From c5286833ccc39325d194b9ff8c49581397354ae1 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Tue, 9 Aug 2022 04:31:43 -0500 Subject: [PATCH 1/4] split minio into own pkg & cleanup/update postgres/minio examples --- examples/minio/operator-values.yaml | 6 ++ examples/minio/tenant-values.yaml | 26 +++++++ examples/minio/zarf-connect.yaml | 17 +++++ examples/minio/zarf.yaml | 38 ++++++++++ .../minio-instance-zarf-connect.yaml | 17 ----- .../pgadmin.yaml => pgadmin/values.yaml} | 0 .../zarf-connect.yaml} | 0 .../db-cluster.yaml} | 7 +- .../operator-ui-values.yaml} | 4 +- .../operator-values.yaml} | 9 +-- .../operator.yaml} | 0 .../patch-svc-accounts.yaml | 0 .../zarf-connect.yaml} | 0 .../values/minio-instance.yaml | 39 ---------- .../values/minio-operator.yaml | 13 ---- examples/postgres-operator/zarf.yaml | 75 ++++++++----------- 16 files changed, 129 insertions(+), 122 deletions(-) create mode 100644 examples/minio/operator-values.yaml create mode 100644 examples/minio/tenant-values.yaml create mode 100644 examples/minio/zarf-connect.yaml create mode 100644 examples/minio/zarf.yaml delete mode 100644 examples/postgres-operator/manifests/minio-instance-zarf-connect.yaml rename examples/postgres-operator/{values/pgadmin.yaml => pgadmin/values.yaml} (100%) rename examples/postgres-operator/{manifests/pgadmin-zarf-connect.yaml => pgadmin/zarf-connect.yaml} (100%) rename examples/postgres-operator/{manifests/postgres-cluster.yaml => postgres/db-cluster.yaml} (82%) rename examples/postgres-operator/{values/postgres-operator-ui.yaml => postgres/operator-ui-values.yaml} (96%) rename examples/postgres-operator/{values/postgres-operator.yaml => postgres/operator-values.yaml} (84%) rename examples/postgres-operator/{manifests/postgres-operator.yaml => postgres/operator.yaml} (100%) rename examples/postgres-operator/{manifests => postgres}/patch-svc-accounts.yaml (100%) rename examples/postgres-operator/{manifests/postgres-operator-ui-zarf-connect.yaml => postgres/zarf-connect.yaml} (100%) delete mode 100644 examples/postgres-operator/values/minio-instance.yaml delete mode 100644 examples/postgres-operator/values/minio-operator.yaml diff --git a/examples/minio/operator-values.yaml b/examples/minio/operator-values.yaml new file mode 100644 index 0000000000..2a4a8b7f9d --- /dev/null +++ b/examples/minio/operator-values.yaml @@ -0,0 +1,6 @@ +operator: + resources: + requests: + cpu: 200m + memory: 256Mi + ephemeral-storage: 500Mi diff --git a/examples/minio/tenant-values.yaml b/examples/minio/tenant-values.yaml new file mode 100644 index 0000000000..fae3c140dd --- /dev/null +++ b/examples/minio/tenant-values.yaml @@ -0,0 +1,26 @@ +tenant: + pools: + ## Servers specifies the number of MinIO Tenant Pods / Servers in this pool. + ## For standalone mode, supply 1. For distributed mode, supply 4 or more. + ## Note that the operator does not support upgrading from standalone to distributed mode. + - servers: 1 + ## volumesPerServer specifies the number of volumes attached per MinIO Tenant Pod / Server. + volumesPerServer: 4 + ## size specifies the capacity per volume + size: 1Gi + ## storageClass specifies the storage class name to be used for this pool + storageClassName: "###ZARF_STORAGE_CLASS###" + ## Configure resource requests and limits for MinIO containers + resources: + requests: + cpu: "250m" + memory: "1Gi" + ## LogSearch API setup for MinIO Tenant. + log: + ## Postgres setup for LogSearch API + db: + volumeClaimTemplate: + spec: + storageClassName: "###ZARF_STORAGE_CLASS###" + prometheus: + storageClassName: "###ZARF_STORAGE_CLASS###" diff --git a/examples/minio/zarf-connect.yaml b/examples/minio/zarf-connect.yaml new file mode 100644 index 0000000000..21b4a7d62d --- /dev/null +++ b/examples/minio/zarf-connect.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: minio-console-zarf-connect + namespace: minio-operator + annotations: + zarf.dev/connect-description: "Launch the minio console, to get a JWT run:\n\n kubectl -n minio-operator get secret $(kubectl -n minio-operator get serviceaccount console-sa -o jsonpath=\"{.secrets[0].name}\") -o jsonpath=\"{.data.token}\" | base64 --decode\n" + labels: + zarf.dev/connect-name: minio +spec: + selector: + app.kubernetes.io/instance: zarf-minio-operator-console + ports: + - name: http-console + port: 9090 + protocol: TCP + targetPort: 9090 diff --git a/examples/minio/zarf.yaml b/examples/minio/zarf.yaml new file mode 100644 index 0000000000..898f83a94a --- /dev/null +++ b/examples/minio/zarf.yaml @@ -0,0 +1,38 @@ +kind: ZarfPackageConfig +metadata: + name: minio + description: "Deploy minio" + version: 4.3.7 + url: https://operator.min.io/ + image: https://raw.githubusercontent.com/minio/minio/master/.github/logo.svg?sanitize=true + +components: + - name: minio + required: true + charts: + - name: operator + releaseName: minio-operator + url: https://operator.min.io/ + version: 4.4.28 + namespace: minio-operator + valuesFiles: + - operator-values.yaml + - name: tenant + releaseName: minio-tenant + url: https://operator.min.io/ + version: 4.4.28 + namespace: minio-operator + valuesFiles: + - tenant-values.yaml + manifests: + - name: zarf-connect + files: + - zarf-connect.yaml + images: + - minio/console:v0.19.4 + - minio/operator:v4.4.28 + - quay.io/minio/minio:RELEASE.2022-05-26T05-48-41Z + - library/postgres:13 + - busybox:1.33.1 + - alpine + - quay.io/prometheus/prometheus:latest diff --git a/examples/postgres-operator/manifests/minio-instance-zarf-connect.yaml b/examples/postgres-operator/manifests/minio-instance-zarf-connect.yaml deleted file mode 100644 index 8aad5d50e4..0000000000 --- a/examples/postgres-operator/manifests/minio-instance-zarf-connect.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: minio-console-zarf-connect - namespace: minio-operator - annotations: - zarf.dev/connect-description: "Launch the minio console" - labels: - zarf.dev/connect-name: minio -spec: - selector: - v1.min.io/tenant: zarf-minio-instance - ports: - - name: http-console - port: 9090 - protocol: TCP - targetPort: 9090 diff --git a/examples/postgres-operator/values/pgadmin.yaml b/examples/postgres-operator/pgadmin/values.yaml similarity index 100% rename from examples/postgres-operator/values/pgadmin.yaml rename to examples/postgres-operator/pgadmin/values.yaml diff --git a/examples/postgres-operator/manifests/pgadmin-zarf-connect.yaml b/examples/postgres-operator/pgadmin/zarf-connect.yaml similarity index 100% rename from examples/postgres-operator/manifests/pgadmin-zarf-connect.yaml rename to examples/postgres-operator/pgadmin/zarf-connect.yaml diff --git a/examples/postgres-operator/manifests/postgres-cluster.yaml b/examples/postgres-operator/postgres/db-cluster.yaml similarity index 82% rename from examples/postgres-operator/manifests/postgres-cluster.yaml rename to examples/postgres-operator/postgres/db-cluster.yaml index fef361acf6..a70050277e 100644 --- a/examples/postgres-operator/manifests/postgres-cluster.yaml +++ b/examples/postgres-operator/postgres/db-cluster.yaml @@ -9,8 +9,7 @@ spec: teamId: "acid" postgresql: version: "13" - numberOfInstances: 3 - enableConnectionPooler: true + numberOfInstances: 2 volume: size: "2Gi" users: @@ -24,5 +23,5 @@ spec: cpu: 100m memory: 100Mi limits: - cpu: 500m - memory: 500Mi + cpu: 1000m + memory: 1Gi diff --git a/examples/postgres-operator/values/postgres-operator-ui.yaml b/examples/postgres-operator/postgres/operator-ui-values.yaml similarity index 96% rename from examples/postgres-operator/values/postgres-operator-ui.yaml rename to examples/postgres-operator/postgres/operator-ui-values.yaml index 847b9c3b22..6e9e092c5a 100644 --- a/examples/postgres-operator/values/postgres-operator-ui.yaml +++ b/examples/postgres-operator/postgres/operator-ui-values.yaml @@ -3,8 +3,8 @@ resources: cpu: "100m" memory: "100Mi" limits: - cpu: "200m" - memory: "200Mi" + cpu: "500m" + memory: "500Mi" envs: # IMPORTANT: While operator chart and UI chart are idendependent, this is the interface between # UI and operator API. Insert the service name of the operator API here! diff --git a/examples/postgres-operator/values/postgres-operator.yaml b/examples/postgres-operator/postgres/operator-values.yaml similarity index 84% rename from examples/postgres-operator/values/postgres-operator.yaml rename to examples/postgres-operator/postgres/operator-values.yaml index 56c893e1a6..789dec449e 100644 --- a/examples/postgres-operator/values/postgres-operator.yaml +++ b/examples/postgres-operator/postgres/operator-values.yaml @@ -20,18 +20,17 @@ configLogicalBackup: configKubernetes: pod_environment_configmap: "postgres-operator/postgres-pod-config" configConnectionPooler: - # connection_pooler_image: "registry1.dso.mil/.../pgbouncer:master-18" connection_pooler_default_cpu_request: "100m" - connection_pooler_default_cpu_limit: "500m" + connection_pooler_default_cpu_limit: "1000m" connection_pooler_default_memory_request: "100Mi" - connection_pooler_default_memory_limit: "100Mi" + connection_pooler_default_memory_limit: "500Mi" resources: requests: cpu: "100m" memory: "250Mi" limits: - cpu: "500m" - memory: "500Mi" + cpu: "1000m" + memory: "1Gi" securityContext: runAsUser: 1000 runAsNonRoot: true diff --git a/examples/postgres-operator/manifests/postgres-operator.yaml b/examples/postgres-operator/postgres/operator.yaml similarity index 100% rename from examples/postgres-operator/manifests/postgres-operator.yaml rename to examples/postgres-operator/postgres/operator.yaml diff --git a/examples/postgres-operator/manifests/patch-svc-accounts.yaml b/examples/postgres-operator/postgres/patch-svc-accounts.yaml similarity index 100% rename from examples/postgres-operator/manifests/patch-svc-accounts.yaml rename to examples/postgres-operator/postgres/patch-svc-accounts.yaml diff --git a/examples/postgres-operator/manifests/postgres-operator-ui-zarf-connect.yaml b/examples/postgres-operator/postgres/zarf-connect.yaml similarity index 100% rename from examples/postgres-operator/manifests/postgres-operator-ui-zarf-connect.yaml rename to examples/postgres-operator/postgres/zarf-connect.yaml diff --git a/examples/postgres-operator/values/minio-instance.yaml b/examples/postgres-operator/values/minio-instance.yaml deleted file mode 100644 index 9b924768e4..0000000000 --- a/examples/postgres-operator/values/minio-instance.yaml +++ /dev/null @@ -1,39 +0,0 @@ -hostname: minio.localhost -tenants: - pools: - ## Servers specifies the number of MinIO Tenant Pods / Servers in this pool. - ## For standalone mode, supply 1. For distributed mode, supply 4 or more. - ## Note that the operator does not support upgrading from standalone to distributed mode. - - servers: 1 - ## volumesPerServer specifies the number of volumes attached per MinIO Tenant Pod / Server. - volumesPerServer: 4 - ## size specifies the capacity per volume - size: 1Gi - ## storageClass specifies the storage class name to be used for this pool - storageClassName: "###ZARF_STORAGE_CLASS###" - ## Used to specify a toleration for a pod - tolerations: {} - ## nodeSelector parameters for MinIO Pods. It specifies a map of key-value pairs. For the pod to be - ## eligible to run on a node, the node must have each of the - ## indicated key-value pairs as labels. - ## Read more here: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - nodeSelector: {} - ## Affinity settings for MinIO pods. Read more about affinity - ## here: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity. - affinity: {} - ## Configure resource requests and limits for MinIO containers - resources: - requests: - cpu: "250m" - memory: "1Gi" - limits: - cpu: "500m" - memory: "1Gi" - ## Configure security context - ## BB Note: Defaults for Ironbank image are 1001 for user, group, and fsGroup - securityContext: - runAsUser: 1001 - runAsGroup: 1001 - fsGroup: 1001 -console: - enabled: true diff --git a/examples/postgres-operator/values/minio-operator.yaml b/examples/postgres-operator/values/minio-operator.yaml deleted file mode 100644 index 65e27bae5c..0000000000 --- a/examples/postgres-operator/values/minio-operator.yaml +++ /dev/null @@ -1,13 +0,0 @@ -operator: - image: - repository: registry1.dso.mil/ironbank/opensource/minio/operator - tag: v4.2.3 - resources: - requests: - cpu: 200m - memory: 256Mi - ephemeral-storage: 500Mi - limits: - cpu: 200m - memory: 256Mi - diff --git a/examples/postgres-operator/zarf.yaml b/examples/postgres-operator/zarf.yaml index ea522fef67..9a568965e5 100644 --- a/examples/postgres-operator/zarf.yaml +++ b/examples/postgres-operator/zarf.yaml @@ -2,63 +2,54 @@ kind: ZarfPackageConfig metadata: name: postgres-operator-demo description: "Demo of prod-like Postgres database(s) on an edge cluster" - # Big Bang / Iron Bank are only amd64 - architecture: amd64 components: - - name: baseline + - name: minio required: true + import: + path: ../minio - manifests: - - name: postgres-example-config - files: - - manifests/patch-svc-accounts.yaml - - manifests/minio-instance-zarf-connect.yaml - - manifests/pgadmin-zarf-connect.yaml - - manifests/postgres-cluster.yaml - - manifests/postgres-operator.yaml - - manifests/postgres-operator-ui-zarf-connect.yaml + - name: postgres + required: true charts: - name: postgres-operator url: https://opensource.zalando.com/postgres-operator/charts/postgres-operator - version: 1.7.0 + version: 1.8.2 namespace: postgres-operator valuesFiles: - - values/postgres-operator.yaml + - postgres/operator-values.yaml - name: postgres-operator-ui url: https://opensource.zalando.com/postgres-operator/charts/postgres-operator-ui - version: 1.7.0 + version: 1.8.2 namespace: postgres-operator valuesFiles: - - values/postgres-operator-ui.yaml + - postgres/operator-ui-values.yaml + manifests: + - name: postgres-example-config + files: + - postgres/patch-svc-accounts.yaml + - postgres/db-cluster.yaml + - postgres/operator.yaml + - postgres/zarf-connect.yaml + images: + - registry.opensource.zalan.do/acid/postgres-operator-ui:v1.8.2 + - registry.opensource.zalan.do/acid/postgres-operator:v1.8.2 + - registry.opensource.zalan.do/acid/logical-backup:v1.8.0 + - registry.opensource.zalan.do/acid/logical-backup:v1.8.2 + - registry.opensource.zalan.do/acid/pgbouncer:master-22 + - registry.opensource.zalan.do/acid/spilo-14:2.1-p6 + + - name: pgadmin + charts: - name: pgadmin4 url: https://helm.runix.net - version: 1.7.2 + version: 1.11.0 namespace: postgres-operator valuesFiles: - - values/pgadmin.yaml - - name: minio-operator - url: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio-operator.git - version: 4.2.3-bb.1 - namespace: minio-operator - gitPath: chart - valuesFiles: - - values/minio-operator.yaml - - name: minio-instance - url: https://repo1.dso.mil/platform-one/big-bang/apps/application-utilities/minio.git - version: 4.2.3-bb.1 - namespace: minio-operator - gitPath: chart - valuesFiles: - - values/minio-instance.yaml - + - pgadmin/values.yaml + manifests: + - name: zarf-connect + files: + - pgadmin/zarf-connect.yaml images: - - registry.opensource.zalan.do/acid/postgres-operator:v1.7.0 - - registry.opensource.zalan.do/acid/spilo-13:2.1-p1 - - registry.opensource.zalan.do/acid/logical-backup:v1.7.0 - - registry.opensource.zalan.do/acid/pgbouncer:master-18 - - registry.opensource.zalan.do/acid/postgres-operator-ui:v1.7.0 - - docker.io/dpage/pgadmin4:5.5 - - docker.io/rancher/pause:3.1 - - registry1.dso.mil/ironbank/opensource/minio/operator:v4.2.3 - - registry1.dso.mil/ironbank/opensource/minio/minio:RELEASE.2021-08-31T05-46-54Z + - docker.io/dpage/pgadmin4:6.10 From 856e279c36f91f0fe36b03d8d218ce9ab0df20e5 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Wed, 10 Aug 2022 01:45:23 -0500 Subject: [PATCH 2/4] remove faulty minio backup from postgres operator --- examples/minio/operator-values.yaml | 4 ++++ .../demo-cluster.yaml} | 2 -- .../postgres-operator/pgadmin/values.yaml | 2 +- .../postgres/operator-ui-values.yaml | 13 ------------ .../postgres/operator-values.yaml | 14 ------------- .../postgres-operator/postgres/operator.yaml | 15 ------------- .../postgres/patch-svc-accounts.yaml | 6 ------ examples/postgres-operator/zarf.yaml | 21 ++++++++----------- 8 files changed, 14 insertions(+), 63 deletions(-) rename examples/postgres-operator/{postgres/db-cluster.yaml => example-db/demo-cluster.yaml} (85%) delete mode 100644 examples/postgres-operator/postgres/operator.yaml delete mode 100644 examples/postgres-operator/postgres/patch-svc-accounts.yaml diff --git a/examples/minio/operator-values.yaml b/examples/minio/operator-values.yaml index 2a4a8b7f9d..f18e5a8a8c 100644 --- a/examples/minio/operator-values.yaml +++ b/examples/minio/operator-values.yaml @@ -4,3 +4,7 @@ operator: cpu: 200m memory: 256Mi ephemeral-storage: 500Mi + env: + # Disable TLS for this demo + - name: MINIO_OPERATOR_TLS_ENABLE + value: "off" diff --git a/examples/postgres-operator/postgres/db-cluster.yaml b/examples/postgres-operator/example-db/demo-cluster.yaml similarity index 85% rename from examples/postgres-operator/postgres/db-cluster.yaml rename to examples/postgres-operator/example-db/demo-cluster.yaml index a70050277e..2672df8cdb 100644 --- a/examples/postgres-operator/postgres/db-cluster.yaml +++ b/examples/postgres-operator/example-db/demo-cluster.yaml @@ -16,8 +16,6 @@ spec: zarf: [] databases: zarf: zarf - enableLogicalBackup: true - logicalBackupSchedule: "*/2 * * * *" resources: requests: cpu: 100m diff --git a/examples/postgres-operator/pgadmin/values.yaml b/examples/postgres-operator/pgadmin/values.yaml index d29da8690c..af4fdb3e72 100644 --- a/examples/postgres-operator/pgadmin/values.yaml +++ b/examples/postgres-operator/pgadmin/values.yaml @@ -11,4 +11,4 @@ resources: memory: "512Mi" env: email: "zarf@example.local" - password: "###ZARF_GIT_AUTH_PUSH###" + password: "###ZARF_VAR_PGADMIN_PASSWORD###" diff --git a/examples/postgres-operator/postgres/operator-ui-values.yaml b/examples/postgres-operator/postgres/operator-ui-values.yaml index 6e9e092c5a..7c68ff3492 100644 --- a/examples/postgres-operator/postgres/operator-ui-values.yaml +++ b/examples/postgres-operator/postgres/operator-ui-values.yaml @@ -14,19 +14,6 @@ envs: targetNamespace: "postgres-operator" teams: - "acid" -extraEnvs: - - name: WALE_S3_ENDPOINT - value: "http+path://minio.minio-operator.svc.cluster.local:80" - - name: AWS_ENDPOINT - value: "http://minio.minio-operator.svc.cluster.local" - - name: SPILO_S3_BACKUP_PREFIX - value: "spilo/" - - name: AWS_ACCESS_KEY_ID - value: "minio" - - name: AWS_SECRET_ACCESS_KEY - value: "minio123" - - name: SPILO_S3_BACKUP_BUCKET - value: "postgres-operator-backups" # We are defining our own Ingress manifest ingress: enabled: false diff --git a/examples/postgres-operator/postgres/operator-values.yaml b/examples/postgres-operator/postgres/operator-values.yaml index 789dec449e..8b1ad54390 100644 --- a/examples/postgres-operator/postgres/operator-values.yaml +++ b/examples/postgres-operator/postgres/operator-values.yaml @@ -1,5 +1,3 @@ -# configGeneral: - # docker_image: registry1.dso.mil/.../spilo-13:2.1-p1 configPostgresPodResources: default_cpu_request: "100m" default_memory_request: "100Mi" @@ -7,18 +5,6 @@ configPostgresPodResources: default_memory_limit: "500Mi" min_cpu_limit: "250m" min_memory_limit: "250Mi" -configAwsOrGcp: - wal_s3_bucket: "postgres-operator-backups" -configLogicalBackup: - # logical_backup_docker_image: "registry1.dso.mil/.../logical-backup:v1.7.0" - logical_backup_s3_endpoint: "http://minio.minio-operator.svc.cluster.local" - logical_backup_s3_access_key_id: "minio" - logical_backup_s3_bucket: "postgres-operator-backups" - logical_backup_s3_secret_access_key : "minio123" - logical_backup_s3_sse: "" - logical_backup_schedule: "*/2 * * * *" -configKubernetes: - pod_environment_configmap: "postgres-operator/postgres-pod-config" configConnectionPooler: connection_pooler_default_cpu_request: "100m" connection_pooler_default_cpu_limit: "1000m" diff --git a/examples/postgres-operator/postgres/operator.yaml b/examples/postgres-operator/postgres/operator.yaml deleted file mode 100644 index 85a873a39b..0000000000 --- a/examples/postgres-operator/postgres/operator.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: postgres-pod-config - namespace: postgres-operator -data: - AWS_ENDPOINT: http://minio.minio-operator.svc.cluster.local - AWS_ACCESS_KEY_ID: minio - AWS_SECRET_ACCESS_KEY: minio123 - BACKUP_NUM_TO_RETAIN: "3" - BACKUP_SCHEDULE: "*/2 * * * *" - USE_WALG_BACKUP: "true" - WALG_DISABLE_S3_SSE: "true" - USE_WALG_RESTORE: "false" - AWS_S3_FORCE_PATH_STYLE: "true" diff --git a/examples/postgres-operator/postgres/patch-svc-accounts.yaml b/examples/postgres-operator/postgres/patch-svc-accounts.yaml deleted file mode 100644 index 20577362b7..0000000000 --- a/examples/postgres-operator/postgres/patch-svc-accounts.