program to define messages (hints, warnings, etc) that will be printed during program usage. It aims to make it easier for your users to learn how to use your program. If configured by the program, Active Help is printed when the user triggers shell completion. - -For example, -``` -bash-5.1$ helm repo add [tab] -You must choose a name for the repo you are adding. - -bash-5.1$ bin/helm package [tab] -Please specify the path to the chart to package - -bash-5.1$ bin/helm package [tab][tab] -bin/ internal/ scripts/ pkg/ testdata/ -``` - -**Hint**: A good place to use Active Help messages is when the normal completion system does not provide any suggestions. In such cases, Active Help nicely supplements the normal shell completions to guide the user in knowing what is expected by the program. -## Supported shells - -Active Help is currently only supported for the following shells: -- Bash (using [bash completion V2](shell_completions.md#bash-completion-v2) only). Note that bash 4.4 or higher is required for the prompt to appear when an Active Help message is printed. -- Zsh - -## Adding Active Help messages - -As Active Help uses the shell completion system, the implementation of Active Help messages is done by enhancing custom dynamic completions. If you are not familiar with dynamic completions, please refer to [Shell Completions](shell_completions.md). - -Adding Active Help is done through the use of the `cobra.AppendActiveHelp(...)` function, where the program repeatedly adds Active Help messages to the list of completions. Keep reading for details. - -### Active Help for nouns - -Adding Active Help when completing a noun is done within the `ValidArgsFunction(...)` of a command. Please notice the use of `cobra.AppendActiveHelp(...)` in the following example: - -```go -cmd := &cobra.Command{ - Use: "add [NAME] [URL]", - Short: "add a chart repository", - Args: require.ExactArgs(2), - RunE: func(cmd *cobra.Command, args []string) error { - return addRepo(args) - }, - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - var comps []string - if len(args) == 0 { - comps = cobra.AppendActiveHelp(comps, "You must choose a name for the repo you are adding") - } else if len(args) == 1 { - comps = cobra.AppendActiveHelp(comps, "You must specify the URL for the repo you are adding") - } else { - comps = cobra.AppendActiveHelp(comps, "This command does not take any more arguments") - } - return comps, cobra.ShellCompDirectiveNoFileComp - }, -} -``` -The example above defines the completions (none, in this specific example) as well as the Active Help messages for the `helm repo add` command. It yields the following behavior: -``` -bash-5.1$ helm repo add [tab] -You must choose a name for the repo you are adding - -bash-5.1$ helm repo add grafana [tab] -You must specify the URL for the repo you are adding - -bash-5.1$ helm repo add grafana https://grafana.github.io/helm-charts [tab] -This command does not take any more arguments -``` -**Hint**: As can be seen in the above example, a good place to use Active Help messages is when the normal completion system does not provide any suggestions. In such cases, Active Help nicely supplements the normal shell completions. - -### Active Help for flags - -Providing Active Help for flags is done in the same fashion as for nouns, but using the completion function registered for the flag. For example: -```go -_ = cmd.RegisterFlagCompletionFunc("version", func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - if len(args) != 2 { - return cobra.AppendActiveHelp(nil, "You must first specify the chart to install before the --version flag can be completed"), cobra.ShellCompDirectiveNoFileComp - } - return compVersionFlag(args[1], toComplete) - }) -``` -The example above prints an Active Help message when not enough information was given by the user to complete the `--version` flag. -``` -bash-5.1$ bin/helm install myrelease --version 2.0.[tab] -You must first specify the chart to install before the --version flag can be completed - -bash-5.1$ bin/helm install myrelease bitnami/solr --version 2.0.[tab][tab] -2.0.1 2.0.2 2.0.3 -``` - -## User control of Active Help - -You may want to allow your users to disable Active Help or choose between different levels of Active Help. It is entirely up to the program to define the type of configurability of Active Help that it wants to offer, if any. -Allowing to configure Active Help is entirely optional; you can use Active Help in your program without doing anything about Active Help configuration. - -The way to configure Active Help is to use the program's Active Help environment -variable. That variable is named `_ACTIVE_HELP` where `` is the name of your -program in uppercase with any `-` replaced by an `_`. The variable should be set by the user to whatever -Active Help configuration values are supported by the program. - -For example, say `helm` has chosen to support three levels for Active Help: `on`, `off`, `local`. Then a user -would set the desired behavior to `local` by doing `export HELM_ACTIVE_HELP=local` in their shell. - -For simplicity, when in `cmd.ValidArgsFunction(...)` or a flag's completion function, the program should read the -Active Help configuration using the `cobra.GetActiveHelpConfig(cmd)` function and select what Active Help messages -should or should not be added (instead of reading the environment variable directly). - -For example: -```go -ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - activeHelpLevel := cobra.GetActiveHelpConfig(cmd) - - var comps []string - if len(args) == 0 { - if activeHelpLevel != "off" { - comps = cobra.AppendActiveHelp(comps, "You must choose a name for the repo you are adding") - } - } else if len(args) == 1 { - if activeHelpLevel != "off" { - comps = cobra.AppendActiveHelp(comps, "You must specify the URL for the repo you are adding") - } - } else { - if activeHelpLevel == "local" { - comps = cobra.AppendActiveHelp(comps, "This command does not take any more arguments") - } - } - return comps, cobra.ShellCompDirectiveNoFileComp -}, -``` -**Note 1**: If the `_ACTIVE_HELP` environment variable is set to the string "0", Cobra will automatically disable all Active Help output (even if some output was specified by the program using the `cobra.AppendActiveHelp(...)` function). Using "0" can simplify your code in situations where you want to blindly disable Active Help without having to call `cobra.GetActiveHelpConfig(cmd)` explicitly. - -**Note 2**: If a user wants to disable Active Help for every single program based on Cobra, she can set the environment variable `COBRA_ACTIVE_HELP` to "0". In this case `cobra.GetActiveHelpConfig(cmd)` will return "0" no matter what the variable `_ACTIVE_HELP` is set to. - -**Note 3**: If the user does not set `_ACTIVE_HELP` or `COBRA_ACTIVE_HELP` (which will be a common case), the default value for the Active Help configuration returned by `cobra.GetActiveHelpConfig(cmd)` will be the empty string. -## Active Help with Cobra's default completion command - -Cobra provides a default `completion` command for programs that wish to use it. -When using the default `completion` command, Active Help is configurable in the same -fashion as described above using environment variables. You may wish to document this in more -details for your users. - -## Debugging Active Help - -Debugging your Active Help code is done in the same way as debugging your dynamic completion code, which is with Cobra's hidden `__complete` command. Please refer to [debugging shell completion](shell_completions.md#debugging) for details. - -When debugging with the `__complete` command, if you want to specify different Active Help configurations, you should use the active help environment variable. That variable is named `_ACTIVE_HELP` where any `-` is replaced by an `_`. For example, we can test deactivating some Active Help as shown below: -``` -$ HELM_ACTIVE_HELP=1 bin/helm __complete install wordpress bitnami/h -bitnami/haproxy -bitnami/harbor -_activeHelp_ WARNING: cannot re-use a name that is still in use -:0 -Completion ended with directive: ShellCompDirectiveDefault - -$ HELM_ACTIVE_HELP=0 bin/helm __complete install wordpress bitnami/h -bitnami/haproxy -bitnami/harbor -:0 -Completion ended with directive: ShellCompDirectiveDefault -``` diff --git a/vendor/github.com/spf13/cobra/bash_completions.go b/vendor/github.com/spf13/cobra/bash_completions.go index 10c78847de..8a53151840 100644 --- a/vendor/github.com/spf13/cobra/bash_completions.go +++ b/vendor/github.com/spf13/cobra/bash_completions.go @@ -85,7 +85,7 @@ __%[1]s_handle_go_custom_completion() local out requestComp lastParam lastChar comp directive args # Prepare the command to request completions for the program. - # Calling ${words[0]} instead of directly %[1]s allows to handle aliases + # Calling ${words[0]} instead of directly %[1]s allows handling aliases args=("${words[@]:1}") # Disable ActiveHelp which is not supported for bash completion v1 requestComp="%[8]s=0 ${words[0]} %[2]s ${args[*]}" diff --git a/vendor/github.com/spf13/cobra/bash_completions.md b/vendor/github.com/spf13/cobra/bash_completions.md deleted file mode 100644 index 52919b2fa6..0000000000 --- a/vendor/github.com/spf13/cobra/bash_completions.md +++ /dev/null @@ -1,93 +0,0 @@ -# Generating Bash Completions For Your cobra.Command - -Please refer to [Shell Completions](shell_completions.md) for details. - -## Bash legacy dynamic completions - -For backward compatibility, Cobra still supports its legacy dynamic completion solution (described below). Unlike the `ValidArgsFunction` solution, the legacy solution will only work for Bash shell-completion and not for other shells. This legacy solution can be used along-side `ValidArgsFunction` and `RegisterFlagCompletionFunc()`, as long as both solutions are not used for the same command. This provides a path to gradually migrate from the legacy solution to the new solution. - -**Note**: Cobra's default `completion` command uses bash completion V2. If you are currently using Cobra's legacy dynamic completion solution, you should not use the default `completion` command but continue using your own. - -The legacy solution allows you to inject bash functions into the bash completion script. Those bash functions are responsible for providing the completion choices for your own completions. - -Some code that works in kubernetes: - -```bash -const ( - bash_completion_func = `__kubectl_parse_get() -{ - local kubectl_output out - if kubectl_output=$(kubectl get --no-headers "$1" 2>/dev/null); then - out=($(echo "${kubectl_output}" | awk '{print $1}')) - COMPREPLY=( $( compgen -W "${out[*]}" -- "$cur" ) ) - fi -} - -__kubectl_get_resource() -{ - if [[ ${#nouns[@]} -eq 0 ]]; then - return 1 - fi - __kubectl_parse_get ${nouns[${#nouns[@]} -1]} - if [[ $? -eq 0 ]]; then - return 0 - fi -} - -__kubectl_custom_func() { - case ${last_command} in - kubectl_get | kubectl_describe | kubectl_delete | kubectl_stop) - __kubectl_get_resource - return - ;; - *) - ;; - esac -} -`) -``` - -And then I set that in my command definition: - -```go -cmds := &cobra.Command{ - Use: "kubectl", - Short: "kubectl controls the Kubernetes cluster manager", - Long: `kubectl controls the Kubernetes cluster manager. - -Find more information at https://github.com/GoogleCloudPlatform/kubernetes.`, - Run: runHelp, - BashCompletionFunction: bash_completion_func, -} -``` - -The `BashCompletionFunction` option is really only valid/useful on the root command. Doing the above will cause `__kubectl_custom_func()` (`___custom_func()`) to be called when the built in processor was unable to find a solution. In the case of kubernetes a valid command might look something like `kubectl get pod [mypod]`. If you type `kubectl get pod [tab][tab]` the `__kubectl_customc_func()` will run because the cobra.Command only understood "kubectl" and "get." `__kubectl_custom_func()` will see that the cobra.Command is "kubectl_get" and will thus call another helper `__kubectl_get_resource()`. `__kubectl_get_resource` will look at the 'nouns' collected. In our example the only noun will be `pod`. So it will call `__kubectl_parse_get pod`. `__kubectl_parse_get` will actually call out to kubernetes and get any pods. It will then set `COMPREPLY` to valid pods! - -Similarly, for flags: - -```go - annotation := make(map[string][]string) - annotation[cobra.BashCompCustom] = []string{"__kubectl_get_namespaces"} - - flag := &pflag.Flag{ - Name: "namespace", - Usage: usage, - Annotations: annotation, - } - cmd.Flags().AddFlag(flag) -``` - -In addition add the `__kubectl_get_namespaces` implementation in the `BashCompletionFunction` -value, e.g.: - -```bash -__kubectl_get_namespaces() -{ - local template - template="{{ range .items }}{{ .metadata.name }} {{ end }}" - local kubectl_out - if kubectl_out=$(kubectl get -o template --template="${template}" namespace 2>/dev/null); then - COMPREPLY=( $( compgen -W "${kubectl_out}[*]" -- "$cur" ) ) - fi -} -``` diff --git a/vendor/github.com/spf13/cobra/bash_completionsV2.go b/vendor/github.com/spf13/cobra/bash_completionsV2.go index 19b09560c1..1cce5c329c 100644 --- a/vendor/github.com/spf13/cobra/bash_completionsV2.go +++ b/vendor/github.com/spf13/cobra/bash_completionsV2.go @@ -57,7 +57,7 @@ __%[1]s_get_completion_results() { local requestComp lastParam lastChar args # Prepare the command to request completions for the program. - # Calling ${words[0]} instead of directly %[1]s allows to handle aliases + # Calling ${words[0]} instead of directly %[1]s allows handling aliases args=("${words[@]:1}") requestComp="${words[0]} %[2]s ${args[*]}" diff --git a/vendor/github.com/spf13/cobra/cobra.go b/vendor/github.com/spf13/cobra/cobra.go index b07b44a0ce..a6b160ce53 100644 --- a/vendor/github.com/spf13/cobra/cobra.go +++ b/vendor/github.com/spf13/cobra/cobra.go @@ -43,12 +43,13 @@ var initializers []func() var finalizers []func() const ( - defaultPrefixMatching = false - defaultCommandSorting = true - defaultCaseInsensitive = false + defaultPrefixMatching = false + defaultCommandSorting = true + defaultCaseInsensitive = false + defaultTraverseRunHooks = false ) -// EnablePrefixMatching allows to set automatic prefix matching. Automatic prefix matching can be a dangerous thing +// EnablePrefixMatching allows setting automatic prefix matching. Automatic prefix matching can be a dangerous thing // to automatically enable in CLI tools. // Set this to true to enable it. var EnablePrefixMatching = defaultPrefixMatching @@ -60,6 +61,10 @@ var EnableCommandSorting = defaultCommandSorting // EnableCaseInsensitive allows case-insensitive commands names. (case sensitive by default) var EnableCaseInsensitive = defaultCaseInsensitive +// EnableTraverseRunHooks executes persistent pre-run and post-run hooks from all parents. +// By default this is disabled, which means only the first run hook to be found is executed. +var EnableTraverseRunHooks = defaultTraverseRunHooks + // MousetrapHelpText enables an information splash screen on Windows // if the CLI is started from explorer.exe. // To disable the mousetrap, just set this variable to blank string (""). diff --git a/vendor/github.com/spf13/cobra/command.go b/vendor/github.com/spf13/cobra/command.go index 01f7c6f1c5..2fbe6c131a 100644 --- a/vendor/github.com/spf13/cobra/command.go +++ b/vendor/github.com/spf13/cobra/command.go @@ -30,7 +30,10 @@ import ( flag "github.com/spf13/pflag" ) -const FlagSetByCobraAnnotation = "cobra_annotation_flag_set_by_cobra" +const ( + FlagSetByCobraAnnotation = "cobra_annotation_flag_set_by_cobra" + CommandDisplayNameAnnotation = "cobra_annotation_command_display_name" +) // FParseErrWhitelist configures Flag parse errors to be ignored type FParseErrWhitelist flag.ParseErrorsWhitelist @@ -99,7 +102,7 @@ type Command struct { Deprecated string // Annotations are key/value pairs that can be used by applications to identify or - // group commands. + // group commands or set special options. Annotations map[string]string // Version defines the version for this command. If this value is non-empty and the command does not @@ -115,6 +118,8 @@ type Command struct { // * PostRun() // * PersistentPostRun() // All functions get the same args, the arguments after the command name. + // The *PreRun and *PostRun functions will only be executed if the Run function of the current + // command has been declared. // // PersistentPreRun: children of this command will inherit and execute. PersistentPreRun func(cmd *Command, args []string) @@ -181,6 +186,9 @@ type Command struct { // versionTemplate is the version template defined by user. versionTemplate string + // errPrefix is the error message prefix defined by user. + errPrefix string + // inReader is a reader defined by the user that replaces stdin inReader io.Reader // outWriter is a writer defined by the user that replaces stdout @@ -346,6 +354,11 @@ func (c *Command) SetVersionTemplate(s string) { c.versionTemplate = s } +// SetErrPrefix sets error message prefix to be used. Application can use it to set custom prefix. +func (c *Command) SetErrPrefix(s string) { + c.errPrefix = s +} + // SetGlobalNormalizationFunc sets a normalization function to all flag sets and also to child commands. // The user should not have a cyclic dependency on commands. func (c *Command) SetGlobalNormalizationFunc(n func(f *flag.FlagSet, name string) flag.NormalizedName) { @@ -595,6 +608,18 @@ func (c *Command) VersionTemplate() string { ` } +// ErrPrefix return error message prefix for the command +func (c *Command) ErrPrefix() string { + if c.errPrefix != "" { + return c.errPrefix + } + + if c.HasParent() { + return c.parent.ErrPrefix() + } + return "Error:" +} + func hasNoOptDefVal(name string, fs *flag.FlagSet) bool { flag := fs.Lookup(name) if flag == nil { @@ -752,7 +777,9 @@ func (c *Command) findNext(next string) *Command { } if len(matches) == 1 { - return matches[0] + // Temporarily disable gosec G602, which produces a false positive. + // See https://github.com/securego/gosec/issues/1005. + return matches[0] // #nosec G602 } return nil @@ -910,15 +937,31 @@ func (c *Command) execute(a []string) (err error) { return err } + parents := make([]*Command, 0, 5) for p := c; p != nil; p = p.Parent() { + if EnableTraverseRunHooks { + // When EnableTraverseRunHooks is set: + // - Execute all persistent pre-runs from the root parent till this command. + // - Execute all persistent post-runs from this command till the root parent. + parents = append([]*Command{p}, parents...) + } else { + // Otherwise, execute only the first found persistent hook. + parents = append(parents, p) + } + } + for _, p := range parents { if p.PersistentPreRunE != nil { if err := p.PersistentPreRunE(c, argWoFlags); err != nil { return err } - break + if !EnableTraverseRunHooks { + break + } } else if p.PersistentPreRun != nil { p.PersistentPreRun(c, argWoFlags) - break + if !EnableTraverseRunHooks { + break + } } } if c.PreRunE != nil { @@ -955,10 +998,14 @@ func (c *Command) execute(a []string) (err error) { if err := p.PersistentPostRunE(c, argWoFlags); err != nil { return err } - break + if !EnableTraverseRunHooks { + break + } } else if p.PersistentPostRun != nil { p.PersistentPostRun(c, argWoFlags) - break + if !EnableTraverseRunHooks { + break + } } } @@ -1048,7 +1095,7 @@ func (c *Command) ExecuteC() (cmd *Command, err error) { c = cmd } if !c.SilenceErrors { - c.PrintErrln("Error:", err.Error()) + c.PrintErrln(c.ErrPrefix(), err.Error()) c.PrintErrf("Run '%v --help' for usage.