diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index dfde5ca..1ac4b7c 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -39,6 +39,9 @@ jobs: - name: Build run: cd ${{ matrix.module }} && go build ./... + - name: JS/WASM build + run: cd ${{ matrix.module }} && GOOS=js GOARCH=wasm go build -o test.wasm . + - name: Install gVisor if: ${{ matrix.module == 'plugincontainer' }} run: | @@ -92,7 +95,7 @@ jobs: export PATH="$HOME/bin:$PATH" systemctl --user restart docker - + - name: Test run: cd ${{ matrix.module }} && go test ./... diff --git a/configutil/go.mod b/configutil/go.mod index 6691aa8..0869f7d 100644 --- a/configutil/go.mod +++ b/configutil/go.mod @@ -2,9 +2,15 @@ module github.com/hashicorp/go-secure-stdlib/configutil/v2 go 1.20 +replace ( + github.com/hashicorp/go-secure-stdlib/listenerutil => ../listenerutil + github.com/hashicorp/go-secure-stdlib/parseutil => ../parseutil + github.com/hashicorp/go-secure-stdlib/pluginutil/v2 => ../pluginutil +) + require ( github.com/hashicorp/go-hclog v1.5.0 - github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 + github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.6 github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 github.com/hashicorp/go-multierror v1.1.1 github.com/hashicorp/go-plugin v1.5.2 @@ -19,41 +25,41 @@ require ( require ( github.com/Masterminds/goutils v1.1.1 // indirect - github.com/Masterminds/semver/v3 v3.1.1 // indirect - github.com/Masterminds/sprig/v3 v3.2.1 // indirect + github.com/Masterminds/semver/v3 v3.2.0 // indirect + github.com/Masterminds/sprig/v3 v3.2.3 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/bgentry/speakeasy v0.1.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/fatih/color v1.14.1 // indirect + github.com/fatih/color v1.16.0 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/google/uuid v1.3.1 // indirect + github.com/hashicorp/cli v1.1.6 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 // indirect github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 // indirect github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 // indirect - github.com/hashicorp/go-sockaddr v1.0.5 // indirect + github.com/hashicorp/go-sockaddr v1.0.6 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/yamux v0.1.1 // indirect - github.com/huandu/xstrings v1.3.2 // indirect + github.com/huandu/xstrings v1.3.3 // indirect github.com/imdario/mergo v0.3.11 // indirect github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.17 // indirect - github.com/mitchellh/cli v1.1.5 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.0 // indirect github.com/oklog/run v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/posener/complete v1.1.1 // indirect + github.com/posener/complete v1.2.3 // indirect github.com/rogpeppe/go-internal v1.8.1 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect github.com/shopspring/decimal v1.2.0 // indirect github.com/spf13/cast v1.3.1 // indirect golang.org/x/net v0.17.0 // indirect - golang.org/x/sys v0.13.0 // indirect + golang.org/x/sys v0.14.0 // indirect golang.org/x/text v0.13.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/grpc v1.59.0 // indirect diff --git a/configutil/go.sum b/configutil/go.sum index bcafcc1..101871a 100644 --- a/configutil/go.sum +++ b/configutil/go.sum @@ -1,10 +1,9 @@ github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= -github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= -github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= -github.com/Masterminds/sprig/v3 v3.2.1 h1:n6EPaDyLSvCEa3frruQvAiHuNp2dhBlMSmkEr+HuzGc= -github.com/Masterminds/sprig/v3 v3.2.1/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g= +github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= +github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= @@ -13,26 +12,26 @@ github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w= -github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/hashicorp/cli v1.1.6 h1:CMOV+/LJfL1tXCOKrgAX0uRKnzjj/mpmqNXloRSy2K8= +github.com/hashicorp/cli v1.1.6/go.mod h1:MPon5QYlgjjo0BSoAiN0ESeT5fRzDjVRp+uioJ0piz4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c= github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5 h1:jrnDfQm2hCQ0/hEselgqzV4fK16gpZoY0OWGZpVPNHM= -github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.5/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.6 h1:ADYtkMCY5rNRoVfeBtqYWiCcitWM4OKLqDnQLrhqzQk= +github.com/hashicorp/go-kms-wrapping/plugin/v2 v2.0.6/go.mod h1:psh1qKep5ukvuNobFY/hCybuudlkkACpmazOsCgX5Rg= github.com/hashicorp/go-kms-wrapping/v2 v2.0.14 h1:1ZuhfnZgRnLK8S0KovJkoTCRIQId5pv3sDR7pG5VQBw= github.com/hashicorp/go-kms-wrapping/v2 v2.0.14/go.mod h1:0dWtzl2ilqKpavgM3id/kFK9L3tjo6fS4OhbVPSYpnQ= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= @@ -42,20 +41,14 @@ github.com/hashicorp/go-plugin v1.5.2 h1:aWv8eimFqWlsEiMrYZdPYl+FdHaBJSN4AWwGWfT github.com/hashicorp/go-plugin v1.5.2/go.mod h1:w1sAEES3g3PuV/RzUrgow20W2uErMly84hhD3um1WL4= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw= -github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9 h1:0S0ctJ7Ra8O7ap+/3fZUnzJ3VzJyirWS/WnNCuOYtZY= -github.com/hashicorp/go-secure-stdlib/listenerutil v0.1.9/go.mod h1:TNNdgtjLgVDbrgFcyCKrlAicIl3dZF94swJltyGUX2M= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSYmuZJGizr6/x/AEizP0CQc= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0= -github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6 h1:ZYv2XA+tEfFXIToR2jmBgVqQU9gERt0APbWqmUoNGnY= -github.com/hashicorp/go-secure-stdlib/pluginutil/v2 v2.0.6/go.mod h1:ggFN8dlaLWS2R1gymBbCrvXM/bkZP7hEAa4seqDwhyg= github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 h1:SMGUnbpAcat8rIKHkBPjfv81yC46a8eCNZ2hsR2l1EI= github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1/go.mod h1:Ch/bf00Qnx77MZd49JRgHYqHQjtEmTgGU2faufpVZb0= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 h1:xbrxd0U9XQW8qL1BAz2XrAjAF/P2vcqUTAues9c24B8= github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3/go.mod h1:LWq2Sy8UoKKuK4lFuCNWSjJj57MhNNf2zzBWMtkAIX4= -github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU= -github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= +github.com/hashicorp/go-sockaddr