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# This will make zarf aware of this SA to do the imagepullsecret patching for it -apiVersion: v1 -kind: ServiceAccount -metadata: - name: postgres-pod - namespace: postgres-operator diff --git a/examples/postgres-operator/zarf.yaml b/examples/postgres-operator/zarf.yaml index 9a568965e5..e28ff9f118 100644 --- a/examples/postgres-operator/zarf.yaml +++ b/examples/postgres-operator/zarf.yaml @@ -4,12 +4,7 @@ metadata: description: "Demo of prod-like Postgres database(s) on an edge cluster" components: - - name: minio - required: true - import: - path: ../minio - - - name: postgres + - name: postgres-operator required: true charts: - name: postgres-operator @@ -25,21 +20,17 @@ components: valuesFiles: - postgres/operator-ui-values.yaml manifests: - - name: postgres-example-config + - name: zarf-connect files: - - postgres/patch-svc-accounts.yaml - - postgres/db-cluster.yaml - - postgres/operator.yaml - postgres/zarf-connect.yaml images: - registry.opensource.zalan.do/acid/postgres-operator-ui:v1.8.2 - registry.opensource.zalan.do/acid/postgres-operator:v1.8.2 - - registry.opensource.zalan.do/acid/logical-backup:v1.8.0 - - registry.opensource.zalan.do/acid/logical-backup:v1.8.2 - registry.opensource.zalan.do/acid/pgbouncer:master-22 - registry.opensource.zalan.do/acid/spilo-14:2.1-p6 - name: pgadmin + required: true charts: - name: pgadmin4 url: https://helm.runix.net @@ -53,3 +44,9 @@ components: - pgadmin/zarf-connect.yaml images: - docker.io/dpage/pgadmin4:6.10 + + - name: example-db + manifests: + - name: example-db + files: + - postgres/demo-cluster.yaml From 4c43e36fc1e748e46de1084cb935ddfb13dd223d Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Mon, 22 Aug 2022 01:48:06 -0500 Subject: [PATCH 3/4] PR cleanup --- .github/workflows/build-rust-injector.yml | 2 +- .github/workflows/release.yml | 2 +- Makefile | 2 +- .../100-cli-commands/zarf_package_inspect.md | 2 +- examples/minio/zarf-connect.yaml | 2 +- .../postgres-operator/pgadmin/values.yaml | 2 +- examples/postgres-operator/zarf.yaml | 6 +- go.mod | 70 ++++++------ go.sum | 82 ++++++++++++-- .../kustomization/core-light/README.md | 34 ++++++ .../kustomization/core-light/values.yaml | 1 + .../core-standard/kustomization.yaml | 2 +- .../kustomization/core-standard/values.yaml | 26 +++-- packages/big-bang-core/zarf.yaml | 102 +++++++++--------- packages/flux-iron-bank/zarf.yaml | 2 +- packages/zarf-agent/manifests/webhook.yaml | 3 + src/cmd/package.go | 1 + src/internal/message/message.go | 5 + src/internal/message/progress.go | 4 +- src/internal/message/spinner.go | 20 +++- src/internal/packager/common.go | 2 +- src/internal/packager/create.go | 34 ++++-- src/internal/packager/deploy.go | 2 +- src/internal/packager/injector.go | 15 ++- src/internal/packager/inspect.go | 29 +++++ src/internal/packager/prepare.go | 4 +- src/internal/packager/scripts.go | 6 +- src/internal/sbom/viewer/styles.css | 1 + src/internal/sbom/viewer/viewer.js | 2 +- src/internal/utils/io.go | 18 ++-- 30 files changed, 328 insertions(+), 155 deletions(-) create mode 100644 packages/big-bang-core/kustomization/core-light/README.md diff --git a/.github/workflows/build-rust-injector.yml b/.github/workflows/build-rust-injector.yml index f315c52f4f..2e8dac99e8 100644 --- a/.github/workflows/build-rust-injector.yml +++ b/.github/workflows/build-rust-injector.yml @@ -16,7 +16,7 @@ jobs: runs-on: self-hosted steps: - name: "Dependency: Install cosign" - uses: sigstore/cosign-installer@v2.5.0 + uses: sigstore/cosign-installer@v2.5.1 - name: "Dependency: Setup rust toolchain" run: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ee4a37b2af..c799af68d3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: uses: docker/setup-buildx-action@v2 - name: "Dependency: Install cosign" - uses: sigstore/cosign-installer@v2.5.0 + uses: sigstore/cosign-installer@v2.5.1 - name: "Checkout Repo" uses: actions/checkout@v3 diff --git a/Makefile b/Makefile index 490a6403cd..5827232280 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,7 @@ ifneq ($(UNAME_S),Linux) endif endif -AGENT_IMAGE ?= defenseunicorns/zarf-agent:992efd +AGENT_IMAGE ?= defenseunicorns/zarf-agent:v0.21.1 CLI_VERSION := $(if $(shell git describe --tags),$(shell git describe --tags),"UnknownVersion") BUILD_ARGS := -s -w -X 'github.com/defenseunicorns/zarf/src/config.CLIVersion=$(CLI_VERSION)' diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_inspect.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_inspect.md index 20b05eb7ef..ca6ea10495 100644 --- a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_inspect.md +++ b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_inspect.md @@ -15,6 +15,7 @@ zarf package inspect [PACKAGE] [flags] ``` -h, --help help for inspect + -s, --sbom View SBOM contents while inspecting the package. --tmpdir string Specify the temporary directory to use for intermediate files ``` @@ -29,4 +30,3 @@ zarf package inspect [PACKAGE] [flags] ### SEE ALSO * [zarf package](zarf_package.md) - Zarf package commands for creating, deploying, and inspecting packages - diff --git a/examples/minio/zarf-connect.yaml b/examples/minio/zarf-connect.yaml index 21b4a7d62d..46d0a0d09c 100644 --- a/examples/minio/zarf-connect.yaml +++ b/examples/minio/zarf-connect.yaml @@ -4,7 +4,7 @@ metadata: name: minio-console-zarf-connect namespace: minio-operator annotations: - zarf.dev/connect-description: "Launch the minio console, to get a JWT run:\n\n kubectl -n minio-operator get secret $(kubectl -n minio-operator get serviceaccount console-sa -o jsonpath=\"{.secrets[0].name}\") -o jsonpath=\"{.data.token}\" | base64 --decode\n" + zarf.dev/connect-description: "Launch the minio console, to get a JWT run:\n\n kubectl -n minio-operator get secrets console-sa-secret -o jsonpath=\"{.data.token}\" | base64 --decode\n" labels: zarf.dev/connect-name: minio spec: diff --git a/examples/postgres-operator/pgadmin/values.yaml b/examples/postgres-operator/pgadmin/values.yaml index af4fdb3e72..a1dcc02bf9 100644 --- a/examples/postgres-operator/pgadmin/values.yaml +++ b/examples/postgres-operator/pgadmin/values.yaml @@ -10,5 +10,5 @@ resources: cpu: "500m" memory: "512Mi" env: - email: "zarf@example.local" + email: "admin@zarf.dev" password: "###ZARF_VAR_PGADMIN_PASSWORD###" diff --git a/examples/postgres-operator/zarf.yaml b/examples/postgres-operator/zarf.yaml index e28ff9f118..d7f5e87f59 100644 --- a/examples/postgres-operator/zarf.yaml +++ b/examples/postgres-operator/zarf.yaml @@ -3,6 +3,10 @@ metadata: name: postgres-operator-demo description: "Demo of prod-like Postgres database(s) on an edge cluster" +variables: + - name: PGADMIN_PASSWORD + prompt: true + components: - name: postgres-operator required: true @@ -49,4 +53,4 @@ components: manifests: - name: example-db files: - - postgres/demo-cluster.yaml + - example-db/demo-cluster.yaml diff --git a/go.mod b/go.mod index c75f6ca2de..9dff584bb4 100644 --- a/go.mod +++ b/go.mod @@ -14,18 +14,18 @@ require ( github.com/go-logr/logr v1.2.3 github.com/goccy/go-yaml v1.9.5 github.com/google/go-containerregistry v0.11.0 - github.com/mattn/go-colorable v0.1.12 + github.com/mattn/go-colorable v0.1.13 github.com/mholt/archiver/v3 v3.5.1 github.com/otiai10/copy v1.7.0 github.com/pkg/errors v0.9.1 github.com/pterm/pterm v0.12.45 - github.com/sigstore/cosign v1.10.1 + github.com/sigstore/cosign v1.11.0 github.com/spf13/cobra v1.5.0 github.com/stretchr/testify v1.8.0 github.com/testifysec/go-witness v0.1.12 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa gopkg.in/yaml.v2 v2.4.0 - helm.sh/helm/v3 v3.9.2 + helm.sh/helm/v3 v3.9.3 k8s.io/api v0.24.3 k8s.io/apimachinery v0.24.3 k8s.io/client-go v0.24.3 @@ -40,11 +40,11 @@ require ( atomicgo.dev/keyboard v0.2.8 // indirect bitbucket.org/creachadair/shell v0.0.7 // indirect cloud.google.com/go/compute v1.7.0 // indirect - github.com/Azure/azure-sdk-for-go v65.0.0+incompatible // indirect + github.com/Azure/azure-sdk-for-go v66.0.0+incompatible // indirect github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest v0.11.27 // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.18 // indirect + github.com/Azure/go-autorest/autorest v0.11.28 // indirect + github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 // indirect github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 // indirect github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect @@ -72,20 +72,20 @@ require ( github.com/andybalholm/brotli v1.0.4 // indirect github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect github.com/atotto/clipboard v0.1.4 // indirect - github.com/aws/aws-sdk-go v1.44.66 // indirect - github.com/aws/aws-sdk-go-v2 v1.16.5 // indirect - github.com/aws/aws-sdk-go-v2/config v1.15.10 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.12.5 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.6 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.12 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.6 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.3.13 // indirect + github.com/aws/aws-sdk-go v1.44.76 // indirect + github.com/aws/aws-sdk-go-v2 v1.16.11 // indirect + github.com/aws/aws-sdk-go-v2/config v1.17.0 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.12.13 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.12 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.18 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.12 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.3.19 // indirect github.com/aws/aws-sdk-go-v2/service/ecr v1.15.0 // indirect github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.12.0 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.6 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.11.8 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.16.7 // indirect - github.com/aws/smithy-go v1.11.3 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.12 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.11.16 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.16.13 // indirect + github.com/aws/smithy-go v1.12.1 // indirect github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220517224237-e6f29200ae04 // indirect github.com/benbjohnson/clock v1.1.0 // indirect github.com/beorn7/perks v1.0.1 // indirect @@ -129,7 +129,7 @@ require ( github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 // indirect github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect github.com/dustin/go-humanize v1.0.0 // indirect - github.com/emicklei/go-restful v2.9.5+incompatible // indirect + github.com/emicklei/go-restful/v3 v3.8.0 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1 // indirect github.com/envoyproxy/protoc-gen-validate v0.6.2 // indirect @@ -158,7 +158,7 @@ require ( github.com/go-openapi/runtime v0.24.1 // indirect github.com/go-openapi/spec v0.20.6 // indirect github.com/go-openapi/strfmt v0.21.3 // indirect - github.com/go-openapi/swag v0.21.1 // indirect + github.com/go-openapi/swag v0.22.1 // indirect github.com/go-openapi/validate v0.22.0 // indirect github.com/go-playground/locales v0.14.0 // indirect github.com/go-playground/universal-translator v0.18.0 // indirect @@ -167,7 +167,7 @@ require ( github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt v3.2.2+incompatible // indirect - github.com/golang-jwt/jwt/v4 v4.3.0 // indirect + github.com/golang-jwt/jwt/v4 v4.4.2 // indirect github.com/golang/glog v1.0.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/mock v1.6.0 // indirect @@ -207,7 +207,7 @@ require ( github.com/inconshreveable/mousetrap v1.0.