\n", c.CommandPath()) } return c, err @@ -1077,7 +1124,7 @@ func (c *Command) ExecuteC() (cmd *Command, err error) { // If root command has SilenceErrors flagged, // all subcommands should respect it if !cmd.SilenceErrors && !c.SilenceErrors { - c.PrintErrln("Error:", err.Error()) + c.PrintErrln(cmd.ErrPrefix(), err.Error()) } // If root command has SilenceUsage flagged, @@ -1380,6 +1427,9 @@ func (c *Command) CommandPath() string { if c.HasParent() { return c.Parent().CommandPath() + " " + c.Name() } + if displayName, ok := c.Annotations[CommandDisplayNameAnnotation]; ok { + return displayName + } return c.Name() } @@ -1402,6 +1452,7 @@ func (c *Command) UseLine() string { // DebugFlags used to determine which flags have been assigned to which commands // and which persist. +// nolint:goconst func (c *Command) DebugFlags() { c.Println("DebugFlags called on", c.Name()) var debugflags func(*Command) diff --git a/vendor/github.com/spf13/cobra/completions.go b/vendor/github.com/spf13/cobra/completions.go index ee38c4d0b8..b60f6b2000 100644 --- a/vendor/github.com/spf13/cobra/completions.go +++ b/vendor/github.com/spf13/cobra/completions.go @@ -145,6 +145,20 @@ func (c *Command) RegisterFlagCompletionFunc(flagName string, f func(cmd *Comman return nil } +// GetFlagCompletionFunc returns the completion function for the given flag of the command, if available. +func (c *Command) GetFlagCompletionFunc(flagName string) (func(*Command, []string, string) ([]string, ShellCompDirective), bool) { + flag := c.Flag(flagName) + if flag == nil { + return nil, false + } + + flagCompletionMutex.RLock() + defer flagCompletionMutex.RUnlock() + + completionFunc, exists := flagCompletionFunctions[flag] + return completionFunc, exists +} + // Returns a string listing the different directive enabled in the specified parameter func (d ShellCompDirective) string() string { var directives []string @@ -283,9 +297,13 @@ func (c *Command) getCompletions(args []string) (*Command, []string, ShellCompDi // These flags are normally added when `execute()` is called on `finalCmd`, // however, when doing completion, we don't call `finalCmd.execute()`. - // Let's add the --help and --version flag ourselves. - finalCmd.InitDefaultHelpFlag() - finalCmd.InitDefaultVersionFlag() + // Let's add the --help and --version flag ourselves but only if the finalCmd + // has not disabled flag parsing; if flag parsing is disabled, it is up to the + // finalCmd itself to handle the completion of *all* flags. + if !finalCmd.DisableFlagParsing { + finalCmd.InitDefaultHelpFlag() + finalCmd.InitDefaultVersionFlag() + } // Check if we are doing flag value completion before parsing the flags. // This is important because if we are completing a flag value, we need to also @@ -389,6 +407,11 @@ func (c *Command) getCompletions(args []string) (*Command, []string, ShellCompDi finalCmd.InheritedFlags().VisitAll(func(flag *pflag.Flag) { doCompleteFlags(flag) }) + // Try to complete non-inherited flags even if DisableFlagParsing==true. + // This allows programs to tell Cobra about flags for completion even + // if the actual parsing of flags is not done by Cobra. + // For instance, Helm uses this to provide flag name completion for + // some of its plugins. finalCmd.NonInheritedFlags().VisitAll(func(flag *pflag.Flag) { doCompleteFlags(flag) }) diff --git a/vendor/github.com/spf13/cobra/fish_completions.go b/vendor/github.com/spf13/cobra/fish_completions.go index 12ca0d2b11..12d61b6911 100644 --- a/vendor/github.com/spf13/cobra/fish_completions.go +++ b/vendor/github.com/spf13/cobra/fish_completions.go @@ -113,7 +113,7 @@ function __%[1]s_clear_perform_completion_once_result __%[1]s_debug "" __%[1]s_debug "========= clearing previously set __%[1]s_perform_completion_once_result variable ==========" set --erase __%[1]s_perform_completion_once_result - __%[1]s_debug "Succesfully erased the variable __%[1]s_perform_completion_once_result" + __%[1]s_debug "Successfully erased the variable __%[1]s_perform_completion_once_result" end function __%[1]s_requires_order_preservation diff --git a/vendor/github.com/spf13/cobra/fish_completions.md b/vendor/github.com/spf13/cobra/fish_completions.md deleted file mode 100644 index 19b2ed1293..0000000000 --- a/vendor/github.com/spf13/cobra/fish_completions.md +++ /dev/null @@ -1,4 +0,0 @@ -## Generating Fish Completions For Your cobra.Command - -Please refer to [Shell Completions](shell_completions.md) for details. - diff --git a/vendor/github.com/spf13/cobra/flag_groups.go b/vendor/github.com/spf13/cobra/flag_groups.go index b35fde1554..0671ec5f20 100644 --- a/vendor/github.com/spf13/cobra/flag_groups.go +++ b/vendor/github.com/spf13/cobra/flag_groups.go @@ -24,6 +24,7 @@ import ( const ( requiredAsGroup = "cobra_annotation_required_if_others_set" + oneRequired = "cobra_annotation_one_required" mutuallyExclusive = "cobra_annotation_mutually_exclusive" ) @@ -43,6 +44,22 @@ func (c *Command) MarkFlagsRequiredTogether(flagNames ...string) { } } +// MarkFlagsOneRequired marks the given flags with annotations so that Cobra errors +// if the command is invoked without at least one flag from the given set of flags. +func (c *Command) MarkFlagsOneRequired(flagNames ...string) { + c.mergePersistentFlags() + for _, v := range flagNames { + f := c.Flags().Lookup(v) + if f == nil { + panic(fmt.Sprintf("Failed to find flag %q and mark it as being in a one-required flag group", v)) + } + if err := c.Flags().SetAnnotation(v, oneRequired, append(f.Annotations[oneRequired], strings.Join(flagNames, " "))); err != nil { + // Only errs if the flag isn't found. + panic(err) + } + } +} + // MarkFlagsMutuallyExclusive marks the given flags with annotations so that Cobra errors // if the command is invoked with more than one flag from the given set of flags. func (c *Command) MarkFlagsMutuallyExclusive(flagNames ...string) { @@ -59,7 +76,7 @@ func (c *Command) MarkFlagsMutuallyExclusive(flagNames ...string) { } } -// ValidateFlagGroups validates the mutuallyExclusive/requiredAsGroup logic and returns the +// ValidateFlagGroups validates the mutuallyExclusive/oneRequired/requiredAsGroup logic and returns the // first error encountered. func (c *Command) ValidateFlagGroups() error { if c.DisableFlagParsing { @@ -71,15 +88,20 @@ func (c *Command) ValidateFlagGroups() error { // groupStatus format is the list of flags as a unique ID, // then a map of each flag name and whether it is set or not. groupStatus := map[string]map[string]bool{} + oneRequiredGroupStatus := map[string]map[string]bool{} mutuallyExclusiveGroupStatus := map[string]map[string]bool{} flags.VisitAll(func(pflag *flag.Flag) { processFlagForGroupAnnotation(flags, pflag, requiredAsGroup, groupStatus) + processFlagForGroupAnnotation(flags, pflag, oneRequired, oneRequiredGroupStatus) processFlagForGroupAnnotation(flags, pflag, mutuallyExclusive, mutuallyExclusiveGroupStatus) }) if err := validateRequiredFlagGroups(groupStatus); err != nil { return err } + if err := validateOneRequiredFlagGroups(oneRequiredGroupStatus); err != nil { + return err + } if err := validateExclusiveFlagGroups(mutuallyExclusiveGroupStatus); err != nil { return err } @@ -142,6 +164,27 @@ func validateRequiredFlagGroups(data map[string]map[string]bool) error { return nil } +func validateOneRequiredFlagGroups(data map[string]map[string]bool) error { + keys := sortedKeys(data) + for _, flagList := range keys { + flagnameAndStatus := data[flagList] + var set []string + for flagname, isSet := range flagnameAndStatus { + if isSet { + set = append(set, flagname) + } + } + if len(set) >= 1 { + continue + } + + // Sort values, so they can be tested/scripted against consistently. + sort.Strings(set) + return fmt.Errorf("at least one of the flags in the group [%v] is required", flagList) + } + return nil +} + func validateExclusiveFlagGroups(data map[string]map[string]bool) error { keys := sortedKeys(data) for _, flagList := range keys { @@ -176,6 +219,7 @@ func sortedKeys(m map[string]map[string]bool) []string { // enforceFlagGroupsForCompletion will do the following: // - when a flag in a group is present, other flags in the group will be marked required +// - when none of the flags in a one-required group are present, all flags in the group will be marked required // - when a flag in a mutually exclusive group is present, other flags in the group will be marked as hidden // This allows the standard completion logic to behave appropriately for flag groups func (c *Command) enforceFlagGroupsForCompletion() { @@ -185,9 +229,11 @@ func (c *Command) enforceFlagGroupsForCompletion() { flags := c.Flags() groupStatus := map[string]map[string]bool{} + oneRequiredGroupStatus := map[string]map[string]bool{} mutuallyExclusiveGroupStatus := map[string]map[string]bool{} c.Flags().VisitAll(func(pflag *flag.Flag) { processFlagForGroupAnnotation(flags, pflag, requiredAsGroup, groupStatus) + processFlagForGroupAnnotation(flags, pflag, oneRequired, oneRequiredGroupStatus) processFlagForGroupAnnotation(flags, pflag, mutuallyExclusive, mutuallyExclusiveGroupStatus) }) @@ -204,6 +250,26 @@ func (c *Command) enforceFlagGroupsForCompletion() { } } + // If none of the flags of a one-required group are present, we make all the flags + // of that group required so that the shell completion suggests them automatically + for flagList, flagnameAndStatus := range oneRequiredGroupStatus { + set := 0 + + for _, isSet := range flagnameAndStatus { + if isSet { + set++ + } + } + + // None of the flags of the group are set, mark all flags in the group + // as required + if set == 0 { + for _, fName := range strings.Split(flagList, " ") { + _ = c.MarkFlagRequired(fName) + } + } + } + // If a flag that is mutually exclusive to others is present, we hide the other // flags of that group so the shell completion does not suggest them for flagList, flagnameAndStatus := range mutuallyExclusiveGroupStatus { diff --git a/vendor/github.com/spf13/cobra/powershell_completions.go b/vendor/github.com/spf13/cobra/powershell_completions.go index 177d2755f2..5519519394 100644 --- a/vendor/github.com/spf13/cobra/powershell_completions.go +++ b/vendor/github.com/spf13/cobra/powershell_completions.go @@ -47,7 +47,7 @@ filter __%[1]s_escapeStringWithSpecialChars { `+" $_ -replace '\\s|#|@|\\$|;|,|''|\\{|\\}|\\(|\\)|\"|`|\\||<|>|&','`$&'"+` } -[scriptblock]$__%[2]sCompleterBlock = { +[scriptblock]${__%[2]sCompleterBlock} = { param( $WordToComplete, $CommandAst, @@ -122,7 +122,7 @@ filter __%[1]s_escapeStringWithSpecialChars { __%[1]s_debug "Calling $RequestComp" # First disable ActiveHelp which is not supported for Powershell - $env:%[10]s=0 + ${env:%[10]s}=0 #call the command store the output in $out and redirect stderr and stdout to null # $Out is an array contains each line per element @@ -279,7 +279,7 @@ filter __%[1]s_escapeStringWithSpecialChars { } } -Register-ArgumentCompleter -CommandName '%[1]s' -ScriptBlock $__%[2]sCompleterBlock +Register-ArgumentCompleter -CommandName '%[1]s' -ScriptBlock ${__%[2]sCompleterBlock} `, name, nameForVar, compCmd, ShellCompDirectiveError, ShellCompDirectiveNoSpace, ShellCompDirectiveNoFileComp, ShellCompDirectiveFilterFileExt, ShellCompDirectiveFilterDirs, ShellCompDirectiveKeepOrder, activeHelpEnvVar(name))) diff --git a/vendor/github.com/spf13/cobra/powershell_completions.md b/vendor/github.com/spf13/cobra/powershell_completions.md deleted file mode 100644 index c449f1e5c0..0000000000 --- a/vendor/github.com/spf13/cobra/powershell_completions.md +++ /dev/null @@ -1,3 +0,0 @@ -# Generating PowerShell Completions For Your Own cobra.Command - -Please refer to [Shell Completions](shell_completions.md#powershell-completions) for details. diff --git a/vendor/github.com/spf13/cobra/projects_using_cobra.md b/vendor/github.com/spf13/cobra/projects_using_cobra.md deleted file mode 100644 index 8a291eb20e..0000000000 --- a/vendor/github.com/spf13/cobra/projects_using_cobra.md +++ /dev/null @@ -1,64 +0,0 @@ -## Projects using Cobra - -- [Allero](https://github.com/allero-io/allero) -- [Arewefastyet](https://benchmark.vitess.io) -- [Arduino CLI](https://github.com/arduino/arduino-cli) -- [Bleve](https://blevesearch.com/) -- [Cilium](https://cilium.io/) -- [CloudQuery](https://github.com/cloudquery/cloudquery) -- [CockroachDB](https://www.cockroachlabs.com/) -- [Constellation](https://github.com/edgelesssys/constellation) -- [Cosmos SDK](https://github.com/cosmos/cosmos-sdk) -- [Datree](https://github.com/datreeio/datree) -- [Delve](https://github.com/derekparker/delve) -- [Docker (distribution)](https://github.com/docker/distribution) -- [Etcd](https://etcd.io/) -- [Gardener](https://github.com/gardener/gardenctl) -- [Giant Swarm's gsctl](https://github.com/giantswarm/gsctl) -- [Git Bump](https://github.com/erdaltsksn/git-bump) -- [GitHub CLI](https://github.com/cli/cli) -- [GitHub Labeler](https://github.com/erdaltsksn/gh-label) -- [Golangci-lint](https://golangci-lint.run) -- [GopherJS](https://github.com/gopherjs/gopherjs) -- [GoReleaser](https://goreleaser.com) -- [Helm](https://helm.sh) -- [Hugo](https://gohugo.io) -- [Infracost](https://github.com/infracost/infracost) -- [Istio](https://istio.io) -- [Kool](https://github.com/kool-dev/kool) -- [Kubernetes](https://kubernetes.io/) -- [Kubescape](https://github.com/kubescape/kubescape) -- [KubeVirt](https://github.com/kubevirt/kubevirt) -- [Linkerd](https://linkerd.io/) -- [Mattermost-server](https://github.com/mattermost/mattermost-server) -- [Mercure](https://mercure.rocks/) -- [Meroxa CLI](https://github.com/meroxa/cli) -- [Metal Stack CLI](https://github.com/metal-stack/metalctl) -- [Moby (former Docker)](https://github.com/moby/moby) -- [Moldy](https://github.com/Moldy-Community/moldy) -- [Multi-gitter](https://github.com/lindell/multi-gitter) -- [Nanobox](https://github.com/nanobox-io/nanobox)/[Nanopack](https://github.com/nanopack) -- [nFPM](https://nfpm.goreleaser.com) -- [Okteto](https://github.com/okteto/okteto) -- [OpenShift](https://www.openshift.com/) -- [Ory Hydra](https://github.com/ory/hydra) -- [Ory Kratos](https://github.com/ory/kratos) -- [Pixie](https://github.com/pixie-io/pixie) -- [Polygon Edge](https://github.com/0xPolygon/polygon-edge) -- [Pouch](https://github.com/alibaba/pouch) -- [ProjectAtomic (enterprise)](https://www.projectatomic.io/) -- [Prototool](https://github.com/uber/prototool) -- [Pulumi](https://www.pulumi.com) -- [QRcp](https://github.com/claudiodangelis/qrcp) -- [Random](https://github.com/erdaltsksn/random) -- [Rclone](https://rclone.org/) -- [Scaleway CLI](https://github.com/scaleway/scaleway-cli) -- [Sia](https://github.com/SiaFoundation/siad) -- [Skaffold](https://skaffold.dev/) -- [Tendermint](https://github.com/tendermint/tendermint) -- [Twitch CLI](https://github.com/twitchdev/twitch-cli) -- [UpCloud CLI (`upctl`)](https://github.com/UpCloudLtd/upcloud-cli) -- [Vitess](https://vitess.io) -- VMware's [Tanzu Community Edition](https://github.com/vmware-tanzu/community-edition) & [Tanzu Framework](https://github.com/vmware-tanzu/tanzu-framework) -- [Werf](https://werf.io/) -- [ZITADEL](https://github.com/zitadel/zitadel) diff --git a/vendor/github.com/spf13/cobra/shell_completions.md