v1.0.6 h1:RSG8rKU28VTUTvEKghe5gIhIQpv8evvNpnDEyqO4u9I= +github.com/hashicorp/go-sockaddr v1.0.6/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= @@ -63,9 +56,8 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/yamux v0.1.1 h1:yrQxtgseBDrq9Y652vSRDvsKCJKOUD+GzTS4Y0Y8pvE= github.com/hashicorp/yamux v0.1.1/go.mod h1:CtWFDAQgb7dxtzFs4tWbplKIe2jSi3+5vKbgIO0SLnQ= -github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= -github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= -github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/huandu/xstrings v1.3.3 h1:/Gcsuc1x8JVbJ9/rlye4xZnVAbEkGauT8lbebqcQws4= +github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f h1:E87tDTVS5W65euzixn7clSzK66puSt1H4I5SC0EmHH4= @@ -76,19 +68,15 @@ github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= -github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= -github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/go-testing-interface v1.14.1 h1:jrgshOhYAUVNMAJiKbEu7EqAwgJJ2JqpQmpLJOu07cU= @@ -102,8 +90,8 @@ github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DV github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1 h1:ccV59UEOTzVDnDUEFdT95ZzHVZ+5+158q8+SJb2QV5w= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo= +github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= github.com/rogpeppe/go-internal v1.8.1 h1:geMPLpDpQOgVyCg5z5GoRwLHepNdb71NXb67XFkP+Eg= github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= @@ -114,32 +102,54 @@ github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4= google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= @@ -156,6 +166,5 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/listenerutil/go.mod b/listenerutil/go.mod index 5da3041..fb5ca1f 100644 --- a/listenerutil/go.mod +++ b/listenerutil/go.mod @@ -4,41 +4,43 @@ go 1.20 require ( github.com/google/go-cmp v0.6.0 + github.com/hashicorp/cli v1.1.6 github.com/hashicorp/go-multierror v1.1.1 github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 github.com/hashicorp/go-secure-stdlib/reloadutil v0.1.1 github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 - github.com/hashicorp/go-sockaddr v1.0.5 + github.com/hashicorp/go-sockaddr v1.0.6 github.com/hashicorp/hcl v1.0.0 github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f - github.com/mitchellh/cli v1.1.5 github.com/stretchr/testify v1.8.4 ) require ( github.com/Masterminds/goutils v1.1.1 // indirect - github.com/Masterminds/semver/v3 v3.1.1 // indirect - github.com/Masterminds/sprig/v3 v3.2.1 // indirect + github.com/Masterminds/semver/v3 v3.2.0 // indirect + github.com/Masterminds/sprig/v3 v3.2.3 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/bgentry/speakeasy v0.1.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/fatih/color v1.7.0 // indirect - github.com/google/uuid v1.1.2 // indirect + github.com/fatih/color v1.16.0 // indirect + github.com/google/uuid v1.3.1 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/huandu/xstrings v1.3.2 // indirect + github.com/huandu/xstrings v1.3.3 // indirect github.com/imdario/mergo v0.3.11 // indirect - github.com/mattn/go-colorable v0.1.6 // indirect - github.com/mattn/go-isatty v0.0.12 // indirect + github.com/kr/pretty v0.3.0 // indirect + github.com/mattn/go-colorable v0.1.13 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect github.com/mitchellh/copystructure v1.0.0 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/posener/complete v1.1.1 // indirect + github.com/posener/complete v1.2.3 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect github.com/shopspring/decimal v1.2.0 // indirect github.com/spf13/cast v1.3.1 // indirect - golang.org/x/crypto v0.1.0 // indirect - golang.org/x/sys v0.2.0 // indirect + golang.org/x/crypto v0.14.0 // indirect + golang.org/x/sys v0.14.0 // indirect + gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/listenerutil/go.sum b/listenerutil/go.sum index 740f3c6..cba966d 100644 --- a/listenerutil/go.sum +++ b/listenerutil/go.sum @@ -1,24 +1,26 @@ github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= -github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= -github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= -github.com/Masterminds/sprig/v3 v3.2.1 h1:n6EPaDyLSvCEa3frruQvAiHuNp2dhBlMSmkEr+HuzGc= -github.com/Masterminds/sprig/v3 v3.2.1/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= +github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g= +github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= +github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= +github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= +github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/hashicorp/cli v1.1.6 h1:CMOV+/LJfL1tXCOKrgAX0uRKnzjj/mpmqNXloRSy2K8= +github.com/hashicorp/cli v1.1.6/go.mod h1:MPon5QYlgjjo0BSoAiN0ESeT5fRzDjVRp+uioJ0piz4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -33,25 +35,28 @@ github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9 github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3 h1:xbrxd0U9XQW8qL1BAz2XrAjAF/P2vcqUTAues9c24B8= github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.3/go.mod h1:LWq2Sy8UoKKuK4lFuCNWSjJj57MhNNf2zzBWMtkAIX4= -github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU= -github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= +github.com/hashicorp/go-sockaddr v1.0.6 h1:RSG8rKU28VTUTvEKghe5gIhIQpv8evvNpnDEyqO4u9I= +github.com/hashicorp/go-sockaddr v1.0.6/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= -github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= -github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/huandu/xstrings v1.3.3 h1:/Gcsuc1x8JVbJ9/rlye4xZnVAbEkGauT8lbebqcQws4= +github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f h1:E87tDTVS5W65euzixn7clSzK66puSt1H4I5SC0EmHH4= github.com/jefferai/isbadcipher v0.0.0-20190226160619-51d2077c035f/go.mod h1:3J2qVK16Lq8V+wfiL2lPeDZ7UWMxk5LemerHa1p6N00= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-colorable v0.1.6 h1:6Su7aK7lXmJ/U79bYtBjLNaha4Fs1Rg9plHpcH+vvnE= -github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mitchellh/cli v1.1.5 