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b // indirect - github.com/jhump/protoreflect v1.10.3 // indirect + github.com/jhump/protoreflect v1.12.0 // indirect github.com/jinzhu/copier v0.3.5 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/jmoiron/sqlx v1.3.5 // indirect @@ -223,14 +223,14 @@ require ( github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect github.com/leodido/go-urn v1.2.1 // indirect - github.com/letsencrypt/boulder v0.0.0-20220331220046-b23ab962616e // indirect + github.com/letsencrypt/boulder v0.0.0-20220723181115-27de4befb95e // indirect github.com/lib/pq v1.10.6 // indirect github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect github.com/lithammer/fuzzysearch v1.1.5 // indirect github.com/lucasb-eyer/go-colorful v1.2.0 // indirect github.com/magiconair/properties v1.8.6 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/mattn/go-isatty v0.0.14 // indirect + github.com/mattn/go-isatty v0.0.16 // indirect github.com/mattn/go-runewidth v0.0.13 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect @@ -281,8 +281,8 @@ require ( github.com/shibumi/go-pathspec v1.3.0 // indirect github.com/shopspring/decimal v1.3.1 // indirect github.com/sigstore/fulcio v0.2.0 // indirect - github.com/sigstore/rekor v0.9.1 // indirect - github.com/sigstore/sigstore v1.2.1-0.20220614141825-9c0e2e247545 // indirect + github.com/sigstore/rekor v0.10.0 // indirect + github.com/sigstore/sigstore v1.4.0 // indirect github.com/sirupsen/logrus v1.9.0 // indirect github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect github.com/soheilhy/cmux v0.1.5 // indirect @@ -307,7 +307,7 @@ require ( github.com/vifraa/gopom v0.2.0 // indirect github.com/wagoodman/go-partybus v0.0.0-20210627031916-db1f5573bbc5 // indirect github.com/wagoodman/go-progress v0.0.0-20220614130704-4b1c25a33c7c // indirect - github.com/xanzy/go-gitlab v0.70.0 // indirect + github.com/xanzy/go-gitlab v0.72.0 // indirect github.com/xanzy/ssh-agent v0.3.1 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect @@ -341,17 +341,17 @@ require ( go.opentelemetry.io/otel/trace v1.7.0 // indirect go.opentelemetry.io/proto/otlp v0.16.0 // indirect go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect - go.uber.org/atomic v1.9.0 // indirect + go.uber.org/atomic v1.10.0 // indirect go.uber.org/multierr v1.8.0 // indirect go.uber.org/zap v1.21.0 // indirect golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect - golang.org/x/net v0.0.0-20220728211354-c7608f3a8462 // indirect - golang.org/x/oauth2 v0.0.0-20220718184931-c8730f7fcb92 // indirect + golang.org/x/net v0.0.0-20220805013720-a33c5aa5df48 // indirect + golang.org/x/oauth2 v0.0.0-20220722155238-128564f6959c // indirect golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect - golang.org/x/sys v0.0.0-20220731174439-a90be440212d // indirect - golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect + golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab // indirect + golang.org/x/term v0.0.0-20220526004731-065cf7ba2467 // indirect golang.org/x/text v0.3.7 // indirect - golang.org/x/time v0.0.0-20220411224347-583f2d630306 // indirect + golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 // indirect golang.org/x/tools v0.1.12 // indirect golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f // indirect google.golang.org/appengine v1.6.7 // indirect @@ -369,7 +369,7 @@ require ( k8s.io/apiserver v0.24.3 // indirect k8s.io/cli-runtime v0.24.3 // indirect k8s.io/component-base v0.24.3 // indirect - k8s.io/kube-openapi v0.0.0-20220401212409-b28bf2818661 // indirect + k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 // indirect k8s.io/kubectl v0.24.3 // indirect k8s.io/metrics v0.24.3 // indirect k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 // indirect @@ -385,6 +385,6 @@ require ( modernc.org/token v1.0.0 // indirect oras.land/oras-go v1.2.0 // indirect sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2 // indirect - sigs.k8s.io/release-utils v0.7.1 // indirect + sigs.k8s.io/release-utils v0.7.3 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect ) diff --git a/go.sum b/go.sum index c4e37e6af3..c5cf78f0aa 100644 --- a/go.sum +++ b/go.sum @@ -113,6 +113,8 @@ github.com/Azure/azure-sdk-for-go v46.4.0+incompatible/go.mod h1:9XXNKU+eRnpl9mo github.com/Azure/azure-sdk-for-go v61.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v65.0.0+incompatible h1:HzKLt3kIwMm4KeJYTdx9EbjRYTySD/t8i1Ee/W5EGXw= github.com/Azure/azure-sdk-for-go v65.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v66.0.0+incompatible h1:bmmC38SlE8/E81nNADlgmVGurPWMHDX2YNXVQMrBpEE= +github.com/Azure/azure-sdk-for-go v66.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-service-bus-go v0.9.1/go.mod h1:yzBx6/BUGfjfeqbRZny9AQIbIe3AcV9WZbAdpkoXOa0= github.com/Azure/azure-storage-blob-go v0.8.0/go.mod h1:lPI3aLPpuLTeUwh1sViKXFxwl2B6teiRqI0deQUvsw0= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= @@ -130,6 +132,8 @@ github.com/Azure/go-autorest/autorest v0.11.19/go.mod h1:dSiJPy22c3u0OtOKDNttNgq github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= +github.com/Azure/go-autorest/autorest v0.11.28 h1:ndAExarwr5Y+GaHE6VCaY1kyS/HwwGGyuimVhWsHOEM= +github.com/Azure/go-autorest/autorest v0.11.28/go.mod h1:MrkzG3Y3AH668QyF9KRk5neJnGgmhQ6krbhR8Q5eMvA= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.4/go.mod h1:/3SMAM86bP6wC9Ev35peQDUeqFZBMH07vvUOmg4z/fE= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= @@ -137,6 +141,8 @@ github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4Uw github.com/Azure/go-autorest/autorest/adal v0.9.14/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= github.com/Azure/go-autorest/autorest/adal v0.9.18 h1:kLnPsRjzZZUF3K5REu/Kc+qMQrvuza2bwSnNdhmzLfQ= github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= +github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= +github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= github.com/Azure/go-autorest/autorest/azure/auth v0.5.2/go.mod h1:q98IH4qgc3eWM4/WOeR5+YPmBuy8Lq0jNRDwSM0CuFk= github.com/Azure/go-autorest/autorest/azure/auth v0.5.9/go.mod h1:hg3/1yw0Bq87O3KvvnJoAh34/0zbP7SFizX/qN5JvjU= github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 h1:P6bYXFoao05z5uhOQzbC3Qd8JqF3jUoocoTeIxkp2cA= @@ -334,29 +340,45 @@ github.com/aws/aws-sdk-go v1.37.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zK github.com/aws/aws-sdk-go v1.42.38/go.mod h1:OGr6lGMAKGlG9CVrYnWYDKIyb829c6EVBRjxqjmPepc= github.com/aws/aws-sdk-go v1.44.66 h1:xdH4EvHyUnkm4I8d536ui7yMQKYzrkbSDQ2LvRRHqsg= github.com/aws/aws-sdk-go v1.44.66/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= +github.com/aws/aws-sdk-go v1.44.76 h1:5e8yGO/XeNYKckOjpBKUd5wStf0So3CrQIiOMCVLpOI= +github.com/aws/aws-sdk-go v1.44.76/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= github.com/aws/aws-sdk-go-v2 v1.7.1/go.mod h1:L5LuPC1ZgDr2xQS7AmIec/Jlc7O/Y1u2KxJyNVab250= github.com/aws/aws-sdk-go-v2 v1.14.0/go.mod h1:ZA3Y8V0LrlWj63MQAnRHgKf/5QB//LSZCPNWlWrNGLU= github.com/aws/aws-sdk-go-v2 v1.16.5 h1:Ah9h1TZD9E2S1LzHpViBO3Jz9FPL5+rmflmb8hXirtI= github.com/aws/aws-sdk-go-v2 v1.16.5/go.mod h1:Wh7MEsmEApyL5hrWzpDkba4gwAPc5/piwLVLFnCxp48= +github.com/aws/aws-sdk-go-v2 v1.16.11 h1:xM1ZPSvty3xVmdxiGr7ay/wlqv+MWhH0rMlyLdbC0YQ= +github.com/aws/aws-sdk-go-v2 v1.16.11/go.mod h1:WTACcleLz6VZTp7fak4EO5b9Q4foxbn+8PIz3PmyKlo= github.com/aws/aws-sdk-go-v2/config v1.5.0/go.mod h1:RWlPOAW3E3tbtNAqTwvSW54Of/yP3oiZXMI0xfUdjyA= github.com/aws/aws-sdk-go-v2/config v1.15.10 h1:0HSMRNGlR0/WlGbeKC9DbBphBwRIK5H4cKUbgqNTKcA= github.com/aws/aws-sdk-go-v2/config v1.15.10/go.mod h1:XL4DzwzWdwXBzKdwMdpLkMIaGEQCYRQyzA4UnJaUnNk= +github.com/aws/aws-sdk-go-v2/config v1.17.0 h1:e0tIuubcjp0gJQdllgEMwolWWXGK/sKAFd1tS5S6m6I= +github.com/aws/aws-sdk-go-v2/config v1.17.0/go.mod h1:4SKzBMiB8lV0fw2w7eDBo/LjQyHFITN4vUUuqpurFmI= github.com/aws/aws-sdk-go-v2/credentials v1.3.1/go.mod h1:r0n73xwsIVagq8RsxmZbGSRQFj9As3je72C2WzUIToc= github.com/aws/aws-sdk-go-v2/credentials v1.12.5 h1:WNNCUTWA0vyMy5t8LfS4iB7QshsW0DsHS/VdhyCGZWM= github.com/aws/aws-sdk-go-v2/credentials v1.12.5/go.mod h1:DOcdLlkqUiNGyXnjWgspC3eIAdXhj8q0pO1LiSvrTI4= +github.com/aws/aws-sdk-go-v2/credentials v1.12.13 h1:cuPzIsjKAWBUAAk8ZUR2l02Sxafl9hiaMsc7tlnjwAY= +github.com/aws/aws-sdk-go-v2/credentials v1.12.13/go.mod h1:9fDEemXizwXrxPU1MTzv69LP/9D8HVl5qHAQO9A9ikY= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.3.0/go.mod h1:2LAuqPx1I6jNfaGDucWfA2zqQCYCOMCDHiCOciALyNw= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.6 h1:+NZzDh/RpcQTpo9xMFUgkseIam6PC+YJbdhbQp1NOXI= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.6/go.mod h1:ClLMcuQA/wcHPmOIfNzNI4Y1Q0oDbmEkbYhMFOzHDh8= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.12 h1:wgJBHO58Pc1V1QAnzdVM3JK3WbE/6eUF0JxCZ+/izz0= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.12/go.mod h1:aZ4vZnyUuxedC7eD4JyEHpGnCz+O2sHQEx3VvAwklSE= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.5/go.mod h1:2hXc8ooJqF2nAznsbJQIn+7h851/bu8GVC80OVTTqf8= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.12 h1:Zt7DDk5V7SyQULUUwIKzsROtVzp/kVvcz15uQx/Tkow= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.12/go.mod h1:Afj/U8svX6sJ77Q+FPWMzabJ9QjbwP32YlopgKALUpg= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.18 h1:OmiwoVyLKEqqD5GvB683dbSqxiOfvx4U2lDZhG2Esc4= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.18/go.mod h1:348MLhzV1GSlZSMusdwQpXKbhD7X2gbI/TxwAPKkYZQ= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.3.0/go.mod h1:miRSv9l093jX/t/j+mBCaLqFHo9xKYzJ7DGm1BsGoJM= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.6 h1:eeXdGVtXEe+2Jc49+/vAzna3FAQnUD4AagAw8tzbmfc= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.6/go.mod h1:FwpAKI+FBPIELJIdmQzlLtRe8LQSOreMcM2wBsPMvvc= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.12 h1:5mvQDtNWtI6H56+E4LUnLWEmATMB7oEh+Z9RurtIuC0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.12/go.mod h1:ckaCVTEdGAxO6KwTGzgskxR1xM+iJW4lxMyDFVda2Fc= github.com/aws/aws-sdk-go-v2/internal/ini v1.1.1/go.mod h1:Zy8smImhTdOETZqfyn01iNOe0CNggVbPjCajyaz6Gvg= github.com/aws/aws-sdk-go-v2/internal/ini v1.3.13 h1:L/l0WbIpIadRO7i44jZh1/XeXpNDX0sokFppb4ZnXUI= github.com/aws/aws-sdk-go-v2/internal/ini v1.3.13/go.mod h1:hiM/y1XPp3DoEPhoVEYc/CZcS58dP6RKJRDFp99wdX0= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.19 h1:g5qq9sgtEzt2szMaDqQO6fqKe026T6dHTFJp5NsPzkQ= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.19/go.mod h1:cVHo8KTuHjShb9V8/VjH3S/8+xPu16qx8fdGwmotJhE= github.com/aws/aws-sdk-go-v2/service/ecr v1.4.1/go.mod h1:FglZcyeiBqcbvyinl+n14aT/EWC7S1MIH+Gan2iizt0= github.com/aws/aws-sdk-go-v2/service/ecr v1.15.0 h1:lY2Z2sBP+zSbJ6CvvmnFgPcgknoQ0OJV88AwVetRRFk= github.com/aws/aws-sdk-go-v2/service/ecr v1.15.0/go.mod h1:4zYI85WiYDhFaU1jPFVfkD7HlBcdnITDE3QxDwy4Kus= @@ -366,17 +388,25 @@ github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.12.0/go.mod h1:IArQ3IBR00Fkura github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.2.1/go.mod h1:zceowr5Z1Nh2WVP8bf/3ikB41IZW59E4yIYbg+pC6mw= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.6 h1:0ZxYAZ1cn7Swi/US55VKciCE6RhRHIwCKIWaMLdT6pg= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.6/go.mod h1:DxAPjquoEHf3rUHh1b9+47RAaXB8/7cB6jkzCt/GOEI= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.12 h1:7iPTTX4SAI2U2VOogD7/gmHlsgnYSgoNHt7MSQXtG2M= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.12/go.mod h1:1TODGhheLWjpQWSuhYuAUWYTCKwEjx2iblIFKDHjeTc= github.com/aws/aws-sdk-go-v2/service/kms v1.17.3 h1:M9bIvNNpbtvDTlZC5I38Kn2yuinJZ/9L+AM2Qom23zI= github.com/aws/aws-sdk-go-v2/service/sso v1.3.1/go.mod h1:J3A3RGUvuCZjvSuZEcOpHDnzZP/sKbhDWV2T1EOzFIM= github.com/aws/aws-sdk-go-v2/service/sso v1.11.8 h1:GNIdO14AHW5CgnzMml3Tg5Fy/+NqPQvnh1HsC1zpcPo= github.com/aws/aws-sdk-go-v2/service/sso v1.11.8/go.mod h1:UqRD9bBt15P0ofRyDZX6CfsIqPpzeHOhZKWzgSuAzpo= +github.com/aws/aws-sdk-go-v2/service/sso v1.11.16 h1:YK8L7TNlGwMWHYqLs+i6dlITpxqzq08FqQUy26nm+T8= +github.com/aws/aws-sdk-go-v2/service/sso v1.11.16/go.mod h1:mS5xqLZc/6kc06IpXn5vRxdLaED+jEuaSRv5BxtnsiY= github.com/aws/aws-sdk-go-v2/service/sts v1.6.0/go.mod h1:q7o0j7d7HrJk/vr9uUt3BVRASvcU7gYZB9PUgPiByXg= github.com/aws/aws-sdk-go-v2/service/sts v1.16.7 h1:HLzjwQM9975FQWSF3uENDGHT1gFQm/q3QXu2BYIcI08= github.com/aws/aws-sdk-go-v2/service/sts v1.16.7/go.mod h1:lVxTdiiSHY3jb1aeg+BBFtDzZGSUCv6qaNOyEGCJ1AY= +github.com/aws/aws-sdk-go-v2/service/sts v1.16.13 h1:dl8T0PJlN92rvEGOEUiD0+YPYdPEaCZK0TqHukvSfII= +github.com/aws/aws-sdk-go-v2/service/sts v1.16.13/go.mod h1:Ru3QVMLygVs/07UQ3YDur1AQZZp2tUNje8wfloFttC0= github.com/aws/smithy-go v1.6.