b/vendor/github.com/spf13/cobra/shell_completions.md deleted file mode 100644 index 065c0621d4..0000000000 --- a/vendor/github.com/spf13/cobra/shell_completions.md +++ /dev/null @@ -1,576 +0,0 @@ -# Generating shell completions - -Cobra can generate shell completions for multiple shells. -The currently supported shells are: -- Bash -- Zsh -- fish -- PowerShell - -Cobra will automatically provide your program with a fully functional `completion` command, -similarly to how it provides the `help` command. - -## Creating your own completion command - -If you do not wish to use the default `completion` command, you can choose to -provide your own, which will take precedence over the default one. (This also provides -backwards-compatibility with programs that already have their own `completion` command.) - -If you are using the `cobra-cli` generator, -which can be found at [spf13/cobra-cli](https://github.com/spf13/cobra-cli), -you can create a completion command by running - -```bash -cobra-cli add completion -``` -and then modifying the generated `cmd/completion.go` file to look something like this -(writing the shell script to stdout allows the most flexible use): - -```go -var completionCmd = &cobra.Command{ - Use: "completion [bash|zsh|fish|powershell]", - Short: "Generate completion script", - Long: fmt.Sprintf(`To load completions: - -Bash: - - $ source <(%[1]s completion bash) - - # To load completions for each session, execute once: - # Linux: - $ %[1]s completion bash > /etc/bash_completion.d/%[1]s - # macOS: - $ %[1]s completion bash > $(brew --prefix)/etc/bash_completion.d/%[1]s - -Zsh: - - # If shell completion is not already enabled in your environment, - # you will need to enable it. You can execute the following once: - - $ echo "autoload -U compinit; compinit" >> ~/.zshrc - - # To load completions for each session, execute once: - $ %[1]s completion zsh > "${fpath[1]}/_%[1]s" - - # You will need to start a new shell for this setup to take effect. - -fish: - - $ %[1]s completion fish | source - - # To load completions for each session, execute once: - $ %[1]s completion fish > ~/.config/fish/completions/%[1]s.fish - -PowerShell: - - PS> %[1]s completion powershell | Out-String | Invoke-Expression - - # To load completions for every new session, run: - PS> %[1]s completion powershell > %[1]s.ps1 - # and source this file from your PowerShell profile. -`,cmd.Root().Name()), - DisableFlagsInUseLine: true, - ValidArgs: []string{"bash", "zsh", "fish", "powershell"}, - Args: cobra.MatchAll(cobra.ExactArgs(1), cobra.OnlyValidArgs), - Run: func(cmd *cobra.Command, args []string) { - switch args[0] { - case "bash": - cmd.Root().GenBashCompletion(os.Stdout) - case "zsh": - cmd.Root().GenZshCompletion(os.Stdout) - case "fish": - cmd.Root().GenFishCompletion(os.Stdout, true) - case "powershell": - cmd.Root().GenPowerShellCompletionWithDesc(os.Stdout) - } - }, -} -``` - -**Note:** The cobra generator may include messages printed to stdout, for example, if the config file is loaded; this will break the auto-completion script so must be removed. - -## Adapting the default completion command - -Cobra provides a few options for the default `completion` command. To configure such options you must set -the `CompletionOptions` field on the *root* command. - -To tell Cobra *not* to provide the default `completion` command: -``` -rootCmd.CompletionOptions.DisableDefaultCmd = true -``` - -To tell Cobra to mark the default `completion` command as *hidden*: -``` -rootCmd.CompletionOptions.HiddenDefaultCmd = true -``` - -To tell Cobra *not* to provide the user with the `--no-descriptions` flag to the completion sub-commands: -``` -rootCmd.CompletionOptions.DisableNoDescFlag = true -``` - -To tell Cobra to completely disable descriptions for completions: -``` -rootCmd.CompletionOptions.DisableDescriptions = true -``` - -# Customizing completions - -The generated completion scripts will automatically handle completing commands and flags. However, you can make your completions much more powerful by providing information to complete your program's nouns and flag values. - -## Completion of nouns - -### Static completion of nouns - -Cobra allows you to provide a pre-defined list of completion choices for your nouns using the `ValidArgs` field. -For example, if you want `kubectl get [tab][tab]` to show a list of valid "nouns" you have to set them. -Some simplified code from `kubectl get` looks like: - -```go -validArgs = []string{ "pod", "node", "service", "replicationcontroller" } - -cmd := &cobra.Command{ - Use: "get [(-o|--output=)json|yaml|template|...] (RESOURCE [NAME] | RESOURCE/NAME ...)", - Short: "Display one or many resources", - Long: get_long, - Example: get_example, - Run: func(cmd *cobra.Command, args []string) { - cobra.CheckErr(RunGet(f, out, cmd, args)) - }, - ValidArgs: validArgs, -} -``` - -Notice we put the `ValidArgs` field on the `get` sub-command. Doing so will give results like: - -```bash -$ kubectl get [tab][tab] -node pod replicationcontroller service -``` - -#### Aliases for nouns - -If your nouns have aliases, you can define them alongside `ValidArgs` using `ArgAliases`: - -```go -argAliases = []string { "pods", "nodes", "services", "svc", "replicationcontrollers", "rc" } - -cmd := &cobra.Command{ - ... - ValidArgs: validArgs, - ArgAliases: argAliases -} -``` - -The aliases are shown to the user on tab completion only if no completions were found within sub-commands or `ValidArgs`. - -### Dynamic completion of nouns - -In some cases it is not possible to provide a list of completions in advance. Instead, the list of completions must be determined at execution-time. In a similar fashion as for static completions, you can use the `ValidArgsFunction` field to provide a Go function that Cobra will execute when it needs the list of completion choices for the nouns of a command. Note that either `ValidArgs` or `ValidArgsFunction` can be used for a single cobra command, but not both. -Simplified code from `helm status` looks like: - -```go -cmd := &cobra.Command{ - Use: "status RELEASE_NAME", - Short: "Display the status of the named release", - Long: status_long, - RunE: func(cmd *cobra.Command, args []string) { - RunGet(args[0]) - }, - ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - if len(args) != 0 { - return nil, cobra.ShellCompDirectiveNoFileComp - } - return getReleasesFromCluster(toComplete), cobra.ShellCompDirectiveNoFileComp - }, -} -``` -Where `getReleasesFromCluster()` is a Go function that obtains the list of current Helm releases running on the Kubernetes cluster. -Notice we put the `ValidArgsFunction` on the `status` sub-command. Let's assume the Helm releases on the cluster are: `harbor`, `notary`, `rook` and `thanos` then this dynamic completion will give results like: - -```bash -$ helm status [tab][tab] -harbor notary rook thanos -``` -You may have noticed the use of `cobra.ShellCompDirective`. These directives are bit fields allowing to control some shell completion behaviors for your particular completion. You can combine them with the bit-or operator such as `cobra.ShellCompDirectiveNoSpace | cobra.ShellCompDirectiveNoFileComp` -```go -// Indicates that the shell will perform its default behavior after completions -// have been provided (this implies none of the other directives). -ShellCompDirectiveDefault - -// Indicates an error occurred and completions should be ignored. -ShellCompDirectiveError - -// Indicates that the shell should not add a space after the completion, -// even if there is a single completion provided. -ShellCompDirectiveNoSpace - -// Indicates that the shell should not provide file completion even when -// no completion is provided. -ShellCompDirectiveNoFileComp - -// Indicates that the returned completions should be used as file extension filters. -// For example, to complete only files of the form *.json or *.yaml: -// return []string{"yaml", "json"}, ShellCompDirectiveFilterFileExt -// For flags, using MarkFlagFilename() and MarkPersistentFlagFilename() -// is a shortcut to using this directive explicitly. -// -ShellCompDirectiveFilterFileExt - -// Indicates that only directory names should be provided in file completion. -// For example: -// return nil, ShellCompDirectiveFilterDirs -// For flags, using MarkFlagDirname() is a shortcut to using this directive explicitly. -// -// To request directory names within another directory, the returned completions -// should specify a single directory name within which to search. For example, -// to complete directories within "themes/": -// return []string{"themes"}, ShellCompDirectiveFilterDirs -// -ShellCompDirectiveFilterDirs - -// ShellCompDirectiveKeepOrder indicates that the shell should preserve the order -// in which the completions are provided -ShellCompDirectiveKeepOrder -``` - -***Note***: When using the `ValidArgsFunction`, Cobra will call your registered function after having parsed all flags and arguments provided in the command-line. You therefore don't need to do this parsing yourself. For example, when a user calls `helm status --namespace my-rook-ns [tab][tab]`, Cobra will call your registered `ValidArgsFunction` after having parsed the `--namespace` flag, as it would have done when calling the `RunE` function. - -#### Debugging - -Cobra achieves dynamic completion through the use of a hidden command called by the completion script. To debug your Go completion code, you can call this hidden command directly: -```bash -$ helm __complete status har -harbor -:4 -Completion ended with directive: ShellCompDirectiveNoFileComp # This is on stderr -``` -***Important:*** If the noun to complete is empty (when the user has not yet typed any letters of that noun), you must pass an empty parameter to the `__complete` command: -```bash -$ helm __complete status "" -harbor -notary -rook -thanos -:4 -Completion ended with directive: ShellCompDirectiveNoFileComp # This is on stderr -``` -Calling the `__complete` command directly allows you to run the Go debugger to troubleshoot your code. You can also add printouts to your code; Cobra provides the following functions to use for printouts in Go completion code: -```go -// Prints to the completion script debug file (if BASH_COMP_DEBUG_FILE -// is set to a file path) and optionally prints to stderr. -cobra.CompDebug(msg string, printToStdErr bool) { -cobra.CompDebugln(msg string, printToStdErr bool) - -// Prints to the completion script debug file (if BASH_COMP_DEBUG_FILE -// is set to a file path) and to stderr. -cobra.CompError(msg string) -cobra.CompErrorln(msg string) -``` -***Important:*** You should **not** leave traces that print directly to stdout in your completion code as they will be interpreted as completion choices by the completion script. Instead, use the cobra-provided debugging traces functions mentioned above. - -## Completions for flags - -### Mark flags as required - -Most of the time completions will only show sub-commands. But if a flag is required to make a sub-command work, you probably want it to show up when the user types [tab][tab]. You can mark a flag as 'Required' like so: - -```go -cmd.MarkFlagRequired("pod") -cmd.MarkFlagRequired("container") -``` - -and you'll get something like - -```bash -$ kubectl exec [tab][tab] --c --container= -p --pod= -``` - -### Specify dynamic flag completion - -As for nouns, Cobra provides a way of defining dynamic completion of flags. To provide a Go function that Cobra will execute when it needs the list of completion choices for a flag, you must register the function using the `command.RegisterFlagCompletionFunc()` function. - -```go -flagName := "output" -cmd.RegisterFlagCompletionFunc(flagName, func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - return []string{"json", "table", "yaml"}, cobra.ShellCompDirectiveDefault -}) -``` -Notice that calling `RegisterFlagCompletionFunc()` is done through the `command` with which the flag is associated. In our example this dynamic completion will give results like so: - -```bash -$ helm status --output [tab][tab] -json table yaml -``` - -#### Debugging - -You can also easily debug your Go completion code for flags: -```bash -$ helm __complete status --output "" -json -table -yaml -:4 -Completion ended with directive: ShellCompDirectiveNoFileComp # This is on stderr -``` -***Important:*** You should **not** leave traces that print to stdout in your completion code as they will be interpreted as completion choices by the completion script. Instead, use the cobra-provided debugging traces functions mentioned further above. - -### Specify valid filename extensions for flags that take a filename - -To limit completions of flag values to file names with certain extensions you can either use the different `MarkFlagFilename()` functions or a combination of `RegisterFlagCompletionFunc()` and `ShellCompDirectiveFilterFileExt`, like so: -```go -flagName := "output" -cmd.MarkFlagFilename(flagName, "yaml", "json") -``` -or -```go -flagName := "output" -cmd.RegisterFlagCompletionFunc(flagName, func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - return []string{"yaml", "json"}, ShellCompDirectiveFilterFileExt}) -``` - -### Limit flag completions to directory names - -To limit completions of flag values to directory names you can either use the `MarkFlagDirname()` functions or a combination of `RegisterFlagCompletionFunc()` and `ShellCompDirectiveFilterDirs`, like so: -```go -flagName := "output" -cmd.MarkFlagDirname(flagName) -``` -or -```go -flagName := "output" -cmd.RegisterFlagCompletionFunc(flagName, func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - return nil, cobra.ShellCompDirectiveFilterDirs -}) -``` -To limit completions of flag values to directory names *within another directory* you can use a combination of `RegisterFlagCompletionFunc()` and `ShellCompDirectiveFilterDirs` like so: -```go -flagName := "output" -cmd.RegisterFlagCompletionFunc(flagName, func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - return []string{"themes"}, cobra.ShellCompDirectiveFilterDirs -}) -``` -### Descriptions for completions - -Cobra provides support for completion descriptions. Such descriptions are supported for each shell -(however, for bash, it is only available in the [completion V2 version](#bash-completion-v2)). -For commands and flags, Cobra will provide the descriptions automatically, based on usage information. -For example, using zsh: -``` -$ helm s[tab] -search -- search for a keyword in charts -show -- show information of a chart -status -- displays the status of the named release -``` -while using fish: -``` -$ helm s[tab] -search (search for a keyword in charts) show (show information of a chart) status (displays the status of the named release) -``` - -Cobra allows you to add descriptions to your own completions. Simply add the description text after each completion, following a `\t` separator. This technique applies to completions returned by `ValidArgs`, `ValidArgsFunction` and `RegisterFlagCompletionFunc()`. For example: -```go -ValidArgsFunction: func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) { - return []string{"harbor\tAn image registry", "thanos\tLong-term metrics"}, cobra.ShellCompDirectiveNoFileComp -}} -``` -or -```go -ValidArgs: []string{"bash\tCompletions for bash", "zsh\tCompletions for zsh"} -``` - -If you don't want to show descriptions in the completions, you can add `--no-descriptions` to the default `completion` command to disable them, like: - -```bash -$ source <(helm completion bash) -$ helm completion [tab][tab] -bash (generate autocompletion script for bash) powershell (generate autocompletion script for powershell) -fish (generate autocompletion script for fish) zsh (generate autocompletion script for zsh) - -$ source <(helm completion bash --no-descriptions) -$ helm completion [tab][tab] -bash fish powershell zsh -``` -## Bash completions - -### Dependencies - -The bash completion script generated by Cobra requires the `bash_completion` package. You should update the help text of your completion command to show how to install the `bash_completion` package ([Kubectl docs](https://kubernetes.io/docs/tasks/tools/install-kubectl/#enabling-shell-autocompletion)) - -### Aliases - -You can also configure `bash` aliases for your program and they will also support completions. - -```bash -alias aliasname=origcommand -complete -o default -F __start_origcommand aliasname - -# and now when you run `aliasname` completion will make -# suggestions as it did for `origcommand`. - -$ aliasname -completion firstcommand secondcommand -``` -### Bash legacy dynamic completions - -For backward compatibility, Cobra still supports its bash legacy dynamic completion solution. -Please refer to [Bash Completions](bash_completions.md) for details. - -### Bash completion V2 - -Cobra provides two versions for bash completion. The original bash completion (which started it all!) can be used by calling -`GenBashCompletion()` or `GenBashCompletionFile()`. - -A new V2 bash completion version is also available. This version can be used by calling `GenBashCompletionV2()` or -`GenBashCompletionFileV2()`. The V2 version does **not** support the legacy dynamic completion -(see [Bash Completions](bash_completions.md)) but instead works only with the Go dynamic