h1:OxRIeJXpAMztws/XHlN2vu6imG5Dpq+j61AzAX5fLng= -github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= +github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= @@ -60,8 +65,10 @@ github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/I github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1 h1:ccV59UEOTzVDnDUEFdT95ZzHVZ+5+158q8+SJb2QV5w= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= +github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo= +github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= +github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k= +github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= @@ -70,28 +77,51 @@ github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.2.0 h1:ljd4t30dBnAvMZaQCevtY0xLLD0A+bRZXbgLMLU1F/A= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/listenerutil/listener.go b/listenerutil/listener.go index 8f02a38..565a598 100644 --- a/listenerutil/listener.go +++ b/listenerutil/listener.go @@ -14,10 +14,10 @@ import ( osuser "os/user" "strconv" + "github.com/hashicorp/cli" "github.com/hashicorp/go-secure-stdlib/reloadutil" "github.com/hashicorp/go-secure-stdlib/tlsutil" "github.com/jefferai/isbadcipher" - "github.com/mitchellh/cli" ) type Listener struct { diff --git a/mlock/mlock_unavail.go b/mlock/mlock_unavail.go index 714acb2..bceff15 100644 --- a/mlock/mlock_unavail.go +++ b/mlock/mlock_unavail.go @@ -1,7 +1,8 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 -// +build darwin nacl netbsd plan9 windows +//go:build darwin || nacl || netbsd || plan9 || windows || js +// +build darwin nacl netbsd plan9 windows js package mlock diff --git a/parseutil/go.mod b/parseutil/go.mod index 2043337..2a811cf 100644 --- a/parseutil/go.mod +++ b/parseutil/go.mod @@ -4,7 +4,7 @@ go 1.20 require ( github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 - github.com/hashicorp/go-sockaddr v1.0.5 + github.com/hashicorp/go-sockaddr v1.0.6 github.com/mitchellh/mapstructure v1.5.0 github.com/stretchr/testify v1.8.4 ) diff --git a/parseutil/go.sum b/parseutil/go.sum index a4388f6..cfdfc19 100644 --- a/parseutil/go.sum +++ b/parseutil/go.sum @@ -2,8 +2,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= -github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU= -github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= +github.com/hashicorp/go-sockaddr v1.0.6 h1:RSG8rKU28VTUTvEKghe5gIhIQpv8evvNpnDEyqO4u9I= +github.com/hashicorp/go-sockaddr v1.0.6/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= diff --git a/password/password_unix.go b/password/password_unix.go index c1e26f1..d3def8f 100644 --- a/password/password_unix.go +++ b/password/password_unix.go @@ -1,8 +1,8 @@ // Copyright (c) HashiCorp, Inc. // SPDX-License-Identifier: MPL-2.0 -//go:build linux || darwin || freebsd || netbsd || openbsd || dragonfly -// +build linux darwin freebsd netbsd openbsd dragonfly +//go:build linux || darwin || freebsd || netbsd || openbsd || dragonfly || js +// +build linux darwin freebsd netbsd openbsd dragonfly js package password diff --git a/plugincontainer/container_reattach.go b/plugincontainer/container_reattach_linux.go similarity index 90% rename from plugincontainer/container_reattach.go rename to plugincontainer/container_reattach_linux.go index 87227e2..bb2a959 100644 --- a/plugincontainer/container_reattach.go +++ b/plugincontainer/container_reattach_linux.go @@ -6,7 +6,6 @@ package plugincontainer import ( "context" "fmt" - "runtime" "github.com/docker/docker/client" "github.com/hashicorp/go-hclog" @@ -14,10 +13,6 @@ import ( ) func ReattachFunc(logger hclog.Logger, id, hostSocketDir string) (runner.AttachedRunner, error) { - if runtime.GOOS != "linux" { - return nil, errUnsupportedOS - } - client, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation()) if err != nil { return nil, err diff --git a/plugincontainer/container_reattach_unsupported.go b/plugincontainer/container_reattach_unsupported.go new file mode 100644 index 0000000..faedc69 --- /dev/null +++ b/plugincontainer/container_reattach_unsupported.go @@ -0,0 +1,14 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +//go:build !linux + +package plugincontainer + +import ( + "github.com/hashicorp/go-hclog" + "github.com/hashicorp/go-plugin/runner" +) + +func ReattachFunc(logger hclog.Logger, id, hostSocketDir string) (runner.AttachedRunner, error) { + return nil, errUnsupportedOS +} diff --git a/plugincontainer/container_runner.go b/plugincontainer/container_runner.go index 94fb70e..157b1a5 100644 --- a/plugincontainer/container_runner.go +++ b/plugincontainer/container_runner.go @@ -4,496 +4,13 @@ package plugincontainer import ( - "bytes" - "context" "errors" - "fmt" - "io" - "os" - "os/exec" - "path" - "runtime" - "strconv" - "strings" - - "github.com/docker/docker/api/types" - "github.com/docker/docker/api/types/container" - "github.com/docker/docker/api/types/filters" - "github.com/docker/docker/api/types/mount" - "github.com/docker/docker/api/types/network" - "github.com/docker/docker/client" - "github.com/docker/docker/pkg/stdcopy" - "github.com/hashicorp/go-hclog" - "github.com/hashicorp/go-plugin" - "github.com/hashicorp/go-plugin/runner" - "github.com/joshlf/go-acl" ) var ( - _ runner.Runner = (*containerRunner)(nil) - errUnsupportedOS = errors.New("plugincontainer currently only supports Linux") // ErrSHA256Mismatch is returned when starting a container without any // images available where the provided sha256 matches the image and tag. ErrSHA256Mismatch = errors.New("SHA256 mismatch") ) - -const pluginSocketDir = "/tmp/go-plugin-container" - -// containerRunner implements go-plugin's runner.Runner interface to run plugins -// inside a container. -type containerRunner struct { - logger hclog.Logger - - hostSocketDir string - - containerConfig *container.Config - hostConfig *container.HostConfig - networkConfig *network.NetworkingConfig - - dockerClient *client.Client - stdout io.ReadCloser - stderr io.ReadCloser - - image string - tag string - sha256 string - id string - debug bool -} - -// NewContainerRunner must be passed a cmd that hasn't yet been started. -func (cfg *Config) NewContainerRunner(logger hclog.Logger, cmd *exec.Cmd, hostSocketDir string) (runner.Runner, error) { - if runtime.GOOS != "linux" { - return