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E= github.com/aws/smithy-go v1.11.0/go.mod h1:3xHYmszWVx2c0kIwQeEVf9uSm4fYZt67FBJnwub1bgM= github.com/aws/smithy-go v1.11.3 h1:DQixirEFM9IaKxX1olZ3ke3nvxRS2xMDteKIDWxozW8= github.com/aws/smithy-go v1.11.3/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aws/smithy-go v1.12.1 h1:yQRC55aXN/y1W10HgwHle01DRuV9Dpf31iGkotjt3Ag= +github.com/aws/smithy-go v1.12.1/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220517224237-e6f29200ae04 h1:p2I85zYI9z5/c/3Q0LiO3RtNXcmXHTtJfml/hV16zNg= github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220517224237-e6f29200ae04/go.mod h1:Z+bXnIbhKJYSvxNwsNnwde7pDKxuqlEZCbUBoTwAqf0= github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59/go.mod h1:q/89r3U2H7sSsE2t6Kca0lfwTK8JdoNGS/yzM/4iH5I= @@ -712,8 +742,9 @@ github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaB github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153 h1:yUdfgN0XgIJw7foRItutHYUIhlcKzcSf5vDpdhQAKTc= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible h1:spTtZBk5DYEvbxMVutUuTyh1Ao2r4iyvLdACqsl/Ljk= github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/emicklei/go-restful/v3 v3.8.0 h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw= +github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= @@ -887,6 +918,8 @@ github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/ github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.21.1 h1:wm0rhTb5z7qpJRHBdPOMuY4QjVUMbF6/kwoYeRAOrKU= github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.22.1 h1:S6xFhsBKAtvfphnJwRzeCh3OEGsTL/crXdEetSxLs0Q= +github.com/go-openapi/swag v0.22.1/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-openapi/validate v0.22.0 h1:b0QecH6VslW/TxtpKgzpO1SNG7GU2FsaqKdP1E2T50Y= github.com/go-openapi/validate v0.22.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= @@ -989,6 +1022,8 @@ github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzw github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.3.0 h1:kHL1vqdqWNfATmA0FNMdmZNMyZI1U6O31X4rlIPoBog= github.com/golang-jwt/jwt/v4 v4.3.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= +github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= +github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ= @@ -1337,11 +1372,17 @@ github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b/go.mod h1:hQm github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/jgautheron/goconst v1.5.1/go.mod h1:aAosetZ5zaeC/2EfMeRswtxUFBpe2Hr7HzkgX4fanO4= +github.com/jhump/gopoet v0.0.0-20190322174617-17282ff210b3/go.mod h1:me9yfT6IJSlOL3FCfrg+L6yzUEZ+5jW6WHt4Sk+UPUI= +github.com/jhump/gopoet v0.1.0/go.mod h1:me9yfT6IJSlOL3FCfrg+L6yzUEZ+5jW6WHt4Sk+UPUI= +github.com/jhump/goprotoc v0.5.0/go.mod h1:VrbvcYrQOrTi3i0Vf+m+oqQWk9l72mjkJCYo7UvLHRQ= github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74= github.com/jhump/protoreflect v1.6.1/go.mod h1:RZQ/lnuN+zqeRVpQigTwO6o0AJUkxbnSnpuG7toUTG4= github.com/jhump/protoreflect v1.8.2/go.mod h1:7GcYQDdMU/O/BBrl/cX6PNHpXh6cenjd8pneu5yW7Tg= github.com/jhump/protoreflect v1.10.3 h1:8ogeubpKh2TiulA0apmGlW5YAH4U1Vi4TINIP+gpNfQ= github.com/jhump/protoreflect v1.10.3/go.mod h1:7GcYQDdMU/O/BBrl/cX6PNHpXh6cenjd8pneu5yW7Tg= +github.com/jhump/protoreflect v1.11.0/go.mod h1:U7aMIjN0NWq9swDP7xDdoMfRHb35uiuTd3Z9nFXJf5E= +github.com/jhump/protoreflect v1.12.0 h1:1NQ4FpWMgn3by/n1X0fbeKEUxP1wBt7+Oitpv01HR10= +github.com/jhump/protoreflect v1.12.0/go.mod h1:JytZfP5d0r8pVNLZvai7U/MCuTWITgrI4tTg7puQFKI= github.com/jingyugao/rowserrcheck v1.1.1/go.mod h1:4yvlZSDb3IyDTUZJUmpZfm2Hwok+Dtp+nu2qOq+er9c= github.com/jinzhu/copier v0.3.5 h1:GlvfUwHk62RokgqVNvYsku0TATCF7bAHVwEXoBh3iJg= github.com/jinzhu/copier v0.3.5/go.mod h1:DfbEm0FYsaqBcKcFuvmOZb218JkPGtvSHsKg8S8hyyg= @@ -1454,6 +1495,8 @@ github.com/leodido/go-urn v1.2.1 h1:BqpAaACuzVSgi/VLzGZIobT2z4v53pjosyNd9Yv6n/w= github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= github.com/letsencrypt/boulder v0.0.0-20220331220046-b23ab962616e h1:1aV3EJ4ZMsc63MFU4rB+ccSEhZvvVD71T9RA4Rqd3hI= github.com/letsencrypt/boulder v0.0.0-20220331220046-b23ab962616e/go.mod h1:Bl3mfF2LHYepsU2XfzMceIglyByfPe1IFAXtO+p37Qk= +github.com/letsencrypt/boulder v0.0.0-20220723181115-27de4befb95e h1:2ba+yBBeT8ZFyZjRLPDKvkqVrWX4CCYAuR6nuJGojD0= +github.com/letsencrypt/boulder v0.0.0-20220723181115-27de4befb95e/go.mod h1:54WQpg5QI0mpRhxoj9bxysLqA5WJylVsLtXOrb3zAiU= github.com/letsencrypt/pkcs11key/v4 v4.0.0/go.mod h1:EFUvBDay26dErnNb70Nd0/VW3tJiIbETBPTl9ATXQag= github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= @@ -1516,6 +1559,8 @@ github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= +github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= +github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= github.com/mattn/go-ieproxy v0.0.0-20190610004146-91bb50d98149/go.mod h1:31jz6HNzdxOmlERGGEc4v/dMssOfmp2p5bT/okiKFFc= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= @@ -1526,6 +1571,8 @@ github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOA github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= +github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-oci8 v0.1.1/go.mod h1:wjDx6Xm9q7dFtHJvIlrI99JytznLw5wQ4R+9mNXJwGI= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= @@ -1682,6 +1729,7 @@ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108 github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/ginkgo/v2 v2.1.4 h1:GNapqRSid3zijZ9H77KrgVG4/8KqiyRsxcSxe+7ApXY= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= @@ -1691,7 +1739,7 @@ github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7J github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= -github.com/onsi/gomega v1.18.1 h1:M1GfJqGRrBrrGGsbxzV5dqM2U2ApXefZCQpkukxYRLE= +github.com/onsi/gomega v1.19.0 h1:4ieX6qQjPP/BfC3mpsAtIGGlxTWPeA3Inl/7DtXw1tw= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -1941,13 +1989,19 @@ github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOms github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sigstore/cosign v1.10.1 h1:mFRTtJmZtC55tbBE4SHUfqBXux/jN01Wysk7/duyYPA= github.com/sigstore/cosign v1.10.1/go.mod h1:7ltQF49sIWp0p0UvXhFtHDQUa4PPw6W53TYlIRlayRA= +github.com/sigstore/cosign v1.11.0 h1:jw0nXSEdcM+6OPSaP5oGCHITM+Brh/rjRerrMrH93e0= +github.com/sigstore/cosign v1.11.0/go.mod h1:YaoVdaXyZCnCRJeAmsIq5LVD0Cu7saupPp2Ub9dZ5i4= github.com/sigstore/fulcio v0.2.0 h1:bT6oDNFe0MJ55lp9InymuBOd/5DA+gkxAP8k7HcUXIg= github.com/sigstore/fulcio v0.2.0/go.mod h1:w2ncMx6ADlg7yjMQ+dcjnIc5MviY0LKLUgNo/azUp0g= github.com/sigstore/rekor v0.9.1 h1:xk+Sg6xWLYctIqlIxZP+sxZl9sfEl0OIbPgxo527Gxg= github.com/sigstore/rekor v0.9.1/go.mod h1:7YBvw8sKQpTUD8jwahpAgex3zF+q2+RAEsgnWXb3O4I= +github.com/sigstore/rekor v0.10.0 h1:lhqu403gtsfqf7yOBUm6G5KkI17g4s55jnDOHceYEEM= +github.com/sigstore/rekor v0.10.0/go.mod h1:optBScc+ylAO6nTRyH3kY5me1ClbQufeLiglesAEiwg= github.com/sigstore/sigstore v1.1.1-0.20220124143820-3cebf5c58675/go.mod h1:9cE3xS/1vYlN+Emn2WXDwjh0LYhXLJLv6mOCQpAHtSk= github.com/sigstore/sigstore v1.2.1-0.20220614141825-9c0e2e247545 h1:S6ZnBcLFZNdB6mw8QnjLgtGU1myK+X0UPpRwJ71/Z/o= github.com/sigstore/sigstore v1.2.1-0.20220614141825-9c0e2e247545/go.mod h1:xr0T+0gIaZyrmWtC99G8llLi1izy70nZpgVp+C1jb5k= +github.com/sigstore/sigstore v1.4.0 h1:5A3eUhbSQkhiqJNUPi/2UMKdTyb3NKfWcVjaTBkkaJk= +github.com/sigstore/sigstore v1.4.0/go.mod h1:z3kt1jm2A39M+g7emkQ8jdErL/haCMEjkNxvqTf41/k= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -2143,6 +2197,8 @@ github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr github.com/xanzy/go-gitlab v0.31.0/go.mod h1:sPLojNBn68fMUWSxIJtdVVIP8uSBYqesTfDUseX11Ug= github.com/xanzy/go-gitlab v0.70.0 h1:zJ8WukB5psMcfmQctHsiG/PyqLqLIdD05wCLwdPNEBg= github.com/xanzy/go-gitlab v0.70.0/go.mod h1:o4yExCtdaqlM8YGdDJWuZoBmfxBsmA9TPEjs9mx1UO4= +github.com/xanzy/go-gitlab v0.72.0 h1:/9BQTftUE7GRK/RO1eeWxG1cOE+tjwBrvRdpkeSOq6w= +github.com/xanzy/go-gitlab v0.72.0/go.mod h1:d/a0vswScO7Agg1CZNz15Ic6SSvBG9vfw8egL99t4kA= github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xanzy/ssh-agent v0.3.1 h1:AmzO1SSWxw73zxFZPRwaMN1MohDw8UyHnmuxyceTEGo= @@ -2322,6 +2378,8 @@ go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= +go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= @@ -2517,6 +2575,8 @@ golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220728211354-c7608f3a8462 h1:UreQrH7DbFXSi9ZFox6FNT3WBooWmdANpU+IfkT1T4I= golang.org/x/net v0.0.0-20220728211354-c7608f3a8462/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= +golang.org/x/net v0.0.0-20220805013720-a33c5aa5df48 h1:N9Vc/rorQUDes6B9CNdIxAn5jODGj2wzfrei2x4wNj4= +golang.org/x/net v0.0.0-20220805013720-a33c5aa5df48/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2545,6 +2605,8 @@ golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb/go.mod h1:jaDAt6Dkxork7LmZnYtzbRWj0W47D86a3TGe0YHBvmE= golang.org/x/oauth2 v0.0.0-20220718184931-c8730f7fcb92 h1:oVlhw3Oe+1reYsE2Nqu19PDJfLzwdU3QUUrG86rLK68= golang.org/x/oauth2 v0.0.0-20220718184931-c8730f7fcb92/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.0.0-20220722155238-128564f6959c h1:q3gFqPqH7NVofKo3c3yETAP//pPI+G5mvB7qqj1Y5kY= +golang.org/x/oauth2 v0.0.0-20220722155238-128564f6959c/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -2714,6 +2776,8 @@ golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220731174439-a90be440212d h1:Sv5ogFZatcgIMMtBSTTAgMYsicp25MXBubjXNDKwm80= golang.org/x/sys v0.0.0-20220731174439-a90be440212d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab h1:2QkjZIsXupsJbJIdSjjUOgWK3aEtzyuh2mPt3l/CkeU= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -2723,6 +2787,8 @@ golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4 golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.0.0-20220526004731-065cf7ba2467 h1:CBpWXWQpIRjzmkkA+M7q9Fqnwd2mZr3AFqexg8YTfoM= +golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -2744,6 +2810,8 @@ golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11/go.mod h1:tRJNPiyCQ0inRvYxb golang.org/x/time v0.0.0-20220210224613-90d013bbcef8/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220411224347-583f2d630306 h1:+gHMid33q6pen7kv9xvT+JRinntgeXO2AeZVd0AWD3w= golang.org/x/time