completion -solution described in this document. -Unless your program already uses the legacy dynamic completion solution, it is recommended that you use the bash -completion V2 solution which provides the following extra features: -- Supports completion descriptions (like the other shells) -- Small completion script of less than 300 lines (v1 generates scripts of thousands of lines; `kubectl` for example has a bash v1 completion script of over 13K lines) -- Streamlined user experience thanks to a completion behavior aligned with the other shells - -`Bash` completion V2 supports descriptions for completions. When calling `GenBashCompletionV2()` or `GenBashCompletionFileV2()` -you must provide these functions with a parameter indicating if the completions should be annotated with a description; Cobra -will provide the description automatically based on usage information. You can choose to make this option configurable by -your users. - -``` -# With descriptions -$ helm s[tab][tab] -search (search for a keyword in charts) status (display the status of the named release) -show (show information of a chart) - -# Without descriptions -$ helm s[tab][tab] -search show status -``` -**Note**: Cobra's default `completion` command uses bash completion V2. If for some reason you need to use bash completion V1, you will need to implement your own `completion` command. -## Zsh completions - -Cobra supports native zsh completion generated from the root `cobra.Command`. -The generated completion script should be put somewhere in your `$fpath` and be named -`_`. You will need to start a new shell for the completions to become available. - -Zsh supports descriptions for completions. Cobra will provide the description automatically, -based on usage information. Cobra provides a way to completely disable such descriptions by -using `GenZshCompletionNoDesc()` or `GenZshCompletionFileNoDesc()`. You can choose to make -this a configurable option to your users. -``` -# With descriptions -$ helm s[tab] -search -- search for a keyword in charts -show -- show information of a chart -status -- displays the status of the named release - -# Without descriptions -$ helm s[tab] -search show status -``` -*Note*: Because of backward-compatibility requirements, we were forced to have a different API to disable completion descriptions between `zsh` and `fish`. - -### Limitations - -* Custom completions implemented in Bash scripting (legacy) are not supported and will be ignored for `zsh` (including the use of the `BashCompCustom` flag annotation). - * You should instead use `ValidArgsFunction` and `RegisterFlagCompletionFunc()` which are portable to the different shells (`bash`, `zsh`, `fish`, `powershell`). -* The function `MarkFlagCustom()` is not supported and will be ignored for `zsh`. - * You should instead use `RegisterFlagCompletionFunc()`. - -### Zsh completions standardization - -Cobra 1.1 standardized its zsh completion support to align it with its other shell completions. Although the API was kept backward-compatible, some small changes in behavior were introduced. -Please refer to [Zsh Completions](zsh_completions.md) for details. - -## fish completions - -Cobra supports native fish completions generated from the root `cobra.Command`. You can use the `command.GenFishCompletion()` or `command.GenFishCompletionFile()` functions. You must provide these functions with a parameter indicating if the completions should be annotated with a description; Cobra will provide the description automatically based on usage information. You can choose to make this option configurable by your users. -``` -# With descriptions -$ helm s[tab] -search (search for a keyword in charts) show (show information of a chart) status (displays the status of the named release) - -# Without descriptions -$ helm s[tab] -search show status -``` -*Note*: Because of backward-compatibility requirements, we were forced to have a different API to disable completion descriptions between `zsh` and `fish`. - -### Limitations - -* Custom completions implemented in bash scripting (legacy) are not supported and will be ignored for `fish` (including the use of the `BashCompCustom` flag annotation). - * You should instead use `ValidArgsFunction` and `RegisterFlagCompletionFunc()` which are portable to the different shells (`bash`, `zsh`, `fish`, `powershell`). -* The function `MarkFlagCustom()` is not supported and will be ignored for `fish`. - * You should instead use `RegisterFlagCompletionFunc()`. -* The following flag completion annotations are not supported and will be ignored for `fish`: - * `BashCompFilenameExt` (filtering by file extension) - * `BashCompSubdirsInDir` (filtering by directory) -* The functions corresponding to the above annotations are consequently not supported and will be ignored for `fish`: - * `MarkFlagFilename()` and `MarkPersistentFlagFilename()` (filtering by file extension) - * `MarkFlagDirname()` and `MarkPersistentFlagDirname()` (filtering by directory) -* Similarly, the following completion directives are not supported and will be ignored for `fish`: - * `ShellCompDirectiveFilterFileExt` (filtering by file extension) - * `ShellCompDirectiveFilterDirs` (filtering by directory) - -## PowerShell completions - -Cobra supports native PowerShell completions generated from the root `cobra.Command`. You can use the `command.GenPowerShellCompletion()` or `command.GenPowerShellCompletionFile()` functions. To include descriptions use `command.GenPowerShellCompletionWithDesc()` and `command.GenPowerShellCompletionFileWithDesc()`. Cobra will provide the description automatically based on usage information. You can choose to make this option configurable by your users. - -The script is designed to support all three PowerShell completion modes: - -* TabCompleteNext (default windows style - on each key press the next option is displayed) -* Complete (works like bash) -* MenuComplete (works like zsh) - -You set the mode with `Set-PSReadLineKeyHandler -Key Tab -Function `. Descriptions are only displayed when using the `Complete` or `MenuComplete` mode. - -Users need PowerShell version 5.0 or above, which comes with Windows 10 and can be downloaded separately for Windows 7 or 8.1. They can then write the completions to a file and source this file from their PowerShell profile, which is referenced by the `$Profile` environment variable. See `Get-Help about_Profiles` for more info about PowerShell profiles. - -``` -# With descriptions and Mode 'Complete' -$ helm s[tab] -search (search for a keyword in charts) show (show information of a chart) status (displays the status of the named release) - -# With descriptions and Mode 'MenuComplete' The description of the current selected value will be displayed below the suggestions. -$ helm s[tab] -search show status - -search for a keyword in charts - -# Without descriptions -$ helm s[tab] -search show status -``` -### Aliases - -You can also configure `powershell` aliases for your program and they will also support completions. - -``` -$ sal aliasname origcommand -$ Register-ArgumentCompleter -CommandName 'aliasname' -ScriptBlock $__origcommandCompleterBlock - -# and now when you run `aliasname` completion will make -# suggestions as it did for `origcommand`. - -$ aliasname -completion firstcommand secondcommand -``` -The name of the completer block variable is of the form `$__CompleterBlock` where every `-` and `:` in the program name have been replaced with `_`, to respect powershell naming syntax. - -### Limitations - -* Custom completions implemented in bash scripting (legacy) are not supported and will be ignored for `powershell` (including the use of the `BashCompCustom` flag annotation). - * You should instead use `ValidArgsFunction` and `RegisterFlagCompletionFunc()` which are portable to the different shells (`bash`, `zsh`, `fish`, `powershell`). -* The function `MarkFlagCustom()` is not supported and will be ignored for `powershell`. - * You should instead use `RegisterFlagCompletionFunc()`. -* The following flag completion annotations are not supported and will be ignored for `powershell`: - * `BashCompFilenameExt` (filtering by file extension) - * `BashCompSubdirsInDir` (filtering by directory) -* The functions corresponding to the above annotations are consequently not supported and will be ignored for `powershell`: - * `MarkFlagFilename()` and `MarkPersistentFlagFilename()` (filtering by file extension) - * `MarkFlagDirname()` and `MarkPersistentFlagDirname()` (filtering by directory) -* Similarly, the following completion directives are not supported and will be ignored for `powershell`: - * `ShellCompDirectiveFilterFileExt` (filtering by file extension) - * `ShellCompDirectiveFilterDirs` (filtering by directory) diff --git a/vendor/github.com/spf13/cobra/user_guide.md b/vendor/github.com/spf13/cobra/user_guide.md deleted file mode 100644 index 85201d840c..0000000000 --- a/vendor/github.com/spf13/cobra/user_guide.md +++ /dev/null @@ -1,726 +0,0 @@ -# User Guide - -While you are welcome to provide your own organization, typically a Cobra-based -application will follow the following organizational structure: - -``` - ▾ appName/ - ▾ cmd/ - add.go - your.go - commands.go - here.go - main.go -``` - -In a Cobra app, typically the main.go file is very bare. It serves one purpose: initializing Cobra. - -```go -package main - -import ( - "{pathToYourApp}/cmd" -) - -func main() { - cmd.Execute() -} -``` - -## Using the Cobra Generator - -Cobra-CLI is its own program that will create your application and add any -commands you want. It's the easiest way to incorporate Cobra into your application. - -For complete details on using the Cobra generator, please refer to [The Cobra-CLI Generator README](https://github.com/spf13/cobra-cli/blob/main/README.md) - -## Using the Cobra Library - -To manually implement Cobra you need to create a bare main.go file and a rootCmd file. -You will optionally provide additional commands as you see fit. - -### Create rootCmd - -Cobra doesn't require any special constructors. Simply create your commands. - -Ideally you place this in app/cmd/root.go: - -```go -var rootCmd = &cobra.Command{ - Use: "hugo", - Short: "Hugo is a very fast static site generator", - Long: `A Fast and Flexible Static Site Generator built with - love by spf13 and friends in Go. - Complete documentation is available at https://gohugo.io/documentation/`, - Run: func(cmd *cobra.Command, args []string) { - // Do Stuff Here - }, -} - -func Execute() { - if err := rootCmd.Execute(); err != nil { - fmt.Fprintln(os.Stderr, err) - os.Exit(1) - } -} -``` - -You will additionally define flags and handle configuration in your init() function. - -For example cmd/root.go: - -```go -package cmd - -import ( - "fmt" - "os" - - "github.com/spf13/cobra" - "github.com/spf13/viper" -) - -var ( - // Used for flags. - cfgFile string - userLicense string - - rootCmd = &cobra.Command{ - Use: "cobra-cli", - Short: "A generator for Cobra based Applications", - Long: `Cobra is a CLI library for Go that empowers applications. -This application is a tool to generate the needed files -to quickly create a Cobra application.`, - } -) - -// Execute executes the root command. -func Execute() error { - return rootCmd.Execute() -} - -func init() { - cobra.OnInitialize(initConfig) - - rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.cobra.yaml)") - rootCmd.PersistentFlags().StringP("author", "a", "YOUR NAME", "author name for copyright attribution") - rootCmd.PersistentFlags().StringVarP(&userLicense, "license", "l", "", "name of license for the project") - rootCmd.PersistentFlags().Bool("viper", true, "use Viper for configuration") - viper.BindPFlag("author", rootCmd.PersistentFlags().Lookup("author")) - viper.BindPFlag("useViper", rootCmd.PersistentFlags().Lookup("viper")) - viper.SetDefault("author", "NAME HERE ") - viper.SetDefault("license", "apache") - - rootCmd.AddCommand(addCmd) - rootCmd.AddCommand(initCmd) -} - -func initConfig() { - if cfgFile != "" { - // Use config file from the flag. - viper.SetConfigFile(cfgFile) - } else { - // Find home directory. - home, err := os.UserHomeDir() - cobra.CheckErr(err) - - // Search config in home directory with name ".cobra" (without extension). - viper.AddConfigPath(home) - viper.SetConfigType("yaml") - viper.SetConfigName(".cobra") - } - - viper.AutomaticEnv() - - if err := viper.ReadInConfig(); err == nil { - fmt.Println("Using config file:", viper.ConfigFileUsed()) - } -} -``` - -### Create your main.go - -With the root command you need to have your main function execute it. -Execute should be run on the root for clarity, though it can be called on any command. - -In a Cobra app, typically the main.go file is very bare. It serves one purpose: to initialize Cobra. - -```go -package main - -import ( - "{pathToYourApp}/cmd" -) - -func main() { - cmd.Execute() -} -``` - -### Create additional commands - -Additional commands can be defined and typically are each given their own file -inside of the cmd/ directory. - -If you wanted to create a version command you would create cmd/version.go and -populate it with the following: - -```go -package cmd - -import ( - "fmt" - - "github.com/spf13/cobra" -) - -func init() { - rootCmd.AddCommand(versionCmd) -} - -var versionCmd = &cobra.Command{ - Use: "version", - Short: "Print the version number of Hugo", - Long: `All software has versions. This is Hugo's`, - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("Hugo Static Site Generator v0.9 -- HEAD") - }, -} -``` - -### Organizing subcommands - -A command may have subcommands which in turn may have other subcommands. This is achieved by using -`AddCommand`. In some cases, especially in larger applications, each subcommand may be defined in -its own go package. - -The suggested approach is for the parent command to use `AddCommand` to add its most immediate -subcommands. For example, consider the following directory structure: - -```text -├── cmd -│   ├── root.go -│   └── sub1 -│   ├── sub1.go -│   └── sub2 -│   ├── leafA.go -│   ├── leafB.go -│   └── sub2.go -└── main.go -``` - -In this case: - -* The `init` function of `root.go` adds the command defined in `sub1.go` to the root command. -* The `init` function of `sub1.go` adds the command defined in `sub2.go` to the sub1 command. -* The `init` function of `sub2.go` adds the commands defined in `leafA.go` and `leafB.go` to the - sub2 command. - -This approach ensures the subcommands are always included at compile time while avoiding cyclic -references. - -### Returning and handling errors - -If you wish to return an error to the caller of a command, `RunE` can be used. - -```go -package cmd - -import ( - "fmt" - - "github.com/spf13/cobra" -) - -func init() { - rootCmd.AddCommand(tryCmd) -} - -var tryCmd = &cobra.Command{ - Use: "try", - Short: "Try and possibly fail at something", - RunE: func(cmd *cobra.Command, args []string) error { - if err := someFunc(); err != nil { - return err - } - return nil - }, -} -``` - -The error can then be caught at the execute function call. - -## Working with Flags - -Flags provide modifiers to control how the action command operates. - -### Assign flags to a command - -Since the flags are defined and used in different locations, we need to -define a variable outside with the correct scope to assign the flag to -work with. - -```go -var Verbose bool -var Source string -``` - -There are two different approaches to assign a flag. - -### Persistent Flags - -A flag can be 'persistent', meaning that this flag will be available to the -command it's assigned to as well as every command under that command. For -global flags, assign a flag as a persistent flag on the root. - -```go -rootCmd.PersistentFlags().BoolVarP(&Verbose, "verbose", "v", false, "verbose output") -``` - -### Local Flags - -A flag can also be assigned locally, which will only apply to that specific command. - -```go -localCmd.Flags().StringVarP(&Source, "source", "s", "", "Source directory to read from") -``` - -### Local Flag on Parent Commands - -By default, Cobra only parses local flags on the target command, and any local flags on -parent commands are ignored. By enabling `Command.TraverseChildren`, Cobra will -parse local flags on each command before executing the target command. - -```go -command := cobra.Command{ - Use: "print [OPTIONS] [COMMANDS]", - TraverseChildren: true, -} -``` - -### Bind Flags with Config - -You can also bind your flags with [viper](https://github.com/spf13/viper): -```go -var author string - -func init() { - rootCmd.PersistentFlags().StringVar(&author, "author", "YOUR NAME", "Author name for copyright attribution") - viper.BindPFlag("author", rootCmd.PersistentFlags().Lookup("author")) -} -``` - -In this example, the persistent flag `author` is bound with `viper`. -**Note**: the variable `author` will not be set to the value from config, -when the `--author` flag is provided by user. - -More in [viper documentation](https://github.com/spf13/viper#working-with-flags). - -### Required flags - -Flags are optional by default. If instead you wish your command to report an error -when a flag has not been set, mark it as required: -```go -rootCmd.Flags().StringVarP(&Region, "region", "r", "", "AWS region (required)") -rootCmd.MarkFlagRequired("region") -``` - -Or, for persistent flags: -```go -rootCmd.PersistentFlags().StringVarP(&Region, "region", "r", "", "AWS region (required)") -rootCmd.MarkPersistentFlagRequired("region") -``` - -### Flag Groups - -If you have different flags that must be provided together (e.g. if they provide the `--username` flag they MUST provide the `--password` flag as well) then -Cobra can enforce that requirement: -```go -rootCmd.Flags().StringVarP(&u, "username", "u", "", "Username (required if password is set)") -rootCmd.Flags().StringVarP(&pw, "password", "p", "", "Password (required if username is set)") -rootCmd.MarkFlagsRequiredTogether("username", "password") -``` - -You can also prevent different flags from being provided together if they represent mutually -exclusive options such as specifying an output format as either `--json` or `--yaml` but never both: -```go -rootCmd.Flags().BoolVar(&ofJson, "json", false, "Output in JSON") -rootCmd.Flags().BoolVar(&ofYaml, "yaml", false, "Output in YAML") -rootCmd.MarkFlagsMutuallyExclusive("json", "yaml") -``` - -In both of these cases: - - both local and persistent flags can be used - - **NOTE:** the group is only enforced on commands where every flag is defined - - a flag may appear in multiple groups - - a group may contain any number of flags - -## Positional and Custom Arguments - -Validation of positional arguments can be specified using the `Args` field of `Command`. -The following validators are built in: - -- Number of arguments: - - `NoArgs` - report an error if there are any positional args. - - `ArbitraryArgs` - accept any number of args. - - `MinimumNArgs(int)` - report an error if less than N positional args are provided. - - `MaximumNArgs(int)` - report an error if more than N positional args are provided. - - `ExactArgs(int)` - report an error if there are not exactly N positional args. - - `RangeArgs(min, max)` - report an error if the number of args is not between `min` and `max`. -- Content of the arguments: - - `OnlyValidArgs` - report an error if there are any positional args not specified in the `ValidArgs` field of `Command`, which can optionally be set to a list of valid values for positional args. - -If `Args` is undefined or `nil`, it defaults to `ArbitraryArgs`. - -Moreover, `MatchAll(pargs ...PositionalArgs)` enables combining existing checks with arbitrary other checks. -For instance, if you want to report an error if there are not exactly N positional args OR if there are any positional -args that are not in the `ValidArgs` field of `Command`, you can call `MatchAll` on `ExactArgs` and `OnlyValidArgs`, as -shown below: - -```go -var cmd = &cobra.Command{ - Short: "hello", - Args: cobra.MatchAll(cobra.ExactArgs(2), cobra.OnlyValidArgs), - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("Hello, World!") - }, -} -``` - -It is possible to set any custom validator that satisfies `func(cmd *cobra.Command, args []string) error`. -For example: - -```go -var cmd = &cobra.Command{ - Short: "hello", - Args: func(cmd *cobra.Command, args []string) error { - // Optionally run one of the validators provided by cobra - if err := cobra.MinimumNArgs(1)(cmd, args); err != nil { - return err - } - // Run the custom validation logic - if myapp.IsValidColor(args[0]) { - return nil - } - return fmt.Errorf("invalid color specified: %s", args[0]) - }, - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("Hello, World!") - }, -} -``` - -## Example - -In the example below, we have defined three commands. Two are at the top level -and one (cmdTimes) is a child of one of the top commands. In this case the root -is not executable, meaning that a subcommand is required. This is accomplished -by not providing a 'Run' for the 'rootCmd'. - -We have only defined one flag for a single command. - -More documentation about flags is available at https://github.com/spf13/pflag - -```go -package main - -import ( - "fmt" - "strings" - - "github.com/spf13/cobra" -) - -func main() { - var echoTimes int - - var cmdPrint = &cobra.Command{ - Use: "print [string to print]", - Short: "Print anything to the screen", - Long: `print is for printing anything back to the screen. -For many years people have printed back to the screen.`, - Args: cobra.MinimumNArgs(1), - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("Print: " + strings.Join(args, " ")) - }, - } - - var cmdEcho = &cobra.Command{ - Use: "echo [string to echo]", - Short: "Echo anything to the screen", - Long: `echo is for echoing anything back. -Echo works a lot like print, except it has a child command.`, - Args: cobra.MinimumNArgs(1), - Run: func(cmd *cobra.Command, args []string) { - fmt.Println("Echo: " + strings.Join(args, " ")) - }, - } - - var cmdTimes = &cobra.Command{ - Use: "times [string to echo]", - Short: "Echo anything to the screen more times", - Long: `echo things multiple times back to the user by providing -a count and a string.`, - Args: cobra.MinimumNArgs(1), - Run: func(cmd *cobra.Command, args []string) { - for i := 0; i < echoTimes; i++ { - fmt.Println("Echo: " + strings.Join(args, " ")) - } - }, - } - - cmdTimes.Flags().IntVarP(&echoTimes, "times", "t", 1, "times to echo the input") - - var rootCmd = &cobra.Command{Use: "app"} - rootCmd.AddCommand(cmdPrint, cmdEcho) - cmdEcho.AddCommand(cmdTimes) - rootCmd.Execute() -} -``` - -For a more complete example of a larger application, please checkout [Hugo](https://gohugo.io/). - -## Help Command - -Cobra automatically adds a help command to your application when you have subcommands. -This will be called when a user runs 'app help'. Additionally, help will also -support all other commands as input. Say, for instance, you have a command called -'create' without any additional configuration; Cobra will work when 'app help -create' is called. Every command will automatically have the '--help' flag added. - -### Example - -The following output is automatically generated by Cobra. Nothing beyond the -command and flag definitions are needed. - - $ cobra-cli help - - Cobra is a CLI library for Go that empowers applications. - This application is a tool to generate the needed files - to quickly create a Cobra application. - - Usage: - cobra-cli [command] - - Available Commands: - add Add a command to a Cobra Application - completion Generate the autocompletion script for the specified shell - help Help about any command - init Initialize a Cobra Application - - Flags: - -a, --author string author name for copyright attribution (default "YOUR NAME") - --config string config file (default is $HOME/.cobra.yaml) - -h, --help help for cobra-cli - -l, --license string name of license for the project - --viper use Viper for configuration - - Use "cobra-cli [command] --help" for more information about a command. - - -Help is just a command like any other. There is no special logic or behavior -around it. In fact, you can provide your own if you want. - -### Grouping commands in help - -Cobra supports grouping of available commands in the help output. To group commands, each group must be explicitly -defined using `AddGroup()` on the parent command. Then a subcommand can be added to a group using the `GroupID` element -of that subcommand. The groups will appear in the help output in the same order as they are defined using different -calls to `AddGroup()`. If you use the generated `help` or `completion` commands, you can set their group ids using -`SetHelpCommandGroupId()` and `SetCompletionCommandGroupId()` on the root command, respectively. - -### Defining your own help - -You can provide your own Help command or your own template for the default command to use -with the following functions: - -```go -cmd.SetHelpCommand(cmd *Command) -cmd.SetHelpFunc(f func(*Command, []string)) -cmd.SetHelpTemplate(s string) -``` - -The latter two will also apply to any children commands. - -## Usage Message - -When the user provides an invalid flag or invalid command, Cobra responds by -showing the user the 'usage'. - -### Example -You may recognize this from the help above. That's because the default help -embeds the usage as part of its output. - - $ cobra-cli --invalid - Error: unknown flag: --invalid - Usage: - cobra-cli [command] - - Available Commands: - add Add a command to a Cobra Application - completion Generate the autocompletion script for the specified shell - help Help about any command - init Initialize a Cobra Application - - Flags: - -a, --author string author name for copyright attribution (default "YOUR NAME") - --config string config file (default is $HOME/.cobra.yaml) - -h, --help help for cobra-cli - -l, --license string name of license for the project - --viper use Viper for configuration - - Use "cobra [command] --help" for more information about a command. - -### Defining your own usage -You can provide your own usage function or template for Cobra to use. -Like help, the function and template are overridable through public methods: - -```go -cmd.SetUsageFunc(f func(*Command) error) -cmd.SetUsageTemplate(s string) -``` - -## Version Flag - -Cobra adds a top-level '--version' flag if the Version field is set on the root command. -Running an application with the '--version' flag will print the version to stdout using -the version template. The template can be customized using the -`cmd.SetVersionTemplate(s string)` function. - -## PreRun and PostRun Hooks - -It is possible to run functions before or after the main `Run` function of your command. The `PersistentPreRun` and `PreRun` functions will be executed before `Run`. `PersistentPostRun` and `PostRun` will be executed after `Run`. The `Persistent*Run` functions will be inherited by children if they do not declare their own. These functions are run in the following order: - -- `PersistentPreRun` -- `PreRun` -- `Run` -- `PostRun` -- `PersistentPostRun` - -An example of two commands which use all of these features is below. When the subcommand is executed, it will run the root command's `PersistentPreRun` but not the root command's `PersistentPostRun`: - -```go -package main - -import ( - "fmt" - - "github.com/spf13/cobra" -) - -func main() { - - var rootCmd = &cobra.Command{ - Use: "root [sub]", - Short: "My root command", - PersistentPreRun: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside rootCmd PersistentPreRun with args: %v\n", args) - }, - PreRun: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside rootCmd PreRun with args: %v\n", args) - }, - Run: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside rootCmd Run with args: %v\n", args) - }, - PostRun: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside rootCmd PostRun with args: %v\n", args) - }, - PersistentPostRun: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside rootCmd PersistentPostRun with args: %v\n", args) - }, - } - - var subCmd = &cobra.Command{ - Use: "sub [no options!]", - Short: "My subcommand", - PreRun: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside subCmd PreRun with args: %v\n", args) - }, - Run: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside subCmd Run with args: %v\n", args) - }, - PostRun: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside subCmd PostRun with args: %v\n", args) - }, - PersistentPostRun: func(cmd *cobra.Command, args []string) { - fmt.Printf("Inside subCmd PersistentPostRun with args: %v\n", args) - }, - } - - rootCmd.AddCommand(subCmd) - - rootCmd.SetArgs([]string{""}) - rootCmd.Execute() - fmt.Println() - rootCmd.SetArgs([]string{"sub", "arg1", "arg2"}) - rootCmd.Execute() -} -``` - -Output: -``` -Inside rootCmd PersistentPreRun with args: [] -Inside rootCmd PreRun with args: [] -Inside rootCmd Run with args: [] -Inside rootCmd PostRun with args: [] -Inside rootCmd PersistentPostRun with args: [] - -Inside rootCmd PersistentPreRun with args: [arg1 arg2] -Inside subCmd PreRun with args: [arg1 arg2] -Inside subCmd Run with args: [arg1 arg2] -Inside subCmd PostRun with args: [arg1 arg2] -Inside subCmd PersistentPostRun with args: [arg1 arg2] -``` - -## Suggestions when "unknown command" happens - -Cobra will print automatic suggestions when "unknown command" errors happen. This allows Cobra to behave similarly to the `git` command when a typo happens. For example: - -``` -$ hugo srever -Error: unknown command "srever" for "hugo" - -Did you mean this? - server - -Run 'hugo --help' for usage. -``` - -Suggestions are automatically generated based on existing subcommands and use an implementation of [Levenshtein distance](https://en.wikipedia.org/wiki/Levenshtein_distance). Every registered command that matches a minimum distance of 2 (ignoring case) will be displayed as a suggestion. - -If you need to disable suggestions or tweak the string distance in your command, use: - -```go -command.DisableSuggestions = true -``` - -or - -```go -command.SuggestionsMinimumDistance = 1 -``` - -You can also explicitly set names for which a given command will be suggested using the `SuggestFor` attribute. This allows suggestions for strings that are not close in terms of string distance, but make sense in your set of commands but for which -you don't want aliases. Example: - -``` -$ kubectl remove -Error: unknown command "remove" for "kubectl" - -Did you mean this? - delete - -Run 'kubectl help' for usage. -``` - -## Generating documentation for your command - -Cobra can generate documentation based on subcommands, flags, etc. Read more about it in the [docs generation documentation](doc/README.md). - -## Generating shell completions - -Cobra can generate a shell-completion file for the following shells: bash, zsh, fish, PowerShell. If you add more information to your commands, these completions can be amazingly powerful and flexible. Read more about it in [Shell Completions](shell_completions.md). - -## Providing Active Help - -Cobra makes use of the shell-completion system to define a framework allowing you to provide Active Help to your users. Active Help are messages (hints, warnings, etc) printed as the program is being used. Read more about it in [Active Help](active_help.md). diff --git a/vendor/github.com/spf13/cobra/zsh_completions.md b/vendor/github.com/spf13/cobra/zsh_completions.md deleted file mode 100644 index 7cff61787f..0000000000 --- a/vendor/github.com/spf13/cobra/zsh_completions.md +++ /dev/null @@ -1,48 +0,0 @@ -## Generating Zsh Completion For Your cobra.Command - -Please refer to [Shell Completions](shell_completions.md) for details. - -## Zsh completions standardization - -Cobra 1.1 standardized its zsh completion support to align it with its other shell completions. Although the API was kept backwards-compatible, some small changes in behavior were introduced. - -### Deprecation summary - -See further below for more details on these deprecations. - -* `cmd.MarkZshCompPositionalArgumentFile(pos, []string{})` is no longer needed. It is therefore **deprecated** and silently ignored. -* `cmd.MarkZshCompPositionalArgumentFile(pos, glob[])` is **deprecated** and silently ignored. - * Instead use `ValidArgsFunction` with `ShellCompDirectiveFilterFileExt`. -* `cmd.MarkZshCompPositionalArgumentWords()` is **deprecated** and silently ignored. - * Instead use `ValidArgsFunction`. - -### Behavioral changes - -**Noun completion** -|Old behavior|New behavior| -|---|---| -|No file completion by default (opposite of bash)|File completion by default; use `ValidArgsFunction` with `ShellCompDirectiveNoFileComp` to turn off file completion on a per-argument basis| -|Completion of flag names without the `-` prefix having been typed|Flag names are only completed if the user has typed the first `-`| -`cmd.MarkZshCompPositionalArgumentFile(pos, []string{})` used to turn on file completion on a per-argument position basis|File completion for all arguments by default; `cmd.MarkZshCompPositionalArgumentFile()` is **deprecated** and silently ignored| -|`cmd.MarkZshCompPositionalArgumentFile(pos, glob[])` used to turn on file completion **with glob filtering** on a per-argument position basis (zsh-specific)|`cmd.MarkZshCompPositionalArgumentFile()` is **deprecated** and silently ignored; use `ValidArgsFunction` with `ShellCompDirectiveFilterFileExt` for file **extension** filtering (not full glob filtering)| -|`cmd.MarkZshCompPositionalArgumentWords(pos, words[])` used to provide completion choices on a per-argument position basis (zsh-specific)|`cmd.MarkZshCompPositionalArgumentWords()` is **deprecated** and silently ignored; use `ValidArgsFunction` to achieve the same behavior| - -**Flag-value completion** - -|Old behavior|New behavior| -|---|---| -|No file completion by default (opposite of bash)|File completion by default; use `RegisterFlagCompletionFunc()` with `ShellCompDirectiveNoFileComp` to turn off file completion| -|`cmd.MarkFlagFilename(flag, []string{})` and similar used to turn on file completion|File completion by default; `cmd.MarkFlagFilename(flag, []string{})` no longer needed in this context and silently ignored| -|`cmd.MarkFlagFilename(flag, glob[])` used to turn on file completion **with glob filtering** (syntax of `[]string{"*.yaml", "*.yml"}` incompatible with bash)|Will continue to work, however, support for bash syntax is added and should be used instead so as to work for all shells (`[]string{"yaml", "yml"}`)| -|`cmd.MarkFlagDirname(flag)` only completes directories (zsh-specific)|Has been added for all shells| -|Completion of a flag name does not repeat, unless flag is of type `*Array` or `*Slice` (not supported by bash)|Retained for `zsh` and added to `fish`| -|Completion of a flag name does not provide the `=` form (unlike bash)|Retained for `zsh` and added to `fish`| - -**Improvements** - -* Custom completion support (`ValidArgsFunction` and `RegisterFlagCompletionFunc()`) -* File completion by default if no other completions found -* Handling of required flags -* File extension filtering no longer mutually exclusive with bash usage -* Completion of directory names *within* another directory -* Support for `=` form of flags diff --git a/vendor/go.uber.org/dig/CHANGELOG.md b/vendor/go.uber.org/dig/CHANGELOG.md index 2989c1bbae..f191bc5aef 100644 --- a/vendor/go.uber.org/dig/CHANGELOG.md +++ b/vendor/go.uber.org/dig/CHANGELOG.md @@ -4,13 +4,28 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## [1.17.1] - 2023-10-19 +### Added +- Suggestions for value vs. pointer elements for slice and array types. + +### Fixed +- An issue where value group values were not getting decorated + by decorators within the same module when using dig.Export(true). +- A typo in docs. +- An issue where false positives in cycle detection were occurring + when providing to a child scope. + +Thanks to @paullen and @lcarilla for their contributions to this release. + +[1.17.1]: https://github.com/uber-go/dig/compare/v1.17.0...v1.17.1 + ## [1.17.0] - 2023-05-02 ### Added - Allow using `dig.As` with `dig.Group`. - Add `FillInvokeInfo` Option and `InvokeInfo` struct to help extract the types requested by an `Invoke` statement. - To get visibility into constructor and decorator calls, introduce - `WithCallback` Option to provide callback functions. + `WithProviderCallback` and `WithDecoratorCallback` Options to provide callback functions. [1.17.0]: https://github.com/uber-go/dig/compare/v1.16.1...v1.17.0 diff --git a/vendor/go.uber.org/dig/constructor.go b/vendor/go.uber.org/dig/constructor.go index 208659d988..034c41c221 100644 --- a/vendor/go.uber.org/dig/constructor.go +++ b/vendor/go.uber.org/dig/constructor.go @@ -129,6 +129,11 @@ func (n *constructorNode) CType() reflect.Type { return n.ctype } func (n *constructorNode) Order(s *Scope) int { return n.orders[s] } func (n *constructorNode) OrigScope() *Scope { return n.origS } +// CopyOrder copies the order for the given parent scope to the given child scope. +func (n *constructorNode) CopyOrder(parent, child *Scope) { + n.orders[child] = n.orders[parent] +} + func (n *constructorNode) String() string { return fmt.Sprintf("deps: %v, ctor: %v", n.paramList, n.ctype) } diff --git a/vendor/go.uber.org/dig/doc.go b/vendor/go.uber.org/dig/doc.go index 3f9ab85c1b..77b01d0452 100644 --- a/vendor/go.uber.org/dig/doc.go +++ b/vendor/go.uber.org/dig/doc.go @@ -207,7 +207,7 @@ // // func NewUserGateway(p UserGatewayParams, log *log.Logger) (*UserGateway, error) { // if p.Cache == nil { -// log.Print("Logging disabled") +// log.Print("Caching disabled") // } // // ... // } diff --git a/vendor/go.uber.org/dig/error.go b/vendor/go.uber.org/dig/error.go index 24c5685be8..8aba9ee5a1 100644 --- a/vendor/go.uber.org/dig/error.go +++ b/vendor/go.uber.org/dig/error.go @@ -414,6 +414,28 @@ func newErrMissingTypes(c containerStore, k key) errMissingTypes { suggestions = append(suggestions, k.t.Elem()) } + if k.t.Kind() == reflect.Slice { + // Maybe the user meant a slice of pointers while we have the slice of elements + suggestions = append(suggestions, reflect.SliceOf(reflect.PtrTo(k.t.Elem()))) + + // Maybe the user meant a slice of elements while we have the slice of pointers + sliceElement := k.t.Elem() + if sliceElement.Kind() == reflect.Ptr { + suggestions = append(suggestions, reflect.SliceOf(sliceElement.Elem())) + } + } + + if k.t.Kind() == reflect.Array { + // Maybe the user meant an array of pointers while we have the array of elements + suggestions = append(suggestions, reflect.ArrayOf(k.t.Len(), reflect.PtrTo(k.t.Elem()))) + + // Maybe the user meant an array of elements while we have the array of pointers + arrayElement := k.t.Elem() + if arrayElement.Kind() == reflect.Ptr { + suggestions = append(suggestions, reflect.ArrayOf(k.t.Len(), arrayElement.Elem())) + } + } + knownTypes := c.knownTypes() if k.t.Kind() == reflect.Interface { // Maybe we have an implementation of the interface. diff --git a/vendor/go.uber.org/dig/param.go b/vendor/go.uber.org/dig/param.go index d584fc237e..ca0689759f 100644 --- a/vendor/go.uber.org/dig/param.go +++ b/vendor/go.uber.org/dig/param.go @@ -606,7 +606,7 @@ func (pt paramGroupedSlice) callGroupProviders(c containerStore) (int, error) { providers := c.getGroupProviders(pt.Group, pt.Type.Elem()) itemCount += len(providers) for _, n := range providers { - if err := n.Call(c); err != nil { + if err := n.Call(n.OrigScope()); err != nil { return 0, errParamGroupFailed{ CtorID: n.ID(), Key: key{group: pt.Group, t: pt.Type.Elem()}, diff --git a/vendor/go.uber.org/dig/scope.go b/vendor/go.uber.org/dig/scope.go index 216cf18a1a..dc0c7ac5b7 100644 --- a/vendor/go.uber.org/dig/scope.go +++ b/vendor/go.uber.org/dig/scope.go @@ -121,7 +121,12 @@ func (s *Scope) Scope(name string, opts ...ScopeOption) *Scope { child.recoverFromPanics = s.recoverFromPanics // child copies the parent's graph nodes. - child.gh.nodes = append(child.gh.nodes, s.gh.nodes...) + for _, node := range s.gh.nodes { + child.gh.nodes = append(child.gh.nodes, node) + if ctrNode, ok := node.Wrapped.(*constructorNode); ok { + ctrNode.CopyOrder(s, child) + } + } for _, opt := range opts { opt.noScopeOption() diff --git a/vendor/go.uber.org/dig/version.go b/vendor/go.uber.org/dig/version.go index 0b55dc9294..7c92d4ab05 100644 --- a/vendor/go.uber.org/dig/version.go +++ b/vendor/go.uber.org/dig/version.go @@ -21,4 +21,4 @@ package dig // Version of the library. -const Version = "1.17.0" +const Version = "1.17.1" diff --git a/vendor/go4.org/netipx/.gitignore b/vendor/go4.org/netipx/.gitignore new file mode 100644 index 0000000000..c60fe1e0c2 --- /dev/null +++ b/vendor/go4.org/netipx/.gitignore @@ -0,0 +1,3 @@ +crashers +suppressions +netaddr-fuzz.zip diff --git a/vendor/go4.org/netipx/.gitmodules b/vendor/go4.org/netipx/.gitmodules new file mode 100644 index 0000000000..e1ebefa586 --- /dev/null +++ b/vendor/go4.org/netipx/.gitmodules @@ -0,0 +1,3 @@ +[submodule "corpus"] + path = corpus + url = https://github.com/inetaf/netaddr-corpus.git diff --git a/vendor/go4.org/netipx/AUTHORS b/vendor/go4.org/netipx/AUTHORS new file mode 100644 index 0000000000..ac0d1591b3 --- /dev/null +++ b/vendor/go4.org/netipx/AUTHORS @@ -0,0 +1,4 @@ +Alex Willmer +Matt Layher +Tailscale Inc. +Tobias Klauser diff --git a/vendor/go4.org/netipx/LICENSE b/vendor/go4.org/netipx/LICENSE new file mode 100644 index 0000000000..c47d4315ae --- /dev/null +++ b/vendor/go4.org/netipx/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2020 The Inet.af AUTHORS. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Tailscale Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/go4.org/netipx/README.md b/vendor/go4.org/netipx/README.md new file mode 100644 index 0000000000..74bfa41779 --- /dev/null +++ b/vendor/go4.org/netipx/README.md @@ -0,0 +1,26 @@ +# netipx [![Test Status](https://github.com/go4org/netipx/workflows/Linux/badge.svg)](https://github.com/go4org/netipx/actions) [![Go Reference](https://pkg.go.dev/badge/go4.org/netipx.svg)](https://pkg.go.dev/go4.org/netipx) + +## What + +This is a package containing the bits of the old `inet.af/netaddr` package that didn't make it +into Go 1.18's `net/netip` standard library package. + +As background, see: + +* https://github.com/inetaf/netaddr/ (now deprecated) +* https://tailscale.com/blog/netaddr-new-ip-type-for-go/ - blog post about why the package came to be originally +* https://go.dev/doc/go1.18#netip - Go 1.18 release notes + +This package requires Go 1.18+ to use and complements the `net/netip`. + +## FAQ + +**Why's it no longer under `inet.af`?** Since that joke started, that +TLD is now under control of the Taliban. (Yes, we should've known +better. We'd even previously scolded people for relying on +questionable ccTLDs. Whoops.) + +**Will this stuff make it into the standard library?** [Maybe](https://github.com/golang/go/issues/53236). +We'll see. + + diff --git a/vendor/go4.org/netipx/ipset.go b/vendor/go4.org/netipx/ipset.go new file mode 100644 index 0000000000..1d4d450261 --- /dev/null +++ b/vendor/go4.org/netipx/ipset.go @@ -0,0 +1,498 @@ +// Copyright 2020 The Inet.Af AUTHORS. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package netipx + +import ( + "fmt" + "net/netip" + "runtime" + "sort" + "strings" +) + +// IPSetBuilder builds an immutable IPSet. +// +// The zero value is a valid value representing a set of no IPs. +// +// The Add and Remove methods add or remove IPs to/from the set. +// Removals only affect the current membership of the set, so in +// general Adds should be called first. Input ranges may overlap in +// any way. +// +// Most IPSetBuilder methods do not return errors. +// Instead, errors are accumulated and reported by IPSetBuilder.IPSet. +type IPSetBuilder struct { + // in are the ranges in the set. + in []IPRange + + // out are the ranges to be removed from 'in'. + out []IPRange + + // errs are errors accumulated during construction. + errs multiErr +} + +// normalize normalizes s: s.in becomes the minimal sorted list of +// ranges required to describe s, and s.out becomes empty. +func (s *IPSetBuilder) normalize() { + const debug = false + if debug { + debugf("ranges start in=%v out=%v", s.in, s.out) + } + in, ok := mergeIPRanges(s.in) + if !ok { + return + } + out, ok := mergeIPRanges(s.out) + if !ok { + return + } + if debug { + debugf("ranges sort in=%v out=%v", in, out) + } + + // in and out are sorted in ascending range order, and have no + // overlaps within each other. We can run a merge of the two lists + // in one pass. + + min := make([]IPRange, 0, len(in)) + for len(in) > 0 && len(out) > 0 { + rin, rout := in[0], out[0] + if debug { + debugf("step in=%v out=%v", rin, rout) + } + + switch { + case !rout.IsValid() || !rin.IsValid(): + // mergeIPRanges should have prevented invalid ranges from + // sneaking in. + panic("invalid IPRanges during Ranges merge") + case rout.entirelyBefore(rin): + // "out" is entirely before "in". + // + // out in + // f-------t f-------t + out = out[1:] + if debug { + debugf("out before in; drop out") + } + case rin.entirelyBefore(rout): + // "in" is entirely before "out". + // + // in out + // f------t f-------t + min = append(min, rin) + in = in[1:] + if debug { + debugf("in before out; append in") + debugf("min=%v", min) + } + case rin.coveredBy(rout): + // "out" entirely covers "in". + // + // out + // f-------------t + // f------t + // in + in = in[1:] + if debug { + debugf("in inside out; drop in") + } + case rout.inMiddleOf(rin): + // "in" entirely covers "out". + // + // in + // f-------------t + // f------t + // out + min = append(min, IPRange{from: rin.from, to: AddrPrior(rout.from)}) + // Adjust in[0], not ir, because we want to consider the + // mutated range on the next iteration. + in[0].from = rout.to.Next() + out = out[1:] + if debug { + debugf("out inside in; split in, append first in, drop out, adjust second in") + debugf("min=%v", min) + } + case rout.overlapsStartOf(rin): + // "out" overlaps start of "in". + // + // out + // f------t + // f------t + // in + in[0].from = rout.to.Next() + // Can't move ir onto min yet, another later out might + // trim it further. Just discard or and continue. + out = out[1:] + if debug { + debugf("out cuts start of in; adjust in, drop out") + } + case rout.overlapsEndOf(rin): + // "out" overlaps end of "in". + // + // out + // f------t + // f------t + // in + min = append(min, IPRange{from: rin.from, to: AddrPrior(rout.from)}) + in = in[1:] + if debug { + debugf("merge out cuts end of in; append shortened in") + debugf("min=%v", min) + } + default: + // The above should account for all combinations of in and + // out overlapping, but insert a panic to be sure. + panic("unexpected additional overlap scenario") + } + } + if len(in) > 0 { + // Ran out of removals before the end of in. + min = append(min, in...) + if debug { + debugf("min=%v", min) + } + } + + s.in = min + s.out = nil +} + +// Clone returns a copy of s that shares no memory with s. +func (s *IPSetBuilder) Clone() *IPSetBuilder { + return &IPSetBuilder{ + in: append([]IPRange(nil), s.in...), + out: append([]IPRange(nil), s.out...), + } +} + +func (s *IPSetBuilder) addError(msg string, args ...interface{}) { + se := new(stacktraceErr) + // Skip three frames: runtime.Callers, addError, and the IPSetBuilder + // method that called addError (such as IPSetBuilder.Add). + // The resulting stack trace ends at the line in the user's + // code where they called into netaddr. + n := runtime.Callers(3, se.pcs[:]) + se.at = se.pcs[:n] + se.err = fmt.Errorf(msg, args...) + s.errs = append(s.errs, se) +} + +// Add adds ip to s. +func (s *IPSetBuilder) Add(ip netip.Addr) { + if !ip.IsValid() { + s.addError("Add(IP{})") + return + } + s.AddRange(IPRangeFrom(ip, ip)) +} + +// AddPrefix adds all IPs in p to s. +func (s *IPSetBuilder) AddPrefix(p netip.Prefix) { + if r := RangeOfPrefix(p); r.IsValid() { + s.AddRange(r) + } else { + s.addError("AddPrefix(%v/%v)", p.Addr(), p.Bits()) + } +} + +// AddRange adds r to s. +// If r is not Valid, AddRange does nothing. +func (s *IPSetBuilder) AddRange(r IPRange) { + if !r.IsValid() { + s.addError("AddRange(%v-%v)", r.From(), r.To()) + return + } + // If there are any removals (s.out), then we need to compact the set + // first to get the order right. + if len(s.out) > 0 { + s.normalize() + } + s.in = append(s.in, r) +} + +// AddSet adds all IPs in b to s. +func (s *IPSetBuilder) AddSet(b *IPSet) { + if b == nil { + return + } + for _, r := range b.rr { + s.AddRange(r) + } +} + +// Remove removes ip from s. +func (s *IPSetBuilder) Remove(ip netip.Addr) { + if !ip.IsValid() { + s.addError("Remove(IP{})") + } else { + s.RemoveRange(IPRangeFrom(ip, ip)) + } +} + +// RemovePrefix removes all IPs in p from s. +func (s *IPSetBuilder) RemovePrefix(p netip.Prefix) { + if r := RangeOfPrefix(p); r.IsValid() { + s.RemoveRange(r) + } else { + s.addError("RemovePrefix(%v/%v)", p.Addr(), p.Bits()) + } +} + +// RemoveRange removes all IPs in r from s. +func (s *IPSetBuilder) RemoveRange(r IPRange) { + if r.IsValid() { + s.out = append(s.out, r) + } else { + s.addError("RemoveRange(%v-%v)", r.From(), r.To()) + } +} + +// RemoveSet removes all IPs in o from s. +func (s *IPSetBuilder) RemoveSet(b *IPSet) { + if b == nil { + return + } + for _, r := range b.rr { + s.RemoveRange(r) + } +} + +// removeBuilder removes all IPs in b from s. +func (s *IPSetBuilder) removeBuilder(b *IPSetBuilder) { + b.normalize() + for _, r := range b.in { + s.RemoveRange(r) + } +} + +// Complement updates s to contain the complement of its current +// contents. +func (s *IPSetBuilder) Complement() { + s.normalize() + s.out = s.in + s.in = []IPRange{ + RangeOfPrefix(netip.PrefixFrom(netip.AddrFrom4([4]byte{}), 0)), + RangeOfPrefix(netip.PrefixFrom(netip.IPv6Unspecified(), 0)), + } +} + +// Intersect updates s to the set intersection of s and b. +func (s *IPSetBuilder) Intersect(b *IPSet) { + var o IPSetBuilder + o.Complement() + o.RemoveSet(b) + s.removeBuilder(&o) +} + +func discardf(format string, args ...interface{}) {} + +// debugf is reassigned by tests. +var debugf = discardf + +// IPSet returns an immutable IPSet representing the current state of s. +// +// Most IPSetBuilder methods do not return errors. +// Rather, the builder ignores any invalid inputs (such as an invalid IPPrefix), +// and accumulates a list of any such errors that it encountered. +// +// IPSet also reports any such accumulated errors. +// Even if the returned error is non-nil, the returned IPSet is usable +// and contains all modifications made with valid inputs. +// +// The builder remains usable after calling IPSet. +// Calling IPSet clears any accumulated errors. +func (s *IPSetBuilder) IPSet() (*IPSet, error) { + s.normalize() + ret := &IPSet{ + rr: append([]IPRange{}, s.in...), + } + if len(s.errs) == 0 { + return ret, nil + } else { + errs := s.errs + s.errs = nil + return ret, errs + } +} + +// IPSet represents a set of IP addresses. +// +// IPSet is safe for concurrent use. +// The zero value is a valid value representing a set of no IPs. +// Use IPSetBuilder to construct IPSets. +type IPSet struct { + // rr is the set of IPs that belong to this IPSet. The IPRanges + // are normalized according to IPSetBuilder.normalize, meaning + // they are a sorted, minimal representation (no overlapping + // ranges, no contiguous ranges). The implementation of various + // methods rely on this property. + rr []IPRange +} + +// Ranges returns the minimum and sorted set of IP +// ranges that covers s. +func (s *IPSet) Ranges() []IPRange { + return append([]IPRange{}, s.rr...) +} + +// Prefixes returns the minimum and sorted set of IP prefixes +// that covers s. +func (s *IPSet) Prefixes() []netip.Prefix { + out := make([]netip.Prefix, 0, len(s.rr)) + for _, r := range s.rr { + out = append(out, r.Prefixes()...) + } + return out +} + +// Equal reports whether s and o represent the same set of IP +// addresses. +func (s *IPSet) Equal(o *IPSet) bool { + if len(s.rr) != len(o.rr) { + return false + } + for i := range s.rr { + if s.rr[i] != o.rr[i] { + return false + } + } + return true +} + +// Contains reports whether ip is in s. +// If ip has an IPv6 zone, Contains returns false, +// because IPSets do not track zones. +func (s *IPSet) Contains(ip netip.Addr) bool { + if ip.Zone() != "" { + return false + } + // TODO: data structure permitting more efficient lookups: + // https://github.com/inetaf/netaddr/issues/139 + i := sort.Search(len(s.rr), func(i int) bool { + return ip.Less(s.rr[i].from) + }) + if i == 0 { + return false + } + i-- + return s.rr[i].contains(ip) +} + +// ContainsRange reports whether all IPs in r are in s. +func (s *IPSet) ContainsRange(r IPRange) bool { + for _, x := range s.rr { + if r.coveredBy(x) { + return true + } + } + return false +} + +// ContainsPrefix reports whether all IPs in p are in s. +func (s *IPSet) ContainsPrefix(p netip.Prefix) bool { + return s.ContainsRange(RangeOfPrefix(p)) +} + +// Overlaps reports whether any IP in b is also in s. +func (s *IPSet) Overlaps(b *IPSet) bool { + // TODO: sorted ranges lets us do this in O(n+m) + for _, r := range s.rr { + for _, or := range b.rr { + if r.Overlaps(or) { + return true + } + } + } + return false +} + +// OverlapsRange reports whether any IP in r is also in s. +func (s *IPSet) OverlapsRange(r IPRange) bool { + // TODO: sorted ranges lets us do this more efficiently. + for _, x := range s.rr { + if x.Overlaps(r) { + return true + } + } + return false +} + +// OverlapsPrefix reports whether any IP in p is also in s. +func (s *IPSet) OverlapsPrefix(p netip.Prefix) bool { + return s.OverlapsRange(RangeOfPrefix(p)) +} + +// RemoveFreePrefix splits s into a Prefix of length bitLen and a new +// IPSet with that prefix removed. +// +// If no contiguous prefix of length bitLen exists in s, +// RemoveFreePrefix returns ok=false. +func (s *IPSet) RemoveFreePrefix(bitLen uint8) (p netip.Prefix, newSet *IPSet, ok bool) { + var bestFit netip.Prefix + for _, r := range s.rr { + for _, prefix := range r.Prefixes() { + if uint8(prefix.Bits()) > bitLen { + continue + } + if !bestFit.Addr().IsValid() || prefix.Bits() > bestFit.Bits() { + bestFit = prefix + if uint8(bestFit.Bits()) == bitLen { + // exact match, done. + break + } + } + } + } + + if !bestFit.Addr().IsValid() { + return netip.Prefix{}, s, false + } + + prefix := netip.PrefixFrom(bestFit.Addr(), int(bitLen)) + + var b IPSetBuilder + b.AddSet(s) + b.RemovePrefix(prefix) + newSet, _ = b.IPSet() + return prefix, newSet, true +} + +type multiErr []error + +func (e multiErr) Error() string { + var ret []string + for _, err := range e { + ret = append(ret, err.Error()) + } + return strings.Join(ret, "; ") +} + +// A stacktraceErr combines an error with a stack trace. +type stacktraceErr struct { + pcs [16]uintptr // preallocated array of PCs + at []uintptr // stack trace whence the error + err error // underlying error +} + +func (e *stacktraceErr) Error() string { + frames := runtime.CallersFrames(e.at) + buf := new(strings.Builder) + buf.WriteString(e.err.Error()) + buf.WriteString(" @ ") + for { + frame, more := frames.Next() + if !more { + break + } + fmt.Fprintf(buf, "%s:%d ", frame.File, frame.Line) + } + return strings.TrimSpace(buf.String()) +} + +func (e *stacktraceErr) Unwrap() error { + return e.err +} diff --git a/vendor/go4.org/netipx/mask6.go b/vendor/go4.org/netipx/mask6.go new file mode 100644 index 0000000000..fbcb8b8eb5 --- /dev/null +++ b/vendor/go4.org/netipx/mask6.go @@ -0,0 +1,141 @@ +// Copyright 2021 The Inet.Af AUTHORS. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package netipx + +// mask6 are bitmasks with the topmost n bits of a +// 128-bit number, where n is the array index. +// +// generated with https://play.golang.org/p/64XKxaUSa_9 +var mask6 = [...]uint128{ + 0: {0x0000000000000000, 0x0000000000000000}, + 1: {0x8000000000000000, 0x0000000000000000}, + 2: {0xc000000000000000, 0x0000000000000000}, + 3: {0xe000000000000000, 0x0000000000000000}, + 4: {0xf000000000000000, 0x0000000000000000}, + 5: {0xf800000000000000, 0x0000000000000000}, + 6: {0xfc00000000000000, 0x0000000000000000}, + 7: {0xfe00000000000000, 0x0000000000000000}, + 8: {0xff00000000000000, 0x0000000000000000}, + 9: {0xff80000000000000, 0x0000000000000000}, + 10: {0xffc0000000000000, 0x0000000000000000}, + 11: {0xffe0000000000000, 0x0000000000000000}, + 12: {0xfff0000000000000, 0x0000000000000000}, + 13: {0xfff8000000000000, 0x0000000000000000}, + 14: {0xfffc000000000000, 0x0000000000000000}, + 15: {0xfffe000000000000, 0x0000000000000000}, + 16: {0xffff000000000000, 0x0000000000000000}, + 17: {0xffff800000000000, 0x0000000000000000}, + 18: {0xffffc00000000000, 0x0000000000000000}, + 19: {0xffffe00000000000, 0x0000000000000000}, + 20: {0xfffff00000000000, 0x0000000000000000}, + 21: {0xfffff80000000000, 0x0000000000000000}, + 22: {0xfffffc0000000000, 0x0000000000000000}, + 23: {0xfffffe0000000000, 0x0000000000000000}, + 24: {0xffffff0000000000, 0x0000000000000000}, + 25: {0xffffff8000000000, 0x0000000000000000}, + 26: {0xffffffc000000000, 0x0000000000000000}, + 27: {0xffffffe000000000, 0x0000000000000000}, + 28: {0xfffffff000000000, 0x0000000000000000}, + 29: {0xfffffff800000000, 0x0000000000000000}, + 30: {0xfffffffc00000000, 0x0000000000000000}, + 31: {0xfffffffe00000000, 0x0000000000000000}, + 32: {0xffffffff00000000, 0x0000000000000000}, + 33: {0xffffffff80000000, 0x0000000000000000}, + 34: {0xffffffffc0000000, 0x0000000000000000}, + 35: {0xffffffffe0000000, 0x0000000000000000}, + 36: {0xfffffffff0000000, 0x0000000000000000}, + 37: {0xfffffffff8000000, 0x0000000000000000}, + 38: {0xfffffffffc000000, 0x0000000000000000}, + 39: {0xfffffffffe000000, 0x0000000000000000}, + 40: {0xffffffffff000000, 0x0000000000000000}, + 41: {0xffffffffff800000, 0x0000000000000000}, + 42: {0xffffffffffc00000, 0x0000000000000000}, + 43: {0xffffffffffe00000, 0x0000000000000000}, + 44: {0xfffffffffff00000, 0x0000000000000000}, + 45: {0xfffffffffff80000, 0x0000000000000000}, + 46: {0xfffffffffffc0000, 0x0000000000000000}, + 47: {0xfffffffffffe0000, 0x0000000000000000}, + 48: {0xffffffffffff0000, 0x0000000000000000}, + 49: {0xffffffffffff8000, 0x0000000000000000}, + 50: {0xffffffffffffc000, 0x0000000000000000}, + 51: {0xffffffffffffe000, 0x0000000000000000}, + 52: {0xfffffffffffff000, 0x0000000000000000}, + 53: {0xfffffffffffff800, 0x0000000000000000}, + 54: {0xfffffffffffffc00, 0x0000000000000000}, + 55: {0xfffffffffffffe00, 0x0000000000000000}, + 56: {0xffffffffffffff00, 0x0000000000000000}, + 57: {0xffffffffffffff80, 0x0000000000000000}, + 58: {0xffffffffffffffc0, 0x0000000000000000}, + 59: {0xffffffffffffffe0, 0x0000000000000000}, + 60: {0xfffffffffffffff0, 0x0000000000000000}, + 61: {0xfffffffffffffff8, 0x0000000000000000}, + 62: {0xfffffffffffffffc, 0x0000000000000000}, + 63: {0xfffffffffffffffe, 0x0000000000000000}, + 64: {0xffffffffffffffff, 0x0000000000000000}, + 65: {0xffffffffffffffff, 0x8000000000000000}, + 66: {0xffffffffffffffff, 0xc000000000000000}, + 67: {0xffffffffffffffff, 0xe000000000000000}, + 68: {0xffffffffffffffff, 0xf000000000000000}, + 69: {0xffffffffffffffff, 0xf800000000000000}, + 70: {0xffffffffffffffff, 0xfc00000000000000}, + 71: {0xffffffffffffffff, 0xfe00000000000000}, + 72: {0xffffffffffffffff, 0xff00000000000000}, + 73: {0xffffffffffffffff, 0xff80000000000000}, + 74: {0xffffffffffffffff, 0xffc0000000000000}, + 75: {0xffffffffffffffff, 0xffe0000000000000}, + 76: {0xffffffffffffffff, 0xfff0000000000000}, + 77: {0xffffffffffffffff, 0xfff8000000000000}, + 78: {0xffffffffffffffff, 0xfffc000000000000}, + 79: {0xffffffffffffffff, 0xfffe000000000000}, + 80: {0xffffffffffffffff, 0xffff000000000000}, + 81: {0xffffffffffffffff, 0xffff800000000000}, + 82: {0xffffffffffffffff, 0xffffc00000000000}, + 83: {0xffffffffffffffff, 0xffffe00000000000}, + 84: {0xffffffffffffffff, 0xfffff00000000000}, + 85: {0xffffffffffffffff, 0xfffff80000000000}, + 86: {0xffffffffffffffff, 0xfffffc0000000000}, + 87: {0xffffffffffffffff, 0xfffffe0000000000}, + 88: {0xffffffffffffffff, 0xffffff0000000000}, + 89: {0xffffffffffffffff, 0xffffff8000000000}, + 90: {0xffffffffffffffff, 0xffffffc000000000}, + 91: {0xffffffffffffffff, 0xffffffe000000000}, + 92: {0xffffffffffffffff, 0xfffffff000000000}, + 93: {0xffffffffffffffff, 0xfffffff800000000}, + 94: {0xffffffffffffffff, 0xfffffffc00000000}, + 95: {0xffffffffffffffff, 0xfffffffe00000000}, + 96: {0xffffffffffffffff, 0xffffffff00000000}, + 97: {0xffffffffffffffff, 0xffffffff80000000}, + 98: {0xffffffffffffffff, 0xffffffffc0000000}, + 99: {0xffffffffffffffff, 0xffffffffe0000000}, + 100: {0xffffffffffffffff, 0xfffffffff0000000}, + 101: {0xffffffffffffffff, 0xfffffffff8000000}, + 102: {0xffffffffffffffff, 0xfffffffffc000000}, + 103: {0xffffffffffffffff, 0xfffffffffe000000}, + 104: {0xffffffffffffffff, 0xffffffffff000000}, + 105: {0xffffffffffffffff, 0xffffffffff800000}, + 106: {0xffffffffffffffff, 0xffffffffffc00000}, + 107: {0xffffffffffffffff, 0xffffffffffe00000}, + 108: {0xffffffffffffffff, 0xfffffffffff00000}, + 109: {0xffffffffffffffff, 0xfffffffffff80000}, + 110: {0xffffffffffffffff, 0xfffffffffffc0000}, + 111: {0xffffffffffffffff, 0xfffffffffffe0000}, + 112: {0xffffffffffffffff, 0xffffffffffff0000}, + 113: {0xffffffffffffffff, 0xffffffffffff8000}, + 114: {0xffffffffffffffff, 0xffffffffffffc000}, + 115: {0xffffffffffffffff, 0xffffffffffffe000}, + 116: {0xffffffffffffffff, 0xfffffffffffff000}, + 117: {0xffffffffffffffff, 0xfffffffffffff800}, + 118: {0xffffffffffffffff, 0xfffffffffffffc00}, + 119: {0xffffffffffffffff, 0xfffffffffffffe00}, + 120: {0xffffffffffffffff, 0xffffffffffffff00}, + 121: {0xffffffffffffffff, 0xffffffffffffff80}, + 122: {0xffffffffffffffff, 0xffffffffffffffc0}, + 123: {0xffffffffffffffff, 0xffffffffffffffe0}, + 124: {0xffffffffffffffff, 0xfffffffffffffff0}, + 125: {0xffffffffffffffff, 0xfffffffffffffff8}, + 126: {0xffffffffffffffff, 0xfffffffffffffffc}, + 127: {0xffffffffffffffff, 0xfffffffffffffffe}, + 128: {0xffffffffffffffff, 0xffffffffffffffff}, +} diff --git a/vendor/go4.org/netipx/netipx.go b/vendor/go4.org/netipx/netipx.go new file mode 100644 index 0000000000..d241fb3888 --- /dev/null +++ b/vendor/go4.org/netipx/netipx.go @@ -0,0 +1,584 @@ +// Copyright 2020 The Inet.Af AUTHORS. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package netipx contains code and types that were left behind when +// the old inet.af/netaddr package moved to the standard library in Go +// 1.18 as net/netip. +package netipx // import "go4.org/netipx" + +import ( + "errors" + "fmt" + "math" + "net" + "net/netip" + "sort" + "strings" +) + +// FromStdIP returns an IP from the standard library's IP type. +// +// If std is invalid, ok is false. +// +// FromStdIP implicitly unmaps IPv6-mapped IPv4 addresses. That is, if +// len(std) == 16 and contains an IPv4 address, only the IPv4 part is +// returned, without the IPv6 wrapper. This is the common form returned by +// the standard library's ParseIP: https://play.golang.org/p/qdjylUkKWxl. +// To convert a standard library IP without the implicit unmapping, use +// netip.AddrFromSlice. +func FromStdIP(std net.IP) (ip netip.Addr, ok bool) { + ret, ok := netip.AddrFromSlice(std) + return ret.Unmap(), ok +} + +// MustFromStdIP is like FromStdIP, but it panics if std is invalid. +func MustFromStdIP(std net.IP) netip.Addr { + ret, ok := netip.AddrFromSlice(std) + if !ok { + panic("not a valid IP address") + } + return ret.Unmap() +} + +// FromStdIPRaw returns an IP from the standard library's IP type. +// If std is invalid, ok is false. +// Unlike FromStdIP, FromStdIPRaw does not do an implicit Unmap if +// len(std) == 16 and contains an IPv6-mapped IPv4 address. +// +// Deprecated: use netip.AddrFromSlice instead. +func FromStdIPRaw(std net.IP) (ip netip.Addr, ok bool) { + return netip.AddrFromSlice(std) +} + +// ParsePrefixOrAddr parses s as an IP address prefix or IP address. If s parses +// as an IP address prefix, its [net/netip.Prefix.Addr] is returned. The string +// s can be an IPv4 address ("192.0.2.1"), IPv6 address ("2001:db8::68"), IPv4 +// prefix ("192.0.2.1/32"), or IPv6 prefix ("2001:db:68/96"). +func ParsePrefixOrAddr(s string) (netip.Addr, error) { + // Factored out of netip.ParsePrefix to avoid allocating an empty netip.Prefix in case it's + // an address and not a prefix. + i := strings.LastIndexByte(s, '/') + if i < 0 { + return netip.ParseAddr(s) + } + prefix, err := netip.ParsePrefix(s) + return prefix.Addr(), err +} + +// AddrNext returns the IP following ip. +// If there is none, it returns the IP zero value. +// +// Deprecated: use netip.Addr.Next instead. +func AddrNext(ip netip.Addr) netip.Addr { + addr := u128From16(ip.As16()).addOne() + if ip.Is4() { + if uint32(addr.lo) == 0 { + // Overflowed. + return netip.Addr{} + } + return addr.IP4() + } else { + if addr.isZero() { + // Overflowed + return netip.Addr{} + } + return addr.IP6().WithZone(ip.Zone()) + } +} + +// AddrPrior returns the IP before ip. +// If there is none, it returns the IP zero value. +// +// Deprecated: use netip.Addr.Prev instead. +func AddrPrior(ip netip.Addr) netip.Addr { + addr := u128From16(ip.As16()) + if ip.Is4() { + if uint32(addr.lo) == 0 { + return netip.Addr{} + } + return addr.subOne().IP4() + } else { + if addr.isZero() { + return netip.Addr{} + } + return addr.subOne().IP6().WithZone(ip.Zone()) + } +} + +// FromStdAddr maps the components of a standard library TCPAddr or +// UDPAddr into an IPPort. +func FromStdAddr(stdIP net.IP, port int, zone string) (_ netip.AddrPort, ok bool) { + ip, ok := FromStdIP(stdIP) + if !ok || port < 0 || port > math.MaxUint16 { + return netip.AddrPort{}, false + } + ip = ip.Unmap() + if zone != "" { + if ip.Is4() { + ok = false + return + } + ip = ip.WithZone(zone) + } + return netip.AddrPortFrom(ip, uint16(port)), true +} + +// FromStdIPNet returns an netip.Prefix from the standard library's IPNet type. +// If std is invalid, ok is false. +func FromStdIPNet(std *net.IPNet) (prefix netip.Prefix, ok bool) { + ip, ok := FromStdIP(std.IP) + if !ok { + return netip.Prefix{}, false + } + + if l := len(std.Mask); l != net.IPv4len && l != net.IPv6len { + // Invalid mask. + return netip.Prefix{}, false + } + + ones, bits := std.Mask.Size() + if ones == 0 && bits == 0 { + // IPPrefix does not support non-contiguous masks. + return netip.Prefix{}, false + } + + return netip.PrefixFrom(ip, ones), true +} + +// RangeOfPrefix returns the inclusive range of IPs that p covers. +// +// If p is zero or otherwise invalid, Range returns the zero value. +func RangeOfPrefix(p netip.Prefix) IPRange { + p = p.Masked() + if !p.IsValid() { + return IPRange{} + } + return IPRangeFrom(p.Addr(), PrefixLastIP(p)) +} + +// PrefixIPNet returns the net.IPNet representation of an netip.Prefix. +// The returned value is always non-nil. +// Any zone identifier is dropped in the conversion. +func PrefixIPNet(p netip.Prefix) *net.IPNet { + if !p.IsValid() { + return &net.IPNet{} + } + return &net.IPNet{ + IP: p.Addr().AsSlice(), + Mask: net.CIDRMask(p.Bits(), p.Addr().BitLen()), + } +} + +// AddrIPNet returns the net.IPNet representation of an netip.Addr +// with a mask corresponding to the addresses's bit length. +// The returned value is always non-nil. +// Any zone identifier is dropped in the conversion. +func AddrIPNet(addr netip.Addr) *net.IPNet { + if !addr.IsValid() { + return &net.IPNet{} + } + return &net.IPNet{ + IP: addr.AsSlice(), + Mask: net.CIDRMask(addr.BitLen(), addr.BitLen()), + } +} + +// PrefixLastIP returns the last IP in the prefix. +func PrefixLastIP(p netip.Prefix) netip.Addr { + if !p.IsValid() { + return netip.Addr{} + } + a16 := p.Addr().As16() + var off uint8 + var bits uint8 = 128 + if p.Addr().Is4() { + off = 12 + bits = 32 + } + for b := uint8(p.Bits()); b < bits; b++ { + byteNum, bitInByte := b/8, 7-(b%8) + a16[off+byteNum] |= 1 << uint(bitInByte) + } + if p.Addr().Is4() { + return netip.AddrFrom16(a16).Unmap() + } else { + return netip.AddrFrom16(a16) // doesn't unmap + } +} + +// IPRange represents an inclusive range of IP addresses +// from the same address family. +// +// The From and To IPs are inclusive bounds, with both included in the +// range. +// +// To be valid, the From and To values must be non-zero, have matching +// address families (IPv4 vs IPv6), and From must be less than or equal to To. +// IPv6 zones are stripped out and ignored. +// An invalid range may be ignored. +type IPRange struct { + // from is the initial IP address in the range. + from netip.Addr + + // to is the final IP address in the range. + to netip.Addr +} + +// IPRangeFrom returns an IPRange from from to to. +// It does not allocate. +func IPRangeFrom(from, to netip.Addr) IPRange { + return IPRange{ + from: from.WithZone(""), + to: to.WithZone(""), + } +} + +// From returns the lower bound of r. +func (r IPRange) From() netip.Addr { return r.from } + +// To returns the upper bound of r. +func (r IPRange) To() netip.Addr { return r.to } + +// ParseIPRange parses a range out of two IPs separated by a hyphen. +// +// It returns an error if the range is not valid. +func ParseIPRange(s string) (IPRange, error) { + var r IPRange + h := strings.IndexByte(s, '-') + if h == -1 { + return r, fmt.Errorf("no hyphen in range %q", s) + } + from, to := s[:h], s[h+1:] + var err error + r.from, err = netip.ParseAddr(from) + if err != nil { + return r, fmt.Errorf("invalid From IP %q in range %q", from, s) + } + r.from = r.from.WithZone("") + r.to, err = netip.ParseAddr(to) + if err != nil { + return r, fmt.Errorf("invalid To IP %q in range %q", to, s) + } + r.to = r.to.WithZone("") + if !r.IsValid() { + return r, fmt.Errorf("range %v to %v not valid", r.from, r.to) + } + return r, nil +} + +// MustParseIPRange calls ParseIPRange(s) and panics on error. +// It is intended for use in tests with hard-coded strings. +func MustParseIPRange(s string) IPRange { + r, err := ParseIPRange(s) + if err != nil { + panic(err) + } + return r +} + +// String returns a string representation of the range. +// +// For a valid range, the form is "From-To" with a single hyphen +// separating the IPs, the same format recognized by +// ParseIPRange. +func (r IPRange) String() string { + if r.IsValid() { + return fmt.Sprintf("%s-%s", r.from, r.to) + } + if !r.from.IsValid() || !r.to.IsValid() { + return "zero IPRange" + } + return "invalid IPRange" +} + +// AppendTo appends a text encoding of r, +// as generated by MarshalText, +// to b and returns the extended buffer. +func (r IPRange) AppendTo(b []byte) []byte { + if r.IsZero() { + return b + } + b = r.from.AppendTo(b) + b = append(b, '-') + b = r.to.AppendTo(b) + return b +} + +// MarshalText implements the encoding.TextMarshaler interface, +// The encoding is the same as returned by String, with one exception: +// If ip is the zero value, the encoding is the empty string. +func (r IPRange) MarshalText() ([]byte, error) { + if r.IsZero() { + return []byte(""), nil + } + var max int + if r.from.Is4() { + max = len("255.255.255.255-255.255.255.255") + } else { + max = len("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff-ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") + } + b := make([]byte, 0, max) + return r.AppendTo(b), nil +} + +// UnmarshalText implements the encoding.TextUnmarshaler interface. +// The IP range is expected in a form accepted by ParseIPRange. +// It returns an error if *r is not the IPRange zero value. +func (r *IPRange) UnmarshalText(text []byte) error { + if *r != (IPRange{}) { + return errors.New("refusing to Unmarshal into non-zero IPRange") + } + if len(text) == 0 { + return nil + } + var err error + *r, err = ParseIPRange(string(text)) + return err +} + +// IsZero reports whether r is the zero value of the IPRange type. +func (r IPRange) IsZero() bool { + return r == IPRange{} +} + +// IsValid reports whether r.From() and r.To() are both non-zero and +// obey the documented requirements: address families match, and From +// is less than or equal to To. +func (r IPRange) IsValid() bool { + return r.from.IsValid() && + r.from.BitLen() == r.to.BitLen() && + r.from.Zone() == r.to.Zone() && + !r.to.Less(r.from) +} + +// Valid reports whether r.From() and r.To() are both non-zero and +// obey the documented requirements: address families match, and From +// is less than or equal to To. +// +// Deprecated: use the correctly named and identical IsValid method instead. +func (r IPRange) Valid() bool { return r.IsValid() } + +// Contains reports whether the range r includes addr. +// +// An invalid range always reports false. +// +// If ip has an IPv6 zone, Contains returns false, +// because IPPrefixes strip zones. +func (r IPRange) Contains(addr netip.Addr) bool { + return r.IsValid() && addr.Zone() == "" && r.contains(addr) +} + +// contains is like Contains, but without the validity check. +// addr must not have a zone. +func (r IPRange) contains(addr netip.Addr) bool { + return r.from.Compare(addr) <= 0 && r.to.Compare(addr) >= 0 +} + +// less reports whether r is "before" other. It is before if r.From() +// is before other.From(). If they're equal, then the larger range +// (higher To()) comes first. +func (r IPRange) less(other IPRange) bool { + if cmp := r.from.Compare(other.from); cmp != 0 { + return cmp < 0 + } + return other.to.Less(r.to) +} + +// entirelyBefore returns whether r lies entirely before other in IP +// space. +func (r IPRange) entirelyBefore(other IPRange) bool { + return r.to.Less(other.from) +} + +func lessOrEq(ip, ip2 netip.Addr) bool { return ip.Compare(ip2) <= 0 } + +// entirelyWithin returns whether r is entirely contained within +// other. +func (r IPRange) coveredBy(other IPRange) bool { + return lessOrEq(other.from, r.from) && lessOrEq(r.to, other.to) +} + +// inMiddleOf returns whether r is inside other, but not touching the +// edges of other. +func (r IPRange) inMiddleOf(other IPRange) bool { + return other.from.Less(r.from) && r.to.Less(other.to) +} + +// overlapsStartOf returns whether r entirely overlaps the start of +// other, but not all of other. +func (r IPRange) overlapsStartOf(other IPRange) bool { + return lessOrEq(r.from, other.from) && r.to.Less(other.to) +} + +// overlapsEndOf returns whether r entirely overlaps the end of +// other, but not all of other. +func (r IPRange) overlapsEndOf(other IPRange) bool { + return other.from.Less(r.from) && lessOrEq(other.to, r.to) +} + +// mergeIPRanges returns the minimum and sorted set of IP ranges that +// cover r. +func mergeIPRanges(rr []IPRange) (out []IPRange, valid bool) { + // Always return a copy of r, to avoid aliasing slice memory in + // the caller. + switch len(rr) { + case 0: + return nil, true + case 1: + return []IPRange{rr[0]}, true + } + + sort.Slice(rr, func(i, j int) bool { return rr[i].less(rr[j]) }) + out = make([]IPRange, 1, len(rr)) + out[0] = rr[0] + for _, r := range rr[1:] { + prev := &out[len(out)-1] + switch { + case !r.IsValid(): + // Invalid ranges make no sense to merge, refuse to + // perform. + return nil, false + case prev.to.Next() == r.from: + // prev and r touch, merge them. + // + // prev r + // f------tf-----t + prev.to = r.to + case prev.to.Less(r.from): + // No overlap and not adjacent (per previous case), no + // merging possible. + // + // prev r + // f------t f-----t + out = append(out, r) + case prev.to.Less(r.to): + // Partial overlap, update prev + // + // prev + // f------t + // f-----t + // r + prev.to = r.to + default: + // r entirely contained in prev, nothing to do. + // + // prev + // f--------t + // f-----t + // r + } + } + return out, true +} + +// Overlaps reports whether p and o overlap at all. +// +// If p and o are of different address families or either are invalid, +// it reports false. +func (r IPRange) Overlaps(o IPRange) bool { + return r.IsValid() && + o.IsValid() && + r.from.Compare(o.to) <= 0 && + o.from.Compare(r.to) <= 0 +} + +// prefixMaker returns a address-family-corrected IPPrefix from a and bits, +// where the input bits is always in the IPv6-mapped form for IPv4 addresses. +type prefixMaker func(a uint128, bits uint8) netip.Prefix + +// Prefixes returns the set of IPPrefix entries that covers r. +// +// If either of r's bounds are invalid, in the wrong order, or if +// they're of different address families, then Prefixes returns nil. +// +// Prefixes necessarily allocates. See AppendPrefixes for a version that uses +// memory you provide. +func (r IPRange) Prefixes() []netip.Prefix { + return r.AppendPrefixes(nil) +} + +// AppendPrefixes is an append version of IPRange.Prefixes. It appends +// the netip.Prefix entries that cover r to dst. +func (r IPRange) AppendPrefixes(dst []netip.Prefix) []netip.Prefix { + if !r.IsValid() { + return nil + } + return appendRangePrefixes(dst, r.prefixFrom128AndBits, u128From16(r.from.As16()), u128From16(r.to.As16())) +} + +func (r IPRange) prefixFrom128AndBits(a uint128, bits uint8) netip.Prefix { + var ip netip.Addr + if r.from.Is4() { + bits -= 12 * 8 + ip = a.IP4() + } else { + ip = a.IP6() + } + return netip.PrefixFrom(ip, int(bits)) +} + +// aZeroBSet is whether, after the common bits, a is all zero bits and +// b is all set (one) bits. +func comparePrefixes(a, b uint128) (common uint8, aZeroBSet bool) { + common = a.commonPrefixLen(b) + + // See whether a and b, after their common shared bits, end + // in all zero bits or all one bits, respectively. + if common == 128 { + return common, true + } + + m := mask6[common] + return common, (a.xor(a.and(m)).isZero() && + b.or(m) == uint128{^uint64(0), ^uint64(0)}) +} + +// Prefix returns r as an IPPrefix, if it can be presented exactly as such. +// If r is not valid or is not exactly equal to one prefix, ok is false. +func (r IPRange) Prefix() (p netip.Prefix, ok bool) { + if !r.IsValid() { + return + } + from128 := u128From16(r.from.As16()) + to128 := u128From16(r.to.As16()) + if common, ok := comparePrefixes(from128, to128); ok { + return r.prefixFrom128AndBits(from128, common), true + } + return +} + +func appendRangePrefixes(dst []netip.Prefix, makePrefix prefixMaker, a, b uint128) []netip.Prefix { + common, ok := comparePrefixes(a, b) + if ok { + // a to b represents a whole range, like 10.50.0.0/16. + // (a being 10.50.0.0 and b being 10.50.255.255) + return append(dst, makePrefix(a, common)) + } + // Otherwise recursively do both halves. + dst = appendRangePrefixes(dst, makePrefix, a, a.bitsSetFrom(common+1)) + dst = appendRangePrefixes(dst, makePrefix, b.bitsClearedFrom(common+1), b) + return dst +} + +// ComparePrefix is a compare function (returning -1, 0 or 1) +// sorting prefixes first by address family (IPv4 before IPv6), +// then by prefix length (smaller prefixes first), then by +// address. +func ComparePrefix(a, b netip.Prefix) int { + aa, ba := a.Addr(), b.Addr() + if al, bl := aa.BitLen(), ba.BitLen(); al != bl { + if al < bl { + return -1 + } + return 1 + } + ab, bb := a.Bits(), b.Bits() + if ab != bb { + if ab < bb { + return -1 + } + return 1 + } + return aa.Compare(ba) +} diff --git a/vendor/go4.org/netipx/uint128.go b/vendor/go4.org/netipx/uint128.go new file mode 100644 index 0000000000..f59ea23ca8 --- /dev/null +++ b/vendor/go4.org/netipx/uint128.go @@ -0,0 +1,106 @@ +// Copyright 2020 The Inet.Af AUTHORS. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package netipx + +import ( + "encoding/binary" + "math/bits" + "net/netip" +) + +// uint128 represents a uint128 using two uint64s. +// +// When the methods below mention a bit number, bit 0 is the most +// significant bit (in hi) and bit 127 is the lowest (lo&1). +type uint128 struct { + hi uint64 + lo uint64 +} + +func u128From16(a [16]byte) uint128 { + return uint128{ + binary.BigEndian.Uint64(a[:8]), + binary.BigEndian.Uint64(a[8:]), + } +} + +func (u uint128) IP6() netip.Addr { + var a [16]byte + binary.BigEndian.PutUint64(a[:8], u.hi) + binary.BigEndian.PutUint64(a[8:], u.lo) + return netip.AddrFrom16(a) +} + +func (u uint128) IP4() netip.Addr { + var a [8]byte + binary.BigEndian.PutUint64(a[:], u.lo) + return netip.AddrFrom4([4]byte{a[4], a[5], a[6], a[7]}) +} + +// isZero reports whether u == 0. +// +// It's faster than u == (uint128{}) because the compiler (as of Go +// 1.15/1.16b1) doesn't do this trick and instead inserts a branch in +// its eq alg's generated code. +func (u uint128) isZero() bool { return u.hi|u.lo == 0 } + +// and returns the bitwise AND of u and m (u&m). +func (u uint128) and(m uint128) uint128 { + return uint128{u.hi & m.hi, u.lo & m.lo} +} + +// xor returns the bitwise XOR of u and m (u^m). +func (u uint128) xor(m uint128) uint128 { + return uint128{u.hi ^ m.hi, u.lo ^ m.lo} +} + +// or returns the bitwise OR of u and m (u|m). +func (u uint128) or(m uint128) uint128 { + return uint128{u.hi | m.hi, u.lo | m.lo} +} + +// not returns the bitwise NOT of u. +func (u uint128) not() uint128 { + return uint128{^u.hi, ^u.lo} +} + +// subOne returns u - 1. +func (u uint128) subOne() uint128 { + lo, borrow := bits.Sub64(u.lo, 1, 0) + return uint128{u.hi - borrow, lo} +} + +// addOne returns u + 1. +func (u uint128) addOne() uint128 { + lo, carry := bits.Add64(u.lo, 1, 0) + return uint128{u.hi + carry, lo} +} + +func u64CommonPrefixLen(a, b uint64) uint8 { + return uint8(bits.LeadingZeros64(a ^ b)) +} + +func (u uint128) commonPrefixLen(v uint128) (n uint8) { + if n = u64CommonPrefixLen(u.hi, v.hi); n == 64 { + n += u64CommonPrefixLen(u.lo, v.lo) + } + return +} + +// func (u *uint128) halves() [2]*uint64 { +// return [2]*uint64{&u.hi, &u.lo} +// } + +// bitsSetFrom returns a copy of u with the given bit +// and all subsequent ones set. +func (u uint128) bitsSetFrom(bit uint8) uint128 { + return u.or(mask6[bit].not()) +} + +// bitsClearedFrom returns a copy of u with the given bit +// and all subsequent ones cleared. +func (u uint128) bitsClearedFrom(bit uint8) uint128 { + return u.and(mask6[bit]) +} diff --git a/vendor/golang.org/x/sync/errgroup/go120.go b/vendor/golang.org/x/sync/errgroup/go120.go index 7d419d3760..f93c740b63 100644 --- a/vendor/golang.org/x/sync/errgroup/go120.go +++ b/vendor/golang.org/x/sync/errgroup/go120.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build go1.20 -// +build go1.20 package errgroup diff --git a/vendor/golang.org/x/sync/errgroup/pre_go120.go b/vendor/golang.org/x/sync/errgroup/pre_go120.go index 1795c18ace..88ce33434e 100644 --- a/vendor/golang.org/x/sync/errgroup/pre_go120.go +++ b/vendor/golang.org/x/sync/errgroup/pre_go120.go @@ -3,7 +3,6 @@ // license that can be found in the LICENSE file. //go:build !go1.20 -// +build !go1.20 package errgroup diff --git a/vendor/modules.txt b/vendor/modules.txt index 24723d6780..1f70158adb 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -52,11 +52,11 @@ github.com/chai2010/gettext-go github.com/chai2010/gettext-go/mo github.com/chai2010/gettext-go/plural github.com/chai2010/gettext-go/po -# github.com/cilium/charts v0.0.0-20231026172044-2ee56d76ec1a +# github.com/cilium/charts v0.0.0-20231101091419-6a72c25e3c8e ## explicit; go 1.17 github.com/cilium/charts -# github.com/cilium/cilium v1.15.0-pre.1.0.20231025133600-0a8f3f91f109 -## explicit; go 1.21.3 +# github.com/cilium/cilium v1.15.0-pre.2 +## explicit; go 1.21.0 github.com/cilium/cilium/api/v1/client github.com/cilium/cilium/api/v1/client/bgp github.com/cilium/cilium/api/v1/client/daemon @@ -100,6 +100,7 @@ github.com/cilium/cilium/pkg/hive github.com/cilium/cilium/pkg/hive/cell github.com/cilium/cilium/pkg/hive/cell/lifecycle github.com/cilium/cilium/pkg/hive/internal +github.com/cilium/cilium/pkg/hive/metrics github.com/cilium/cilium/pkg/iana github.com/cilium/cilium/pkg/identity github.com/cilium/cilium/pkg/inctimer @@ -137,9 +138,11 @@ github.com/cilium/cilium/pkg/promise github.com/cilium/cilium/pkg/safetime github.com/cilium/cilium/pkg/slices github.com/cilium/cilium/pkg/spanstat +github.com/cilium/cilium/pkg/stream +github.com/cilium/cilium/pkg/time github.com/cilium/cilium/pkg/version github.com/cilium/cilium/pkg/versioncheck -# github.com/cilium/ebpf v0.12.0 +# github.com/cilium/ebpf v0.12.2 ## explicit; go 1.20 github.com/cilium/ebpf github.com/cilium/ebpf/asm @@ -401,7 +404,7 @@ github.com/cilium/proxy/go/envoy/type/tracing/v3 github.com/cilium/proxy/go/envoy/type/v3 github.com/cilium/proxy/go/envoy/watchdog/v3 github.com/cilium/proxy/pkg/policy/api/kafka -# github.com/cilium/tetragon/pkg/k8s v0.0.0-20231027135814-0fd246f5b760 +# github.com/cilium/tetragon/pkg/k8s v0.0.0-20231106163022-09de1f83eb12 ## explicit; go 1.21.3 github.com/cilium/tetragon/pkg/k8s/apis/cilium.io github.com/cilium/tetragon/pkg/k8s/apis/cilium.io/v1alpha1 @@ -548,8 +551,8 @@ github.com/exponent-io/jsonpath # github.com/fatih/color v1.15.0 ## explicit; go 1.17 github.com/fatih/color -# github.com/fsnotify/fsnotify v1.6.0 -## explicit; go 1.16 +# github.com/fsnotify/fsnotify v1.7.0 +## explicit; go 1.17 github.com/fsnotify/fsnotify # github.com/go-errors/errors v1.4.2 ## explicit; go 1.14 @@ -682,7 +685,7 @@ github.com/google/gops/signal # github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 ## explicit; go 1.13 github.com/google/shlex -# github.com/google/uuid v1.3.1 +# github.com/google/uuid v1.4.0 ## explicit github.com/google/uuid # github.com/gorilla/mux v1.8.0 @@ -954,7 +957,7 @@ github.com/spf13/afero/mem # github.com/spf13/cast v1.5.1 ## explicit; go 1.18 github.com/spf13/cast -# github.com/spf13/cobra v1.7.0 +# github.com/spf13/cobra v1.8.0 ## explicit; go 1.15 github.com/spf13/cobra # github.com/spf13/pflag v1.0.6-0.20210604193023-d5e0c0615ace @@ -1082,8 +1085,8 @@ go.starlark.net/resolve go.starlark.net/starlark go.starlark.net/starlarkstruct go.starlark.net/syntax -# go.uber.org/dig v1.17.0 -## explicit; go 1.18 +# go.uber.org/dig v1.17.1 +## explicit; go 1.20 go.uber.org/dig go.uber.org/dig/internal/digerror go.uber.org/dig/internal/digreflect @@ -1092,6 +1095,9 @@ go.uber.org/dig/internal/graph # go.uber.org/multierr v1.11.0 ## explicit; go 1.19 go.uber.org/multierr +# go4.org/netipx v0.0.0-20230824141953-6213f710f925 +## explicit; go 1.18 +go4.org/netipx # golang.org/x/crypto v0.14.0 ## explicit; go 1.17 golang.org/x/crypto/bcrypt @@ -1120,7 +1126,7 @@ golang.org/x/exp/slices golang.org/x/exp/slog golang.org/x/exp/slog/internal golang.org/x/exp/slog/internal/buffer -# golang.org/x/mod v0.13.0 +# golang.org/x/mod v0.14.0 ## explicit; go 1.18 golang.org/x/mod/semver # golang.org/x/net v0.17.0 @@ -1139,8 +1145,8 @@ golang.org/x/net/trace ## explicit; go 1.18 golang.org/x/oauth2 golang.org/x/oauth2/internal -# golang.org/x/sync v0.4.0 -## explicit; go 1.17 +# golang.org/x/sync v0.5.0 +## explicit; go 1.18 golang.org/x/sync/errgroup golang.org/x/sync/semaphore # golang.org/x/sys v0.13.0