nil, errUnsupportedOS - } - - if cfg.Image == "" { - return nil, errors.New("must provide an image") - } - - if strings.Contains(cfg.Image, ":") { - return nil, fmt.Errorf("image %q must not have any ':' characters, use the Tag field to specify a tag", cfg.Image) - } - - client, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation()) - if err != nil { - return nil, err - } - - // Accept both "abc123..." and "sha256:abc123...", but treat the former as - // the canonical form. - sha256 := strings.TrimPrefix(cfg.SHA256, "sha256:") - - // Default to using the SHA256 for secure pinning of images, but allow users - // to omit the SHA256 as well. - var imageRef string - if sha256 != "" { - imageRef = "sha256:" + sha256 - } else { - imageRef = cfg.Image - if cfg.Tag != "" { - imageRef += ":" + cfg.Tag - } - } - // Container config. - containerConfig := &container.Config{ - Image: imageRef, - Env: cmd.Env, - NetworkDisabled: cfg.DisableNetwork, - Labels: cfg.Labels, - } - containerConfig.Env = append(containerConfig.Env, fmt.Sprintf("%s=%s", plugin.EnvUnixSocketDir, pluginSocketDir)) - if cfg.Entrypoint != nil { - containerConfig.Entrypoint = cfg.Entrypoint - } - if cfg.Args != nil { - containerConfig.Cmd = cfg.Args - containerConfig.ArgsEscaped = true - } - if cfg.Env != nil { - containerConfig.Env = append(containerConfig.Env, cfg.Env...) - } - - // Host config. - hostConfig := &container.HostConfig{ - AutoRemove: !cfg.Debug, // Plugin containers are ephemeral. - RestartPolicy: container.RestartPolicy{}, // Empty restart policy means never. - Runtime: cfg.Runtime, // OCI runtime. - Resources: container.Resources{ - NanoCPUs: cfg.NanoCpus, // CPU limit in billionths of a core. - Memory: cfg.Memory, // Memory limit in bytes. - CgroupParent: cfg.CgroupParent, // Parent Cgroup for the container. - }, - CapDrop: []string{"ALL"}, - - // Bind mount for 2-way Unix socket communication. - Mounts: []mount.Mount{ - { - Type: mount.TypeBind, - Source: hostSocketDir, - Target: pluginSocketDir, - ReadOnly: false, - BindOptions: &mount.BindOptions{ - // Private propagation, we don't need to replicate this mount. - // For details, see https://docs.docker.com/storage/bind-mounts/#configure-bind-propagation. - Propagation: mount.PropagationPrivate, - NonRecursive: true, - }, - Consistency: mount.ConsistencyDefault, - }, - }, - } - - if cfg.GroupAdd != 0 { - hostConfig.GroupAdd = append(hostConfig.GroupAdd, strconv.Itoa(cfg.GroupAdd)) - } - - if cfg.CapIPCLock { - hostConfig.CapAdd = append(hostConfig.CapAdd, "IPC_LOCK") - } - if cfg.Rootless { - hostConfig.CapAdd = append(hostConfig.CapAdd, "DAC_OVERRIDE") - if err := configureDefaultACLsForRootless(hostSocketDir); err != nil { - return nil, err - } - } - - // Network config. - networkConfig := &network.NetworkingConfig{ - EndpointsConfig: cfg.EndpointsConfig, - } - - return &containerRunner{ - logger: logger, - hostSocketDir: hostSocketDir, - dockerClient: client, - - containerConfig: containerConfig, - hostConfig: hostConfig, - networkConfig: networkConfig, - - image: cfg.Image, - tag: cfg.Tag, - sha256: sha256, - debug: cfg.Debug, - }, nil -} - -func (c *containerRunner) Start(ctx context.Context) error { - c.logger.Debug("starting container", "image", c.image) - - if c.sha256 != "" { - ref := c.image - if c.tag != "" { - ref += ":" + c.tag - } - // Check the Image and SHA256 provided in the config match up. - images, err := c.dockerClient.ImageList(ctx, types.ImageListOptions{ - Filters: filters.NewArgs(filters.Arg("reference", ref)), - }) - if err != nil { - return fmt.Errorf("failed to verify that image %s matches with provided SHA256 hash %s: %w", ref, c.sha256, err) - } - var imageFound bool - for _, image := range images { - if image.ID == "sha256:"+c.sha256 { - imageFound = true - break - } - } - if !imageFound { - return fmt.Errorf("could not find any locally available images named %s that match with the provided SHA256 hash %s: %w", ref, c.sha256, ErrSHA256Mismatch) - } - } - - resp, err := c.dockerClient.ContainerCreate(ctx, c.containerConfig, c.hostConfig, c.networkConfig, nil, "") - if err != nil { - return fmt.Errorf("error creating container: %w", err) - } - c.id = resp.ID - c.logger.Trace("created container", "image", c.image, "id", c.id) - - if err := c.dockerClient.ContainerStart(ctx, c.id, types.ContainerStartOptions{}); err != nil { - return fmt.Errorf("error starting container: %w", err) - } - - // ContainerLogs combines stdout and stderr. - // Container logs will stream beyond the lifetime of the initial start - // context, so we pass it a fresh context with no timeout. - logReader, err := c.dockerClient.ContainerLogs(context.Background(), c.id, types.ContainerLogsOptions{ - Follow: true, - ShowStdout: true, - ShowStderr: true, - }) - if err != nil { - return err - } - - // Split logReader stream into distinct stdout and stderr readers. - var stdoutWriter, stderrWriter io.WriteCloser - c.stdout, stdoutWriter = io.Pipe() - c.stderr, stderrWriter = io.Pipe() - go func() { - defer func() { - c.logger.Trace("container logging goroutine shutting down", "id", c.id) - logReader.Close() - stdoutWriter.Close() - stderrWriter.Close() - }() - - // StdCopy will run until it receives EOF from logReader - if _, err := stdcopy.StdCopy(stdoutWriter, stderrWriter, logReader); err != nil { - c.logger.Error("error streaming logs from container", "id", c.id, "error", err) - } - }() - - return nil -} - -func (c *containerRunner) Wait(ctx context.Context) error { - statusCh, errCh := c.dockerClient.ContainerWait(ctx, c.id, container.WaitConditionNotRunning) - select { - case err := <-errCh: - if err != nil { - return err - } - case st := <-statusCh: - if st.StatusCode != 0 { - c.logger.Error("plugin shut down with non-0 exit code", "id", c.id, "status", st.StatusCode) - } - if st.Error != nil { - return errors.New(st.Error.Message) - } - return nil - } - - // unreachable - return nil -} - -func (c *containerRunner) Kill(ctx context.Context) error { - c.logger.Debug("killing container", "image", c.image, "id", c.id) - defer c.dockerClient.Close() - if c.id != "" { - if c.debug { - defer func() { - err := c.dockerClient.ContainerRemove(ctx, c.id, types.ContainerRemoveOptions{ - Force: true, - }) - if err != nil { - c.logger.Error("error removing container", "error", err) - } - }() - } - err := c.dockerClient.ContainerStop(ctx, c.id, container.StopOptions{}) - if err != nil { - // Docker SDK does not seem to expose sentinel errors in a way we can - // use here instead of string matching. - if strings.Contains(strings.ToLower(err.Error()), "no such container:") { - c.logger.Trace("container already stopped", "image", c.image, "id", c.id) - return nil - } - - return err - } - } - - return nil -} - -func (c *containerRunner) Stdout() io.ReadCloser { - return c.stdout -} - -func (c *containerRunner) Stderr() io.ReadCloser { - return c.stderr -} - -func (c *containerRunner) PluginToHost(pluginNet, pluginAddr string) (hostNet string, hostAddr string, err error) { - if path.Dir(pluginAddr) != pluginSocketDir { - return "", "", fmt.Errorf("expected address to be in directory %s, but was %s; "+ - "the plugin may need to be recompiled with the latest go-plugin version", pluginSocketDir, pluginAddr) - } - return pluginNet, path.Join(c.hostSocketDir, path.Base(pluginAddr)), nil -} - -func (c *containerRunner) HostToPlugin(hostNet, hostAddr string) (pluginNet string, pluginAddr string, err error) { - if path.Dir(hostAddr) != c.hostSocketDir { - return "", "", fmt.Errorf("expected address to be in directory %s, but was %s", c.hostSocketDir, hostAddr) - } - return hostNet, path.Join(pluginSocketDir, path.Base(hostAddr)), nil -} - -func (c *containerRunner) Name() string { - return c.image -} - -func (c *containerRunner) ID() string { - return c.id -} - -// Diagnose prints out the container config to help users manually re-run the -// plugin for debugging purposes. -func (c *containerRunner) Diagnose(ctx context.Context) string { - notes := "Config:\n" - notes += fmt.Sprintf("Image ref: %s\n", c.containerConfig.Image) - if !emptyStrSlice(c.containerConfig.Entrypoint) { - notes += fmt.Sprintf("Entrypoint: %s\n", strings.Join(c.containerConfig.Entrypoint, " ")) - } - if !emptyStrSlice(c.containerConfig.Cmd) { - notes += fmt.Sprintf("Cmd: %s\n", c.containerConfig.Cmd) - } - if c.hostConfig.Runtime != "" { - notes += fmt.Sprintf("Runtime: %s\n", c.hostConfig.Runtime) - } - notes += fmt.Sprintf("GroupAdd: %v\n", c.hostConfig.GroupAdd) - - if c.debug { - notes += "Env:\n" - for _, e := range c.containerConfig.Env { - notes += e + "\n" - } - - info := c.diagnoseContainerInfo(ctx) - if info != "" { - notes += "\n" + info + "\n" - } - logs := c.diagnoseLogs(ctx) - if logs != "" { - notes += logs + "\n" - } - } - - return notes -} - -func emptyStrSlice(s []string) bool { - return len(s) == 0 || len(s) == 1 && s[0] == "" -} - -func (c *containerRunner) diagnoseContainerInfo(ctx context.Context) string { - info, err := c.dockerClient.ContainerInspect(ctx, c.id) - if err != nil { - return "" - } - - notes := "Container config:\n" - notes += fmt.Sprintf("Image: %s\n", info.Image) - if info.Config != nil { - notes += fmt.Sprintf("Entrypoint: %s\n", info.Config.Entrypoint) - if len(info.Config.Cmd) > 0 && (len(info.Config.Cmd) > 1 || info.Config.Cmd[0] != "") { - notes += fmt.Sprintf("Cmd: %s\n", info.Config.Cmd) - } - } - - if info.State != nil { - if info.State.Error != "" { - notes += fmt.Sprintf("Container state error: %s\n", info.State.Error) - } - if info.State.Running { - notes += `Plugin is running but may have printed something unexpected to -stdout, where it should have printed '|' separated protocol negotiation info. -Check stdout in the logs below. -` - } else { - line := fmt.Sprintf("Plugin exited with exit code %d", info.State.ExitCode) - switch info.State.ExitCode { - case 1: - line += "; this may be an error internal to the plugin" - case 2: - line += "; this may be due to a malformed command, or can also " + - "happen when a cgo binary is run without libc bindings available" - } - notes += line + "\n" - } - } - - return notes -} - -func (c *containerRunner) diagnoseLogs(ctx context.Context) string { - logReader, err := c.dockerClient.ContainerLogs(ctx, c.id, types.ContainerLogsOptions{ - ShowStdout: true, - ShowStderr: true, - Follow: false, - }) - if err != nil { - return err.Error() - } - defer logReader.Close() - - stdout, stderr := &bytes.Buffer{}, &bytes.Buffer{} - stdcopy.StdCopy(stdout, stderr, logReader) - - if stdout.Len() == 0 && stderr.Len() == 0 { - return "No log lines from container\n" - } - - return fmt.Sprintf(`--- Container Logs --- -Stdout: -%s -Stderr: -%s ---- End Logs ---`, stdout.String(), stderr.String()) -} - -// If the container runtime is rootless, our GroupAdd trick to make the Unix -// socket and folder writable from both sides stops working. Instead we have: -// -// 1. Run as root within the container still works. The container's root -// user is not mapped to a different host user, so we get: -// -// Host view: Running as 1000, container running as 1000, folder and socket owned by 1000. -// Container view: Running as 0, folder and socket owned by 0. -// -// 2. Run as non-root within the container fails. The container runs as a -// subordinate uid, with the mapping defined by /etc/subuid. e.g. if the host -// unprivileged user is 1001(ubuntu), and /etc/subuid has the following entry: -// ubuntu:100000:65536 -// -// Then running as user 1 inside the container will map to user 100000 -// on the host, and user 1001 will map to 101000. -// -// Host view: Running as 1000, container running as 101000, -// folder owned by 1000, socket owned by 101000. -// => We need to make the socket writable for the host. -// -// Container view: Running as 1001, folder owned by 0, socket owned by 1001. -// => We need to make the folder writable for the container. -// -// To fix the host permissions, we set default permissions on the folder -// so any Unix sockets created in it are automatically writable. -// -// To fix the container permissions, we give it the DAC_OVERRIDE capability, -// which is normally on by default, and allows the container process to -// ignore file system permission restrictions. The only bit of the host file -// system it has access to though is the empty shared folder. -// -// Similar to mlock and the IPC_LOCK capability, runc requires rootlesskit -// (the container's parent process) to have the DAC_OVERRIDE capability -// itself in order to delegate it to the container. However, runsc has no -// such requirement because it reimplements the syscall in userspace. -// -// Note that the gVisor picture looks a little more complex in terms of how the -// process looks on the host as gVisor adds an extra layer between the container -// and the host, but the same file permission principles apply. -func configureDefaultACLsForRootless(hostSocketDir string) error { - // Setting default ACLs for the socket folder using unix xattr. - a := acl.FromUnix(0o660) - a = append(a, acl.Entry{ - Tag: acl.TagUser, - Qualifier: strconv.Itoa(os.Geteuid()), - Perms: 0o006, - }) - a = append(a, acl.Entry{ - Tag: acl.TagMask, - Perms: 0o006, - }) - if err := acl.SetDefault(hostSocketDir, a); err != nil { - return fmt.Errorf("failed to set default ACLs on rootless socket directory: %w", err) - } - - return nil -} diff --git a/plugincontainer/container_runner_linux.go b/plugincontainer/container_runner_linux.go new file mode 100644 index 0000000..343d73a --- /dev/null +++ b/plugincontainer/container_runner_linux.go @@ -0,0 +1,486 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +package plugincontainer + +import ( + "bytes" + "context" + "errors" + "fmt" + "io" + "os" + "os/exec" + "path" + "strconv" + "strings" + + "github.com/docker/docker/api/types" + "github.com/docker/docker/api/types/container" + "github.com/docker/docker/api/types/filters" + "github.com/docker/docker/api/types/mount" + "github.com/docker/docker/api/types/network" + "github.com/docker/docker/client" + "github.com/docker/docker/pkg/stdcopy" + "github.com/hashicorp/go-hclog" + "github.com/hashicorp/go-plugin" + "github.com/hashicorp/go-plugin/runner" + "github.com/joshlf/go-acl" +) + +const pluginSocketDir = "/tmp/go-plugin-container" + +var _ runner.Runner = (*containerRunner)(nil) + +// containerRunner implements go-plugin's runner.Runner interface to run plugins +// inside a container. +type containerRunner struct { + logger hclog.Logger + + hostSocketDir string + + containerConfig *container.Config + hostConfig *container.HostConfig + networkConfig *network.NetworkingConfig + + dockerClient *client.Client + stdout io.ReadCloser + stderr io.ReadCloser + + image string + tag string + sha256 string + id string + debug bool +} + +// NewContainerRunner must be passed a cmd that hasn't yet been started. +func (cfg *Config) NewContainerRunner(logger hclog.Logger, cmd *exec.Cmd, hostSocketDir string) (runner.Runner, error) { + if cfg.Image == "" { + return nil, errors.New("must provide an image") + } + + if strings.Contains(cfg.Image, ":") { + return nil, fmt.Errorf("image %q must not have any ':' characters, use the Tag field to specify a tag", cfg.Image) + } + + client, err := client.NewClientWithOpts(client.FromEnv, client.WithAPIVersionNegotiation()) + if err != nil { + return nil, err + } + + // Accept both "abc123..." and "sha256:abc123...", but treat the former as + // the canonical form. + sha256 := strings.TrimPrefix(cfg.SHA256, "sha256:") + + // Default to using the SHA256 for secure pinning of images, but allow users + // to omit the SHA256 as well. + var imageRef string + if sha256 != "" { + imageRef = "sha256:" + sha256 + } else { + imageRef = cfg.Image + if cfg.Tag != "" { + imageRef += ":" + cfg.Tag + } + } + // Container config. + containerConfig := &container.Config{ + Image: imageRef, + Env: cmd.Env, + NetworkDisabled: cfg.DisableNetwork, + Labels: cfg.Labels, + } + containerConfig.Env = append(containerConfig.Env, fmt.Sprintf("%s=%s", plugin.EnvUnixSocketDir, pluginSocketDir)) + if cfg.Entrypoint != nil { + containerConfig.Entrypoint = cfg.Entrypoint + } + if cfg.Args != nil { + containerConfig.Cmd = cfg.Args + containerConfig.ArgsEscaped = true + } + if cfg.Env != nil { + containerConfig.Env = append(containerConfig.Env, cfg.Env...) + } + + // Host config. + hostConfig := &container.HostConfig{ + AutoRemove: !cfg.Debug, // Plugin containers are ephemeral. + RestartPolicy: container.RestartPolicy{}, // Empty restart policy means never. + Runtime: cfg.Runtime, // OCI runtime. + Resources: container.Resources{ + NanoCPUs: cfg.NanoCpus, // CPU limit in billionths of a core. + Memory: cfg.Memory, // Memory limit in bytes. + CgroupParent: cfg.CgroupParent, // Parent Cgroup for the container. + }, + CapDrop: []string{"ALL"}, + + // Bind mount for 2-way Unix socket communication. + Mounts: []mount.Mount{ + { + Type: mount.TypeBind, + Source: hostSocketDir, + Target: pluginSocketDir, + ReadOnly: false, + BindOptions: &mount.BindOptions{ + // Private propagation, we don't need to replicate this mount. + // For details, see https://docs.docker.com/storage/bind-mounts/#configure-bind-propagation. + Propagation: mount.PropagationPrivate, + NonRecursive: true, + }, + Consistency: mount.ConsistencyDefault, + }, + }, + } + + if cfg.GroupAdd != 0 { + hostConfig.GroupAdd = append(hostConfig.GroupAdd, strconv.Itoa(cfg.GroupAdd)) + } + + if cfg.CapIPCLock { + hostConfig.CapAdd = append(hostConfig.CapAdd, "IPC_LOCK") + } + if cfg.Rootless { + hostConfig.CapAdd = append(hostConfig.CapAdd, "DAC_OVERRIDE") + if err := configureDefaultACLsForRootless(hostSocketDir); err != nil { + return nil, err + } + } + + // Network config. + networkConfig := &network.NetworkingConfig{ + EndpointsConfig: cfg.EndpointsConfig, + } + + return &containerRunner{ + logger: logger, + hostSocketDir: hostSocketDir, + dockerClient: client, + + containerConfig: containerConfig, + hostConfig: hostConfig, + networkConfig: networkConfig, + + image: cfg.Image, + tag: cfg.Tag, + sha256: sha256, + debug: cfg.Debug, + }, nil +} + +func (c *containerRunner) Start(ctx context.Context) error { + c.logger.Debug("starting container", "image", c.image) + + if c.sha256 != "" { + ref := c.image + if c.tag != "" { + ref += ":" + c.tag + } + // Check the Image and SHA256 provided in the config match up. + images, err := c.dockerClient.ImageList(ctx, types.ImageListOptions{ + Filters: filters.NewArgs(filters.Arg("reference", ref)), + }) + if err != nil { + return fmt.Errorf("failed to verify that image %s matches with provided SHA256 hash %s: %w", ref, c.sha256, err) + } + var imageFound bool + for _, image := range images { + if image.ID == "sha256:"+c.sha256 { + imageFound = true + break + } + } + if !imageFound { + return fmt.Errorf("could not find any locally available images named %s that match with the provided SHA256 hash %s: %w", ref, c.sha256, ErrSHA256Mismatch) + } + } + + resp, err := c.dockerClient.ContainerCreate(ctx, c.containerConfig, c.hostConfig, c.networkConfig, nil, "") + if err != nil { + return fmt.Errorf("error creating container: %w", err) + } + c.id = resp.ID + c.logger.Trace("created container", "image", c.image, "id", c.id) + + if err := c.dockerClient.ContainerStart(ctx, c.id, types.ContainerStartOptions{}); err != nil { + return fmt.Errorf("error starting container: %w", err) + } + + // ContainerLogs combines stdout and stderr. + // Container logs will stream beyond the lifetime of the initial start + // context, so we pass it a fresh context with no timeout. + logReader, err := c.dockerClient.ContainerLogs(context.Background(), c.id, types.ContainerLogsOptions{ + Follow: true, + ShowStdout: true, + ShowStderr: true, + }) + if err != nil { + return err + } + + // Split logReader stream into distinct stdout and stderr readers. + var stdoutWriter, stderrWriter io.WriteCloser + c.stdout, stdoutWriter = io.Pipe() + c.stderr, stderrWriter = io.Pipe() + go func() { + defer func() { + c.logger.Trace("container logging goroutine shutting down", "id", c.id) + logReader.Close() + stdoutWriter.Close() + stderrWriter.Close() + }() + + // StdCopy will run until it receives EOF from logReader + if _, err := stdcopy.StdCopy(stdoutWriter, stderrWriter, logReader); err != nil { + c.logger.Error("error streaming logs from container", "id", c.id, "error", err) + } + }() + + return nil +} + +func (c *containerRunner) Wait(ctx context.Context) error { + statusCh, errCh := c.dockerClient.ContainerWait(ctx, c.id, container.WaitConditionNotRunning) + select { + case err := <-errCh: + if err != nil { + return err + } + case st := <-statusCh: + if st.StatusCode != 0 { + c.logger.Error("plugin shut down with non-0 exit code", "id", c.id, "status", st.StatusCode) + } + if st.Error != nil { + return errors.New(st.Error.Message) + } + return nil + } + + // unreachable + return nil +} + +func (c *containerRunner) Kill(ctx context.Context) error { + c.logger.Debug("killing container", "image", c.image, "id", c.id) + defer c.dockerClient.Close() + if c.id != "" { + if c.debug { + defer func() { + err := c.dockerClient.ContainerRemove(ctx, c.id, types.ContainerRemoveOptions{ + Force: true, + }) + if err != nil { + c.logger.Error("error removing container", "error", err) + } + }() + } + err := c.dockerClient.ContainerStop(ctx, c.id, container.StopOptions{}) + if err != nil { + // Docker SDK does not seem to expose sentinel errors in a way we can + // use here instead of string matching. + if strings.Contains(strings.ToLower(err.Error()), "no such container:") { + c.logger.Trace("container already stopped", "image", c.image, "id", c.id) + return nil + } + + return err + } + } + + return nil +} + +func (c *containerRunner) Stdout() io.ReadCloser { + return c.stdout +} + +func (c *containerRunner) Stderr() io.ReadCloser { + return c.stderr +} + +func (c *containerRunner) PluginToHost(pluginNet, pluginAddr string) (hostNet string, hostAddr string, err error) { + if path.Dir(pluginAddr) != pluginSocketDir { + return "", "", fmt.Errorf("expected address to be in directory %s, but was %s; "+ + "the plugin may need to be recompiled with the latest go-plugin version", pluginSocketDir, pluginAddr) + } + return pluginNet, path.Join(c.hostSocketDir, path.Base(pluginAddr)), nil +} + +func (c *containerRunner) HostToPlugin(hostNet, hostAddr string) (pluginNet string, pluginAddr string, err error) { + if path.Dir(hostAddr) != c.hostSocketDir { + return "", "", fmt.Errorf("expected address to be in directory %s, but was %s", c.hostSocketDir, hostAddr) + } + return hostNet, path.Join(pluginSocketDir, path.Base(hostAddr)), nil +} + +func (c *containerRunner) Name() string { + return c.image +} + +func (c *containerRunner) ID() string { + return c.id +} + +// Diagnose prints out the container config to help users manually re-run the +// plugin for debugging purposes. +func (c *containerRunner) Diagnose(ctx context.Context) string { + notes := "Config:\n" + notes += fmt.Sprintf("Image ref: %s\n", c.containerConfig.Image) + if !emptyStrSlice(c.containerConfig.Entrypoint) { + notes += fmt.Sprintf("Entrypoint: %s\n", strings.Join(c.containerConfig.Entrypoint, " ")) + } + if !emptyStrSlice(c.containerConfig.Cmd) { + notes += fmt.Sprintf("Cmd: %s\n", c.containerConfig.Cmd) + } + if c.hostConfig.Runtime != "" { + notes += fmt.Sprintf("Runtime: %s\n", c.hostConfig.Runtime) + } + notes += fmt.Sprintf("GroupAdd: %v\n", c.hostConfig.GroupAdd) + + if c.debug { + notes += "Env:\n" + for _, e := range c.containerConfig.Env { + notes += e + "\n" + } + + info := c.diagnoseContainerInfo(ctx) + if info != "" { + notes += "\n" + info + "\n" + } + logs := c.diagnoseLogs(ctx) + if logs != "" { + notes += logs + "\n" + } + } + + return notes +} + +func emptyStrSlice(s []string) bool { + return len(s) == 0 || len(s) == 1 && s[0] == "" +} + +func (c *containerRunner) diagnoseContainerInfo(ctx context.Context) string { + info, err := c.dockerClient.ContainerInspect(ctx, c.id) + if err != nil { + return "" + } + + notes := "Container config:\n" + notes += fmt.Sprintf("Image: %s\n", info.Image) + if info.Config != nil { + notes += fmt.Sprintf("Entrypoint: %s\n", info.Config.Entrypoint) + if len(info.Config.Cmd) > 0 && (len(info.Config.Cmd) > 1 || info.Config.Cmd[0] != "") { + notes += fmt.Sprintf("Cmd: %s\n", info.Config.Cmd) + } + } + + if info.State != nil { + if info.State.Error != "" { + notes += fmt.Sprintf("Container state error: %s\n", info.State.Error) + } + if info.State.Running { + notes += `Plugin is running but may have printed something unexpected to +stdout, where it should have printed '|' separated protocol negotiation info. +Check stdout in the logs below. +` + } else { + line := fmt.Sprintf("Plugin exited with exit code %d", info.State.ExitCode) + switch info.State.ExitCode { + case 1: + line += "; this may be an error internal to the plugin" + case 2: + line += "; this may be due to a malformed command, or can also " + + "happen when a cgo binary is run without libc bindings available" + } + notes += line + "\n" + } + } + + return notes +} + +func (c *containerRunner) diagnoseLogs(ctx context.Context) string { + logReader, err := c.dockerClient.ContainerLogs(ctx, c.id, types.ContainerLogsOptions{ + ShowStdout: true, + ShowStderr: true, + Follow: false, + }) + if err != nil { + return err.Error() + } + defer logReader.Close() + + stdout, stderr := &bytes.Buffer{}, &bytes.Buffer{} + stdcopy.StdCopy(stdout, stderr, logReader) + + if stdout.Len() == 0 && stderr.Len() == 0 { + return "No log lines from container\n" + } + + return fmt.Sprintf(`--- Container Logs --- +Stdout: +%s +Stderr: +%s +--- End Logs ---`, stdout.String(), stderr.String()) +} + +// If the container runtime is rootless, our GroupAdd trick to make the Unix +// socket and folder writable from both sides stops working. Instead we have: +// +// 1. Run as root within the container still works. The container's root +// user is not mapped to a different host user, so we get: +// +// Host view: Running as 1000, container running as 1000, folder and socket owned by 1000. +// Container view: Running as 0, folder and socket owned by 0. +// +// 2. Run as non-root within the container fails. The container runs as a +// subordinate uid, with the mapping defined by /etc/subuid. e.g. if the host +// unprivileged user is 1001(ubuntu), and /etc/subuid has the following entry: +// ubuntu:100000:65536 +// +// Then running as user 1 inside the container will map to user 100000 +// on the host, and user 1001 will map to 101000. +// +// Host view: Running as 1000, container running as 101000, +// folder owned by 1000, socket owned by 101000. +// => We need to make the socket writable for the host. +// +// Container view: Running as 1001, folder owned by 0, socket owned by 1001. +// => We need to make the folder writable for the container. +// +// To fix the host permissions, we set default permissions on the folder +// so any Unix sockets created in it are automatically writable. +// +// To fix the container permissions, we give it the DAC_OVERRIDE capability, +// which is normally on by default, and allows the container process to +// ignore file system permission restrictions. The only bit of the host file +// system it has access to though is the empty shared folder. +// +// Similar to mlock and the IPC_LOCK capability, runc requires rootlesskit +// (the container's parent process) to have the DAC_OVERRIDE capability +// itself in order to delegate it to the container. However, runsc has no +// such requirement because it reimplements the syscall in userspace. +// +// Note that the gVisor picture looks a little more complex in terms of how the +// process looks on the host as gVisor adds an extra layer between the container +// and the host, but the same file permission principles apply. +func configureDefaultACLsForRootless(hostSocketDir string) error { + // Setting default ACLs for the socket folder using unix xattr. + a := acl.FromUnix(0o660) + a = append(a, acl.Entry{ + Tag: acl.TagUser, + Qualifier: strconv.Itoa(os.Geteuid()), + Perms: 0o006, + }) + a = append(a, acl.Entry{ + Tag: acl.TagMask, + Perms: 0o006, + }) + if err := acl.SetDefault(hostSocketDir, a); err != nil { + return fmt.Errorf("failed to set default ACLs on rootless socket directory: %w", err) + } + + return nil +} diff --git a/plugincontainer/container_runner_test.go b/plugincontainer/container_runner_linux_test.go similarity index 94% rename from plugincontainer/container_runner_test.go rename to plugincontainer/container_runner_linux_test.go index eb864f0..17f65a2 100644 --- a/plugincontainer/container_runner_test.go +++ b/plugincontainer/container_runner_linux_test.go @@ -7,7 +7,6 @@ import ( "fmt" "os/exec" "reflect" - "runtime" "strconv" "strings" "testing" @@ -20,15 +19,6 @@ import ( // TestNewContainerRunner_config ensures all the config options passed in have // get passed through to the runner's internal config correctly. func TestNewContainerRunner_config(t *testing.T) { - if runtime.GOOS != "linux" { - _, err := (&Config{}).NewContainerRunner(hclog.Default(), exec.Command(""), "") - if err != errUnsupportedOS { - t.Fatal(err) - } - - return - } - tmpDir := t.TempDir() const ( gid = 10 diff --git a/plugincontainer/container_runner_unsupported.go b/plugincontainer/container_runner_unsupported.go new file mode 100644 index 0000000..73d097e --- /dev/null +++ b/plugincontainer/container_runner_unsupported.go @@ -0,0 +1,18 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 + +//go:build !linux + +package plugincontainer + +import ( + "os/exec" + + "github.com/hashicorp/go-hclog" + "github.com/hashicorp/go-plugin/runner" +) + +// NewContainerRunner must be passed a cmd that hasn't yet been started. +func (cfg *Config) NewContainerRunner(_ hclog.Logger, _ *exec.Cmd, _ string) (runner.Runner, error) { + return nil, errUnsupportedOS +} diff --git a/tlsutil/go.mod b/tlsutil/go.mod index a9fc281..7b0600f 100644 --- a/tlsutil/go.mod +++ b/tlsutil/go.mod @@ -8,7 +8,7 @@ require ( ) require ( - github.com/hashicorp/go-sockaddr v1.0.5 // indirect + github.com/hashicorp/go-sockaddr v1.0.6 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/ryanuber/go-glob v1.0.0 // indirect ) diff --git a/tlsutil/go.sum b/tlsutil/go.sum index 36304b9..984689b 100644 --- a/tlsutil/go.sum +++ b/tlsutil/go.sum @@ -3,8 +3,8 @@ github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 h1:iBt4Ew4XEGLfh6/bPk4rSY github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8/go.mod h1:aiJI+PIApBRQG7FZTEBx5GiiX+HbOHilUdNxUZi4eV0= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= -github.com/hashicorp/go-sockaddr v1.0.5 h1:dvk7TIXCZpmfOlM+9mlcrWmWjw/wlKT+VDq2wMvfPJU= -github.com/hashicorp/go-sockaddr v1.0.5/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= +github.com/hashicorp/go-sockaddr v1.0.6 h1:RSG8rKU28VTUTvEKghe5gIhIQpv8evvNpnDEyqO4u9I= +github.com/hashicorp/go-sockaddr v1.0.6/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3lyjsj6+CCykpaxI= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=