v0.0.0-20220411224347-583f2d630306/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 h1:ftMN5LMiBFjbzleLqtoBZk7KdJwhuybIU+FckUHgoyQ= +golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -3185,8 +3253,8 @@ gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81 gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= gotest.tools/v3 v3.1.0 h1:rVV8Tcg/8jHUkPUorwjaMTtemIMVXfIPKiOqnhEhakk= -helm.sh/helm/v3 v3.9.2 h1:bx7kdhr5VAhYoWv9bIdT1C6qWR+/7SIoPCwLx22l78g= -helm.sh/helm/v3 v3.9.2/go.mod h1:y/dJc/0Lzcn40jgd85KQXnufhFF7sr4v6L/vYMLRaRM= +helm.sh/helm/v3 v3.9.3 h1:etd4Qc45/bnIkBofZIRwrAzYuG3bNWR1EdMN4fsfzoE= +helm.sh/helm/v3 v3.9.3/go.mod h1:3eaWAIqzvlRSD06gR9MMwmp2KBKwlu9av1/1BZpjeWY= honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -3244,8 +3312,8 @@ k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk= -k8s.io/kube-openapi v0.0.0-20220401212409-b28bf2818661 h1:nqYOUleKLC/0P1zbU29F5q6aoezM6MOAVz+iyfQbZ5M= -k8s.io/kube-openapi v0.0.0-20220401212409-b28bf2818661/go.mod h1:daOouuuwd9JXpv1L7Y34iV3yf6nxzipkKMWWlqlvK9M= +k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8 h1:yEQKdMCjzAOvGeiTwG4hO/hNVNtDOuUFvMUZ0OlaIzs= +k8s.io/kube-openapi v0.0.0-20220627174259-011e075b9cb8/go.mod h1:mbJ+NSUoAhuR14N0S63bPkh8MGVSo3VYSGZtH/mfMe0= k8s.io/kubectl v0.24.3 h1:PqY8ho/S/KuE2/hCC3Iee7X+lOtARYo0LQsNzvV/edE= k8s.io/kubectl v0.24.3/go.mod h1:PYLcvw96sC1NLbxZEDbdlOEd6/C76VIWjGmWV5QjSk0= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= @@ -3318,6 +3386,8 @@ sigs.k8s.io/kustomize/kyaml v0.13.9 h1:Qz53EAaFFANyNgyOEJbT/yoIHygK40/ZcvU3rgry2 sigs.k8s.io/kustomize/kyaml v0.13.9/go.mod h1:QsRbD0/KcU+wdk0/L0fIp2KLnohkVzs6fQ85/nOXac4= sigs.k8s.io/release-utils v0.7.1 h1:dQuGqQi7XGW4PSLJ6JRlN2JUDkeXSepDL1nTdl9QTPY= sigs.k8s.io/release-utils v0.7.1/go.mod h1:SK+/kkc2i7ZO0CFXDCvXpzIZyt13cPlscaApaZD7VmU= +sigs.k8s.io/release-utils v0.7.3 h1:6pS8x6c5RmdUgR9qcg1LO6hjUzuE4Yo9TGZ3DemrZdM= +sigs.k8s.io/release-utils v0.7.3/go.mod h1:n0mVez/1PZYZaZUTJmxewxH3RJ/Lf7JUDh7TG1CASOE= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.2.1 h1:bKCqE9GvQ5tiVHn5rfn1r+yao3aLQEaLzkkmAkf+A6Y= diff --git a/packages/big-bang-core/kustomization/core-light/README.md b/packages/big-bang-core/kustomization/core-light/README.md new file mode 100644 index 0000000000..70b314ec21 --- /dev/null +++ b/packages/big-bang-core/kustomization/core-light/README.md @@ -0,0 +1,34 @@ +## Expected resources allocation for Big Bang Core Light + +``` +│ Namespace Name CPU Requests CPU Limits Memory Requests Memory Limits Age │ +│ --------- ---- ------------ ---------- --------------- ------------- --- │ +│ kube-system local-path-provisioner-7b7dc8d6f5-5z9df 0 (0%) 0 (0%) 0 (0%) 0 (0%) 78m │ +│ kube-system coredns-b96499967-gc445 100m (1%) 0 (0%) 70Mi (0%) 170Mi (0%) 78m │ +│ kube-system metrics-server-668d979685-4gmkw 100m (1%) 0 (0%) 70Mi (0%) 0 (0%) 78m │ +│ zarf zarf-docker-registry-6bfd494b98-mvccr 500m (6%) 3 (37%) 256Mi (0%) 2Gi (6%) 77m │ +│ zarf agent-hook-5687754cb7-kz77f 100m (1%) 500m (6%) 32Mi (0%) 128Mi (0%) 77m │ +│ zarf agent-hook-5687754cb7-tbmzc 100m (1%) 500m (6%) 32Mi (0%) 128Mi (0%) 77m │ +│ zarf zarf-gitea-0 200m (2%) 1 (12%) 512Mi (1%) 2Gi (6%) 77m │ +│ flux-system helm-controller-86cfb988f4-pssqg 500m (6%) 500m (6%) 1Gi (3%) 1Gi (3%) 75m │ +│ flux-system notification-controller-654fcb65db-4q7fw 100m (1%) 100m (1%) 100Mi (0%) 100Mi (0%) 75m │ +│ flux-system kustomize-controller-56c8f84d8b-lbkbr 100m (1%) 100m (1%) 600Mi (1%) 600Mi (1%) 75m │ +│ flux-system source-controller-6c454dcd4f-qnj72 100m (1%) 100m (1%) 250Mi (0%) 250Mi (0%) 75m │ +│ gatekeeper-system gatekeeper-audit-756dd887ff-s4xct 200m (2%) 1200m (15%) 768Mi (2%) 2Gi (6%) 71m │ +│ gatekeeper-system gatekeeper-controller-manager-64c694854d-5lw8k 175m (2%) 1 (12%) 512Mi (1%) 2Gi (6%) 71m │ +│ istio-operator istio-operator-74744875b9-nb2dp 100m (1%) 500m (6%) 256Mi (0%) 256Mi (0%) 66m │ +│ istio-system istiod-575fb9949b-scvxw 100m (1%) 500m (6%) 1Gi (3%) 1Gi (3%) 65m │ +│ istio-system svclb-public-ingressgateway-wvxxs 0 (0%) 0 (0%) 0 (0%) 0 (0%) 65m │ +│ istio-system public-ingressgateway-f7cd6c66d-dxflj 100m (1%) 500m (6%) 512Mi (1%) 512Mi (1%) 65m │ +│ monitoring monitoring-monitoring-prometheus-node-exporter-rvb2l 200m (2%) 600m (7%) 384Mi (1%) 384Mi (1%) 62m │ +│ monitoring monitoring-monitoring-kube-operator-76c6f6cb87-nlt8h 200m (2%) 600m (7%) 768Mi (2%) 768Mi (2%) 62m │ +│ monitoring monitoring-monitoring-kube-state-metrics-679d49d7f6-8kcjb 110m (1%) 600m (7%) 384Mi (1%) 384Mi (1%) 62m │ +│ monitoring alertmanager-monitoring-monitoring-kube-alertmanager-0 250m (3%) 700m (8%) 640Mi (1%) 640Mi (1%) 62m │ +│ monitoring prometheus-monitoring-monitoring-kube-prometheus-0 250m (3%) 500m (6%) 2432Mi (7%) 2432Mi (7%) 62m │ +│ monitoring monitoring-monitoring-grafana-5679c589f9-2jnlp 300m (3%) 1600m (20%) 612Mi (1%) 968Mi (3%) 62m │ +│ tempo tempo-tempo-0 900m (11%) 900m (11%) 4608Mi (14%) 4608Mi (14%) 60m │ +│ cluster-auditor opa-exporter-574f978ccc-vdfhx 200m (2%) 600m (7%) 768Mi (2%) 768Mi (2%) 60m │ +│ twistlock twistlock-console-98dd45667-48x2j 200m (2%) 600m (7%) 1280Mi (3%) 1280Mi (3%) 60m │ +│ logging logging-loki-0 200m (2%) 200m (2%) 512Mi (1%) 512Mi (1%) 60m │ +│ logging logging-promtail-2xmr2 300m (3%) 300m (3%) 384Mi (1%) 384Mi (1%) 57m │ +``` \ No newline at end of file diff --git a/packages/big-bang-core/kustomization/core-light/values.yaml b/packages/big-bang-core/kustomization/core-light/values.yaml index 17daae9458..24a15cca98 100644 --- a/packages/big-bang-core/kustomization/core-light/values.yaml +++ b/packages/big-bang-core/kustomization/core-light/values.yaml @@ -10,6 +10,7 @@ clusterAuditor: gatekeeper: values: + replicas: 1 controllerManager: resources: limits: diff --git a/packages/big-bang-core/kustomization/core-standard/kustomization.yaml b/packages/big-bang-core/kustomization/core-standard/kustomization.yaml index 9f1cb65264..c7e27c1e90 100644 --- a/packages/big-bang-core/kustomization/core-standard/kustomization.yaml +++ b/packages/big-bang-core/kustomization/core-standard/kustomization.yaml @@ -1,5 +1,5 @@ bases: - - git::https://repo1.dso.mil/platform-one/big-bang/bigbang.git/base?ref=tags/1.37.0 + - git::https://repo1.dso.mil/platform-one/big-bang/bigbang.git/base?ref=tags/1.39.0 configMapGenerator: - name: common diff --git a/packages/big-bang-core/kustomization/core-standard/values.yaml b/packages/big-bang-core/kustomization/core-standard/values.yaml index 0218b76c78..da6680d4fa 100644 --- a/packages/big-bang-core/kustomization/core-standard/values.yaml +++ b/packages/big-bang-core/kustomization/core-standard/values.yaml @@ -1,4 +1,4 @@ -domain: bigbang.dev +domain: "###ZARF_VAR_DOMAIN###" registryCredentials: registry: "###ZARF_REGISTRY###" @@ -56,6 +56,7 @@ istio: ZSiedu5LBQD9enuns5qja1JCLTczx4h9J4VC5dta2LwJEKdl3JFV0TtRLZem4vkw PMvLLr/bq/3meBHUPHFCbVI= -----END PRIVATE KEY----- + cert: | -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISBJmTT+NKxDDIk28TBZXhUpGNMA0GCSqGSIb3DQEBCwUA @@ -150,7 +151,6 @@ istio: -----END CERTIFICATE----- gatekeeper: - enabled: true values: violations: allowedDockerRegistries: @@ -158,14 +158,12 @@ gatekeeper: # Make Kind/K3d happy excludedNamespaces: - "kube-sytem" + - "istio-system" - "local-path-storage" parameters: repos: - "###ZARF_REGISTRY###" excludedResources: - # K3s needs these due to how it creates services of type "LoadBalancer" - - "istio-system/lb-port-.*" - - "istio-system/svclb-.*" # K3s needs this if you are doing K3s-specific "HelmRelease"-type CRDs - ".*/helm-install-.*" - ".*/helm" @@ -176,11 +174,10 @@ gatekeeper: - "kube-sytem" - "local-path-storage" hostNetworking: - parameters: - excludedResources: - # K3s needs these due to how it creates services of type "LoadBalancer" - - "istio-system/svclb-.*" - - "istio-system/lb-port-.*" + match: + excludedNamespaces: + - "kube-sytem" + - "istio-system" restrictedTaint: match: # Make Kind/K3d happy @@ -194,17 +191,18 @@ gatekeeper: - "kube-sytem" - "local-path-storage" +# EFK -> PLG, see https://repo1.dso.mil/platform-one/big-bang/bigbang/-/blob/1.39.0/docs/guides/using-bigbang/efk-plg-logging-migration.md logging: enabled: false - eckoperator: enabled: false - fluentbit: enabled: false - +jaeger: + enabled: false loki: enabled: true - promtail: enabled: true +tempo: + enabled: true diff --git a/packages/big-bang-core/zarf.yaml b/packages/big-bang-core/zarf.yaml index 837ef6c092..6bb2c1b9cd 100644 --- a/packages/big-bang-core/zarf.yaml +++ b/packages/big-bang-core/zarf.yaml @@ -2,80 +2,82 @@ kind: ZarfPackageConfig metadata: name: big-bang-core-demo description: "Deploy Big Bang Core" + version: 1.39.0 + url: https://p1.dso.mil/products/big-bang + image: https://p1.dso.mil/img/Big_Bang_Color_Logo_White_text.de14c793.webp # Big Bang / Iron Bank are only amd64 architecture: amd64 +variables: + # Prompt user for the domain override + - name: DOMAIN + default: "bigbang.dev" + prompt: true + components: - name: flux required: true import: path: ../flux-iron-bank - - name: big-bang-core-assets + - name: big-bang-core-standard-assets description: "Git repositories and OCI images used by Big Bang Core" required: true repos: - - https://repo1.dso.mil/platform-one/big-bang/bigbang.git@1.37.0 - - https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git@1.13.4-bb.1 - - https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator.git@1.13.4-bb.0 - - https://repo1.dso.mil/platform-one/big-bang/apps/core/jaeger.git@2.32.2-bb.0 - - https://repo1.dso.mil/platform-one/big-bang/apps/core/kiali.git@1.51.0-bb.1 + - https://repo1.dso.mil/platform-one/big-bang/bigbang.git@1.39.0 + - https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-controlplane.git@1.13.5-bb.2 + - https://repo1.dso.mil/platform-one/big-bang/apps/core/istio-operator.git@1.13.5-bb.1 + - https://repo1.dso.mil/platform-one/big-bang/apps/core/policy.git@3.8.1-bb.5 - https://repo1.dso.mil/platform-one/big-bang/apps/core/cluster-auditor.git@1.4.0-bb.4 - - https://repo1.dso.mil/platform-one/big-bang/apps/core/policy.git@3.8.1-bb.0 - - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/loki.git@3.0.5-bb.0 - - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/promtail.git@4.2.0-bb.2 - - https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git@35.5.1-bb.2 - - https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git@0.9.0-bb.0 + - https://repo1.dso.mil/platform-one/big-bang/apps/core/monitoring.git@36.2.1-bb.2 + - https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock.git@0.9.0-bb.3 images: - # istio-controlplane - - registry1.dso.mil/ironbank/big-bang/base:1.0.0 - - registry1.dso.mil/ironbank/opensource/istio/pilot:1.13.4 - - registry1.dso.mil/ironbank/opensource/istio/proxyv2:1.13.4 - - registry1.dso.mil/ironbank/opensource/istio/install-cni:1.13.4 - - # istio-operator - - registry1.dso.mil/ironbank/opensource/istio/operator:1.13.4 - - # jaeger - - registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen:v1.1.1 - - registry1.dso.mil/ironbank/opensource/jaegertracing/all-in-one:1.34.1 - - registry1.dso.mil/ironbank/opensource/jaegertracing/jaeger-operator:1.34.1 - - registry1.dso.mil/ironbank/big-bang/base:1.17.0 + # istio: + - "registry1.dso.mil/ironbank/big-bang/base:2.0.0" + - "registry1.dso.mil/ironbank/opensource/istio/pilot:1.13.5" + - "registry1.dso.mil/ironbank/opensource/istio/proxyv2:1.13.5" + - "registry1.dso.mil/ironbank/opensource/istio/install-cni:1.13.5" - # kiali - - registry1.dso.mil/ironbank/opensource/kiali/kiali-operator:v1.51.0 - - registry1.dso.mil/ironbank/opensource/kiali/kiali:v1.51.0 + # istiooperator: + - "registry1.dso.mil/ironbank/opensource/istio/operator:1.13.5" - # cluster-auditor - - registry1.dso.mil/ironbank/bigbang/cluster-auditor/opa-exporter:v0.0.4 + # clusterAuditor: + - "registry1.dso.mil/ironbank/bigbang/cluster-auditor/opa-exporter:v0.0.4" # policy (OPA Gatekeeper) - registry1.dso.mil/ironbank/opensource/kubernetes/kubectl:v1.22.2 - registry1.dso.mil/ironbank/opensource/openpolicyagent/gatekeeper:v3.8.1 - # loki - - registry1.dso.mil/ironbank/opensource/grafana/loki:2.5.0 - - # promtail - - registry1.dso.mil/ironbank/opensource/grafana/promtail:v2.5.0 + # monitoring: + - "registry1.dso.mil/ironbank/big-bang/base:2.0.0" + - "registry1.dso.mil/ironbank/big-bang/grafana/grafana-plugins:9.0.1" + - "registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.19.2" + - "registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen:v1.1.1" + - "registry1.dso.mil/ironbank/opensource/kubernetes/kube-state-metrics:v2.5.0" + - "registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader:v0.57.0" + - "registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-operator:v0.57.0" + - "registry1.dso.mil/ironbank/opensource/prometheus/alertmanager:v0.24.0" + - "registry1.dso.mil/ironbank/opensource/prometheus/node-exporter:v1.3.1" + - "registry1.dso.mil/ironbank/opensource/prometheus/prometheus:v2.36.2" - # monitoring - - registry1.dso.mil/ironbank/big-bang/base:1.17.0 - - registry1.dso.mil/ironbank/kiwigrid/k8s-sidecar:1.18.1 - - registry1.dso.mil/ironbank/big-bang/grafana/grafana-plugins:8.6.2 - - registry1.dso.mil/ironbank/opensource/ingress-nginx/kube-webhook-certgen:v1.1.1 - - registry1.dso.mil/ironbank/opensource/kubernetes/kube-state-metrics:v2.5.0 - - registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-config-reloader:v0.57.0 - - registry1.dso.mil/ironbank/opensource/prometheus-operator/prometheus-operator:v0.57.0 - - registry1.dso.mil/ironbank/opensource/prometheus/alertmanager:v0.24.0 - - registry1.dso.mil/ironbank/opensource/prometheus/node-exporter:v1.3.1 - - registry1.dso.mil/ironbank/opensource/prometheus/prometheus:v2.36.0 + # twistlock: + - "registry1.dso.mil/ironbank/big-bang/base:2.0.0" + - "registry1.dso.mil/ironbank/twistlock/console/console:22.06.179" + - "registry1.dso.mil/ironbank/twistlock/defender/defender:22.06.179" - # twistlock - - registry1.dso.mil/ironbank/big-bang/base:1.18.0 - - registry1.dso.mil/ironbank/twistlock/console/console:22.06.179 - - registry1.dso.mil/ironbank/twistlock/defender/defender:22.06.179 + - name: big-bang-core-plg-assets + description: "Git repositories and OCI images used by PLG" + required: true + repos: + - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/loki.git@3.0.5-bb.4 + - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/promtail.git@4.2.0-bb.2 + - https://repo1.dso.mil/platform-one/big-bang/apps/sandbox/tempo.git@0.15.1-bb.7 + images: + - registry1.dso.mil/ironbank/opensource/grafana/loki:2.5.0 + - registry1.dso.mil/ironbank/opensource/grafana/promtail:v2.5.0 + - registry1.dso.mil/ironbank/opensource/grafana/tempo-query:1.4.1 + - registry1.dso.mil/ironbank/opensource/grafana/tempo:1.4.1 - name: big-bang-core-limited-resources description: "Deploy a lightweight version of Big Bang Core using limited resources" diff --git a/packages/flux-iron-bank/zarf.yaml b/packages/flux-iron-bank/zarf.yaml index 6c8861bf5b..354d7dc02f 100644 --- a/packages/flux-iron-bank/zarf.yaml +++ b/packages/flux-iron-bank/zarf.yaml @@ -11,7 +11,7 @@ components: - name: flux-installer # This will be built on the package create side and deployed as a regular manifest on package deploy kustomizations: - - https://repo1.dso.mil/platform-one/big-bang/bigbang.git//base/flux?ref=1.37.0 + - https://repo1.dso.mil/platform-one/big-bang/bigbang.git//base/flux?ref=1.39.0 images: # Flux images - registry1.dso.mil/ironbank/fluxcd/helm-controller:v0.22.1 diff --git a/packages/zarf-agent/manifests/webhook.yaml b/packages/zarf-agent/manifests/webhook.yaml index 2032432f87..a537124c49 100644 --- a/packages/zarf-agent/manifests/webhook.yaml +++ b/packages/zarf-agent/manifests/webhook.yaml @@ -25,6 +25,9 @@ webhooks: values: - "skip" - "ignore" + # Ignore K3s Klipper + - key: svccontroller.k3s.cattle.io/svcname + operator: DoesNotExist clientConfig: service: name: agent-hook diff --git a/src/cmd/package.go b/src/cmd/package.go index 78c791cda4..d4b190bb1e 100644 --- a/src/cmd/package.go +++ b/src/cmd/package.go @@ -129,4 +129,5 @@ func init() { packageDeployCmd.Flags().StringVar(&config.DeployOptions.SGetKeyPath, "sget", "", "Path to public sget key file for remote packages signed via cosign") packageInspectCmd.Flags().StringVar(&config.CommonOptions.TempDirectory, "tmpdir", "", "Specify the temporary directory to use for intermediate files") + packageInspectCmd.Flags().BoolVarP(&packager.ViewSBOM, "sbom", "s", false, "View SBOM contents while inspecting the package.") } diff --git a/src/internal/message/message.go b/src/internal/message/message.go index 6cef158cbc..b7c8b52e12 100644 --- a/src/internal/message/message.go +++ b/src/internal/message/message.go @@ -118,6 +118,11 @@ func Infof(format string, a ...any) { } } +func SuccessF(format string, a ...any) { + message := paragraph(format, a...) + pterm.Success.Println(message) +} + func Question(text string) { pterm.Println() message := paragraph(text) diff --git a/src/internal/message/progress.go b/src/internal/message/progress.go index c953d73b8f..61b0b9d585 100644 --- a/src/internal/message/progress.go +++ b/src/internal/message/progress.go @@ -13,7 +13,7 @@ type ProgressBar struct { func NewProgressBar(total int64, format string, a ...any) *ProgressBar { var progress *pterm.ProgressbarPrinter - text := fmt.Sprintf(format, a...) + text := fmt.Sprintf(" "+format, a...) if NoProgress { Info(text) } else { @@ -35,7 +35,7 @@ func (p *ProgressBar) Update(complete int64, text string) { if NoProgress { return } - p.progress.UpdateTitle(text) + p.progress.UpdateTitle(" " + text) chunk := int(complete) - p.progress.Current p.progress.Add(chunk) } diff --git a/src/internal/message/spinner.go b/src/internal/message/spinner.go index 7b3711eb8d..0882bc21f8 100644 --- a/src/internal/message/spinner.go +++ b/src/internal/message/spinner.go @@ -6,12 +6,19 @@ import ( "github.com/pterm/pterm" ) +var activeSpinner *Spinner + type Spinner struct { spinner *pterm.SpinnerPrinter startText string } func NewProgressSpinner(format string, a ...any) *Spinner { + if activeSpinner != nil { + Debug("Active spinner already exists") + return activeSpinner + } + var spinner *pterm.SpinnerPrinter text := fmt.Sprintf(format, a...) if NoProgress { @@ -24,10 +31,12 @@ func NewProgressSpinner(format string, a ...any) *Spinner { Start(text) } - return &Spinner{ + activeSpinner = &Spinner{ spinner: spinner, startText: text, } + + return activeSpinner } func (p *Spinner) Write(text []byte) (int, error) { @@ -60,9 +69,10 @@ func (p *Spinner) Debugf(format string, a ...any) { } func (p *Spinner) Stop() { - if p.spinner != nil { + if p.spinner != nil && p.spinner.IsActive { _ = p.spinner.Stop() } + activeSpinner = nil } func (p *Spinner) Success() { @@ -73,6 +83,7 @@ func (p *Spinner) Successf(format string, a ...any) { text := fmt.Sprintf(format, a...) if p.spinner != nil { p.spinner.Success(text) + activeSpinner = nil } else { Info(text) } @@ -92,10 +103,15 @@ func (p *Spinner) Errorf(err error, format string, a ...any) { Debug(err) } +func (p *Spinner) Fatal(err error) { + p.Fatalf(err, p.startText) +} + func (p *Spinner) Fatalf(err error, format string, a ...any) { if p.spinner != nil { p.spinner.RemoveWhenDone = true _ = p.spinner.Stop() + activeSpinner = nil } Fatalf(err, format, a...) } diff --git a/src/internal/packager/common.go b/src/internal/packager/common.go index 39095f0400..c523f10c7c 100644 --- a/src/internal/packager/common.go +++ b/src/internal/packager/common.go @@ -101,7 +101,7 @@ func confirmAction(userMessage string, sbomViewFiles []string) bool { // Display prompt if not auto-confirmed var confirmFlag bool if config.CommonOptions.Confirm { - message.Infof("%s Zarf package confirmed", userMessage) + message.SuccessF("%s Zarf package confirmed", userMessage) return config.CommonOptions.Confirm } else { diff --git a/src/internal/packager/create.go b/src/internal/packager/create.go index e9de321976..b49220e24a 100644 --- a/src/internal/packager/create.go +++ b/src/internal/packager/create.go @@ -121,7 +121,9 @@ func addComponent(tempPath tempPaths, component types.ZarfComponent) { } for idx, path := range chart.ValuesFiles { chartValueName := helm.StandardName(componentPath.values, chart) + "-" + strconv.Itoa(idx) - utils.CreatePathAndCopy(path, chartValueName) + if err := utils.CreatePathAndCopy(path, chartValueName); err != nil { + message.Fatalf(err, "Unable to copy values file %s", path) + } } } } @@ -134,7 +136,9 @@ func addComponent(tempPath tempPaths, component types.ZarfComponent) { if utils.IsUrl(file.Source) { utils.DownloadToFile(file.Source, destinationFile, component.CosignKeyPath) } else { - utils.CreatePathAndCopy(file.Source, destinationFile) + if err := utils.CreatePathAndCopy(file.Source, destinationFile); err != nil { + message.Fatalf(err, "Unable to copy %s", file.Source) + } } // Abort packaging on invalid shasum (if one is specified) @@ -154,18 +158,26 @@ func addComponent(tempPath tempPaths, component types.ZarfComponent) { if len(component.DataInjections) > 0 { spinner := message.NewProgressSpinner("Loading data injections") - defer spinner.Stop() + defer spinner.Success() for _, data := range component.DataInjections { spinner.Updatef("Copying data injection %s for %s", data.Target.Path, data.Target.Selector) destinationFile := componentPath.dataInjections + "/" + filepath.Base(data.Target.Path) - utils.CreatePathAndCopy(data.Source, destinationFile) + if err := utils.CreatePathAndCopy(data.Source, destinationFile); err != nil { + spinner.Fatalf(err, "Unable to copy data injection %s", data.Source) + } } - spinner.Success() } if len(component.Manifests) > 0 { - spinner := message.NewProgressSpinner("Loading %d manifests", len(component.Manifests)) - defer spinner.Stop() + // Get the proper count of total manifests to add + manifestCount := 0 + for _, manifest := range component.Manifests { + manifestCount += len(manifest.Files) + manifestCount += len(manifest.Kustomizations) + } + + spinner := message.NewProgressSpinner("Loading %d K8s manifests", manifestCount) + defer spinner.Success() if err := utils.CreateDirectory(componentPath.manifests, 0700); err != nil { spinner.Fatalf(err, "Unable to create the manifest path %s", componentPath.manifests) @@ -177,7 +189,9 @@ func addComponent(tempPath tempPaths, component types.ZarfComponent) { // Copy manifests without any processing spinner.Updatef("Copying manifest %s", file) destination := fmt.Sprintf("%s/%s", componentPath.manifests, file) - utils.CreatePathAndCopy(file, destination) + if err := utils.CreatePathAndCopy(file, destination); err != nil { + spinner.Fatalf(err, "Unable to copy the manifest %s", file) + } } for idx, kustomization := range manifest.Kustomizations { // Generate manifests from kustomizations and place in the package @@ -188,18 +202,16 @@ func addComponent(tempPath tempPaths, component types.ZarfComponent) { } } } - spinner.Success() } // Load all specified git repos if len(component.Repos) > 0 { spinner := message.NewProgressSpinner("Loading %d git repos", len(component.Repos)) - defer spinner.Stop() + defer spinner.Success() for _, url := range component.Repos { // Pull all the references if there is no `@` in the string git.Pull(url, componentPath.repos, spinner) } - spinner.Success() } } diff --git a/src/internal/packager/deploy.go b/src/internal/packager/deploy.go index 4cd0430e72..c3eee59331 100644 --- a/src/internal/packager/deploy.go +++ b/src/internal/packager/deploy.go @@ -111,7 +111,7 @@ func Deploy() { deployComponents(tempPath, component) } - pterm.Success.Println("Zarf deployment complete") + message.SuccessF("Zarf deployment complete") pterm.Println() // If not init config, print the application connection table diff --git a/src/internal/packager/injector.go b/src/internal/packager/injector.go index e731b4c7d1..fc2b9db60e 100644 --- a/src/internal/packager/injector.go +++ b/src/internal/packager/injector.go @@ -26,7 +26,7 @@ func runInjectionMadness(tempPath tempPaths) { message.Debugf("packager.runInjectionMadness(%#v)", tempPath) spinner := message.NewProgressSpinner("Attempting to bootstrap the seed image into the cluster") - defer spinner.Stop() + defer spinner.Success() var err error var images k8s.ImageNodeMap @@ -37,35 +37,35 @@ func runInjectionMadness(tempPath tempPaths) { // Try to create the zarf namespace spinner.Updatef("Creating the Zarf namespace") if _, err := k8s.CreateNamespace(k8s.ZarfNamespace, nil); err != nil { - message.Fatal(err, "Unable to create the zarf namespace") + spinner.Fatalf(err, "Unable to create the zarf namespace") } // Get all the images from the cluster spinner.Updatef("Getting the list of existing cluster images") if images, err = k8s.GetAllImages(); err != nil { - message.Fatal(err, "Unable to generate a list of candidate images to perform the registry injection") + spinner.Fatalf(err, "Unable to generate a list of candidate images to perform the registry injection") } spinner.Updatef("Generating bootstrap payload SHASUMs") if envVars, err = buildEnvVars(tempPath); err != nil { - message.Fatal(err, "Unable to build the injection pod environment variables") + spinner.Fatalf(err, "Unable to build the injection pod environment variables") } spinner.Updatef("Creating the injector configmap") if err = createInjectorConfigmap(tempPath); err != nil { - message.Fatal(err, "Unable to create the injector configmap") + spinner.Fatalf(err, "Unable to create the injector configmap") } spinner.Updatef("Creating the injector service") if service, err := createService(); err != nil { - message.Fatal(err, "Unable to create the injector service") + spinner.Fatalf(err, "Unable to create the injector service") } else { config.ZarfSeedPort = fmt.Sprintf("%d", service.Spec.Ports[0].NodePort) } spinner.Updatef("Loading the seed registry configmaps") if payloadConfigmaps, sha256sum, err = createPayloadConfigmaps(tempPath, spinner); err != nil { - message.Fatal(err, "Unable to generate the injector payload configmaps") + spinner.Fatalf(err, "Unable to generate the injector payload configmaps") } // https://regex101.com/r/eLS3at/1 @@ -94,7 +94,6 @@ func runInjectionMadness(tempPath tempPaths) { // if no error, try and wait for a seed image to be present, return if successful if err == nil && hasSeedImages(spinner) { - spinner.Success() return } diff --git a/src/internal/packager/inspect.go b/src/internal/packager/inspect.go index 9d90153947..4d8fd160ff 100644 --- a/src/internal/packager/inspect.go +++ b/src/internal/packager/inspect.go @@ -1,15 +1,20 @@ package packager import ( + "fmt" "io/ioutil" "path/filepath" + "github.com/AlecAivazis/survey/v2" "github.com/defenseunicorns/zarf/src/config" "github.com/defenseunicorns/zarf/src/internal/message" "github.com/defenseunicorns/zarf/src/internal/utils" "github.com/mholt/archiver/v3" ) +// ViewSBOM indicates if image SBOM information should be displayed when inspecting a package +var ViewSBOM bool + // Inspect list the contents of a package func Inspect(packageName string) { tempPath := createPaths() @@ -39,4 +44,28 @@ func Inspect(packageName string) { } message.Infof("The package was built with Zarf CLI version %s\n", config.GetBuildData().Version) + + if ViewSBOM { + err = archiver.Extract(packageName, "sboms", tempPath.base) + if err != nil { + message.Fatalf(err, "Unable to extract sbom information from the package.") + } + + sbomViewFiles, _ := filepath.Glob(tempPath.sboms + "/sbom-viewer-*") + if len(sbomViewFiles) > 1 { + link := sbomViewFiles[0] + msg := fmt.Sprintf("This package has %d images with software bill-of-materials (SBOM) included. You can view them now in the zarf-sbom folder in this directory or to go directly to one, open this in your browser: %s\n\n", len(sbomViewFiles), link) + message.Note(msg) + + // Use survey.Input to hang until user input + var value string + prompt := &survey.Input{ + Message: "Hit the 'enter' key when you are done viewing the SBOM files", + Default: "", + } + _ = survey.AskOne(prompt, &value) + } else { + message.Note("There were no images with software bill-of-materials (SBOM) included.") + } + } } diff --git a/src/internal/packager/prepare.go b/src/internal/packager/prepare.go index 484496d47a..5375c274d0 100644 --- a/src/internal/packager/prepare.go +++ b/src/internal/packager/prepare.go @@ -118,7 +118,9 @@ func FindImages(baseDir, repoHelmChartPath string) { for idx, path := range chart.ValuesFiles { chartValueName := helm.StandardName(componentPath.values, chart) + "-" + strconv.Itoa(idx) - utils.CreatePathAndCopy(path, chartValueName) + if err := utils.CreatePathAndCopy(path, chartValueName); err != nil { + message.Fatalf(err, "Unable to copy values file %s", path) + } } var override string diff --git a/src/internal/packager/scripts.go b/src/internal/packager/scripts.go index a094844639..42db6980be 100644 --- a/src/internal/packager/scripts.go +++ b/src/internal/packager/scripts.go @@ -11,10 +11,9 @@ import ( "github.com/defenseunicorns/zarf/src/types" ) - func loopScriptUntilSuccess(script string, scripts types.ZarfComponentScripts) { spinner := message.NewProgressSpinner("Waiting for command \"%s\"", script) - defer spinner.Stop() + defer spinner.Success() // Try to patch the zarf binary path in case the name isn't exactly "./zarf" binaryPath, err := os.Executable() @@ -65,8 +64,7 @@ func loopScriptUntilSuccess(script string, scripts types.ZarfComponentScripts) { } // Close the function now that we are done - spinner.Success() return } } -} \ No newline at end of file +} diff --git a/src/internal/sbom/viewer/styles.css b/src/internal/sbom/viewer/styles.css index 1da9440ef4..f3e8e4364c 100644 --- a/src/internal/sbom/viewer/styles.css +++ b/src/internal/sbom/viewer/styles.css @@ -3,6 +3,7 @@ body { color: #fff; padding: 20px; padding-top: 70px; + font-family: Sans-Serif; } .dataTable-wrapper { diff --git a/src/internal/sbom/viewer/viewer.js b/src/internal/sbom/viewer/viewer.js index 8320924a0a..67fcf51591 100644 --- a/src/internal/sbom/viewer/viewer.js +++ b/src/internal/sbom/viewer/viewer.js @@ -51,7 +51,7 @@ function initData() { window.dt.destroy() } - distroInfo.innerHTML = payload.distro.prettyName + distroInfo.innerHTML = payload.distro.prettyName || 'No Base Image Detected' window.dt = new simpleDatatables.DataTable(artifactsTable, { data, diff --git a/src/internal/utils/io.go b/src/internal/utils/io.go index 6c6bcddbdd..3ea6e29d3a 100644 --- a/src/internal/utils/io.go +++ b/src/internal/utils/io.go @@ -3,7 +3,6 @@ package utils import ( "bytes" "fmt" - "io/ioutil" "os" "os/exec" "path" @@ -12,13 +11,12 @@ import ( "github.com/defenseunicorns/zarf/src/internal/message" "github.com/otiai10/copy" - "github.com/pterm/pterm" ) var TempPathPrefix = "zarf-" func MakeTempDir(tmpDir string) (string, error) { - tmp, err := ioutil.TempDir(tmpDir, TempPathPrefix) + tmp, err := os.MkdirTemp(tmpDir, TempPathPrefix) message.Debugf("Creating temp path %s", tmp) return tmp, err } @@ -81,7 +79,7 @@ func WriteFile(path string, data []byte) error { // ReplaceTextTemplate loads a file from a given path, replaces text in it and writes it back in place func ReplaceTextTemplate(path string, mappings map[string]string) { - text, err := ioutil.ReadFile(path) + text, err := os.ReadFile(path) if err != nil { message.Fatalf(err, "Unable to load %s", path) } @@ -90,7 +88,7 @@ func ReplaceTextTemplate(path string, mappings map[string]string) { text = bytes.ReplaceAll(text, []byte(template), []byte(value)) } - if err = ioutil.WriteFile(path, text, 0600); err != nil { + if err = os.WriteFile(path, text, 0600); err != nil { message.Fatalf(err, "Unable to update %s", path) } } @@ -128,16 +126,16 @@ func CreateFilePath(destination string) error { return CreateDirectory(parentDest, 0700) } -func CreatePathAndCopy(source string, destination string) { +func CreatePathAndCopy(source string, destination string) error { if err := CreateFilePath(destination); err != nil { - message.Fatalf(err, "unable to copy the file %s", source) + return err } - // Copy the asset if err := copy.Copy(source, destination); err != nil { - message.Fatalf(err, "unable to copy the file %s", source) + return err } - pterm.Success.Printfln("Copying %s", source) + + return nil } // GetFinalExecutablePath returns the absolute path to the zarf executable, following any symlinks along the way From 8e442690a0aa1c7c8b60021245ee10124a2bb1ef Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Mon, 22 Aug 2022 12:26:36 -0500 Subject: [PATCH 4/4] rename zarf connect manifests --- examples/postgres-operator/zarf.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/postgres-operator/zarf.yaml b/examples/postgres-operator/zarf.yaml index d7f5e87f59..b738e50fe6 100644 --- a/examples/postgres-operator/zarf.yaml +++ b/examples/postgres-operator/zarf.yaml @@ -24,7 +24,7 @@ components: valuesFiles: - postgres/operator-ui-values.yaml manifests: - - name: zarf-connect + - name: postgres-operator-zarf-connect files: - postgres/zarf-connect.yaml images: @@ -43,7 +43,7 @@ components: valuesFiles: - pgadmin/values.yaml manifests: - - name: zarf-connect + - name: pgadmin-zarf-connect files: - pgadmin/zarf-connect.yaml images: