forked from TrueCloudLab/certificates
commit
d46c5b2f40
128 changed files with 1308 additions and 1288 deletions
6
.github/workflows/codeql-analysis.yml
vendored
6
.github/workflows/codeql-analysis.yml
vendored
|
@ -18,7 +18,11 @@ on:
|
||||||
# The branches below must be a subset of the branches above
|
# The branches below must be a subset of the branches above
|
||||||
branches: [ "master" ]
|
branches: [ "master" ]
|
||||||
schedule:
|
schedule:
|
||||||
- cron: '30 3 * * 3'
|
- cron: '0 0 * * *'
|
||||||
|
|
||||||
|
concurrency:
|
||||||
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
||||||
|
cancel-in-progress: true
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
analyze:
|
analyze:
|
||||||
|
|
38
.github/workflows/release.yml
vendored
38
.github/workflows/release.yml
vendored
|
@ -7,41 +7,13 @@ on:
|
||||||
- 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
|
- 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
test:
|
ci:
|
||||||
name: Lint, Test, Build
|
uses: smallstep/workflows/.github/workflows/goCI.yml@main
|
||||||
runs-on: ubuntu-20.04
|
|
||||||
strategy:
|
|
||||||
matrix:
|
|
||||||
go: [ '1.18', '1.19' ]
|
|
||||||
outputs:
|
|
||||||
is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }}
|
|
||||||
steps:
|
|
||||||
-
|
|
||||||
name: Checkout
|
|
||||||
uses: actions/checkout@v2
|
|
||||||
-
|
|
||||||
name: Setup Go
|
|
||||||
uses: actions/setup-go@v2
|
|
||||||
with:
|
|
||||||
go-version: ${{ matrix.go }}
|
|
||||||
-
|
|
||||||
name: Install Deps
|
|
||||||
id: install-deps
|
|
||||||
run: sudo apt-get -y install libpcsclite-dev
|
|
||||||
-
|
|
||||||
name: golangci-lint
|
|
||||||
uses: golangci/golangci-lint-action@v2
|
|
||||||
with:
|
|
||||||
version: ${{ secrets.GOLANGCI_LINT_VERSION }}
|
|
||||||
args: --timeout=30m
|
|
||||||
-
|
|
||||||
name: Test, Build
|
|
||||||
id: lint_test_build
|
|
||||||
run: V=1 make ci
|
|
||||||
|
|
||||||
create_release:
|
create_release:
|
||||||
name: Create Release
|
name: Create Release
|
||||||
needs: test
|
needs: ci
|
||||||
runs-on: ubuntu-20.04
|
runs-on: ubuntu-20.04
|
||||||
outputs:
|
outputs:
|
||||||
debversion: ${{ steps.extract-tag.outputs.DEB_VERSION }}
|
debversion: ${{ steps.extract-tag.outputs.DEB_VERSION }}
|
||||||
|
@ -132,7 +104,7 @@ jobs:
|
||||||
build_upload_docker:
|
build_upload_docker:
|
||||||
name: Build & Upload Docker Images
|
name: Build & Upload Docker Images
|
||||||
runs-on: ubuntu-20.04
|
runs-on: ubuntu-20.04
|
||||||
needs: test
|
needs: ci
|
||||||
steps:
|
steps:
|
||||||
-
|
-
|
||||||
name: Checkout
|
name: Checkout
|
||||||
|
|
48
.github/workflows/test.yml
vendored
48
.github/workflows/test.yml
vendored
|
@ -1,4 +1,4 @@
|
||||||
name: Lint, Test, Build
|
name: CI
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
|
@ -7,43 +7,13 @@ on:
|
||||||
branches:
|
branches:
|
||||||
- "**"
|
- "**"
|
||||||
pull_request:
|
pull_request:
|
||||||
|
schedule:
|
||||||
|
- cron: '0 0 * * *'
|
||||||
|
|
||||||
|
concurrency:
|
||||||
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
||||||
|
cancel-in-progress: true
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
lintTestBuild:
|
ci:
|
||||||
name: Lint, Test, Build
|
uses: smallstep/workflows/.github/workflows/goCI.yml@main
|
||||||
runs-on: ubuntu-20.04
|
|
||||||
strategy:
|
|
||||||
matrix:
|
|
||||||
go: [ '1.18', '1.19' ]
|
|
||||||
steps:
|
|
||||||
-
|
|
||||||
name: Checkout
|
|
||||||
uses: actions/checkout@v2
|
|
||||||
-
|
|
||||||
name: Setup Go
|
|
||||||
uses: actions/setup-go@v2
|
|
||||||
with:
|
|
||||||
go-version: ${{ matrix.go }}
|
|
||||||
-
|
|
||||||
name: Install Deps
|
|
||||||
id: install-deps
|
|
||||||
run: sudo apt-get -y install libpcsclite-dev
|
|
||||||
-
|
|
||||||
name: golangci-lint
|
|
||||||
uses: golangci/golangci-lint-action@v2
|
|
||||||
with:
|
|
||||||
version: ${{ secrets.GOLANGCI_LINT_VERSION }}
|
|
||||||
args: --timeout=30m
|
|
||||||
-
|
|
||||||
name: Test, Build
|
|
||||||
id: lint_test_build
|
|
||||||
run: V=1 make ci
|
|
||||||
-
|
|
||||||
name: Codecov
|
|
||||||
if: matrix.go == '1.19'
|
|
||||||
uses: codecov/codecov-action@v2
|
|
||||||
with:
|
|
||||||
token: ${{ secrets.CODECOV_TOKEN }}
|
|
||||||
files: ./coverage.out # optional
|
|
||||||
name: codecov-umbrella # optional
|
|
||||||
fail_ci_if_error: true # optional (default = false)
|
|
||||||
|
|
|
@ -1,74 +0,0 @@
|
||||||
linters-settings:
|
|
||||||
govet:
|
|
||||||
check-shadowing: true
|
|
||||||
settings:
|
|
||||||
printf:
|
|
||||||
funcs:
|
|
||||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Infof
|
|
||||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf
|
|
||||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf
|
|
||||||
- (github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf
|
|
||||||
revive:
|
|
||||||
min-confidence: 0
|
|
||||||
gocyclo:
|
|
||||||
min-complexity: 10
|
|
||||||
maligned:
|
|
||||||
suggest-new: true
|
|
||||||
dupl:
|
|
||||||
threshold: 100
|
|
||||||
goconst:
|
|
||||||
min-len: 2
|
|
||||||
min-occurrences: 2
|
|
||||||
depguard:
|
|
||||||
list-type: blacklist
|
|
||||||
packages:
|
|
||||||
# logging is allowed only by logutils.Log, logrus
|
|
||||||
# is allowed to use only in logutils package
|
|
||||||
- github.com/sirupsen/logrus
|
|
||||||
misspell:
|
|
||||||
locale: US
|
|
||||||
lll:
|
|
||||||
line-length: 140
|
|
||||||
goimports:
|
|
||||||
local-prefixes: github.com/golangci/golangci-lint
|
|
||||||
gocritic:
|
|
||||||
enabled-tags:
|
|
||||||
- performance
|
|
||||||
- style
|
|
||||||
- experimental
|
|
||||||
- diagnostic
|
|
||||||
disabled-checks:
|
|
||||||
- commentFormatting
|
|
||||||
- commentedOutCode
|
|
||||||
- evalOrder
|
|
||||||
- hugeParam
|
|
||||||
- octalLiteral
|
|
||||||
- rangeValCopy
|
|
||||||
- tooManyResultsChecker
|
|
||||||
- unnamedResult
|
|
||||||
|
|
||||||
linters:
|
|
||||||
disable-all: true
|
|
||||||
enable:
|
|
||||||
- gocritic
|
|
||||||
- gofmt
|
|
||||||
- gosimple
|
|
||||||
- govet
|
|
||||||
- ineffassign
|
|
||||||
- misspell
|
|
||||||
- revive
|
|
||||||
- staticcheck
|
|
||||||
- unused
|
|
||||||
|
|
||||||
run:
|
|
||||||
skip-dirs:
|
|
||||||
- pkg
|
|
||||||
|
|
||||||
issues:
|
|
||||||
exclude:
|
|
||||||
- can't lint
|
|
||||||
- declaration of "err" shadows declaration at line
|
|
||||||
- should have a package comment, unless it's in another file for this package
|
|
||||||
- error strings should not be capitalized or end with punctuation or a newline
|
|
||||||
- Wrapf call needs 1 arg but has 2 args
|
|
||||||
- cs.NegotiatedProtocolIsMutual is deprecated
|
|
23
Makefile
23
Makefile
|
@ -28,8 +28,9 @@ ci: testcgo build
|
||||||
#########################################
|
#########################################
|
||||||
|
|
||||||
bootstra%:
|
bootstra%:
|
||||||
# Using a released version of golangci-lint to take into account custom replacements in their go.mod
|
$Q curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $$(go env GOPATH)/bin latest
|
||||||
$Q curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(shell go env GOPATH)/bin v1.42.0
|
$Q go install golang.org/x/vuln/cmd/govulncheck@latest
|
||||||
|
$Q go install gotest.tools/gotestsum@latest
|
||||||
|
|
||||||
.PHONY: bootstra%
|
.PHONY: bootstra%
|
||||||
|
|
||||||
|
@ -132,17 +133,18 @@ generate:
|
||||||
# Test
|
# Test
|
||||||
#########################################
|
#########################################
|
||||||
test:
|
test:
|
||||||
$Q $(GOFLAGS) go test -short -coverprofile=coverage.out ./...
|
$Q $(GOFLAGS) gotestsum -- -coverprofile=coverage.out -short -covermode=atomic ./...
|
||||||
|
|
||||||
|
|
||||||
testcgo:
|
testcgo:
|
||||||
$Q go test -short -coverprofile=coverage.out ./...
|
$Q gotestsum -- -coverprofile=coverage.out -short -covermode=atomic ./...
|
||||||
|
|
||||||
.PHONY: test testcgo
|
.PHONY: test testcgo
|
||||||
|
|
||||||
integrate: integration
|
integrate: integration
|
||||||
|
|
||||||
integration: bin/$(BINNAME)
|
integration: bin/$(BINNAME)
|
||||||
$Q $(GOFLAGS) go test -tags=integration ./integration/...
|
$Q $(GOFLAGS) gotestsum -- -tags=integration ./integration/...
|
||||||
|
|
||||||
.PHONY: integrate integration
|
.PHONY: integrate integration
|
||||||
|
|
||||||
|
@ -151,15 +153,14 @@ integration: bin/$(BINNAME)
|
||||||
#########################################
|
#########################################
|
||||||
|
|
||||||
fmt:
|
fmt:
|
||||||
$Q gofmt -l -s -w $(SRC)
|
$Q goimports -l -w $(SRC)
|
||||||
|
|
||||||
|
lint: SHELL:=/bin/bash
|
||||||
lint:
|
lint:
|
||||||
$Q golangci-lint run --timeout=30m
|
$Q LOG_LEVEL=error golangci-lint run --config <(curl -s https://raw.githubusercontent.com/smallstep/workflows/master/.golangci.yml) --timeout=30m
|
||||||
|
$Q govulncheck ./...
|
||||||
|
|
||||||
lintcgo:
|
.PHONY: fmt lint
|
||||||
$Q LOG_LEVEL=error golangci-lint run --timeout=30m
|
|
||||||
|
|
||||||
.PHONY: fmt lint lintcgo
|
|
||||||
|
|
||||||
#########################################
|
#########################################
|
||||||
# Install
|
# Install
|
||||||
|
|
|
@ -33,7 +33,7 @@ func (a *Account) ToLog() (interface{}, error) {
|
||||||
|
|
||||||
// IsValid returns true if the Account is valid.
|
// IsValid returns true if the Account is valid.
|
||||||
func (a *Account) IsValid() bool {
|
func (a *Account) IsValid() bool {
|
||||||
return Status(a.Status) == StatusValid
|
return a.Status == StatusValid
|
||||||
}
|
}
|
||||||
|
|
||||||
// KeyToID converts a JWK to a thumbprint.
|
// KeyToID converts a JWK to a thumbprint.
|
||||||
|
|
|
@ -46,14 +46,14 @@ func TestKeyToID(t *testing.T) {
|
||||||
tc := run(t)
|
tc := run(t)
|
||||||
if id, err := KeyToID(tc.jwk); err != nil {
|
if id, err := KeyToID(tc.jwk); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -131,12 +131,13 @@ func TestExternalAccountKey_BindTo(t *testing.T) {
|
||||||
}
|
}
|
||||||
if wantErr {
|
if wantErr {
|
||||||
assert.NotNil(t, err)
|
assert.NotNil(t, err)
|
||||||
assert.Type(t, &Error{}, err)
|
var ae *Error
|
||||||
ae, _ := err.(*Error)
|
if assert.True(t, errors.As(err, &ae)) {
|
||||||
assert.Equals(t, ae.Type, tt.err.Type)
|
assert.Equals(t, ae.Type, tt.err.Type)
|
||||||
assert.Equals(t, ae.Detail, tt.err.Detail)
|
assert.Equals(t, ae.Detail, tt.err.Detail)
|
||||||
assert.Equals(t, ae.Identifier, tt.err.Identifier)
|
assert.Equals(t, ae.Identifier, tt.err.Identifier)
|
||||||
assert.Equals(t, ae.Subproblems, tt.err.Subproblems)
|
assert.Equals(t, ae.Subproblems, tt.err.Subproblems)
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
assert.Equals(t, eak.AccountID, acct.ID)
|
assert.Equals(t, eak.AccountID, acct.ID)
|
||||||
assert.Equals(t, eak.HmacKey, []byte{})
|
assert.Equals(t, eak.HmacKey, []byte{})
|
||||||
|
|
|
@ -2,6 +2,7 @@ package api
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
"github.com/go-chi/chi"
|
"github.com/go-chi/chi"
|
||||||
|
@ -97,8 +98,8 @@ func NewAccount(w http.ResponseWriter, r *http.Request) {
|
||||||
httpStatus := http.StatusCreated
|
httpStatus := http.StatusCreated
|
||||||
acc, err := accountFromContext(ctx)
|
acc, err := accountFromContext(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
acmeErr, ok := err.(*acme.Error)
|
var acmeErr *acme.Error
|
||||||
if !ok || acmeErr.Status != http.StatusBadRequest {
|
if !errors.As(err, &acmeErr) || acmeErr.Status != http.StatusBadRequest {
|
||||||
// Something went wrong ...
|
// Something went wrong ...
|
||||||
render.Error(w, err)
|
render.Error(w, err)
|
||||||
return
|
return
|
||||||
|
|
|
@ -197,12 +197,13 @@ func TestNewAccountRequest_Validate(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
if err := tc.nar.Validate(); err != nil {
|
if err := tc.nar.Validate(); err != nil {
|
||||||
if assert.NotNil(t, err) {
|
if assert.NotNil(t, err) {
|
||||||
ae, ok := err.(*acme.Error)
|
var ae *acme.Error
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &ae)) {
|
||||||
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
||||||
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
||||||
assert.Equals(t, ae.Type, tc.err.Type)
|
assert.Equals(t, ae.Type, tc.err.Type)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
assert.Nil(t, tc.err)
|
assert.Nil(t, tc.err)
|
||||||
}
|
}
|
||||||
|
@ -268,12 +269,13 @@ func TestUpdateAccountRequest_Validate(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
if err := tc.uar.Validate(); err != nil {
|
if err := tc.uar.Validate(); err != nil {
|
||||||
if assert.NotNil(t, err) {
|
if assert.NotNil(t, err) {
|
||||||
ae, ok := err.(*acme.Error)
|
var ae *acme.Error
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &ae)) {
|
||||||
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
||||||
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
||||||
assert.Equals(t, ae.Type, tc.err.Type)
|
assert.Equals(t, ae.Type, tc.err.Type)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
assert.Nil(t, tc.err)
|
assert.Nil(t, tc.err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@ package api
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
|
|
||||||
"go.step.sm/crypto/jose"
|
"go.step.sm/crypto/jose"
|
||||||
|
|
||||||
|
@ -24,6 +25,7 @@ func validateExternalAccountBinding(ctx context.Context, nar *NewAccountRequest)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !acmeProv.RequireEAB {
|
if !acmeProv.RequireEAB {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -51,7 +53,8 @@ func validateExternalAccountBinding(ctx context.Context, nar *NewAccountRequest)
|
||||||
db := acme.MustDatabaseFromContext(ctx)
|
db := acme.MustDatabaseFromContext(ctx)
|
||||||
externalAccountKey, err := db.GetExternalAccountKey(ctx, acmeProv.ID, keyID)
|
externalAccountKey, err := db.GetExternalAccountKey(ctx, acmeProv.ID, keyID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if _, ok := err.(*acme.Error); ok {
|
var ae *acme.Error
|
||||||
|
if errors.As(err, &ae) {
|
||||||
return nil, acme.WrapError(acme.ErrorUnauthorizedType, err, "the field 'kid' references an unknown key")
|
return nil, acme.WrapError(acme.ErrorUnauthorizedType, err, "the field 'kid' references an unknown key")
|
||||||
}
|
}
|
||||||
return nil, acme.WrapErrorISE(err, "error retrieving external account key")
|
return nil, acme.WrapErrorISE(err, "error retrieving external account key")
|
||||||
|
|
|
@ -860,13 +860,15 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
|
||||||
if wantErr {
|
if wantErr {
|
||||||
assert.NotNil(t, err)
|
assert.NotNil(t, err)
|
||||||
assert.Type(t, &acme.Error{}, err)
|
assert.Type(t, &acme.Error{}, err)
|
||||||
ae, _ := err.(*acme.Error)
|
var ae *acme.Error
|
||||||
|
if assert.True(t, errors.As(err, &ae)) {
|
||||||
assert.Equals(t, ae.Type, tc.err.Type)
|
assert.Equals(t, ae.Type, tc.err.Type)
|
||||||
assert.Equals(t, ae.Status, tc.err.Status)
|
assert.Equals(t, ae.Status, tc.err.Status)
|
||||||
assert.HasPrefix(t, ae.Err.Error(), tc.err.Err.Error())
|
assert.HasPrefix(t, ae.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, ae.Detail, tc.err.Detail)
|
assert.Equals(t, ae.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, ae.Identifier, tc.err.Identifier)
|
assert.Equals(t, ae.Identifier, tc.err.Identifier)
|
||||||
assert.Equals(t, ae.Subproblems, tc.err.Subproblems)
|
assert.Equals(t, ae.Subproblems, tc.err.Subproblems)
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if got == nil {
|
if got == nil {
|
||||||
assert.Nil(t, tc.eak)
|
assert.Nil(t, tc.eak)
|
||||||
|
|
|
@ -518,9 +518,6 @@ func TestHandler_verifyAndExtractJWSPayload(t *testing.T) {
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"ok/empty-algorithm-in-jwk": func(t *testing.T) test {
|
"ok/empty-algorithm-in-jwk": func(t *testing.T) test {
|
||||||
_pub := *pub
|
|
||||||
clone := &_pub
|
|
||||||
clone.Algorithm = ""
|
|
||||||
ctx := context.WithValue(context.Background(), jwsContextKey, parsedJWS)
|
ctx := context.WithValue(context.Background(), jwsContextKey, parsedJWS)
|
||||||
ctx = context.WithValue(ctx, jwkContextKey, pub)
|
ctx = context.WithValue(ctx, jwkContextKey, pub)
|
||||||
return test{
|
return test{
|
||||||
|
|
|
@ -179,12 +179,13 @@ func TestNewOrderRequest_Validate(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
if err := tc.nor.Validate(); err != nil {
|
if err := tc.nor.Validate(); err != nil {
|
||||||
if assert.NotNil(t, err) {
|
if assert.NotNil(t, err) {
|
||||||
ae, ok := err.(*acme.Error)
|
var ae *acme.Error
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &ae)) {
|
||||||
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
||||||
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
||||||
assert.Equals(t, ae.Type, tc.err.Type)
|
assert.Equals(t, ae.Type, tc.err.Type)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if assert.Nil(t, tc.err) {
|
if assert.Nil(t, tc.err) {
|
||||||
if tc.nbf.IsZero() {
|
if tc.nbf.IsZero() {
|
||||||
|
@ -253,12 +254,13 @@ func TestFinalizeRequestValidate(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
if err := tc.fr.Validate(); err != nil {
|
if err := tc.fr.Validate(); err != nil {
|
||||||
if assert.NotNil(t, err) {
|
if assert.NotNil(t, err) {
|
||||||
ae, ok := err.(*acme.Error)
|
var ae *acme.Error
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &ae)) {
|
||||||
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
assert.HasPrefix(t, ae.Error(), tc.err.Error())
|
||||||
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
assert.Equals(t, ae.StatusCode(), tc.err.StatusCode())
|
||||||
assert.Equals(t, ae.Type, tc.err.Type)
|
assert.Equals(t, ae.Type, tc.err.Type)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if assert.Nil(t, tc.err) {
|
if assert.Nil(t, tc.err) {
|
||||||
assert.Equals(t, tc.fr.csr.Raw, csr.Raw)
|
assert.Equals(t, tc.fr.csr.Raw, csr.Raw)
|
||||||
|
@ -756,19 +758,22 @@ func TestHandler_newAuthorization(t *testing.T) {
|
||||||
}
|
}
|
||||||
for name, run := range tests {
|
for name, run := range tests {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
|
if name == "ok/permanent-identifier-enabled" {
|
||||||
|
println(1)
|
||||||
|
}
|
||||||
tc := run(t)
|
tc := run(t)
|
||||||
ctx := newBaseContext(context.Background(), tc.db)
|
ctx := newBaseContext(context.Background(), tc.db)
|
||||||
ctx = acme.NewProvisionerContext(ctx, tc.prov)
|
ctx = acme.NewProvisionerContext(ctx, tc.prov)
|
||||||
if err := newAuthorization(ctx, tc.az); err != nil {
|
if err := newAuthorization(ctx, tc.az); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *acme.Error
|
||||||
case *acme.Error:
|
if assert.True(t, errors.As(err, &k)) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -130,14 +130,14 @@ func TestAuthorization_UpdateStatus(t *testing.T) {
|
||||||
tc := run(t)
|
tc := run(t)
|
||||||
if err := tc.az.UpdateStatus(context.Background(), tc.db); err != nil {
|
if err := tc.az.UpdateStatus(context.Background(), tc.db); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -188,14 +188,14 @@ func Test_storeError(t *testing.T) {
|
||||||
tc := run(t)
|
tc := run(t)
|
||||||
if err := storeError(context.Background(), tc.db, tc.ch, tc.markInvalid, err); err != nil {
|
if err := storeError(context.Background(), tc.db, tc.ch, tc.markInvalid, err); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -243,14 +243,14 @@ func TestKeyAuthorization(t *testing.T) {
|
||||||
tc := run(t)
|
tc := run(t)
|
||||||
if ka, err := KeyAuthorization(tc.token, tc.jwk); err != nil {
|
if ka, err := KeyAuthorization(tc.token, tc.jwk); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -533,14 +533,14 @@ func TestChallenge_Validate(t *testing.T) {
|
||||||
ctx := NewClientContext(context.Background(), tc.vc)
|
ctx := NewClientContext(context.Background(), tc.vc)
|
||||||
if err := tc.ch.Validate(ctx, tc.db, tc.jwk, nil); err != nil {
|
if err := tc.ch.Validate(ctx, tc.db, tc.jwk, nil); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -928,14 +928,14 @@ func TestHTTP01Validate(t *testing.T) {
|
||||||
ctx := NewClientContext(context.Background(), tc.vc)
|
ctx := NewClientContext(context.Background(), tc.vc)
|
||||||
if err := http01Validate(ctx, tc.ch, tc.db, tc.jwk); err != nil {
|
if err := http01Validate(ctx, tc.ch, tc.db, tc.jwk); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1228,14 +1228,14 @@ func TestDNS01Validate(t *testing.T) {
|
||||||
ctx := NewClientContext(context.Background(), tc.vc)
|
ctx := NewClientContext(context.Background(), tc.vc)
|
||||||
if err := dns01Validate(ctx, tc.ch, tc.db, tc.jwk); err != nil {
|
if err := dns01Validate(ctx, tc.ch, tc.db, tc.jwk); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -2298,14 +2298,14 @@ func TestTLSALPN01Validate(t *testing.T) {
|
||||||
ctx := NewClientContext(context.Background(), tc.vc)
|
ctx := NewClientContext(context.Background(), tc.vc)
|
||||||
if err := tlsalpn01Validate(ctx, tc.ch, tc.db, tc.jwk); err != nil {
|
if err := tlsalpn01Validate(ctx, tc.ch, tc.db, tc.jwk); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -95,16 +95,16 @@ func TestDB_getDBAccount(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if dbacc, err := d.getDBAccount(context.Background(), accID); err != nil {
|
if dbacc, err := d.getDBAccount(context.Background(), accID); err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -174,16 +174,16 @@ func TestDB_getAccountIDByKeyID(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if retAccID, err := d.getAccountIDByKeyID(context.Background(), kid); err != nil {
|
if retAccID, err := d.getAccountIDByKeyID(context.Background(), kid); err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -248,16 +248,16 @@ func TestDB_GetAccount(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if acc, err := d.GetAccount(context.Background(), accID); err != nil {
|
if acc, err := d.GetAccount(context.Background(), accID); err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -354,16 +354,16 @@ func TestDB_GetAccountByKeyID(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if acc, err := d.GetAccountByKeyID(context.Background(), kid); err != nil {
|
if acc, err := d.GetAccountByKeyID(context.Background(), kid); err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -101,16 +101,16 @@ func TestDB_getDBAuthz(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if dbaz, err := d.getDBAuthz(context.Background(), azID); err != nil {
|
if dbaz, err := d.getDBAuthz(context.Background(), azID); err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -295,16 +295,16 @@ func TestDB_GetAuthorization(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if az, err := d.GetAuthorization(context.Background(), azID); err != nil {
|
if az, err := d.GetAuthorization(context.Background(), azID); err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -745,16 +745,16 @@ func TestDB_GetAuthorizationsByAccountID(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if azs, err := d.GetAuthorizationsByAccountID(context.Background(), accountID); err != nil {
|
if azs, err := d.GetAuthorizationsByAccountID(context.Background(), accountID); err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -138,5 +138,4 @@ func parseBundle(b []byte) ([]*x509.Certificate, error) {
|
||||||
return nil, errors.New("error decoding PEM: unexpected data")
|
return nil, errors.New("error decoding PEM: unexpected data")
|
||||||
}
|
}
|
||||||
return bundle, nil
|
return bundle, nil
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -250,16 +250,16 @@ func TestDB_GetCertificate(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
cert, err := d.GetCertificate(context.Background(), certID)
|
cert, err := d.GetCertificate(context.Background(), certID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
switch k := err.(type) {
|
var acmeErr *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &acmeErr) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, acmeErr.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, acmeErr.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, acmeErr.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, acmeErr.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -444,16 +444,16 @@ func TestDB_GetCertificateBySerial(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
cert, err := d.GetCertificateBySerial(context.Background(), serial)
|
cert, err := d.GetCertificateBySerial(context.Background(), serial)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -94,16 +94,16 @@ func TestDB_getDBChallenge(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if ch, err := d.getDBChallenge(context.Background(), chID); err != nil {
|
if ch, err := d.getDBChallenge(context.Background(), chID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -286,16 +286,16 @@ func TestDB_GetChallenge(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if ch, err := d.GetChallenge(context.Background(), chID, azID); err != nil {
|
if ch, err := d.GetChallenge(context.Background(), chID, azID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -54,7 +54,6 @@ func (db *DB) getDBExternalAccountKey(ctx context.Context, id string) (*dbExtern
|
||||||
|
|
||||||
// CreateExternalAccountKey creates a new External Account Binding key with a name
|
// CreateExternalAccountKey creates a new External Account Binding key with a name
|
||||||
func (db *DB) CreateExternalAccountKey(ctx context.Context, provisionerID, reference string) (*acme.ExternalAccountKey, error) {
|
func (db *DB) CreateExternalAccountKey(ctx context.Context, provisionerID, reference string) (*acme.ExternalAccountKey, error) {
|
||||||
|
|
||||||
externalAccountKeyMutex.Lock()
|
externalAccountKeyMutex.Lock()
|
||||||
defer externalAccountKeyMutex.Unlock()
|
defer externalAccountKeyMutex.Unlock()
|
||||||
|
|
||||||
|
@ -210,6 +209,7 @@ func (db *DB) GetExternalAccountKeyByReference(ctx context.Context, provisionerI
|
||||||
defer externalAccountKeyMutex.RUnlock()
|
defer externalAccountKeyMutex.RUnlock()
|
||||||
|
|
||||||
if reference == "" {
|
if reference == "" {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -228,6 +228,7 @@ func (db *DB) GetExternalAccountKeyByReference(ctx context.Context, provisionerI
|
||||||
}
|
}
|
||||||
|
|
||||||
func (db *DB) GetExternalAccountKeyByAccountID(ctx context.Context, provisionerID, accountID string) (*acme.ExternalAccountKey, error) {
|
func (db *DB) GetExternalAccountKeyByAccountID(ctx context.Context, provisionerID, accountID string) (*acme.ExternalAccountKey, error) {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -371,7 +372,6 @@ func sliceIndex(slice []string, item string) int {
|
||||||
// removeElement deletes the item if it exists in the
|
// removeElement deletes the item if it exists in the
|
||||||
// slice. It returns a new slice, keeping the old one intact.
|
// slice. It returns a new slice, keeping the old one intact.
|
||||||
func removeElement(slice []string, item string) []string {
|
func removeElement(slice []string, item string) []string {
|
||||||
|
|
||||||
newSlice := make([]string, 0)
|
newSlice := make([]string, 0)
|
||||||
index := sliceIndex(slice, item)
|
index := sliceIndex(slice, item)
|
||||||
if index < 0 {
|
if index < 0 {
|
||||||
|
|
|
@ -93,16 +93,16 @@ func TestDB_getDBExternalAccountKey(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if dbeak, err := d.getDBExternalAccountKey(context.Background(), keyID); err != nil {
|
if dbeak, err := d.getDBExternalAccountKey(context.Background(), keyID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -210,16 +210,16 @@ func TestDB_GetExternalAccountKey(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if eak, err := d.GetExternalAccountKey(context.Background(), provID, keyID); err != nil {
|
if eak, err := d.GetExternalAccountKey(context.Background(), provID, keyID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -374,16 +374,16 @@ func TestDB_GetExternalAccountKeyByReference(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if eak, err := d.GetExternalAccountKeyByReference(context.Background(), provID, tc.ref); err != nil {
|
if eak, err := d.GetExternalAccountKeyByReference(context.Background(), provID, tc.ref); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -580,16 +580,16 @@ func TestDB_GetExternalAccountKeys(t *testing.T) {
|
||||||
cursor, limit := "", 0
|
cursor, limit := "", 0
|
||||||
if eaks, nextCursor, err := d.GetExternalAccountKeys(context.Background(), provID, cursor, limit); err != nil {
|
if eaks, nextCursor, err := d.GetExternalAccountKeys(context.Background(), provID, cursor, limit); err != nil {
|
||||||
assert.Equals(t, "", nextCursor)
|
assert.Equals(t, "", nextCursor)
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.Equals(t, tc.err.Error(), err.Error())
|
assert.Equals(t, tc.err.Error(), err.Error())
|
||||||
}
|
}
|
||||||
|
@ -672,7 +672,7 @@ func TestDB_DeleteExternalAccountKey(t *testing.T) {
|
||||||
return errors.New("force default")
|
return errors.New("force default")
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
MCmpAndSwap: func(bucket, key, old, new []byte) ([]byte, bool, error) {
|
MCmpAndSwap: func(bucket, key, old, nu []byte) ([]byte, bool, error) {
|
||||||
fmt.Println(string(bucket))
|
fmt.Println(string(bucket))
|
||||||
switch string(bucket) {
|
switch string(bucket) {
|
||||||
case string(externalAccountKeyIDsByReferenceTable):
|
case string(externalAccountKeyIDsByReferenceTable):
|
||||||
|
@ -882,16 +882,16 @@ func TestDB_DeleteExternalAccountKey(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if err := d.DeleteExternalAccountKey(context.Background(), provID, keyID); err != nil {
|
if err := d.DeleteExternalAccountKey(context.Background(), provID, keyID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.Equals(t, err.Error(), tc.err.Error())
|
assert.Equals(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -146,16 +146,16 @@ func TestDB_DeleteNonce(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if err := d.DeleteNonce(context.Background(), acme.Nonce(nonceID)); err != nil {
|
if err := d.DeleteNonce(context.Background(), acme.Nonce(nonceID)); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -102,16 +102,16 @@ func TestDB_getDBOrder(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if dbo, err := d.getDBOrder(context.Background(), orderID); err != nil {
|
if dbo, err := d.getDBOrder(context.Background(), orderID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -206,16 +206,16 @@ func TestDB_GetOrder(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if o, err := d.GetOrder(context.Background(), orderID); err != nil {
|
if o, err := d.GetOrder(context.Background(), orderID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -1003,16 +1003,16 @@ func TestDB_updateAddOrderIDs(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
switch k := err.(type) {
|
var ae *acme.Error
|
||||||
case *acme.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.acmeErr) {
|
if assert.NotNil(t, tc.acmeErr) {
|
||||||
assert.Equals(t, k.Type, tc.acmeErr.Type)
|
assert.Equals(t, ae.Type, tc.acmeErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.acmeErr.Status)
|
assert.Equals(t, ae.Status, tc.acmeErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.acmeErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.acmeErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.acmeErr.Detail)
|
assert.Equals(t, ae.Detail, tc.acmeErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -310,10 +310,11 @@ func NewErrorISE(msg string, args ...interface{}) *Error {
|
||||||
|
|
||||||
// WrapError attempts to wrap the internal error.
|
// WrapError attempts to wrap the internal error.
|
||||||
func WrapError(typ ProblemType, err error, msg string, args ...interface{}) *Error {
|
func WrapError(typ ProblemType, err error, msg string, args ...interface{}) *Error {
|
||||||
switch e := err.(type) {
|
var e *Error
|
||||||
case nil:
|
switch {
|
||||||
|
case err == nil:
|
||||||
return nil
|
return nil
|
||||||
case *Error:
|
case errors.As(err, &e):
|
||||||
if e.Err == nil {
|
if e.Err == nil {
|
||||||
e.Err = errors.Errorf(msg+"; "+e.Detail, args...)
|
e.Err = errors.Errorf(msg+"; "+e.Detail, args...)
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -324,7 +324,6 @@ func numberOfIdentifierType(typ IdentifierType, ids []Identifier) int {
|
||||||
// addresses or DNS names slice, depending on whether it can be parsed as an IP
|
// addresses or DNS names slice, depending on whether it can be parsed as an IP
|
||||||
// or not. This might result in an additional SAN in the final certificate.
|
// or not. This might result in an additional SAN in the final certificate.
|
||||||
func canonicalize(csr *x509.CertificateRequest) (canonicalized *x509.CertificateRequest) {
|
func canonicalize(csr *x509.CertificateRequest) (canonicalized *x509.CertificateRequest) {
|
||||||
|
|
||||||
// for clarity only; we're operating on the same object by pointer
|
// for clarity only; we're operating on the same object by pointer
|
||||||
canonicalized = csr
|
canonicalized = csr
|
||||||
|
|
||||||
|
|
|
@ -247,14 +247,14 @@ func TestOrder_UpdateStatus(t *testing.T) {
|
||||||
tc := run(t)
|
tc := run(t)
|
||||||
if err := tc.o.UpdateStatus(context.Background(), tc.db); err != nil {
|
if err := tc.o.UpdateStatus(context.Background(), tc.db); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -812,14 +812,14 @@ func TestOrder_Finalize(t *testing.T) {
|
||||||
tc := run(t)
|
tc := run(t)
|
||||||
if err := tc.o.Finalize(context.Background(), tc.db, tc.csr, tc.ca, tc.prov); err != nil {
|
if err := tc.o.Finalize(context.Background(), tc.db, tc.csr, tc.ca, tc.prov); err != nil {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tc.err.Type)
|
assert.Equals(t, k.Type, tc.err.Type)
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
assert.Equals(t, k.Status, tc.err.Status)
|
assert.Equals(t, k.Status, tc.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1474,14 +1474,14 @@ func TestOrder_sans(t *testing.T) {
|
||||||
t.Errorf("Order.sans() = %v, want error; got none", got)
|
t.Errorf("Order.sans() = %v, want error; got none", got)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
switch k := err.(type) {
|
var k *Error
|
||||||
case *Error:
|
if errors.As(err, &k) {
|
||||||
assert.Equals(t, k.Type, tt.err.Type)
|
assert.Equals(t, k.Type, tt.err.Type)
|
||||||
assert.Equals(t, k.Detail, tt.err.Detail)
|
assert.Equals(t, k.Detail, tt.err.Detail)
|
||||||
assert.Equals(t, k.Status, tt.err.Status)
|
assert.Equals(t, k.Status, tt.err.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tt.err.Err.Error())
|
assert.Equals(t, k.Err.Error(), tt.err.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tt.err.Detail)
|
assert.Equals(t, k.Detail, tt.err.Detail)
|
||||||
default:
|
} else {
|
||||||
assert.FatalError(t, errors.New("unexpected error type"))
|
assert.FatalError(t, errors.New("unexpected error type"))
|
||||||
}
|
}
|
||||||
return
|
return
|
||||||
|
|
|
@ -3,7 +3,7 @@ package api
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"crypto"
|
"crypto"
|
||||||
"crypto/dsa" //nolint
|
"crypto/dsa" //nolint:staticcheck // support legacy algorithms
|
||||||
"crypto/ecdsa"
|
"crypto/ecdsa"
|
||||||
"crypto/ed25519"
|
"crypto/ed25519"
|
||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
|
|
|
@ -41,8 +41,8 @@ func TestJSON(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if tt.wantErr {
|
if tt.wantErr {
|
||||||
e, ok := err.(*errs.Error)
|
var e *errs.Error
|
||||||
if ok {
|
if errors.As(err, &e) {
|
||||||
if code := e.StatusCode(); code != 400 {
|
if code := e.StatusCode(); code != 400 {
|
||||||
t.Errorf("error.StatusCode() = %v, wants 400", code)
|
t.Errorf("error.StatusCode() = %v, wants 400", code)
|
||||||
}
|
}
|
||||||
|
@ -102,15 +102,16 @@ func TestProtoJSON(t *testing.T) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if tt.wantErr {
|
if tt.wantErr {
|
||||||
switch err.(type) {
|
var (
|
||||||
case badProtoJSONError:
|
ee *errs.Error
|
||||||
|
bpe badProtoJSONError
|
||||||
|
)
|
||||||
|
switch {
|
||||||
|
case errors.As(err, &bpe):
|
||||||
assert.Contains(t, err.Error(), "syntax error")
|
assert.Contains(t, err.Error(), "syntax error")
|
||||||
case *errs.Error:
|
case errors.As(err, &ee):
|
||||||
var ee *errs.Error
|
|
||||||
if errors.As(err, &ee) {
|
|
||||||
assert.Equal(t, http.StatusBadRequest, ee.Status)
|
assert.Equal(t, http.StatusBadRequest, ee.Status)
|
||||||
}
|
}
|
||||||
}
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,6 +17,7 @@ const (
|
||||||
// Renew uses the information of certificate in the TLS connection to create a
|
// Renew uses the information of certificate in the TLS connection to create a
|
||||||
// new one.
|
// new one.
|
||||||
func Renew(w http.ResponseWriter, r *http.Request) {
|
func Renew(w http.ResponseWriter, r *http.Request) {
|
||||||
|
//nolint:contextcheck // the reqest has the context
|
||||||
cert, err := getPeerCertificate(r)
|
cert, err := getPeerCertificate(r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
render.Error(w, err)
|
render.Error(w, err)
|
||||||
|
|
|
@ -62,12 +62,12 @@ func TestRevokeRequestValidate(t *testing.T) {
|
||||||
for name, tc := range tests {
|
for name, tc := range tests {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
if err := tc.rr.Validate(); err != nil {
|
if err := tc.rr.Validate(); err != nil {
|
||||||
switch v := err.(type) {
|
var ee *errs.Error
|
||||||
case *errs.Error:
|
if errors.As(err, &ee) {
|
||||||
assert.HasPrefix(t, v.Error(), tc.err.Error())
|
assert.HasPrefix(t, ee.Error(), tc.err.Error())
|
||||||
assert.Equals(t, v.StatusCode(), tc.err.Status)
|
assert.Equals(t, ee.StatusCode(), tc.err.Status)
|
||||||
default:
|
} else {
|
||||||
t.Errorf("unexpected error type: %T", v)
|
t.Errorf("unexpected error type: %T", err)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
assert.Nil(t, tc.err)
|
assert.Nil(t, tc.err)
|
||||||
|
|
|
@ -83,6 +83,7 @@ func SSHRekey(w http.ResponseWriter, r *http.Request) {
|
||||||
notBefore := time.Unix(int64(oldCert.ValidAfter), 0)
|
notBefore := time.Unix(int64(oldCert.ValidAfter), 0)
|
||||||
notAfter := time.Unix(int64(oldCert.ValidBefore), 0)
|
notAfter := time.Unix(int64(oldCert.ValidBefore), 0)
|
||||||
|
|
||||||
|
//nolint:contextcheck // the reqest has the context
|
||||||
identity, err := renewIdentityCertificate(r, notBefore, notAfter)
|
identity, err := renewIdentityCertificate(r, notBefore, notAfter)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
render.Error(w, errs.ForbiddenErr(err, "error renewing identity certificate"))
|
render.Error(w, errs.ForbiddenErr(err, "error renewing identity certificate"))
|
||||||
|
|
|
@ -75,6 +75,7 @@ func SSHRenew(w http.ResponseWriter, r *http.Request) {
|
||||||
notBefore := time.Unix(int64(oldCert.ValidAfter), 0)
|
notBefore := time.Unix(int64(oldCert.ValidAfter), 0)
|
||||||
notAfter := time.Unix(int64(oldCert.ValidBefore), 0)
|
notAfter := time.Unix(int64(oldCert.ValidBefore), 0)
|
||||||
|
|
||||||
|
//nolint:contextcheck // the reqest has the context
|
||||||
identity, err := renewIdentityCertificate(r, notBefore, notAfter)
|
identity, err := renewIdentityCertificate(r, notBefore, notAfter)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
render.Error(w, errs.ForbiddenErr(err, "error renewing identity certificate"))
|
render.Error(w, errs.ForbiddenErr(err, "error renewing identity certificate"))
|
||||||
|
|
|
@ -84,7 +84,6 @@ func (h *acmeAdminResponder) DeleteExternalAccountKey(w http.ResponseWriter, r *
|
||||||
}
|
}
|
||||||
|
|
||||||
func eakToLinked(k *acme.ExternalAccountKey) *linkedca.EABKey {
|
func eakToLinked(k *acme.ExternalAccountKey) *linkedca.EABKey {
|
||||||
|
|
||||||
if k == nil {
|
if k == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -229,12 +229,14 @@ func TestCreateAdminRequest_Validate(t *testing.T) {
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
assert.Type(t, &admin.Error{}, err)
|
assert.Type(t, &admin.Error{}, err)
|
||||||
adminErr, _ := err.(*admin.Error)
|
var adminErr *admin.Error
|
||||||
|
if assert.True(t, errors.As(err, &adminErr)) {
|
||||||
assert.Equals(t, tt.err.Type, adminErr.Type)
|
assert.Equals(t, tt.err.Type, adminErr.Type)
|
||||||
assert.Equals(t, tt.err.Detail, adminErr.Detail)
|
assert.Equals(t, tt.err.Detail, adminErr.Detail)
|
||||||
assert.Equals(t, tt.err.Status, adminErr.Status)
|
assert.Equals(t, tt.err.Status, adminErr.Status)
|
||||||
assert.Equals(t, tt.err.Message, adminErr.Message)
|
assert.Equals(t, tt.err.Message, adminErr.Message)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -278,11 +280,13 @@ func TestUpdateAdminRequest_Validate(t *testing.T) {
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
assert.Type(t, &admin.Error{}, err)
|
assert.Type(t, &admin.Error{}, err)
|
||||||
adminErr, _ := err.(*admin.Error)
|
var ae *admin.Error
|
||||||
assert.Equals(t, tt.err.Type, adminErr.Type)
|
if assert.True(t, errors.As(err, &ae)) {
|
||||||
assert.Equals(t, tt.err.Detail, adminErr.Detail)
|
assert.Equals(t, tt.err.Type, ae.Type)
|
||||||
assert.Equals(t, tt.err.Status, adminErr.Status)
|
assert.Equals(t, tt.err.Detail, ae.Detail)
|
||||||
assert.Equals(t, tt.err.Message, adminErr.Message)
|
assert.Equals(t, tt.err.Status, ae.Status)
|
||||||
|
assert.Equals(t, tt.err.Message, ae.Message)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,7 +30,6 @@ func requireAPIEnabled(next http.HandlerFunc) http.HandlerFunc {
|
||||||
// extractAuthorizeTokenAdmin is a middleware that extracts and caches the bearer token.
|
// extractAuthorizeTokenAdmin is a middleware that extracts and caches the bearer token.
|
||||||
func extractAuthorizeTokenAdmin(next http.HandlerFunc) http.HandlerFunc {
|
func extractAuthorizeTokenAdmin(next http.HandlerFunc) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
tok := r.Header.Get("Authorization")
|
tok := r.Header.Get("Authorization")
|
||||||
if tok == "" {
|
if tok == "" {
|
||||||
render.Error(w, admin.NewError(admin.ErrorUnauthorizedType,
|
render.Error(w, admin.NewError(admin.ErrorUnauthorizedType,
|
||||||
|
|
|
@ -50,7 +50,8 @@ func (par *policyAdminResponder) GetAuthorityPolicy(w http.ResponseWriter, r *ht
|
||||||
|
|
||||||
auth := mustAuthority(ctx)
|
auth := mustAuthority(ctx)
|
||||||
authorityPolicy, err := auth.GetAuthorityPolicy(r.Context())
|
authorityPolicy, err := auth.GetAuthorityPolicy(r.Context())
|
||||||
if ae, ok := err.(*admin.Error); ok && !ae.IsType(admin.ErrorNotFoundType) {
|
var ae *admin.Error
|
||||||
|
if errors.As(err, &ae) && !ae.IsType(admin.ErrorNotFoundType) {
|
||||||
render.Error(w, admin.WrapErrorISE(ae, "error retrieving authority policy"))
|
render.Error(w, admin.WrapErrorISE(ae, "error retrieving authority policy"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -74,7 +75,8 @@ func (par *policyAdminResponder) CreateAuthorityPolicy(w http.ResponseWriter, r
|
||||||
auth := mustAuthority(ctx)
|
auth := mustAuthority(ctx)
|
||||||
authorityPolicy, err := auth.GetAuthorityPolicy(ctx)
|
authorityPolicy, err := auth.GetAuthorityPolicy(ctx)
|
||||||
|
|
||||||
if ae, ok := err.(*admin.Error); ok && !ae.IsType(admin.ErrorNotFoundType) {
|
var ae *admin.Error
|
||||||
|
if errors.As(err, &ae) && !ae.IsType(admin.ErrorNotFoundType) {
|
||||||
render.Error(w, admin.WrapErrorISE(err, "error retrieving authority policy"))
|
render.Error(w, admin.WrapErrorISE(err, "error retrieving authority policy"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -125,7 +127,8 @@ func (par *policyAdminResponder) UpdateAuthorityPolicy(w http.ResponseWriter, r
|
||||||
auth := mustAuthority(ctx)
|
auth := mustAuthority(ctx)
|
||||||
authorityPolicy, err := auth.GetAuthorityPolicy(ctx)
|
authorityPolicy, err := auth.GetAuthorityPolicy(ctx)
|
||||||
|
|
||||||
if ae, ok := err.(*admin.Error); ok && !ae.IsType(admin.ErrorNotFoundType) {
|
var ae *admin.Error
|
||||||
|
if errors.As(err, &ae) && !ae.IsType(admin.ErrorNotFoundType) {
|
||||||
render.Error(w, admin.WrapErrorISE(err, "error retrieving authority policy"))
|
render.Error(w, admin.WrapErrorISE(err, "error retrieving authority policy"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -175,7 +178,8 @@ func (par *policyAdminResponder) DeleteAuthorityPolicy(w http.ResponseWriter, r
|
||||||
auth := mustAuthority(ctx)
|
auth := mustAuthority(ctx)
|
||||||
authorityPolicy, err := auth.GetAuthorityPolicy(ctx)
|
authorityPolicy, err := auth.GetAuthorityPolicy(ctx)
|
||||||
|
|
||||||
if ae, ok := err.(*admin.Error); ok && !ae.IsType(admin.ErrorNotFoundType) {
|
var ae *admin.Error
|
||||||
|
if errors.As(err, &ae) && !ae.IsType(admin.ErrorNotFoundType) {
|
||||||
render.Error(w, admin.WrapErrorISE(ae, "error retrieving authority policy"))
|
render.Error(w, admin.WrapErrorISE(ae, "error retrieving authority policy"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -468,7 +472,6 @@ func isBadRequest(err error) bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
func validatePolicy(p *linkedca.Policy) error {
|
func validatePolicy(p *linkedca.Policy) error {
|
||||||
|
|
||||||
// convert the policy; return early if nil
|
// convert the policy; return early if nil
|
||||||
options := policy.LinkedToCertificates(p)
|
options := policy.LinkedToCertificates(p)
|
||||||
if options == nil {
|
if options == nil {
|
||||||
|
|
|
@ -111,14 +111,14 @@ func (db *DB) GetAdmins(ctx context.Context) ([]*linkedca.Admin, error) {
|
||||||
for _, entry := range dbEntries {
|
for _, entry := range dbEntries {
|
||||||
adm, err := db.unmarshalAdmin(entry.Value, string(entry.Key))
|
adm, err := db.unmarshalAdmin(entry.Value, string(entry.Key))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if k.IsType(admin.ErrorDeletedType) || k.IsType(admin.ErrorAuthorityMismatchType) {
|
if ae.IsType(admin.ErrorDeletedType) || ae.IsType(admin.ErrorAuthorityMismatchType) {
|
||||||
continue
|
continue
|
||||||
} else {
|
} else {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -68,16 +68,16 @@ func TestDB_getDBAdminBytes(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if b, err := d.getDBAdminBytes(context.Background(), adminID); err != nil {
|
if b, err := d.getDBAdminBytes(context.Background(), adminID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -192,16 +192,16 @@ func TestDB_getDBAdmin(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if dba, err := d.getDBAdmin(context.Background(), adminID); err != nil {
|
if dba, err := d.getDBAdmin(context.Background(), adminID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -280,16 +280,16 @@ func TestDB_unmarshalDBAdmin(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{authorityID: admin.DefaultAuthorityID}
|
d := DB{authorityID: admin.DefaultAuthorityID}
|
||||||
if dba, err := d.unmarshalDBAdmin(tc.in, adminID); err != nil {
|
if dba, err := d.unmarshalDBAdmin(tc.in, adminID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -355,16 +355,16 @@ func TestDB_unmarshalAdmin(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{authorityID: admin.DefaultAuthorityID}
|
d := DB{authorityID: admin.DefaultAuthorityID}
|
||||||
if adm, err := d.unmarshalAdmin(tc.in, adminID); err != nil {
|
if adm, err := d.unmarshalAdmin(tc.in, adminID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -509,16 +509,16 @@ func TestDB_GetAdmin(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if adm, err := d.GetAdmin(context.Background(), adminID); err != nil {
|
if adm, err := d.GetAdmin(context.Background(), adminID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -661,16 +661,16 @@ func TestDB_DeleteAdmin(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if err := d.DeleteAdmin(context.Background(), adminID); err != nil {
|
if err := d.DeleteAdmin(context.Background(), adminID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -812,16 +812,16 @@ func TestDB_UpdateAdmin(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if err := d.UpdateAdmin(context.Background(), tc.adm); err != nil {
|
if err := d.UpdateAdmin(context.Background(), tc.adm); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -910,16 +910,16 @@ func TestDB_CreateAdmin(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if err := d.CreateAdmin(context.Background(), tc.adm); err != nil {
|
if err := d.CreateAdmin(context.Background(), tc.adm); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -1086,16 +1086,16 @@ func TestDB_GetAdmins(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if admins, err := d.GetAdmins(context.Background()); err != nil {
|
if admins, err := d.GetAdmins(context.Background()); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -83,6 +83,7 @@ func (db *DB) getDBAuthorityPolicyBytes(ctx context.Context, authorityID string)
|
||||||
|
|
||||||
func (db *DB) unmarshalDBAuthorityPolicy(data []byte) (*dbAuthorityPolicy, error) {
|
func (db *DB) unmarshalDBAuthorityPolicy(data []byte) (*dbAuthorityPolicy, error) {
|
||||||
if len(data) == 0 {
|
if len(data) == 0 {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
var dba = new(dbAuthorityPolicy)
|
var dba = new(dbAuthorityPolicy)
|
||||||
|
@ -102,6 +103,7 @@ func (db *DB) getDBAuthorityPolicy(ctx context.Context, authorityID string) (*db
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if dbap == nil {
|
if dbap == nil {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
if dbap.AuthorityID != authorityID {
|
if dbap.AuthorityID != authorityID {
|
||||||
|
@ -112,7 +114,6 @@ func (db *DB) getDBAuthorityPolicy(ctx context.Context, authorityID string) (*db
|
||||||
}
|
}
|
||||||
|
|
||||||
func (db *DB) CreateAuthorityPolicy(ctx context.Context, policy *linkedca.Policy) error {
|
func (db *DB) CreateAuthorityPolicy(ctx context.Context, policy *linkedca.Policy) error {
|
||||||
|
|
||||||
dbap := &dbAuthorityPolicy{
|
dbap := &dbAuthorityPolicy{
|
||||||
ID: db.authorityID,
|
ID: db.authorityID,
|
||||||
AuthorityID: db.authorityID,
|
AuthorityID: db.authorityID,
|
||||||
|
@ -228,7 +229,6 @@ func dbToLinked(p *dbPolicy) *linkedca.Policy {
|
||||||
}
|
}
|
||||||
|
|
||||||
func linkedToDB(p *linkedca.Policy) *dbPolicy {
|
func linkedToDB(p *linkedca.Policy) *dbPolicy {
|
||||||
|
|
||||||
if p == nil {
|
if p == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -72,16 +72,16 @@ func TestDB_getDBAuthorityPolicyBytes(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if b, err := d.getDBAuthorityPolicyBytes(tc.ctx, tc.authorityID); err != nil {
|
if b, err := d.getDBAuthorityPolicyBytes(tc.ctx, tc.authorityID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -208,16 +208,16 @@ func TestDB_getDBAuthorityPolicy(t *testing.T) {
|
||||||
dbp, err := d.getDBAuthorityPolicy(tc.ctx, tc.authorityID)
|
dbp, err := d.getDBAuthorityPolicy(tc.ctx, tc.authorityID)
|
||||||
switch {
|
switch {
|
||||||
case err != nil:
|
case err != nil:
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -309,16 +309,16 @@ func TestDB_CreateAuthorityPolicy(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: tc.authorityID}
|
d := DB{db: tc.db, authorityID: tc.authorityID}
|
||||||
if err := d.CreateAuthorityPolicy(tc.ctx, tc.policy); err != nil {
|
if err := d.CreateAuthorityPolicy(tc.ctx, tc.policy); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -406,16 +406,16 @@ func TestDB_GetAuthorityPolicy(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: tc.authorityID}
|
d := DB{db: tc.db, authorityID: tc.authorityID}
|
||||||
got, err := d.GetAuthorityPolicy(tc.ctx)
|
got, err := d.GetAuthorityPolicy(tc.ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -578,16 +578,16 @@ func TestDB_UpdateAuthorityPolicy(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: tc.authorityID}
|
d := DB{db: tc.db, authorityID: tc.authorityID}
|
||||||
if err := d.UpdateAuthorityPolicy(tc.ctx, tc.policy); err != nil {
|
if err := d.UpdateAuthorityPolicy(tc.ctx, tc.policy); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -718,16 +718,16 @@ func TestDB_DeleteAuthorityPolicy(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: tc.authorityID}
|
d := DB{db: tc.db, authorityID: tc.authorityID}
|
||||||
if err := d.DeleteAuthorityPolicy(tc.ctx); err != nil {
|
if err := d.DeleteAuthorityPolicy(tc.ctx); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -122,14 +122,14 @@ func (db *DB) GetProvisioners(ctx context.Context) ([]*linkedca.Provisioner, err
|
||||||
for _, entry := range dbEntries {
|
for _, entry := range dbEntries {
|
||||||
prov, err := db.unmarshalProvisioner(entry.Value, string(entry.Key))
|
prov, err := db.unmarshalProvisioner(entry.Value, string(entry.Key))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if k.IsType(admin.ErrorDeletedType) || k.IsType(admin.ErrorAuthorityMismatchType) {
|
if ae.IsType(admin.ErrorDeletedType) || ae.IsType(admin.ErrorAuthorityMismatchType) {
|
||||||
continue
|
continue
|
||||||
} else {
|
} else {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -67,16 +67,16 @@ func TestDB_getDBProvisionerBytes(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db}
|
d := DB{db: tc.db}
|
||||||
if b, err := d.getDBProvisionerBytes(context.Background(), provID); err != nil {
|
if b, err := d.getDBProvisionerBytes(context.Background(), provID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -189,16 +189,16 @@ func TestDB_getDBProvisioner(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if dbp, err := d.getDBProvisioner(context.Background(), provID); err != nil {
|
if dbp, err := d.getDBProvisioner(context.Background(), provID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -275,16 +275,16 @@ func TestDB_unmarshalDBProvisioner(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{authorityID: admin.DefaultAuthorityID}
|
d := DB{authorityID: admin.DefaultAuthorityID}
|
||||||
if dbp, err := d.unmarshalDBProvisioner(tc.in, provID); err != nil {
|
if dbp, err := d.unmarshalDBProvisioner(tc.in, provID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -397,16 +397,16 @@ func TestDB_unmarshalProvisioner(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{authorityID: admin.DefaultAuthorityID}
|
d := DB{authorityID: admin.DefaultAuthorityID}
|
||||||
if prov, err := d.unmarshalProvisioner(tc.in, provID); err != nil {
|
if prov, err := d.unmarshalProvisioner(tc.in, provID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -535,16 +535,16 @@ func TestDB_GetProvisioner(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if prov, err := d.GetProvisioner(context.Background(), provID); err != nil {
|
if prov, err := d.GetProvisioner(context.Background(), provID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -683,16 +683,16 @@ func TestDB_DeleteProvisioner(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if err := d.DeleteProvisioner(context.Background(), provID); err != nil {
|
if err := d.DeleteProvisioner(context.Background(), provID); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -844,16 +844,16 @@ func TestDB_GetProvisioners(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if provs, err := d.GetProvisioners(context.Background()); err != nil {
|
if provs, err := d.GetProvisioners(context.Background()); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -952,16 +952,16 @@ func TestDB_CreateProvisioner(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if err := d.CreateProvisioner(context.Background(), tc.prov); err != nil {
|
if err := d.CreateProvisioner(context.Background(), tc.prov); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
@ -1188,16 +1188,16 @@ func TestDB_UpdateProvisioner(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
d := DB{db: tc.db, authorityID: admin.DefaultAuthorityID}
|
||||||
if err := d.UpdateProvisioner(context.Background(), tc.prov); err != nil {
|
if err := d.UpdateProvisioner(context.Background(), tc.prov); err != nil {
|
||||||
switch k := err.(type) {
|
var ae *admin.Error
|
||||||
case *admin.Error:
|
if errors.As(err, &ae) {
|
||||||
if assert.NotNil(t, tc.adminErr) {
|
if assert.NotNil(t, tc.adminErr) {
|
||||||
assert.Equals(t, k.Type, tc.adminErr.Type)
|
assert.Equals(t, ae.Type, tc.adminErr.Type)
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
assert.Equals(t, k.Status, tc.adminErr.Status)
|
assert.Equals(t, ae.Status, tc.adminErr.Status)
|
||||||
assert.Equals(t, k.Err.Error(), tc.adminErr.Err.Error())
|
assert.Equals(t, ae.Err.Error(), tc.adminErr.Err.Error())
|
||||||
assert.Equals(t, k.Detail, tc.adminErr.Detail)
|
assert.Equals(t, ae.Detail, tc.adminErr.Detail)
|
||||||
}
|
}
|
||||||
default:
|
} else {
|
||||||
if assert.NotNil(t, tc.err) {
|
if assert.NotNil(t, tc.err) {
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
}
|
}
|
||||||
|
|
|
@ -156,16 +156,17 @@ func NewErrorISE(msg string, args ...interface{}) *Error {
|
||||||
|
|
||||||
// WrapError attempts to wrap the internal error.
|
// WrapError attempts to wrap the internal error.
|
||||||
func WrapError(typ ProblemType, err error, msg string, args ...interface{}) *Error {
|
func WrapError(typ ProblemType, err error, msg string, args ...interface{}) *Error {
|
||||||
switch e := err.(type) {
|
var ee *Error
|
||||||
case nil:
|
switch {
|
||||||
|
case err == nil:
|
||||||
return nil
|
return nil
|
||||||
case *Error:
|
case errors.As(err, &ee):
|
||||||
if e.Err == nil {
|
if ee.Err == nil {
|
||||||
e.Err = errors.Errorf(msg+"; "+e.Detail, args...)
|
ee.Err = errors.Errorf(msg+"; "+ee.Detail, args...)
|
||||||
} else {
|
} else {
|
||||||
e.Err = errors.Wrapf(e.Err, msg, args...)
|
ee.Err = errors.Wrapf(ee.Err, msg, args...)
|
||||||
}
|
}
|
||||||
return e
|
return ee
|
||||||
default:
|
default:
|
||||||
return newError(typ, errors.Wrapf(err, msg, args...))
|
return newError(typ, errors.Wrapf(err, msg, args...))
|
||||||
}
|
}
|
||||||
|
|
|
@ -368,7 +368,7 @@ func (a *Authority) init() error {
|
||||||
}
|
}
|
||||||
options.Signer, err = a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
options.Signer, err = a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
||||||
SigningKey: a.config.IntermediateKey,
|
SigningKey: a.config.IntermediateKey,
|
||||||
Password: []byte(a.password),
|
Password: a.password,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -434,7 +434,7 @@ func (a *Authority) init() error {
|
||||||
if a.config.SSH.HostKey != "" {
|
if a.config.SSH.HostKey != "" {
|
||||||
signer, err := a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
signer, err := a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
||||||
SigningKey: a.config.SSH.HostKey,
|
SigningKey: a.config.SSH.HostKey,
|
||||||
Password: []byte(a.sshHostPassword),
|
Password: a.sshHostPassword,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -460,7 +460,7 @@ func (a *Authority) init() error {
|
||||||
if a.config.SSH.UserKey != "" {
|
if a.config.SSH.UserKey != "" {
|
||||||
signer, err := a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
signer, err := a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
||||||
SigningKey: a.config.SSH.UserKey,
|
SigningKey: a.config.SSH.UserKey,
|
||||||
Password: []byte(a.sshUserPassword),
|
Password: a.sshUserPassword,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -545,7 +545,7 @@ func (a *Authority) init() error {
|
||||||
options.CertificateChain = append(options.CertificateChain, a.rootX509Certs...)
|
options.CertificateChain = append(options.CertificateChain, a.rootX509Certs...)
|
||||||
options.Signer, err = a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
options.Signer, err = a.keyManager.CreateSigner(&kmsapi.CreateSignerRequest{
|
||||||
SigningKey: a.config.IntermediateKey,
|
SigningKey: a.config.IntermediateKey,
|
||||||
Password: []byte(a.password),
|
Password: a.password,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -554,7 +554,7 @@ func (a *Authority) init() error {
|
||||||
if km, ok := a.keyManager.(kmsapi.Decrypter); ok {
|
if km, ok := a.keyManager.(kmsapi.Decrypter); ok {
|
||||||
options.Decrypter, err = km.CreateDecrypter(&kmsapi.CreateDecrypterRequest{
|
options.Decrypter, err = km.CreateDecrypter(&kmsapi.CreateDecrypterRequest{
|
||||||
DecryptionKey: a.config.IntermediateKey,
|
DecryptionKey: a.config.IntermediateKey,
|
||||||
Password: []byte(a.password),
|
Password: a.password,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
|
|
@ -12,6 +12,7 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"github.com/pkg/errors"
|
||||||
"github.com/smallstep/certificates/authority/admin"
|
"github.com/smallstep/certificates/authority/admin"
|
||||||
"github.com/smallstep/certificates/authority/provisioner"
|
"github.com/smallstep/certificates/authority/provisioner"
|
||||||
"github.com/smallstep/certificates/errs"
|
"github.com/smallstep/certificates/errs"
|
||||||
|
@ -416,16 +417,16 @@ func (a *Authority) AuthorizeRenewToken(ctx context.Context, ott string) (*x509.
|
||||||
Subject: leaf.Subject.CommonName,
|
Subject: leaf.Subject.CommonName,
|
||||||
Time: time.Now().UTC(),
|
Time: time.Now().UTC(),
|
||||||
}, time.Minute); err != nil {
|
}, time.Minute); err != nil {
|
||||||
switch err {
|
switch {
|
||||||
case jose.ErrInvalidIssuer:
|
case errors.Is(err, jose.ErrInvalidIssuer):
|
||||||
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: invalid issuer claim (iss)"))
|
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: invalid issuer claim (iss)"))
|
||||||
case jose.ErrInvalidSubject:
|
case errors.Is(err, jose.ErrInvalidSubject):
|
||||||
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: invalid subject claim (sub)"))
|
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: invalid subject claim (sub)"))
|
||||||
case jose.ErrNotValidYet:
|
case errors.Is(err, jose.ErrNotValidYet):
|
||||||
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: token not valid yet (nbf)"))
|
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: token not valid yet (nbf)"))
|
||||||
case jose.ErrExpired:
|
case errors.Is(err, jose.ErrExpired):
|
||||||
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: token is expired (exp)"))
|
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: token is expired (exp)"))
|
||||||
case jose.ErrIssuedInTheFuture:
|
case errors.Is(err, jose.ErrIssuedInTheFuture):
|
||||||
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: token issued in the future (iat)"))
|
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token: token issued in the future (iat)"))
|
||||||
default:
|
default:
|
||||||
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token"))
|
return nil, errs.UnauthorizedErr(err, errs.WithMessage("error validating renew token"))
|
||||||
|
|
|
@ -748,8 +748,8 @@ func TestAuthority_Authorize(t *testing.T) {
|
||||||
assert.Equals(t, sc.StatusCode(), tc.code)
|
assert.Equals(t, sc.StatusCode(), tc.code)
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
|
|
||||||
ctxErr, ok := err.(*errs.Error)
|
var ctxErr *errs.Error
|
||||||
assert.Fatal(t, ok, "error is not of type *errs.Error")
|
assert.Fatal(t, errors.As(err, &ctxErr), "error is not of type *errs.Error")
|
||||||
assert.Equals(t, ctxErr.Details["token"], tc.token)
|
assert.Equals(t, ctxErr.Details["token"], tc.token)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
@ -884,8 +884,8 @@ func TestAuthority_authorizeRenew(t *testing.T) {
|
||||||
assert.Equals(t, sc.StatusCode(), tc.code)
|
assert.Equals(t, sc.StatusCode(), tc.code)
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
|
|
||||||
ctxErr, ok := err.(*errs.Error)
|
var ctxErr *errs.Error
|
||||||
assert.Fatal(t, ok, "error is not of type *errs.Error")
|
assert.Fatal(t, errors.As(err, &ctxErr), "error is not of type *errs.Error")
|
||||||
assert.Equals(t, ctxErr.Details["serialNumber"], tc.cert.SerialNumber.String())
|
assert.Equals(t, ctxErr.Details["serialNumber"], tc.cert.SerialNumber.String())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -119,7 +119,6 @@ func (a *Authority) RemoveAuthorityPolicy(ctx context.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *Authority) checkAuthorityPolicy(ctx context.Context, currentAdmin *linkedca.Admin, p *linkedca.Policy) error {
|
func (a *Authority) checkAuthorityPolicy(ctx context.Context, currentAdmin *linkedca.Admin, p *linkedca.Policy) error {
|
||||||
|
|
||||||
// no policy and thus nothing to evaluate; return early
|
// no policy and thus nothing to evaluate; return early
|
||||||
if p == nil {
|
if p == nil {
|
||||||
return nil
|
return nil
|
||||||
|
@ -138,7 +137,6 @@ func (a *Authority) checkAuthorityPolicy(ctx context.Context, currentAdmin *link
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *Authority) checkProvisionerPolicy(ctx context.Context, provName string, p *linkedca.Policy) error {
|
func (a *Authority) checkProvisionerPolicy(ctx context.Context, provName string, p *linkedca.Policy) error {
|
||||||
|
|
||||||
// no policy and thus nothing to evaluate; return early
|
// no policy and thus nothing to evaluate; return early
|
||||||
if p == nil {
|
if p == nil {
|
||||||
return nil
|
return nil
|
||||||
|
@ -157,7 +155,6 @@ func (a *Authority) checkProvisionerPolicy(ctx context.Context, provName string,
|
||||||
// checkPolicy checks if a new or updated policy configuration results in the user
|
// checkPolicy checks if a new or updated policy configuration results in the user
|
||||||
// locking themselves or other admins out of the CA.
|
// locking themselves or other admins out of the CA.
|
||||||
func (a *Authority) checkPolicy(ctx context.Context, currentAdmin *linkedca.Admin, otherAdmins []*linkedca.Admin, p *linkedca.Policy) error {
|
func (a *Authority) checkPolicy(ctx context.Context, currentAdmin *linkedca.Admin, otherAdmins []*linkedca.Admin, p *linkedca.Policy) error {
|
||||||
|
|
||||||
// convert the policy; return early if nil
|
// convert the policy; return early if nil
|
||||||
policyOptions := authPolicy.LinkedToCertificates(p)
|
policyOptions := authPolicy.LinkedToCertificates(p)
|
||||||
if policyOptions == nil {
|
if policyOptions == nil {
|
||||||
|
@ -216,7 +213,6 @@ func (a *Authority) reloadPolicyEngines(ctx context.Context) error {
|
||||||
)
|
)
|
||||||
|
|
||||||
if a.config.AuthorityConfig.EnableAdmin {
|
if a.config.AuthorityConfig.EnableAdmin {
|
||||||
|
|
||||||
// temporarily disable policy loading when LinkedCA is in use
|
// temporarily disable policy loading when LinkedCA is in use
|
||||||
if _, ok := a.adminDB.(*linkedCaClient); ok {
|
if _, ok := a.adminDB.(*linkedCaClient); ok {
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -17,9 +17,9 @@ type Engine struct {
|
||||||
|
|
||||||
// New returns a new Engine using Options.
|
// New returns a new Engine using Options.
|
||||||
func New(options *Options) (*Engine, error) {
|
func New(options *Options) (*Engine, error) {
|
||||||
|
|
||||||
// if no options provided, return early
|
// if no options provided, return early
|
||||||
if options == nil {
|
if options == nil {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -56,7 +56,6 @@ func New(options *Options) (*Engine, error) {
|
||||||
// the X.509 policy (if available) and returns an error if one of the
|
// the X.509 policy (if available) and returns an error if one of the
|
||||||
// names in the certificate is not allowed.
|
// names in the certificate is not allowed.
|
||||||
func (e *Engine) IsX509CertificateAllowed(cert *x509.Certificate) error {
|
func (e *Engine) IsX509CertificateAllowed(cert *x509.Certificate) error {
|
||||||
|
|
||||||
// return early if there's no policy to evaluate
|
// return early if there's no policy to evaluate
|
||||||
if e == nil || e.x509Policy == nil {
|
if e == nil || e.x509Policy == nil {
|
||||||
return nil
|
return nil
|
||||||
|
@ -69,7 +68,6 @@ func (e *Engine) IsX509CertificateAllowed(cert *x509.Certificate) error {
|
||||||
// AreSANsAllowed evaluates the slice of SANs against the X.509 policy
|
// AreSANsAllowed evaluates the slice of SANs against the X.509 policy
|
||||||
// (if available) and returns an error if one of the SANs is not allowed.
|
// (if available) and returns an error if one of the SANs is not allowed.
|
||||||
func (e *Engine) AreSANsAllowed(sans []string) error {
|
func (e *Engine) AreSANsAllowed(sans []string) error {
|
||||||
|
|
||||||
// return early if there's no policy to evaluate
|
// return early if there's no policy to evaluate
|
||||||
if e == nil || e.x509Policy == nil {
|
if e == nil || e.x509Policy == nil {
|
||||||
return nil
|
return nil
|
||||||
|
@ -83,7 +81,6 @@ func (e *Engine) AreSANsAllowed(sans []string) error {
|
||||||
// user or host policy (if configured) and returns an error if one of the
|
// user or host policy (if configured) and returns an error if one of the
|
||||||
// principals in the certificate is not allowed.
|
// principals in the certificate is not allowed.
|
||||||
func (e *Engine) IsSSHCertificateAllowed(cert *ssh.Certificate) error {
|
func (e *Engine) IsSSHCertificateAllowed(cert *ssh.Certificate) error {
|
||||||
|
|
||||||
// return early if there's no policy to evaluate
|
// return early if there's no policy to evaluate
|
||||||
if e == nil || (e.sshHostPolicy == nil && e.sshUserPolicy == nil) {
|
if e == nil || (e.sshHostPolicy == nil && e.sshUserPolicy == nil) {
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -19,7 +19,6 @@ type HostPolicy policy.SSHNamePolicyEngine
|
||||||
|
|
||||||
// NewX509PolicyEngine creates a new x509 name policy engine
|
// NewX509PolicyEngine creates a new x509 name policy engine
|
||||||
func NewX509PolicyEngine(policyOptions X509PolicyOptionsInterface) (X509Policy, error) {
|
func NewX509PolicyEngine(policyOptions X509PolicyOptionsInterface) (X509Policy, error) {
|
||||||
|
|
||||||
// return early if no policy engine options to configure
|
// return early if no policy engine options to configure
|
||||||
if policyOptions == nil {
|
if policyOptions == nil {
|
||||||
return nil, nil
|
return nil, nil
|
||||||
|
@ -92,7 +91,6 @@ func NewSSHHostPolicyEngine(policyOptions SSHPolicyOptionsInterface) (HostPolicy
|
||||||
|
|
||||||
// newSSHPolicyEngine creates a new SSH name policy engine
|
// newSSHPolicyEngine creates a new SSH name policy engine
|
||||||
func newSSHPolicyEngine(policyOptions SSHPolicyOptionsInterface, typ sshPolicyEngineType) (policy.SSHNamePolicyEngine, error) {
|
func newSSHPolicyEngine(policyOptions SSHPolicyOptionsInterface, typ sshPolicyEngineType) (policy.SSHNamePolicyEngine, error) {
|
||||||
|
|
||||||
// return early if no policy engine options to configure
|
// return early if no policy engine options to configure
|
||||||
if policyOptions == nil {
|
if policyOptions == nil {
|
||||||
return nil, nil
|
return nil, nil
|
||||||
|
@ -143,7 +141,6 @@ func newSSHPolicyEngine(policyOptions SSHPolicyOptionsInterface, typ sshPolicyEn
|
||||||
}
|
}
|
||||||
|
|
||||||
func LinkedToCertificates(p *linkedca.Policy) *Options {
|
func LinkedToCertificates(p *linkedca.Policy) *Options {
|
||||||
|
|
||||||
// return early
|
// return early
|
||||||
if p == nil {
|
if p == nil {
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -185,12 +185,12 @@ func TestAuthority_checkPolicy(t *testing.T) {
|
||||||
} else {
|
} else {
|
||||||
assert.IsType(t, &PolicyError{}, err)
|
assert.IsType(t, &PolicyError{}, err)
|
||||||
|
|
||||||
pe, ok := err.(*PolicyError)
|
var pe *PolicyError
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &pe)) {
|
||||||
|
|
||||||
assert.Equal(t, tc.err.Typ, pe.Typ)
|
assert.Equal(t, tc.err.Typ, pe.Typ)
|
||||||
assert.Equal(t, tc.err.Error(), pe.Error())
|
assert.Equal(t, tc.err.Error(), pe.Error())
|
||||||
}
|
}
|
||||||
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1179,10 +1179,11 @@ func TestAuthority_RemoveAuthorityPolicy(t *testing.T) {
|
||||||
}
|
}
|
||||||
err := a.RemoveAuthorityPolicy(tt.args.ctx)
|
err := a.RemoveAuthorityPolicy(tt.args.ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
pe, ok := err.(*PolicyError)
|
var pe *PolicyError
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &pe)) {
|
||||||
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
||||||
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
@ -1250,10 +1251,11 @@ func TestAuthority_GetAuthorityPolicy(t *testing.T) {
|
||||||
}
|
}
|
||||||
got, err := a.GetAuthorityPolicy(tt.args.ctx)
|
got, err := a.GetAuthorityPolicy(tt.args.ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
pe, ok := err.(*PolicyError)
|
var pe *PolicyError
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &pe)) {
|
||||||
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
||||||
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !reflect.DeepEqual(got, tt.want) {
|
if !reflect.DeepEqual(got, tt.want) {
|
||||||
|
@ -1429,10 +1431,11 @@ func TestAuthority_CreateAuthorityPolicy(t *testing.T) {
|
||||||
}
|
}
|
||||||
got, err := a.CreateAuthorityPolicy(tt.args.ctx, tt.args.adm, tt.args.p)
|
got, err := a.CreateAuthorityPolicy(tt.args.ctx, tt.args.adm, tt.args.p)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
pe, ok := err.(*PolicyError)
|
var pe *PolicyError
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &pe)) {
|
||||||
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
||||||
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !reflect.DeepEqual(got, tt.want) {
|
if !reflect.DeepEqual(got, tt.want) {
|
||||||
|
@ -1611,10 +1614,11 @@ func TestAuthority_UpdateAuthorityPolicy(t *testing.T) {
|
||||||
}
|
}
|
||||||
got, err := a.UpdateAuthorityPolicy(tt.args.ctx, tt.args.adm, tt.args.p)
|
got, err := a.UpdateAuthorityPolicy(tt.args.ctx, tt.args.adm, tt.args.p)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
pe, ok := err.(*PolicyError)
|
var pe *PolicyError
|
||||||
assert.True(t, ok)
|
if assert.True(t, errors.As(err, &pe)) {
|
||||||
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
assert.Equal(t, tt.wantErr.Typ, pe.Typ)
|
||||||
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
assert.Equal(t, tt.wantErr.Err.Error(), pe.Err.Error())
|
||||||
|
}
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !reflect.DeepEqual(got, tt.want) {
|
if !reflect.DeepEqual(got, tt.want) {
|
||||||
|
|
|
@ -15,7 +15,7 @@ import (
|
||||||
// ACMEChallenge represents the supported acme challenges.
|
// ACMEChallenge represents the supported acme challenges.
|
||||||
type ACMEChallenge string
|
type ACMEChallenge string
|
||||||
|
|
||||||
// nolint:revive // better names
|
//nolint:stylecheck,revive // better names
|
||||||
const (
|
const (
|
||||||
// HTTP_01 is the http-01 ACME challenge.
|
// HTTP_01 is the http-01 ACME challenge.
|
||||||
HTTP_01 ACMEChallenge = "http-01"
|
HTTP_01 ACMEChallenge = "http-01"
|
||||||
|
@ -217,7 +217,6 @@ type ACMEIdentifier struct {
|
||||||
// AuthorizeOrderIdentifier verifies the provisioner is allowed to issue a
|
// AuthorizeOrderIdentifier verifies the provisioner is allowed to issue a
|
||||||
// certificate for an ACME Order Identifier.
|
// certificate for an ACME Order Identifier.
|
||||||
func (p *ACME) AuthorizeOrderIdentifier(ctx context.Context, identifier ACMEIdentifier) error {
|
func (p *ACME) AuthorizeOrderIdentifier(ctx context.Context, identifier ACMEIdentifier) error {
|
||||||
|
|
||||||
x509Policy := p.ctl.getPolicy().getX509()
|
x509Policy := p.ctl.getPolicy().getX509()
|
||||||
|
|
||||||
// identifier is allowed if no policy is configured
|
// identifier is allowed if no policy is configured
|
||||||
|
|
82
authority/provisioner/acme_118_test.go
Normal file
82
authority/provisioner/acme_118_test.go
Normal file
|
@ -0,0 +1,82 @@
|
||||||
|
//go:build go1.18
|
||||||
|
// +build go1.18
|
||||||
|
|
||||||
|
package provisioner
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"crypto/x509"
|
||||||
|
"os"
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestACME_GetAttestationRoots(t *testing.T) {
|
||||||
|
appleCA, err := os.ReadFile("testdata/certs/apple-att-ca.crt")
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
yubicoCA, err := os.ReadFile("testdata/certs/yubico-piv-ca.crt")
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
pool := x509.NewCertPool()
|
||||||
|
pool.AppendCertsFromPEM(appleCA)
|
||||||
|
pool.AppendCertsFromPEM(yubicoCA)
|
||||||
|
|
||||||
|
type fields struct {
|
||||||
|
Type string
|
||||||
|
Name string
|
||||||
|
AttestationRoots []byte
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
fields fields
|
||||||
|
want *x509.CertPool
|
||||||
|
want1 bool
|
||||||
|
}{
|
||||||
|
{"ok", fields{"ACME", "acme", bytes.Join([][]byte{appleCA, yubicoCA}, []byte("\n"))}, pool, true},
|
||||||
|
{"nil", fields{"ACME", "acme", nil}, nil, false},
|
||||||
|
{"empty", fields{"ACME", "acme", []byte{}}, nil, false},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
p := &ACME{
|
||||||
|
Type: tt.fields.Type,
|
||||||
|
Name: tt.fields.Name,
|
||||||
|
AttestationRoots: tt.fields.AttestationRoots,
|
||||||
|
}
|
||||||
|
if err := p.Init(Config{
|
||||||
|
Claims: globalProvisionerClaims,
|
||||||
|
Audiences: testAudiences,
|
||||||
|
}); err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
got, got1 := p.GetAttestationRoots()
|
||||||
|
switch {
|
||||||
|
case tt.want == nil && got == nil:
|
||||||
|
break
|
||||||
|
case tt.want == nil && got != nil, tt.want != nil && got == nil:
|
||||||
|
t.Errorf("ACME.GetAttestationRoots() got = %v, want %v", got, tt.want)
|
||||||
|
default:
|
||||||
|
//nolint:staticcheck // this file only runs in go1.18
|
||||||
|
gotSubjects := got.Subjects()
|
||||||
|
//nolint:staticcheck // this file only runs in go1.18
|
||||||
|
wantSubjects := tt.want.Subjects()
|
||||||
|
if len(gotSubjects) != len(wantSubjects) {
|
||||||
|
t.Errorf("ACME.GetAttestationRoots() got = %v, want %v", got, tt.want)
|
||||||
|
} else {
|
||||||
|
for i, gotSub := range gotSubjects {
|
||||||
|
if !bytes.Equal(gotSub, wantSubjects[i]) {
|
||||||
|
t.Errorf("ACME.GetAttestationRoots() got = %v, want %v", got, tt.want)
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if got1 != tt.want1 {
|
||||||
|
t.Errorf("ACME.GetAttestationRoots() got1 = %v, want %v", got1, tt.want1)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
66
authority/provisioner/acme_119_test.go
Normal file
66
authority/provisioner/acme_119_test.go
Normal file
|
@ -0,0 +1,66 @@
|
||||||
|
//go:build !go1.18
|
||||||
|
// +build !go1.18
|
||||||
|
|
||||||
|
package provisioner
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"crypto/x509"
|
||||||
|
"os"
|
||||||
|
"testing"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestACME_GetAttestationRoots(t *testing.T) {
|
||||||
|
appleCA, err := os.ReadFile("testdata/certs/apple-att-ca.crt")
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
yubicoCA, err := os.ReadFile("testdata/certs/yubico-piv-ca.crt")
|
||||||
|
if err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
pool := x509.NewCertPool()
|
||||||
|
pool.AppendCertsFromPEM(appleCA)
|
||||||
|
pool.AppendCertsFromPEM(yubicoCA)
|
||||||
|
|
||||||
|
type fields struct {
|
||||||
|
Type string
|
||||||
|
Name string
|
||||||
|
AttestationRoots []byte
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
fields fields
|
||||||
|
want *x509.CertPool
|
||||||
|
want1 bool
|
||||||
|
}{
|
||||||
|
{"ok", fields{"ACME", "acme", bytes.Join([][]byte{appleCA, yubicoCA}, []byte("\n"))}, pool, true},
|
||||||
|
{"nil", fields{"ACME", "acme", nil}, nil, false},
|
||||||
|
{"empty", fields{"ACME", "acme", []byte{}}, nil, false},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
p := &ACME{
|
||||||
|
Type: tt.fields.Type,
|
||||||
|
Name: tt.fields.Name,
|
||||||
|
AttestationRoots: tt.fields.AttestationRoots,
|
||||||
|
}
|
||||||
|
if err := p.Init(Config{
|
||||||
|
Claims: globalProvisionerClaims,
|
||||||
|
Audiences: testAudiences,
|
||||||
|
}); err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
}
|
||||||
|
got, got1 := p.GetAttestationRoots()
|
||||||
|
if tt.want == nil && got != nil {
|
||||||
|
t.Errorf("ACME.GetAttestationRoots() got = %v, want %v", got, tt.want)
|
||||||
|
} else if !tt.want.Equal(got) {
|
||||||
|
t.Errorf("ACME.GetAttestationRoots() got = %v, want %v", got, tt.want)
|
||||||
|
}
|
||||||
|
if got1 != tt.want1 {
|
||||||
|
t.Errorf("ACME.GetAttestationRoots() got1 = %v, want %v", got1, tt.want1)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,3 +1,6 @@
|
||||||
|
//go:build !go1.18
|
||||||
|
// +build !go1.18
|
||||||
|
|
||||||
package provisioner
|
package provisioner
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -371,58 +374,3 @@ func TestACME_IsAttestationFormatEnabled(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestACME_GetAttestationRoots(t *testing.T) {
|
|
||||||
appleCA, err := os.ReadFile("testdata/certs/apple-att-ca.crt")
|
|
||||||
if err != nil {
|
|
||||||
t.Fatal(err)
|
|
||||||
}
|
|
||||||
yubicoCA, err := os.ReadFile("testdata/certs/yubico-piv-ca.crt")
|
|
||||||
if err != nil {
|
|
||||||
t.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
pool := x509.NewCertPool()
|
|
||||||
pool.AppendCertsFromPEM(appleCA)
|
|
||||||
pool.AppendCertsFromPEM(yubicoCA)
|
|
||||||
|
|
||||||
type fields struct {
|
|
||||||
Type string
|
|
||||||
Name string
|
|
||||||
AttestationRoots []byte
|
|
||||||
}
|
|
||||||
tests := []struct {
|
|
||||||
name string
|
|
||||||
fields fields
|
|
||||||
want *x509.CertPool
|
|
||||||
want1 bool
|
|
||||||
}{
|
|
||||||
{"ok", fields{"ACME", "acme", bytes.Join([][]byte{appleCA, yubicoCA}, []byte("\n"))}, pool, true},
|
|
||||||
{"nil", fields{"ACME", "acme", nil}, nil, false},
|
|
||||||
{"empty", fields{"ACME", "acme", []byte{}}, nil, false},
|
|
||||||
}
|
|
||||||
for _, tt := range tests {
|
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
|
||||||
p := &ACME{
|
|
||||||
Type: tt.fields.Type,
|
|
||||||
Name: tt.fields.Name,
|
|
||||||
AttestationRoots: tt.fields.AttestationRoots,
|
|
||||||
}
|
|
||||||
if err := p.Init(Config{
|
|
||||||
Claims: globalProvisionerClaims,
|
|
||||||
Audiences: testAudiences,
|
|
||||||
}); err != nil {
|
|
||||||
t.Fatal(err)
|
|
||||||
}
|
|
||||||
got, got1 := p.GetAttestationRoots()
|
|
||||||
if tt.want == nil && got != nil {
|
|
||||||
t.Errorf("ACME.GetAttestationRoots() got = %v, want %v", got, tt.want)
|
|
||||||
} else if !tt.want.Equal(got) {
|
|
||||||
t.Errorf("ACME.GetAttestationRoots() got = %v, want %v", got, tt.want)
|
|
||||||
}
|
|
||||||
if got1 != tt.want1 {
|
|
||||||
t.Errorf("ACME.GetAttestationRoots() got1 = %v, want %v", got1, tt.want1)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
|
@ -35,20 +35,17 @@ const awsIdentityURL = "http://169.254.169.254/latest/dynamic/instance-identity/
|
||||||
const awsSignatureURL = "http://169.254.169.254/latest/dynamic/instance-identity/signature"
|
const awsSignatureURL = "http://169.254.169.254/latest/dynamic/instance-identity/signature"
|
||||||
|
|
||||||
// awsAPITokenURL is the url used to get the IMDSv2 API token
|
// awsAPITokenURL is the url used to get the IMDSv2 API token
|
||||||
// nolint:gosec // no credentials here
|
const awsAPITokenURL = "http://169.254.169.254/latest/api/token" //nolint:gosec // no credentials here
|
||||||
const awsAPITokenURL = "http://169.254.169.254/latest/api/token"
|
|
||||||
|
|
||||||
// awsAPITokenTTL is the default TTL to use when requesting IMDSv2 API tokens
|
// awsAPITokenTTL is the default TTL to use when requesting IMDSv2 API tokens
|
||||||
// -- we keep this short-lived since we get a new token with every call to readURL()
|
// -- we keep this short-lived since we get a new token with every call to readURL()
|
||||||
const awsAPITokenTTL = "30"
|
const awsAPITokenTTL = "30"
|
||||||
|
|
||||||
// awsMetadataTokenHeader is the header that must be passed with every IMDSv2 request
|
// awsMetadataTokenHeader is the header that must be passed with every IMDSv2 request
|
||||||
// nolint:gosec // no credentials here
|
const awsMetadataTokenHeader = "X-aws-ec2-metadata-token" //nolint:gosec // no credentials here
|
||||||
const awsMetadataTokenHeader = "X-aws-ec2-metadata-token"
|
|
||||||
|
|
||||||
// awsMetadataTokenTTLHeader is the header used to indicate the token TTL requested
|
// awsMetadataTokenTTLHeader is the header used to indicate the token TTL requested
|
||||||
// nolint:gosec // no credentials here
|
const awsMetadataTokenTTLHeader = "X-aws-ec2-metadata-token-ttl-seconds" //nolint:gosec // no credentials here
|
||||||
const awsMetadataTokenTTLHeader = "X-aws-ec2-metadata-token-ttl-seconds"
|
|
||||||
|
|
||||||
// awsCertificate is the certificate used to validate the instance identity
|
// awsCertificate is the certificate used to validate the instance identity
|
||||||
// signature.
|
// signature.
|
||||||
|
|
|
@ -24,8 +24,7 @@ import (
|
||||||
// azureOIDCBaseURL is the base discovery url for Microsoft Azure tokens.
|
// azureOIDCBaseURL is the base discovery url for Microsoft Azure tokens.
|
||||||
const azureOIDCBaseURL = "https://login.microsoftonline.com"
|
const azureOIDCBaseURL = "https://login.microsoftonline.com"
|
||||||
|
|
||||||
// azureIdentityTokenURL is the URL to get the identity token for an instance.
|
//nolint:gosec // azureIdentityTokenURL is the URL to get the identity token for an instance.
|
||||||
// nolint:gosec // no credentials here
|
|
||||||
const azureIdentityTokenURL = "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F"
|
const azureIdentityTokenURL = "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https%3A%2F%2Fmanagement.azure.com%2F"
|
||||||
|
|
||||||
// azureDefaultAudience is the default audience used.
|
// azureDefaultAudience is the default audience used.
|
||||||
|
|
|
@ -38,7 +38,8 @@ type Claimer struct {
|
||||||
// NewClaimer initializes a new claimer with the given claims.
|
// NewClaimer initializes a new claimer with the given claims.
|
||||||
func NewClaimer(claims *Claims, global Claims) (*Claimer, error) {
|
func NewClaimer(claims *Claims, global Claims) (*Claimer, error) {
|
||||||
c := &Claimer{global: global, claims: claims}
|
c := &Claimer{global: global, claims: claims}
|
||||||
return c, c.Validate()
|
err := c.Validate()
|
||||||
|
return c, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Claims returns the merge of the inner and global claims.
|
// Claims returns the merge of the inner and global claims.
|
||||||
|
|
|
@ -102,7 +102,6 @@ func (p *GCP) GetID() string {
|
||||||
return p.ID
|
return p.ID
|
||||||
}
|
}
|
||||||
return p.GetIDForToken()
|
return p.GetIDForToken()
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetIDForToken returns an identifier that will be used to load the provisioner
|
// GetIDForToken returns an identifier that will be used to load the provisioner
|
||||||
|
|
|
@ -93,7 +93,6 @@ func (p *K8sSA) GetEncryptedKey() (string, string, bool) {
|
||||||
|
|
||||||
// Init initializes and validates the fields of a K8sSA type.
|
// Init initializes and validates the fields of a K8sSA type.
|
||||||
func (p *K8sSA) Init(config Config) (err error) {
|
func (p *K8sSA) Init(config Config) (err error) {
|
||||||
|
|
||||||
switch {
|
switch {
|
||||||
case p.Type == "":
|
case p.Type == "":
|
||||||
return errors.New("provisioner type cannot be empty")
|
return errors.New("provisioner type cannot be empty")
|
||||||
|
|
|
@ -54,6 +54,7 @@ func (p *noop) AuthorizeSSHSign(ctx context.Context, token string) ([]SignOption
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *noop) AuthorizeSSHRenew(ctx context.Context, token string) (*ssh.Certificate, error) {
|
func (p *noop) AuthorizeSSHRenew(ctx context.Context, token string) (*ssh.Certificate, error) {
|
||||||
|
//nolint:nilnil // fine for noop
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,8 +9,8 @@ type policyEngine struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func newPolicyEngine(options *Options) (*policyEngine, error) {
|
func newPolicyEngine(options *Options) (*policyEngine, error) {
|
||||||
|
|
||||||
if options == nil {
|
if options == nil {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -310,7 +310,6 @@ func (v profileDefaultDuration) Modify(cert *x509.Certificate, so SignOptions) e
|
||||||
if notBefore.IsZero() {
|
if notBefore.IsZero() {
|
||||||
notBefore = now()
|
notBefore = now()
|
||||||
backdate = -1 * so.Backdate
|
backdate = -1 * so.Backdate
|
||||||
|
|
||||||
}
|
}
|
||||||
notAfter := so.NotAfter.RelativeTime(notBefore)
|
notAfter := so.NotAfter.RelativeTime(notBefore)
|
||||||
if notAfter.IsZero() {
|
if notAfter.IsZero() {
|
||||||
|
|
|
@ -287,7 +287,7 @@ func Test_sshCertTypeModifier_Modify(t *testing.T) {
|
||||||
t.Run(name, func(t *testing.T) {
|
t.Run(name, func(t *testing.T) {
|
||||||
tc := run()
|
tc := run()
|
||||||
if assert.Nil(t, tc.modifier.Modify(tc.cert, SignSSHOptions{})) {
|
if assert.Nil(t, tc.modifier.Modify(tc.cert, SignSSHOptions{})) {
|
||||||
assert.Equals(t, tc.cert.CertType, uint32(tc.expected))
|
assert.Equals(t, tc.cert.CertType, tc.expected)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,6 +2,7 @@ package provisioner
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto"
|
"crypto"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"reflect"
|
"reflect"
|
||||||
|
@ -84,9 +85,10 @@ func signSSHCertificate(key crypto.PublicKey, opts SignSSHOptions, signOpts []Si
|
||||||
// Create certificate from template.
|
// Create certificate from template.
|
||||||
certificate, err := sshutil.NewCertificate(cr, certOptions...)
|
certificate, err := sshutil.NewCertificate(cr, certOptions...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if _, ok := err.(*sshutil.TemplateError); ok {
|
var templErr *sshutil.TemplateError
|
||||||
return nil, errs.NewErr(http.StatusBadRequest, err,
|
if errors.As(err, &templErr) {
|
||||||
errs.WithMessage(err.Error()),
|
return nil, errs.NewErr(http.StatusBadRequest, templErr,
|
||||||
|
errs.WithMessage(templErr.Error()),
|
||||||
errs.WithKeyVal("signOptions", signOpts),
|
errs.WithKeyVal("signOptions", signOpts),
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
|
@ -100,7 +100,7 @@ func generateJSONWebKey() (*jose.JSONWebKey, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
jwk.KeyID = string(hex.EncodeToString(fp))
|
jwk.KeyID = hex.EncodeToString(fp)
|
||||||
return jwk, nil
|
return jwk, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -145,7 +145,6 @@ func (a *Authority) generateProvisionerConfig(ctx context.Context) (provisioner.
|
||||||
AuthorizeRenewFunc: a.authorizeRenewFunc,
|
AuthorizeRenewFunc: a.authorizeRenewFunc,
|
||||||
AuthorizeSSHRenewFunc: a.authorizeSSHRenewFunc,
|
AuthorizeSSHRenewFunc: a.authorizeSSHRenewFunc,
|
||||||
}, nil
|
}, nil
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// StoreProvisioner stores a provisioner to the authority.
|
// StoreProvisioner stores a provisioner to the authority.
|
||||||
|
@ -530,6 +529,7 @@ func durationsToLinkedca(d *provisioner.Duration) string {
|
||||||
// certifictes claims type.
|
// certifictes claims type.
|
||||||
func claimsToCertificates(c *linkedca.Claims) (*provisioner.Claims, error) {
|
func claimsToCertificates(c *linkedca.Claims) (*provisioner.Claims, error) {
|
||||||
if c == nil {
|
if c == nil {
|
||||||
|
//nolint:nilnil // nil claims do not pose an issue.
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -140,6 +140,7 @@ func (a *Authority) GetSSHBastion(ctx context.Context, user, hostname string) (*
|
||||||
return a.config.SSH.Bastion, nil
|
return a.config.SSH.Bastion, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
return nil, errs.NotFound("authority.GetSSHBastion; ssh is not configured")
|
return nil, errs.NotFound("authority.GetSSHBastion; ssh is not configured")
|
||||||
|
@ -202,7 +203,8 @@ func (a *Authority) SignSSH(ctx context.Context, key ssh.PublicKey, opts provisi
|
||||||
// Create certificate from template.
|
// Create certificate from template.
|
||||||
certificate, err := sshutil.NewCertificate(cr, certOptions...)
|
certificate, err := sshutil.NewCertificate(cr, certOptions...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if _, ok := err.(*sshutil.TemplateError); ok {
|
var te *sshutil.TemplateError
|
||||||
|
if errors.As(err, &te) {
|
||||||
return nil, errs.ApplyOptions(
|
return nil, errs.ApplyOptions(
|
||||||
errs.BadRequestErr(err, err.Error()),
|
errs.BadRequestErr(err, err.Error()),
|
||||||
errs.WithKeyVal("signOptions", signOpts),
|
errs.WithKeyVal("signOptions", signOpts),
|
||||||
|
@ -281,7 +283,7 @@ func (a *Authority) SignSSH(ctx context.Context, key ssh.PublicKey, opts provisi
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if err = a.storeSSHCertificate(prov, cert); err != nil && err != db.ErrNotImplemented {
|
if err = a.storeSSHCertificate(prov, cert); err != nil && !errors.Is(err, db.ErrNotImplemented) {
|
||||||
return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.SignSSH: error storing certificate in db")
|
return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.SignSSH: error storing certificate in db")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -351,7 +353,7 @@ func (a *Authority) RenewSSH(ctx context.Context, oldCert *ssh.Certificate) (*ss
|
||||||
return nil, errs.Wrap(http.StatusInternalServerError, err, "signSSH: error signing certificate")
|
return nil, errs.Wrap(http.StatusInternalServerError, err, "signSSH: error signing certificate")
|
||||||
}
|
}
|
||||||
|
|
||||||
if err = a.storeRenewedSSHCertificate(prov, oldCert, cert); err != nil && err != db.ErrNotImplemented {
|
if err = a.storeRenewedSSHCertificate(prov, oldCert, cert); err != nil && !errors.Is(err, db.ErrNotImplemented) {
|
||||||
return nil, errs.Wrap(http.StatusInternalServerError, err, "renewSSH: error storing certificate in db")
|
return nil, errs.Wrap(http.StatusInternalServerError, err, "renewSSH: error storing certificate in db")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -434,7 +436,7 @@ func (a *Authority) RekeySSH(ctx context.Context, oldCert *ssh.Certificate, pub
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if err = a.storeRenewedSSHCertificate(prov, oldCert, cert); err != nil && err != db.ErrNotImplemented {
|
if err = a.storeRenewedSSHCertificate(prov, oldCert, cert); err != nil && !errors.Is(err, db.ErrNotImplemented) {
|
||||||
return nil, errs.Wrap(http.StatusInternalServerError, err, "rekeySSH; error storing certificate in db")
|
return nil, errs.Wrap(http.StatusInternalServerError, err, "rekeySSH; error storing certificate in db")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -570,7 +572,7 @@ func (a *Authority) SignSSHAddUser(ctx context.Context, key ssh.PublicKey, subje
|
||||||
}
|
}
|
||||||
cert.Signature = sig
|
cert.Signature = sig
|
||||||
|
|
||||||
if err = a.storeRenewedSSHCertificate(prov, subject, cert); err != nil && err != db.ErrNotImplemented {
|
if err = a.storeRenewedSSHCertificate(prov, subject, cert); err != nil && !errors.Is(err, db.ErrNotImplemented) {
|
||||||
return nil, errs.Wrap(http.StatusInternalServerError, err, "signSSHAddUser: error storing certificate in db")
|
return nil, errs.Wrap(http.StatusInternalServerError, err, "signSSHAddUser: error storing certificate in db")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -589,7 +591,7 @@ func (a *Authority) CheckSSHHost(ctx context.Context, principal, token string) (
|
||||||
}
|
}
|
||||||
exists, err := a.db.IsSSHHost(principal)
|
exists, err := a.db.IsSSHHost(principal)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if err == db.ErrNotImplemented {
|
if errors.Is(err, db.ErrNotImplemented) {
|
||||||
return false, errs.Wrap(http.StatusNotImplemented, err,
|
return false, errs.Wrap(http.StatusNotImplemented, err,
|
||||||
"checkSSHHost: isSSHHost is not implemented")
|
"checkSSHHost: isSSHHost is not implemented")
|
||||||
}
|
}
|
||||||
|
|
|
@ -142,7 +142,8 @@ func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts provisioner.Sign
|
||||||
|
|
||||||
cert, err := x509util.NewCertificate(csr, certOptions...)
|
cert, err := x509util.NewCertificate(csr, certOptions...)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if _, ok := err.(*x509util.TemplateError); ok {
|
var te *x509util.TemplateError
|
||||||
|
if errors.As(err, &te) {
|
||||||
return nil, errs.ApplyOptions(
|
return nil, errs.ApplyOptions(
|
||||||
errs.BadRequestErr(err, err.Error()),
|
errs.BadRequestErr(err, err.Error()),
|
||||||
errs.WithKeyVal("csr", csr),
|
errs.WithKeyVal("csr", csr),
|
||||||
|
@ -244,7 +245,7 @@ func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts provisioner.Sign
|
||||||
|
|
||||||
fullchain := append([]*x509.Certificate{resp.Certificate}, resp.CertificateChain...)
|
fullchain := append([]*x509.Certificate{resp.Certificate}, resp.CertificateChain...)
|
||||||
if err = a.storeCertificate(prov, fullchain); err != nil {
|
if err = a.storeCertificate(prov, fullchain); err != nil {
|
||||||
if err != db.ErrNotImplemented {
|
if !errors.Is(err, db.ErrNotImplemented) {
|
||||||
return nil, errs.Wrap(http.StatusInternalServerError, err,
|
return nil, errs.Wrap(http.StatusInternalServerError, err,
|
||||||
"authority.Sign; error storing certificate in db", opts...)
|
"authority.Sign; error storing certificate in db", opts...)
|
||||||
}
|
}
|
||||||
|
@ -362,7 +363,7 @@ func (a *Authority) Rekey(oldCert *x509.Certificate, pk crypto.PublicKey) ([]*x5
|
||||||
|
|
||||||
fullchain := append([]*x509.Certificate{resp.Certificate}, resp.CertificateChain...)
|
fullchain := append([]*x509.Certificate{resp.Certificate}, resp.CertificateChain...)
|
||||||
if err = a.storeRenewedCertificate(oldCert, fullchain); err != nil {
|
if err = a.storeRenewedCertificate(oldCert, fullchain); err != nil {
|
||||||
if err != db.ErrNotImplemented {
|
if !errors.Is(err, db.ErrNotImplemented) {
|
||||||
return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.Rekey; error storing certificate in db", opts...)
|
return nil, errs.Wrap(http.StatusInternalServerError, err, "authority.Rekey; error storing certificate in db", opts...)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -542,12 +543,12 @@ func (a *Authority) Revoke(ctx context.Context, revokeOpts *RevokeOptions) error
|
||||||
// Save as revoked in the Db.
|
// Save as revoked in the Db.
|
||||||
err = a.revoke(revokedCert, rci)
|
err = a.revoke(revokedCert, rci)
|
||||||
}
|
}
|
||||||
switch err {
|
switch {
|
||||||
case nil:
|
case err == nil:
|
||||||
return nil
|
return nil
|
||||||
case db.ErrNotImplemented:
|
case errors.Is(err, db.ErrNotImplemented):
|
||||||
return errs.NotImplemented("authority.Revoke; no persistence layer configured", opts...)
|
return errs.NotImplemented("authority.Revoke; no persistence layer configured", opts...)
|
||||||
case db.ErrAlreadyExists:
|
case errors.Is(err, db.ErrAlreadyExists):
|
||||||
return errs.ApplyOptions(
|
return errs.ApplyOptions(
|
||||||
errs.BadRequest("certificate with serial number '%s' is already revoked", rci.Serial),
|
errs.BadRequest("certificate with serial number '%s' is already revoked", rci.Serial),
|
||||||
opts...,
|
opts...,
|
||||||
|
@ -667,7 +668,7 @@ func templatingError(err error) error {
|
||||||
)
|
)
|
||||||
if errors.As(err, &syntaxError) {
|
if errors.As(err, &syntaxError) {
|
||||||
// offset is arguably not super clear to the user, but it's the best we can do here
|
// offset is arguably not super clear to the user, but it's the best we can do here
|
||||||
cause = fmt.Errorf("%s at offset %d", cause.Error(), syntaxError.Offset)
|
cause = fmt.Errorf("%w at offset %d", cause, syntaxError.Offset)
|
||||||
} else if errors.As(err, &typeError) {
|
} else if errors.As(err, &typeError) {
|
||||||
// slightly rewriting the default error message to include the offset
|
// slightly rewriting the default error message to include the offset
|
||||||
cause = fmt.Errorf("cannot unmarshal %s at offset %d into Go value of type %s", typeError.Value, typeError.Offset, typeError.Type)
|
cause = fmt.Errorf("cannot unmarshal %s at offset %d into Go value of type %s", typeError.Value, typeError.Offset, typeError.Type)
|
||||||
|
|
|
@ -735,8 +735,8 @@ ZYtQ9Ot36qc=
|
||||||
assert.Equals(t, sc.StatusCode(), tc.code)
|
assert.Equals(t, sc.StatusCode(), tc.code)
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
|
|
||||||
ctxErr, ok := err.(*errs.Error)
|
var ctxErr *errs.Error
|
||||||
assert.Fatal(t, ok, "error is not of type *errs.Error")
|
assert.Fatal(t, errors.As(err, &ctxErr), "error is not of type *errs.Error")
|
||||||
assert.Equals(t, ctxErr.Details["csr"], tc.csr)
|
assert.Equals(t, ctxErr.Details["csr"], tc.csr)
|
||||||
assert.Equals(t, ctxErr.Details["signOptions"], tc.signOpts)
|
assert.Equals(t, ctxErr.Details["signOptions"], tc.signOpts)
|
||||||
}
|
}
|
||||||
|
@ -934,8 +934,8 @@ func TestAuthority_Renew(t *testing.T) {
|
||||||
assert.Equals(t, sc.StatusCode(), tc.code)
|
assert.Equals(t, sc.StatusCode(), tc.code)
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
|
|
||||||
ctxErr, ok := err.(*errs.Error)
|
var ctxErr *errs.Error
|
||||||
assert.Fatal(t, ok, "error is not of type *errs.Error")
|
assert.Fatal(t, errors.As(err, &ctxErr), "error is not of type *errs.Error")
|
||||||
assert.Equals(t, ctxErr.Details["serialNumber"], tc.cert.SerialNumber.String())
|
assert.Equals(t, ctxErr.Details["serialNumber"], tc.cert.SerialNumber.String())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
@ -1141,8 +1141,8 @@ func TestAuthority_Rekey(t *testing.T) {
|
||||||
assert.Equals(t, sc.StatusCode(), tc.code)
|
assert.Equals(t, sc.StatusCode(), tc.code)
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
|
|
||||||
ctxErr, ok := err.(*errs.Error)
|
var ctxErr *errs.Error
|
||||||
assert.Fatal(t, ok, "error is not of type *errs.Error")
|
assert.Fatal(t, errors.As(err, &ctxErr), "error is not of type *errs.Error")
|
||||||
assert.Equals(t, ctxErr.Details["serialNumber"], tc.cert.SerialNumber.String())
|
assert.Equals(t, ctxErr.Details["serialNumber"], tc.cert.SerialNumber.String())
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
@ -1571,8 +1571,8 @@ func TestAuthority_Revoke(t *testing.T) {
|
||||||
assert.Equals(t, sc.StatusCode(), tc.code)
|
assert.Equals(t, sc.StatusCode(), tc.code)
|
||||||
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
assert.HasPrefix(t, err.Error(), tc.err.Error())
|
||||||
|
|
||||||
ctxErr, ok := err.(*errs.Error)
|
var ctxErr *errs.Error
|
||||||
assert.Fatal(t, ok, "error is not of type *errs.Error")
|
assert.Fatal(t, errors.As(err, &ctxErr), "error is not of type *errs.Error")
|
||||||
assert.Equals(t, ctxErr.Details["serialNumber"], tc.opts.Serial)
|
assert.Equals(t, ctxErr.Details["serialNumber"], tc.opts.Serial)
|
||||||
assert.Equals(t, ctxErr.Details["reasonCode"], tc.opts.ReasonCode)
|
assert.Equals(t, ctxErr.Details["reasonCode"], tc.opts.ReasonCode)
|
||||||
assert.Equals(t, ctxErr.Details["reason"], tc.opts.Reason)
|
assert.Equals(t, ctxErr.Details["reason"], tc.opts.Reason)
|
||||||
|
|
|
@ -52,6 +52,7 @@ func NewACMEClient(endpoint string, contact []string, opts ...ClientOption) (*AC
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.Wrapf(err, "client GET %s failed", endpoint)
|
return nil, errors.Wrapf(err, "client GET %s failed", endpoint)
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, readACMEError(resp.Body)
|
return nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -80,6 +81,7 @@ func NewACMEClient(endpoint string, contact []string, opts ...ClientOption) (*AC
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, readACMEError(resp.Body)
|
return nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -111,6 +113,7 @@ func (c *ACMEClient) GetNonce() (string, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", errors.Wrapf(err, "client GET %s failed", c.dir.NewNonce)
|
return "", errors.Wrapf(err, "client GET %s failed", c.dir.NewNonce)
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return "", readACMEError(resp.Body)
|
return "", readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -198,6 +201,7 @@ func (c *ACMEClient) NewOrder(payload []byte) (*acme.Order, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, readACMEError(resp.Body)
|
return nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -218,6 +222,7 @@ func (c *ACMEClient) GetChallenge(url string) (*acme.Challenge, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, readACMEError(resp.Body)
|
return nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -237,6 +242,7 @@ func (c *ACMEClient) ValidateChallenge(url string) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return readACMEError(resp.Body)
|
return readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -250,6 +256,7 @@ func (c *ACMEClient) ValidateWithPayload(url string, payload []byte) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return readACMEError(resp.Body)
|
return readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -262,6 +269,7 @@ func (c *ACMEClient) GetAuthz(url string) (*acme.Authorization, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, readACMEError(resp.Body)
|
return nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -279,6 +287,7 @@ func (c *ACMEClient) GetOrder(url string) (*acme.Order, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, readACMEError(resp.Body)
|
return nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -302,6 +311,7 @@ func (c *ACMEClient) FinalizeOrder(url string, csr *x509.CertificateRequest) err
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return readACMEError(resp.Body)
|
return readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -314,6 +324,7 @@ func (c *ACMEClient) GetCertificate(url string) (*x509.Certificate, []*x509.Cert
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, nil, readACMEError(resp.Body)
|
return nil, nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
@ -350,6 +361,7 @@ func (c *ACMEClient) GetAccountOrders() ([]string, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.StatusCode >= 400 {
|
if resp.StatusCode >= 400 {
|
||||||
return nil, readACMEError(resp.Body)
|
return nil, readACMEError(resp.Body)
|
||||||
}
|
}
|
||||||
|
|
|
@ -116,7 +116,6 @@ func (c *AdminClient) generateAdminToken(aud *url.URL) (string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
return tok.SignedString(c.x5cJWK.Algorithm, c.x5cJWK.Key)
|
return tok.SignedString(c.x5cJWK.Algorithm, c.x5cJWK.Key)
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *AdminClient) retryOnError(r *http.Response) bool {
|
func (c *AdminClient) retryOnError(r *http.Response) bool {
|
||||||
|
|
|
@ -246,6 +246,7 @@ func TestBootstrapServerWithoutMTLS(t *testing.T) {
|
||||||
expected := &http.Server{
|
expected := &http.Server{
|
||||||
TLSConfig: got.TLSConfig,
|
TLSConfig: got.TLSConfig,
|
||||||
}
|
}
|
||||||
|
//nolint:govet // not comparing errors
|
||||||
if !reflect.DeepEqual(got, expected) {
|
if !reflect.DeepEqual(got, expected) {
|
||||||
t.Errorf("BootstrapServer() = %v, want %v", got, expected)
|
t.Errorf("BootstrapServer() = %v, want %v", got, expected)
|
||||||
}
|
}
|
||||||
|
@ -303,6 +304,7 @@ func TestBootstrapServerWithMTLS(t *testing.T) {
|
||||||
expected := &http.Server{
|
expected := &http.Server{
|
||||||
TLSConfig: got.TLSConfig,
|
TLSConfig: got.TLSConfig,
|
||||||
}
|
}
|
||||||
|
//nolint:govet // not comparing errors
|
||||||
if !reflect.DeepEqual(got, expected) {
|
if !reflect.DeepEqual(got, expected) {
|
||||||
t.Errorf("BootstrapServer() = %v, want %v", got, expected)
|
t.Errorf("BootstrapServer() = %v, want %v", got, expected)
|
||||||
}
|
}
|
||||||
|
|
4
ca/ca.go
4
ca/ca.go
|
@ -529,9 +529,9 @@ func (ca *CA) shouldServeSCEPEndpoints() bool {
|
||||||
return ca.auth.GetSCEPService() != nil
|
return ca.auth.GetSCEPService() != nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// nolint // ignore linters to allow keeping this function around for debugging
|
//nolint:unused // useful for debugging
|
||||||
func dumpRoutes(mux chi.Routes) {
|
func dumpRoutes(mux chi.Routes) {
|
||||||
// helpful routine for logging all routes //
|
// helpful routine for logging all routes
|
||||||
walkFunc := func(method string, route string, handler http.Handler, middlewares ...func(http.Handler) http.Handler) error {
|
walkFunc := func(method string, route string, handler http.Handler, middlewares ...func(http.Handler) http.Handler) error {
|
||||||
fmt.Printf("%s %s\n", method, route)
|
fmt.Printf("%s %s\n", method, route)
|
||||||
return nil
|
return nil
|
||||||
|
|
20
ca/client.go
20
ca/client.go
|
@ -120,9 +120,7 @@ type clientOptions struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (o *clientOptions) apply(opts []ClientOption) (err error) {
|
func (o *clientOptions) apply(opts []ClientOption) (err error) {
|
||||||
if err = o.applyDefaultIdentity(); err != nil {
|
o.applyDefaultIdentity()
|
||||||
return
|
|
||||||
}
|
|
||||||
for _, fn := range opts {
|
for _, fn := range opts {
|
||||||
if err = fn(o); err != nil {
|
if err = fn(o); err != nil {
|
||||||
return
|
return
|
||||||
|
@ -133,26 +131,25 @@ func (o *clientOptions) apply(opts []ClientOption) (err error) {
|
||||||
|
|
||||||
// applyDefaultIdentity sets the options for the default identity if the
|
// applyDefaultIdentity sets the options for the default identity if the
|
||||||
// identity file is present. The identity is enabled by default.
|
// identity file is present. The identity is enabled by default.
|
||||||
func (o *clientOptions) applyDefaultIdentity() error {
|
func (o *clientOptions) applyDefaultIdentity() {
|
||||||
if DisableIdentity {
|
if DisableIdentity {
|
||||||
return nil
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Do not load an identity if something fails
|
// Do not load an identity if something fails
|
||||||
i, err := identity.LoadDefaultIdentity()
|
i, err := identity.LoadDefaultIdentity()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil
|
return
|
||||||
}
|
}
|
||||||
if err := i.Validate(); err != nil {
|
if err := i.Validate(); err != nil {
|
||||||
return nil
|
return
|
||||||
}
|
}
|
||||||
crt, err := i.TLSCertificate()
|
crt, err := i.TLSCertificate()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil
|
return
|
||||||
}
|
}
|
||||||
o.certificate = crt
|
o.certificate = crt
|
||||||
o.getClientCertificate = i.GetClientCertificateFunc()
|
o.getClientCertificate = i.GetClientCertificateFunc()
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// checkTransport checks if other ways to set up a transport have been provided.
|
// checkTransport checks if other ways to set up a transport have been provided.
|
||||||
|
@ -241,13 +238,13 @@ func WithTransport(tr http.RoundTripper) ClientOption {
|
||||||
}
|
}
|
||||||
|
|
||||||
// WithInsecure adds a insecure transport that bypasses TLS verification.
|
// WithInsecure adds a insecure transport that bypasses TLS verification.
|
||||||
// nolint:gosec // insecure option
|
|
||||||
func WithInsecure() ClientOption {
|
func WithInsecure() ClientOption {
|
||||||
return func(o *clientOptions) error {
|
return func(o *clientOptions) error {
|
||||||
o.transport = &http.Transport{
|
o.transport = &http.Transport{
|
||||||
Proxy: http.ProxyFromEnvironment,
|
Proxy: http.ProxyFromEnvironment,
|
||||||
TLSClientConfig: &tls.Config{
|
TLSClientConfig: &tls.Config{
|
||||||
MinVersion: tls.VersionTLS12,
|
MinVersion: tls.VersionTLS12,
|
||||||
|
//nolint:gosec // insecure option
|
||||||
InsecureSkipVerify: true,
|
InsecureSkipVerify: true,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -1139,7 +1136,7 @@ retry:
|
||||||
var check api.SSHCheckPrincipalResponse
|
var check api.SSHCheckPrincipalResponse
|
||||||
if err := readJSON(resp.Body, &check); err != nil {
|
if err := readJSON(resp.Body, &check); err != nil {
|
||||||
return nil, errs.Wrapf(http.StatusInternalServerError, err, "error reading %s response",
|
return nil, errs.Wrapf(http.StatusInternalServerError, err, "error reading %s response",
|
||||||
[]interface{}{u, errs.WithMessage("Failed to parse response from /ssh/check-host endpoint")})
|
[]any{u, errs.WithMessage("Failed to parse response from /ssh/check-host endpoint")}...)
|
||||||
}
|
}
|
||||||
return &check, nil
|
return &check, nil
|
||||||
}
|
}
|
||||||
|
@ -1203,6 +1200,7 @@ func (c *Client) RootFingerprint() (string, error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", errors.Wrapf(err, "client GET %s failed", u)
|
return "", errors.Wrapf(err, "client GET %s failed", u)
|
||||||
}
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
if resp.TLS == nil || len(resp.TLS.VerifiedChains) == 0 {
|
if resp.TLS == nil || len(resp.TLS.VerifiedChains) == 0 {
|
||||||
return "", errors.New("missing verified chains")
|
return "", errors.New("missing verified chains")
|
||||||
}
|
}
|
||||||
|
|
|
@ -82,7 +82,6 @@ func LoadClient() (*Client, error) {
|
||||||
Transport: tr,
|
Transport: tr,
|
||||||
},
|
},
|
||||||
}, nil
|
}, nil
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
type defaultsConfig struct {
|
type defaultsConfig struct {
|
||||||
|
|
|
@ -261,6 +261,7 @@ func (i *Identity) GetClientCertificateFunc() func(*tls.CertificateRequestInfo)
|
||||||
// GetCertPool returns a x509.CertPool if the identity defines a custom root.
|
// GetCertPool returns a x509.CertPool if the identity defines a custom root.
|
||||||
func (i *Identity) GetCertPool() (*x509.CertPool, error) {
|
func (i *Identity) GetCertPool() (*x509.CertPool, error) {
|
||||||
if i.Root == "" {
|
if i.Root == "" {
|
||||||
|
//nolint:nilnil // legacy
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
b, err := os.ReadFile(i.Root)
|
b, err := os.ReadFile(i.Root)
|
||||||
|
|
|
@ -182,19 +182,17 @@ func loadProvisionerJWKByKid(client *Client, kid string, password []byte) (*jose
|
||||||
// loadProvisionerJWKByName retrieves the list of provisioners and encrypted key then
|
// loadProvisionerJWKByName retrieves the list of provisioners and encrypted key then
|
||||||
// returns the key of the first provisioner with a matching name that can be successfully
|
// returns the key of the first provisioner with a matching name that can be successfully
|
||||||
// decrypted with the specified password.
|
// decrypted with the specified password.
|
||||||
func loadProvisionerJWKByName(client *Client, name string, password []byte) (key *jose.JSONWebKey, err error) {
|
func loadProvisionerJWKByName(client *Client, name string, password []byte) (*jose.JSONWebKey, error) {
|
||||||
provisioners, err := getProvisioners(client)
|
provisioners, err := getProvisioners(client)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
err = errors.Wrap(err, "error getting the provisioners")
|
return nil, errors.Wrap(err, "error getting the provisioners")
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, provisioner := range provisioners {
|
for _, provisioner := range provisioners {
|
||||||
if provisioner.GetName() == name {
|
if provisioner.GetName() == name {
|
||||||
if _, encryptedKey, ok := provisioner.GetEncryptedKey(); ok {
|
if _, encryptedKey, ok := provisioner.GetEncryptedKey(); ok {
|
||||||
key, err = decryptProvisionerJWK(encryptedKey, password)
|
if key, err := decryptProvisionerJWK(encryptedKey, password); err == nil {
|
||||||
if err == nil {
|
return key, nil
|
||||||
return
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
14
ca/tls.go
14
ca/tls.go
|
@ -105,8 +105,8 @@ func (c *Client) getClientTLSConfig(ctx context.Context, sign *api.SignResponse,
|
||||||
}
|
}
|
||||||
|
|
||||||
tr := getDefaultTransport(tlsConfig)
|
tr := getDefaultTransport(tlsConfig)
|
||||||
// Use mutable tls.Config on renew
|
//nolint:staticcheck // Use mutable tls.Config on renew
|
||||||
tr.DialTLS = c.buildDialTLS(tlsCtx) // nolint:staticcheck,gocritic
|
tr.DialTLS = c.buildDialTLS(tlsCtx)
|
||||||
// tr.DialTLSContext = c.buildDialTLSContext(tlsCtx)
|
// tr.DialTLSContext = c.buildDialTLSContext(tlsCtx)
|
||||||
renewer.RenewCertificate = getRenewFunc(tlsCtx, c, tr, pk)
|
renewer.RenewCertificate = getRenewFunc(tlsCtx, c, tr, pk)
|
||||||
|
|
||||||
|
@ -153,8 +153,8 @@ func (c *Client) GetServerTLSConfig(ctx context.Context, sign *api.SignResponse,
|
||||||
|
|
||||||
// Update renew function with transport
|
// Update renew function with transport
|
||||||
tr := getDefaultTransport(tlsConfig)
|
tr := getDefaultTransport(tlsConfig)
|
||||||
// Use mutable tls.Config on renew
|
//nolint:staticcheck // Use mutable tls.Config on renew
|
||||||
tr.DialTLS = c.buildDialTLS(tlsCtx) // nolint:staticcheck,gocritic
|
tr.DialTLS = c.buildDialTLS(tlsCtx)
|
||||||
// tr.DialTLSContext = c.buildDialTLSContext(tlsCtx)
|
// tr.DialTLSContext = c.buildDialTLSContext(tlsCtx)
|
||||||
renewer.RenewCertificate = getRenewFunc(tlsCtx, c, tr, pk)
|
renewer.RenewCertificate = getRenewFunc(tlsCtx, c, tr, pk)
|
||||||
|
|
||||||
|
@ -194,8 +194,7 @@ func (c *Client) buildDialTLS(ctx *TLSOptionCtx) func(network, addr string) (net
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// buildDialTLSContext returns an implementation of DialTLSContext callback in http.Transport.
|
//nolint:unused // buildDialTLSContext returns an implementation of DialTLSContext callback in http.Transport.
|
||||||
// nolint:unused,gocritic
|
|
||||||
func (c *Client) buildDialTLSContext(tlsCtx *TLSOptionCtx) func(ctx context.Context, network, addr string) (net.Conn, error) {
|
func (c *Client) buildDialTLSContext(tlsCtx *TLSOptionCtx) func(ctx context.Context, network, addr string) (net.Conn, error) {
|
||||||
return func(ctx context.Context, network, addr string) (net.Conn, error) {
|
return func(ctx context.Context, network, addr string) (net.Conn, error) {
|
||||||
d := getDefaultDialer()
|
d := getDefaultDialer()
|
||||||
|
@ -253,8 +252,7 @@ func TLSCertificate(sign *api.SignResponse, pk crypto.PrivateKey) (*tls.Certific
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// nolint:gocritic
|
//nolint:gocritic // using a new variable for clarity
|
||||||
// using a new variable for clarity
|
|
||||||
chain := append(certPEM, caPEM...)
|
chain := append(certPEM, caPEM...)
|
||||||
cert, err := tls.X509KeyPair(chain, keyPEM)
|
cert, err := tls.X509KeyPair(chain, keyPEM)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -59,14 +59,13 @@ func (t Type) String() string {
|
||||||
return strings.ToLower(string(t))
|
return strings.ToLower(string(t))
|
||||||
}
|
}
|
||||||
|
|
||||||
// ErrNotImplemented is the type of error returned if an operation is not
|
// NotImplementedError is the type of error returned if an operation is not implemented.
|
||||||
// implemented.
|
type NotImplementedError struct {
|
||||||
type ErrNotImplemented struct {
|
|
||||||
Message string
|
Message string
|
||||||
}
|
}
|
||||||
|
|
||||||
// ErrNotImplemented implements the error interface.
|
// NotImplementedError implements the error interface.
|
||||||
func (e ErrNotImplemented) Error() string {
|
func (e NotImplementedError) Error() string {
|
||||||
if e.Message != "" {
|
if e.Message != "" {
|
||||||
return e.Message
|
return e.Message
|
||||||
}
|
}
|
||||||
|
@ -75,6 +74,6 @@ func (e ErrNotImplemented) Error() string {
|
||||||
|
|
||||||
// StatusCode implements the StatusCoder interface and returns the HTTP 501
|
// StatusCode implements the StatusCoder interface and returns the HTTP 501
|
||||||
// error.
|
// error.
|
||||||
func (e ErrNotImplemented) StatusCode() int {
|
func (e NotImplementedError) StatusCode() int {
|
||||||
return http.StatusNotImplemented
|
return http.StatusNotImplemented
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,7 +24,7 @@ func TestType_String(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestErrNotImplemented_Error(t *testing.T) {
|
func TestNotImplementedError_Error(t *testing.T) {
|
||||||
type fields struct {
|
type fields struct {
|
||||||
Message string
|
Message string
|
||||||
}
|
}
|
||||||
|
@ -38,17 +38,17 @@ func TestErrNotImplemented_Error(t *testing.T) {
|
||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
e := ErrNotImplemented{
|
e := NotImplementedError{
|
||||||
Message: tt.fields.Message,
|
Message: tt.fields.Message,
|
||||||
}
|
}
|
||||||
if got := e.Error(); got != tt.want {
|
if got := e.Error(); got != tt.want {
|
||||||
t.Errorf("ErrNotImplemented.Error() = %v, want %v", got, tt.want)
|
t.Errorf("NotImplementedError.Error() = %v, want %v", got, tt.want)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestErrNotImplemented_StatusCode(t *testing.T) {
|
func TestNotImplementedError_StatusCode(t *testing.T) {
|
||||||
type fields struct {
|
type fields struct {
|
||||||
Message string
|
Message string
|
||||||
}
|
}
|
||||||
|
@ -62,11 +62,11 @@ func TestErrNotImplemented_StatusCode(t *testing.T) {
|
||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
s := ErrNotImplemented{
|
s := NotImplementedError{
|
||||||
Message: tt.fields.Message,
|
Message: tt.fields.Message,
|
||||||
}
|
}
|
||||||
if got := s.StatusCode(); got != tt.want {
|
if got := s.StatusCode(); got != tt.want {
|
||||||
t.Errorf("ErrNotImplemented.StatusCode() = %v, want %v", got, tt.want)
|
t.Errorf("NotImplementedError.StatusCode() = %v, want %v", got, tt.want)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
@ -104,7 +104,7 @@ MHcCAQEEIN51Rgg6YcQVLeCRzumdw4pjM3VWqFIdCbnsV3Up1e/goAoGCCqGSM49
|
||||||
AwEHoUQDQgAEjJIcDhvvxi7gu4aFkiW/8+E3BfPhmhXU5RlDQusre+MHXc7XYMtk
|
AwEHoUQDQgAEjJIcDhvvxi7gu4aFkiW/8+E3BfPhmhXU5RlDQusre+MHXc7XYMtk
|
||||||
Lm6PXPeTF1DNdS21Ju1G/j1yUykGJOmxkg==
|
Lm6PXPeTF1DNdS21Ju1G/j1yUykGJOmxkg==
|
||||||
-----END EC PRIVATE KEY-----`
|
-----END EC PRIVATE KEY-----`
|
||||||
// nolint:unused,deadcode,gocritic
|
//nolint:unused,gocritic,varcheck
|
||||||
testIntermediateKey = `-----BEGIN EC PRIVATE KEY-----
|
testIntermediateKey = `-----BEGIN EC PRIVATE KEY-----
|
||||||
MHcCAQEEIMMX/XkXGnRDD4fYu7Z4rHACdJn/iyOy2UTwsv+oZ0C+oAoGCCqGSM49
|
MHcCAQEEIMMX/XkXGnRDD4fYu7Z4rHACdJn/iyOy2UTwsv+oZ0C+oAoGCCqGSM49
|
||||||
AwEHoUQDQgAE8u6rGAFj5CZpdzzMogLwUyCMnp0X9wtv4OKDRcpzkYf9PU5GuGA6
|
AwEHoUQDQgAE8u6rGAFj5CZpdzzMogLwUyCMnp0X9wtv4OKDRcpzkYf9PU5GuGA6
|
||||||
|
@ -399,7 +399,7 @@ func TestNew_real(t *testing.T) {
|
||||||
if v, ok := os.LookupEnv("GOOGLE_APPLICATION_CREDENTIALS"); ok {
|
if v, ok := os.LookupEnv("GOOGLE_APPLICATION_CREDENTIALS"); ok {
|
||||||
os.Unsetenv("GOOGLE_APPLICATION_CREDENTIALS")
|
os.Unsetenv("GOOGLE_APPLICATION_CREDENTIALS")
|
||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
os.Setenv("GOOGLE_APPLICATION_CREDENTIALS", v)
|
t.Setenv("GOOGLE_APPLICATION_CREDENTIALS", v)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -881,12 +881,12 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
fake.LROClient = client
|
fake.LROClient = client
|
||||||
|
|
||||||
// Configure mocks
|
// Configure mocks
|
||||||
any := gomock.Any()
|
anee := gomock.Any()
|
||||||
|
|
||||||
// ok root
|
// ok root
|
||||||
m.EXPECT().GetCaPool(any, any).Return(nil, status.Error(codes.NotFound, "not found"))
|
m.EXPECT().GetCaPool(anee, anee).Return(nil, status.Error(codes.NotFound, "not found"))
|
||||||
m.EXPECT().CreateCaPool(any, any).Return(fake.CreateCaPoolOperation("CreateCaPool"), nil)
|
m.EXPECT().CreateCaPool(anee, anee).Return(fake.CreateCaPoolOperation("CreateCaPool"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCaPool",
|
Name: "CreateCaPool",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -895,8 +895,8 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -906,8 +906,8 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "EnableCertificateAuthority",
|
Name: "EnableCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -919,9 +919,9 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
}, nil)
|
}, nil)
|
||||||
|
|
||||||
// ok intermediate
|
// ok intermediate
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -930,15 +930,15 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().CreateCertificate(any, any).Return(&pb.Certificate{
|
m.EXPECT().CreateCertificate(anee, anee).Return(&pb.Certificate{
|
||||||
PemCertificate: testIntermediateCertificate,
|
PemCertificate: testIntermediateCertificate,
|
||||||
PemCertificateChain: []string{testRootCertificate},
|
PemCertificateChain: []string{testRootCertificate},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().ActivateCertificateAuthority(any, any).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
m.EXPECT().ActivateCertificateAuthority(anee, anee).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "ActivateCertificateAuthority",
|
Name: "ActivateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -948,8 +948,8 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "EnableCertificateAuthority",
|
Name: "EnableCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -961,9 +961,9 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
}, nil)
|
}, nil)
|
||||||
|
|
||||||
// ok intermediate local signer
|
// ok intermediate local signer
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -972,11 +972,11 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().ActivateCertificateAuthority(any, any).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
m.EXPECT().ActivateCertificateAuthority(anee, anee).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "ActivateCertificateAuthority",
|
Name: "ActivateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -986,8 +986,8 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "EnableCertificateAuthority",
|
Name: "EnableCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -999,9 +999,9 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
}, nil)
|
}, nil)
|
||||||
|
|
||||||
// ok create key
|
// ok create key
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1011,8 +1011,8 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "EnableCertificateAuthority",
|
Name: "EnableCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1024,30 +1024,30 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
}, nil)
|
}, nil)
|
||||||
|
|
||||||
// fail GetCaPool
|
// fail GetCaPool
|
||||||
m.EXPECT().GetCaPool(any, any).Return(nil, errTest)
|
m.EXPECT().GetCaPool(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail CreateCaPool
|
// fail CreateCaPool
|
||||||
m.EXPECT().GetCaPool(any, any).Return(nil, status.Error(codes.NotFound, "not found"))
|
m.EXPECT().GetCaPool(anee, anee).Return(nil, status.Error(codes.NotFound, "not found"))
|
||||||
m.EXPECT().CreateCaPool(any, any).Return(nil, errTest)
|
m.EXPECT().CreateCaPool(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail CreateCaPool.Wait
|
// fail CreateCaPool.Wait
|
||||||
m.EXPECT().GetCaPool(any, any).Return(nil, status.Error(codes.NotFound, "not found"))
|
m.EXPECT().GetCaPool(anee, anee).Return(nil, status.Error(codes.NotFound, "not found"))
|
||||||
m.EXPECT().CreateCaPool(any, any).Return(fake.CreateCaPoolOperation("CreateCaPool"), nil)
|
m.EXPECT().CreateCaPool(anee, anee).Return(fake.CreateCaPoolOperation("CreateCaPool"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(nil, errTest)
|
mos.EXPECT().GetOperation(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail CreateCertificateAuthority
|
// fail CreateCertificateAuthority
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(nil, errTest)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail CreateCertificateAuthority.Wait
|
// fail CreateCertificateAuthority.Wait
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(nil, errTest)
|
mos.EXPECT().GetOperation(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail EnableCertificateAuthority
|
// fail EnableCertificateAuthority
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1057,12 +1057,12 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(nil, errTest)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail EnableCertificateAuthority.Wait
|
// fail EnableCertificateAuthority.Wait
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1072,13 +1072,13 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(nil, errTest)
|
mos.EXPECT().GetOperation(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail EnableCertificateAuthority intermediate
|
// fail EnableCertificateAuthority intermediate
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1087,15 +1087,15 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().CreateCertificate(any, any).Return(&pb.Certificate{
|
m.EXPECT().CreateCertificate(anee, anee).Return(&pb.Certificate{
|
||||||
PemCertificate: testIntermediateCertificate,
|
PemCertificate: testIntermediateCertificate,
|
||||||
PemCertificateChain: []string{testRootCertificate},
|
PemCertificateChain: []string{testRootCertificate},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().ActivateCertificateAuthority(any, any).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
m.EXPECT().ActivateCertificateAuthority(anee, anee).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "ActivateCertificateAuthority",
|
Name: "ActivateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1105,12 +1105,12 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(nil, errTest)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail EnableCertificateAuthority.Wait intermediate
|
// fail EnableCertificateAuthority.Wait intermediate
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1119,15 +1119,15 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().CreateCertificate(any, any).Return(&pb.Certificate{
|
m.EXPECT().CreateCertificate(anee, anee).Return(&pb.Certificate{
|
||||||
PemCertificate: testIntermediateCertificate,
|
PemCertificate: testIntermediateCertificate,
|
||||||
PemCertificateChain: []string{testRootCertificate},
|
PemCertificateChain: []string{testRootCertificate},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().ActivateCertificateAuthority(any, any).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
m.EXPECT().ActivateCertificateAuthority(anee, anee).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "ActivateCertificateAuthority",
|
Name: "ActivateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1137,13 +1137,13 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().EnableCertificateAuthority(any, any).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
m.EXPECT().EnableCertificateAuthority(anee, anee).Return(fake.EnableCertificateAuthorityOperation("EnableCertificateAuthorityOperation"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(nil, errTest)
|
mos.EXPECT().GetOperation(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail FetchCertificateAuthorityCsr
|
// fail FetchCertificateAuthorityCsr
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1152,12 +1152,12 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(nil, errTest)
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail CreateCertificate
|
// fail CreateCertificate
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1166,15 +1166,15 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().CreateCertificate(any, any).Return(nil, errTest)
|
m.EXPECT().CreateCertificate(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail ActivateCertificateAuthority
|
// fail ActivateCertificateAuthority
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1183,19 +1183,19 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().CreateCertificate(any, any).Return(&pb.Certificate{
|
m.EXPECT().CreateCertificate(anee, anee).Return(&pb.Certificate{
|
||||||
PemCertificate: testIntermediateCertificate,
|
PemCertificate: testIntermediateCertificate,
|
||||||
PemCertificateChain: []string{testRootCertificate},
|
PemCertificateChain: []string{testRootCertificate},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().ActivateCertificateAuthority(any, any).Return(nil, errTest)
|
m.EXPECT().ActivateCertificateAuthority(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail ActivateCertificateAuthority.Wait
|
// fail ActivateCertificateAuthority.Wait
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1204,20 +1204,20 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().CreateCertificate(any, any).Return(&pb.Certificate{
|
m.EXPECT().CreateCertificate(anee, anee).Return(&pb.Certificate{
|
||||||
PemCertificate: testIntermediateCertificate,
|
PemCertificate: testIntermediateCertificate,
|
||||||
PemCertificateChain: []string{testRootCertificate},
|
PemCertificateChain: []string{testRootCertificate},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().ActivateCertificateAuthority(any, any).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
m.EXPECT().ActivateCertificateAuthority(anee, anee).Return(fake.ActivateCertificateAuthorityOperation("ActivateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(nil, errTest)
|
mos.EXPECT().GetOperation(anee, anee).Return(nil, errTest)
|
||||||
|
|
||||||
// fail x509util.CreateCertificate
|
// fail x509util.CreateCertificate
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1226,14 +1226,14 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: testIntermediateCsr,
|
PemCsr: testIntermediateCsr,
|
||||||
}, nil)
|
}, nil)
|
||||||
|
|
||||||
// fail parseCertificateRequest
|
// fail parseCertificateRequest
|
||||||
m.EXPECT().GetCaPool(any, any).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
m.EXPECT().GetCaPool(anee, anee).Return(&pb.CaPool{Name: testCaPoolName}, nil)
|
||||||
m.EXPECT().CreateCertificateAuthority(any, any).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
m.EXPECT().CreateCertificateAuthority(anee, anee).Return(fake.CreateCertificateAuthorityOperation("CreateCertificateAuthority"), nil)
|
||||||
mos.EXPECT().GetOperation(any, any).Return(&longrunningpb.Operation{
|
mos.EXPECT().GetOperation(anee, anee).Return(&longrunningpb.Operation{
|
||||||
Name: "CreateCertificateAuthority",
|
Name: "CreateCertificateAuthority",
|
||||||
Done: true,
|
Done: true,
|
||||||
Result: &longrunningpb.Operation_Response{
|
Result: &longrunningpb.Operation_Response{
|
||||||
|
@ -1242,7 +1242,7 @@ func TestCloudCAS_CreateCertificateAuthority(t *testing.T) {
|
||||||
})).(*anypb.Any),
|
})).(*anypb.Any),
|
||||||
},
|
},
|
||||||
}, nil)
|
}, nil)
|
||||||
m.EXPECT().FetchCertificateAuthorityCsr(any, any).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
m.EXPECT().FetchCertificateAuthorityCsr(anee, anee).Return(&pb.FetchCertificateAuthorityCsrResponse{
|
||||||
PemCsr: "Not a CSR",
|
PemCsr: "Not a CSR",
|
||||||
}, nil)
|
}, nil)
|
||||||
|
|
||||||
|
|
|
@ -215,7 +215,6 @@ func (c *SoftCAS) getCertSigner() ([]*x509.Certificate, crypto.Signer, error) {
|
||||||
return c.CertificateSigner()
|
return c.CertificateSigner()
|
||||||
}
|
}
|
||||||
return c.CertificateChain, c.Signer, nil
|
return c.CertificateChain, c.Signer, nil
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// createKey uses the configured kms to create a key.
|
// createKey uses the configured kms to create a key.
|
||||||
|
|
|
@ -261,9 +261,6 @@ func TestSoftCAS_CreateCertificate(t *testing.T) {
|
||||||
tmplNotBefore := *testTemplate
|
tmplNotBefore := *testTemplate
|
||||||
tmplNotBefore.NotBefore = testNow
|
tmplNotBefore.NotBefore = testNow
|
||||||
|
|
||||||
tmplNotAfter := *testTemplate
|
|
||||||
tmplNotAfter.NotAfter = testNow.Add(24 * time.Hour)
|
|
||||||
|
|
||||||
tmplWithLifetime := *testTemplate
|
tmplWithLifetime := *testTemplate
|
||||||
tmplWithLifetime.NotBefore = testNow
|
tmplWithLifetime.NotBefore = testNow
|
||||||
tmplWithLifetime.NotAfter = testNow.Add(24 * time.Hour)
|
tmplWithLifetime.NotAfter = testNow.Add(24 * time.Hour)
|
||||||
|
|
|
@ -15,11 +15,11 @@ import (
|
||||||
type mockErrIssuer struct{}
|
type mockErrIssuer struct{}
|
||||||
|
|
||||||
func (m mockErrIssuer) SignToken(subject string, sans []string, info *raInfo) (string, error) {
|
func (m mockErrIssuer) SignToken(subject string, sans []string, info *raInfo) (string, error) {
|
||||||
return "", apiv1.ErrNotImplemented{}
|
return "", apiv1.NotImplementedError{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m mockErrIssuer) RevokeToken(subject string) (string, error) {
|
func (m mockErrIssuer) RevokeToken(subject string) (string, error) {
|
||||||
return "", apiv1.ErrNotImplemented{}
|
return "", apiv1.NotImplementedError{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m mockErrIssuer) Lifetime(d time.Duration) time.Duration {
|
func (m mockErrIssuer) Lifetime(d time.Duration) time.Duration {
|
||||||
|
@ -29,7 +29,7 @@ func (m mockErrIssuer) Lifetime(d time.Duration) time.Duration {
|
||||||
type mockErrSigner struct{}
|
type mockErrSigner struct{}
|
||||||
|
|
||||||
func (s *mockErrSigner) Sign(payload []byte) (*jose.JSONWebSignature, error) {
|
func (s *mockErrSigner) Sign(payload []byte) (*jose.JSONWebSignature, error) {
|
||||||
return nil, apiv1.ErrNotImplemented{}
|
return nil, apiv1.NotImplementedError{}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *mockErrSigner) Options() jose.SignerOptions {
|
func (s *mockErrSigner) Options() jose.SignerOptions {
|
||||||
|
|
|
@ -101,7 +101,7 @@ func (s *StepCAS) CreateCertificate(req *apiv1.CreateCertificateRequest) (*apiv1
|
||||||
// RenewCertificate will always return a non-implemented error as mTLS renewals
|
// RenewCertificate will always return a non-implemented error as mTLS renewals
|
||||||
// are not supported yet.
|
// are not supported yet.
|
||||||
func (s *StepCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error) {
|
func (s *StepCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error) {
|
||||||
return nil, apiv1.ErrNotImplemented{Message: "stepCAS does not support mTLS renewals"}
|
return nil, apiv1.NotImplementedError{Message: "stepCAS does not support mTLS renewals"}
|
||||||
}
|
}
|
||||||
|
|
||||||
// RevokeCertificate revokes a certificate.
|
// RevokeCertificate revokes a certificate.
|
||||||
|
|
|
@ -162,7 +162,7 @@ func (v *VaultCAS) GetCertificateAuthority(req *apiv1.GetCertificateAuthorityReq
|
||||||
// RenewCertificate will always return a non-implemented error as renewals
|
// RenewCertificate will always return a non-implemented error as renewals
|
||||||
// are not supported yet.
|
// are not supported yet.
|
||||||
func (v *VaultCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error) {
|
func (v *VaultCAS) RenewCertificate(req *apiv1.RenewCertificateRequest) (*apiv1.RenewCertificateResponse, error) {
|
||||||
return nil, apiv1.ErrNotImplemented{Message: "vaultCAS does not support renewals"}
|
return nil, apiv1.NotImplementedError{Message: "vaultCAS does not support renewals"}
|
||||||
}
|
}
|
||||||
|
|
||||||
// RevokeCertificate revokes a certificate by serial number.
|
// RevokeCertificate revokes a certificate by serial number.
|
||||||
|
|
|
@ -176,7 +176,11 @@ $ step-ca --context=mybiz --password-file ./password.txt
|
||||||
debugProfAddr := os.Getenv("STEP_PROF_ADDR")
|
debugProfAddr := os.Getenv("STEP_PROF_ADDR")
|
||||||
if debugProfAddr != "" {
|
if debugProfAddr != "" {
|
||||||
go func() {
|
go func() {
|
||||||
log.Println(http.ListenAndServe(debugProfAddr, nil))
|
srv := http.Server{
|
||||||
|
Addr: debugProfAddr,
|
||||||
|
ReadHeaderTimeout: 15 * time.Second,
|
||||||
|
}
|
||||||
|
log.Println(srv.ListenAndServe())
|
||||||
}()
|
}()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -196,7 +196,7 @@ To get a linked authority token:
|
||||||
}
|
}
|
||||||
|
|
||||||
go ca.StopReloaderHandler(srv)
|
go ca.StopReloaderHandler(srv)
|
||||||
if err = srv.Run(); err != nil && err != http.ErrServerClosed {
|
if err = srv.Run(); err != nil && !errors.Is(err, http.ErrServerClosed) {
|
||||||
fatal(err)
|
fatal(err)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -97,6 +97,7 @@ func onboardAction(ctx *cli.Context) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errors.Wrap(err, "error connecting onboarding guide")
|
return errors.Wrap(err, "error connecting onboarding guide")
|
||||||
}
|
}
|
||||||
|
defer res.Body.Close()
|
||||||
if res.StatusCode >= 400 {
|
if res.StatusCode >= 400 {
|
||||||
var msg onboardingError
|
var msg onboardingError
|
||||||
if err := readJSON(res.Body, &msg); err != nil {
|
if err := readJSON(res.Body, &msg); err != nil {
|
||||||
|
@ -158,7 +159,7 @@ func onboardAction(ctx *cli.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
go ca.StopReloaderHandler(srv)
|
go ca.StopReloaderHandler(srv)
|
||||||
if err := srv.Run(); err != nil && err != http.ErrServerClosed {
|
if err := srv.Run(); err != nil && !errors.Is(err, http.ErrServerClosed) {
|
||||||
fatal(err)
|
fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -92,7 +92,8 @@ func Wrap(status int, e error, m string, args ...interface{}) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
_, opts := splitOptionArgs(args)
|
_, opts := splitOptionArgs(args)
|
||||||
if err, ok := e.(*Error); ok {
|
var err *Error
|
||||||
|
if errors.As(e, &err) {
|
||||||
err.Err = errors.Wrap(err.Err, m)
|
err.Err = errors.Wrap(err.Err, m)
|
||||||
e = err
|
e = err
|
||||||
} else {
|
} else {
|
||||||
|
@ -108,7 +109,8 @@ func Wrapf(status int, e error, format string, args ...interface{}) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
as, opts := splitOptionArgs(args)
|
as, opts := splitOptionArgs(args)
|
||||||
if err, ok := e.(*Error); ok {
|
var err *Error
|
||||||
|
if errors.As(e, &err) {
|
||||||
err.Err = errors.Wrapf(err.Err, format, args...)
|
err.Err = errors.Wrapf(err.Err, format, args...)
|
||||||
e = err
|
e = err
|
||||||
} else {
|
} else {
|
||||||
|
@ -246,7 +248,8 @@ func New(status int, format string, args ...interface{}) error {
|
||||||
|
|
||||||
// NewError creates a new http error with the given error and message.
|
// NewError creates a new http error with the given error and message.
|
||||||
func NewError(status int, err error, format string, args ...interface{}) error {
|
func NewError(status int, err error, format string, args ...interface{}) error {
|
||||||
if _, ok := err.(*Error); ok {
|
var e *Error
|
||||||
|
if errors.As(err, &e) {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
msg := fmt.Sprintf(format, args...)
|
msg := fmt.Sprintf(format, args...)
|
||||||
|
@ -263,11 +266,8 @@ func NewError(status int, err error, format string, args ...interface{}) error {
|
||||||
// NewErr returns a new Error. If the given error implements the StatusCoder
|
// NewErr returns a new Error. If the given error implements the StatusCoder
|
||||||
// interface we will ignore the given status.
|
// interface we will ignore the given status.
|
||||||
func NewErr(status int, err error, opts ...Option) error {
|
func NewErr(status int, err error, opts ...Option) error {
|
||||||
var (
|
var e *Error
|
||||||
e *Error
|
if !errors.As(err, &e) {
|
||||||
ok bool
|
|
||||||
)
|
|
||||||
if e, ok = err.(*Error); !ok {
|
|
||||||
if sc, ok := err.(render.StatusCodedError); ok {
|
if sc, ok := err.(render.StatusCodedError); ok {
|
||||||
e = &Error{Status: sc.StatusCode(), Err: err}
|
e = &Error{Status: sc.StatusCode(), Err: err}
|
||||||
} else {
|
} else {
|
||||||
|
@ -299,7 +299,8 @@ func Errorf(code int, format string, args ...interface{}) error {
|
||||||
// ApplyOptions applies the given options to the error if is the type *Error.
|
// ApplyOptions applies the given options to the error if is the type *Error.
|
||||||
// TODO(mariano): try to get rid of this.
|
// TODO(mariano): try to get rid of this.
|
||||||
func ApplyOptions(err error, opts ...interface{}) error {
|
func ApplyOptions(err error, opts ...interface{}) error {
|
||||||
if e, ok := err.(*Error); ok {
|
var e *Error
|
||||||
|
if errors.As(err, &e) {
|
||||||
_, o := splitOptionArgs(opts)
|
_, o := splitOptionArgs(opts)
|
||||||
for _, fn := range o {
|
for _, fn := range o {
|
||||||
fn(e)
|
fn(e)
|
||||||
|
|
|
@ -57,6 +57,7 @@ func TestError_UnmarshalJSON(t *testing.T) {
|
||||||
if err := e.UnmarshalJSON(tt.args.data); (err != nil) != tt.wantErr {
|
if err := e.UnmarshalJSON(tt.args.data); (err != nil) != tt.wantErr {
|
||||||
t.Errorf("Error.UnmarshalJSON() error = %v, wantErr %v", err, tt.wantErr)
|
t.Errorf("Error.UnmarshalJSON() error = %v, wantErr %v", err, tt.wantErr)
|
||||||
}
|
}
|
||||||
|
//nolint:govet // best option
|
||||||
if !reflect.DeepEqual(tt.expected, e) {
|
if !reflect.DeepEqual(tt.expected, e) {
|
||||||
t.Errorf("Error.UnmarshalJSON() wants = %+v, got %+v", tt.expected, e)
|
t.Errorf("Error.UnmarshalJSON() wants = %+v, got %+v", tt.expected, e)
|
||||||
}
|
}
|
||||||
|
|
12
go.mod
12
go.mod
|
@ -13,9 +13,12 @@ require (
|
||||||
github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
|
github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
|
||||||
github.com/aws/aws-sdk-go v1.44.37 // indirect
|
github.com/aws/aws-sdk-go v1.44.37 // indirect
|
||||||
github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd // indirect
|
github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd // indirect
|
||||||
|
github.com/fatih/color v1.9.0 // indirect
|
||||||
github.com/fxamacker/cbor/v2 v2.4.0
|
github.com/fxamacker/cbor/v2 v2.4.0
|
||||||
github.com/go-chi/chi v4.1.2+incompatible
|
github.com/go-chi/chi v4.1.2+incompatible
|
||||||
|
github.com/go-kit/kit v0.10.0 // indirect
|
||||||
github.com/go-piv/piv-go v1.10.0 // indirect
|
github.com/go-piv/piv-go v1.10.0 // indirect
|
||||||
|
github.com/go-sql-driver/mysql v1.6.0 // indirect
|
||||||
github.com/golang/mock v1.6.0
|
github.com/golang/mock v1.6.0
|
||||||
github.com/google/go-cmp v0.5.8
|
github.com/google/go-cmp v0.5.8
|
||||||
github.com/google/uuid v1.3.0
|
github.com/google/uuid v1.3.0
|
||||||
|
@ -41,8 +44,9 @@ require (
|
||||||
go.step.sm/cli-utils v0.7.4
|
go.step.sm/cli-utils v0.7.4
|
||||||
go.step.sm/crypto v0.19.0
|
go.step.sm/crypto v0.19.0
|
||||||
go.step.sm/linkedca v0.19.0-rc.1
|
go.step.sm/linkedca v0.19.0-rc.1
|
||||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3
|
golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0
|
||||||
golang.org/x/net v0.0.0-20220607020251-c690dde0001d
|
golang.org/x/net v0.0.0-20220920203100-d0c6ba3f52d9
|
||||||
|
golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 // indirect
|
||||||
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
|
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
|
||||||
google.golang.org/api v0.84.0
|
google.golang.org/api v0.84.0
|
||||||
google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad
|
google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad
|
||||||
|
@ -78,10 +82,7 @@ require (
|
||||||
github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 // indirect
|
github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 // indirect
|
||||||
github.com/dimchansky/utfbom v1.1.1 // indirect
|
github.com/dimchansky/utfbom v1.1.1 // indirect
|
||||||
github.com/dustin/go-humanize v1.0.0 // indirect
|
github.com/dustin/go-humanize v1.0.0 // indirect
|
||||||
github.com/fatih/color v1.7.0 // indirect
|
|
||||||
github.com/go-kit/kit v0.9.0 // indirect
|
|
||||||
github.com/go-logfmt/logfmt v0.5.0 // indirect
|
github.com/go-logfmt/logfmt v0.5.0 // indirect
|
||||||
github.com/go-sql-driver/mysql v1.5.0 // indirect
|
|
||||||
github.com/golang-jwt/jwt/v4 v4.2.0 // indirect
|
github.com/golang-jwt/jwt/v4 v4.2.0 // indirect
|
||||||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
|
||||||
github.com/golang/protobuf v1.5.2 // indirect
|
github.com/golang/protobuf v1.5.2 // indirect
|
||||||
|
@ -139,7 +140,6 @@ require (
|
||||||
go.opencensus.io v0.23.0 // indirect
|
go.opencensus.io v0.23.0 // indirect
|
||||||
go.uber.org/atomic v1.9.0 // indirect
|
go.uber.org/atomic v1.9.0 // indirect
|
||||||
golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb // indirect
|
golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb // indirect
|
||||||
golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d // indirect
|
|
||||||
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b // indirect
|
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b // indirect
|
||||||
google.golang.org/appengine v1.6.7 // indirect
|
google.golang.org/appengine v1.6.7 // indirect
|
||||||
gopkg.in/yaml.v3 v3.0.0 // indirect
|
gopkg.in/yaml.v3 v3.0.0 // indirect
|
||||||
|
|
184
go.sum
184
go.sum
|
@ -92,6 +92,7 @@ github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBp
|
||||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||||
github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
|
github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
|
||||||
|
github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
|
||||||
github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
|
github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
|
||||||
github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
|
github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
|
||||||
github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
|
github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
|
||||||
|
@ -103,26 +104,40 @@ github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmy
|
||||||
github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk=
|
github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk=
|
||||||
github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE=
|
github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE=
|
||||||
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
|
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
|
||||||
|
github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
|
||||||
|
github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
|
||||||
github.com/ThalesIgnite/crypto11 v1.2.5 h1:1IiIIEqYmBvUYFeMnHqRft4bwf/O36jryEUpY+9ef8E=
|
github.com/ThalesIgnite/crypto11 v1.2.5 h1:1IiIIEqYmBvUYFeMnHqRft4bwf/O36jryEUpY+9ef8E=
|
||||||
github.com/ThalesIgnite/crypto11 v1.2.5/go.mod h1:ILDKtnCKiQ7zRoNxcp36Y1ZR8LBPmR2E23+wTQe/MlE=
|
github.com/ThalesIgnite/crypto11 v1.2.5/go.mod h1:ILDKtnCKiQ7zRoNxcp36Y1ZR8LBPmR2E23+wTQe/MlE=
|
||||||
|
github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
|
||||||
|
github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c=
|
||||||
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
|
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
|
||||||
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
|
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
|
||||||
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
||||||
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
|
||||||
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
|
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
|
||||||
|
github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
|
||||||
|
github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
|
||||||
|
github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
|
||||||
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
|
github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
|
||||||
|
github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
|
||||||
github.com/armon/go-metrics v0.3.9 h1:O2sNqxBdvq8Eq5xmzljcYzAORli6RWCvEym4cJf9m18=
|
github.com/armon/go-metrics v0.3.9 h1:O2sNqxBdvq8Eq5xmzljcYzAORli6RWCvEym4cJf9m18=
|
||||||
github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc=
|
github.com/armon/go-metrics v0.3.9/go.mod h1:4O98XIr/9W0sxpJ8UaYkvjk10Iff7SnFrb4QAOwNTFc=
|
||||||
github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
|
github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
|
||||||
github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
|
github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
|
||||||
github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
|
github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
|
||||||
|
github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a/go.mod h1:DAHtR1m6lCRdSC2Tm3DSWRPvIPr6xNKyeHdqDQSQT+A=
|
||||||
|
github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU=
|
||||||
|
github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||||
github.com/aws/aws-sdk-go v1.44.37 h1:KvDxCX6dfJeEDC77U5GPGSP0ErecmNnhDHFxw+NIvlI=
|
github.com/aws/aws-sdk-go v1.44.37 h1:KvDxCX6dfJeEDC77U5GPGSP0ErecmNnhDHFxw+NIvlI=
|
||||||
github.com/aws/aws-sdk-go v1.44.37/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
github.com/aws/aws-sdk-go v1.44.37/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo=
|
||||||
|
github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
|
||||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||||
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
||||||
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
|
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
|
||||||
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
|
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
|
||||||
github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps=
|
github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps=
|
||||||
|
github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
|
||||||
|
github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
|
||||||
github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c=
|
github.com/cenkalti/backoff/v3 v3.0.0 h1:ske+9nBpD9qZsTBoF41nW5L+AIuFBKMeze18XQ3eG1c=
|
||||||
github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs=
|
github.com/cenkalti/backoff/v3 v3.0.0/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs=
|
||||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||||
|
@ -137,6 +152,7 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWs
|
||||||
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
|
||||||
github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag=
|
github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag=
|
||||||
github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I=
|
github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I=
|
||||||
|
github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
|
||||||
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
|
||||||
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
|
||||||
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
|
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
|
||||||
|
@ -149,11 +165,15 @@ github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWH
|
||||||
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
||||||
github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I=
|
github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I=
|
||||||
github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
|
github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
|
||||||
|
github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
|
||||||
|
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
|
||||||
github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
|
github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
|
||||||
github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
|
github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
|
||||||
github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
|
github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
|
||||||
|
github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
|
||||||
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
|
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
|
||||||
github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
|
github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
|
||||||
|
github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
|
||||||
github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
|
github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM=
|
github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM=
|
||||||
|
@ -171,13 +191,20 @@ github.com/dgraph-io/ristretto v0.0.2/go.mod h1:KPxhHT9ZxKefz+PCeOGsrHpl1qZ7i70d
|
||||||
github.com/dgraph-io/ristretto v0.0.3-0.20200630154024-f66de99634de/go.mod h1:KPxhHT9ZxKefz+PCeOGsrHpl1qZ7i70dGTu2u+Ahh6E=
|
github.com/dgraph-io/ristretto v0.0.3-0.20200630154024-f66de99634de/go.mod h1:KPxhHT9ZxKefz+PCeOGsrHpl1qZ7i70dGTu2u+Ahh6E=
|
||||||
github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd h1:KoJOtZf+6wpQaDTuOWGuo61GxcPBIfhwRxRTaTWGCTc=
|
github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd h1:KoJOtZf+6wpQaDTuOWGuo61GxcPBIfhwRxRTaTWGCTc=
|
||||||
github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd/go.mod h1:YylP9MpCYGVZQrly/j/diqcdUetCRRePeBB0c2VGXsA=
|
github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd/go.mod h1:YylP9MpCYGVZQrly/j/diqcdUetCRRePeBB0c2VGXsA=
|
||||||
|
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
|
||||||
github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
|
github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
|
||||||
github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WAFKLNi6ZS0675eEUC9y3AlwSbQu1Y=
|
github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WAFKLNi6ZS0675eEUC9y3AlwSbQu1Y=
|
||||||
github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
|
github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
|
||||||
github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
|
github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
|
||||||
github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
|
github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
|
||||||
|
github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
||||||
github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
|
github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
|
||||||
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
||||||
|
github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
|
||||||
|
github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
|
||||||
|
github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
|
||||||
|
github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
|
||||||
|
github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
||||||
|
@ -189,10 +216,13 @@ github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.
|
||||||
github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
|
github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE=
|
||||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||||
github.com/evanphx/json-patch/v5 v5.5.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4=
|
github.com/evanphx/json-patch/v5 v5.5.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4=
|
||||||
github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys=
|
|
||||||
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
|
github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
|
||||||
|
github.com/fatih/color v1.9.0 h1:8xPHl4/q1VyqGIPif1F+1V3Y3lSmrq01EabUW3CoW5s=
|
||||||
|
github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU=
|
||||||
github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
|
github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
|
||||||
github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
|
github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
|
||||||
|
github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
|
||||||
|
github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20=
|
||||||
github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y=
|
github.com/frankban/quicktest v1.10.0/go.mod h1:ui7WezCLWMWxVWr1GETZY3smRy0G4KWq9vcPtJmFl7Y=
|
||||||
github.com/frankban/quicktest v1.13.0 h1:yNZif1OkDfNoDfb9zZa9aXIpejNR4F23Wely0c+Qdqk=
|
github.com/frankban/quicktest v1.13.0 h1:yNZif1OkDfNoDfb9zZa9aXIpejNR4F23Wely0c+Qdqk=
|
||||||
github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU=
|
github.com/frankban/quicktest v1.13.0/go.mod h1:qLE0fzW0VuyUAJgPU19zByoIr0HtCHN/r/VLSOOIySU=
|
||||||
|
@ -208,8 +238,9 @@ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2
|
||||||
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
|
||||||
github.com/go-kit/kit v0.4.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
github.com/go-kit/kit v0.4.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
||||||
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
||||||
github.com/go-kit/kit v0.9.0 h1:wDJmvq38kDhkVxi50ni9ykkdUr1PKgqKOoi01fa0Mdk=
|
|
||||||
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
|
||||||
|
github.com/go-kit/kit v0.10.0 h1:dXFJfIHVvUcpSgDOV+Ne6t7jXri8Tfv2uOLHUZ2XNuo=
|
||||||
|
github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
|
||||||
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
|
github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
|
||||||
github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q=
|
github.com/go-ldap/ldap/v3 v3.1.10/go.mod h1:5Zun81jBTabRaI8lzN7E1JjyEl1g6zI6u9pd8luAK4Q=
|
||||||
github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
|
github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
|
||||||
|
@ -218,8 +249,10 @@ github.com/go-logfmt/logfmt v0.5.0 h1:TrB8swr/68K7m9CcGut2g3UOihhbcbiMAYiuTXdEih
|
||||||
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
|
github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
|
||||||
github.com/go-piv/piv-go v1.10.0 h1:P1Y1VjBI5DnXW0+YkKmTuh5opWnMIrKriUaIOblee9Q=
|
github.com/go-piv/piv-go v1.10.0 h1:P1Y1VjBI5DnXW0+YkKmTuh5opWnMIrKriUaIOblee9Q=
|
||||||
github.com/go-piv/piv-go v1.10.0/go.mod h1:NZ2zmjVkfFaL/CF8cVQ/pXdXtuj110zEKGdJM6fJZZM=
|
github.com/go-piv/piv-go v1.10.0/go.mod h1:NZ2zmjVkfFaL/CF8cVQ/pXdXtuj110zEKGdJM6fJZZM=
|
||||||
github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs=
|
github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
|
||||||
github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
|
github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
|
||||||
|
github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
|
||||||
|
github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
|
||||||
github.com/go-stack/stack v1.6.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
github.com/go-stack/stack v1.6.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
||||||
github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
|
github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=
|
||||||
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
|
||||||
|
@ -227,11 +260,15 @@ github.com/go-test/deep v1.0.2 h1:onZX1rnHT3Wv6cqNgYyFOOlgVKJrksuCMCRvJStbMYw=
|
||||||
github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
|
github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
|
||||||
github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
|
github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
|
||||||
github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
|
github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
|
||||||
|
github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
|
||||||
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
|
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
|
||||||
|
github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
|
||||||
|
github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
|
||||||
github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
|
github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
|
||||||
github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
|
github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU=
|
||||||
github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
|
github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
|
||||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||||
|
github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
|
||||||
|
@ -265,6 +302,7 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS
|
||||||
github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
|
github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
|
||||||
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
|
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
|
||||||
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
|
||||||
|
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||||
github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||||
github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
|
github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
|
||||||
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||||
|
@ -305,6 +343,7 @@ github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLe
|
||||||
github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
|
github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
|
||||||
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
|
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
|
||||||
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
|
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
|
||||||
|
github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
||||||
|
@ -319,11 +358,21 @@ github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/Oth
|
||||||
github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM=
|
github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM=
|
||||||
github.com/googleapis/gax-go/v2 v2.4.0 h1:dS9eYAjhrE2RjmzYw2XAPvcXfmcQLtFEQWn0CR82awk=
|
github.com/googleapis/gax-go/v2 v2.4.0 h1:dS9eYAjhrE2RjmzYw2XAPvcXfmcQLtFEQWn0CR82awk=
|
||||||
github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c=
|
github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c=
|
||||||
|
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
||||||
github.com/gordonklaus/ineffassign v0.0.0-20200309095847-7953dde2c7bf/go.mod h1:cuNKsD1zp2v6XfE/orVX2QE1LC+i254ceGcVeDT3pTU=
|
github.com/gordonklaus/ineffassign v0.0.0-20200309095847-7953dde2c7bf/go.mod h1:cuNKsD1zp2v6XfE/orVX2QE1LC+i254ceGcVeDT3pTU=
|
||||||
github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
|
github.com/gorilla/context v0.0.0-20160226214623-1ea25387ff6f/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
|
||||||
|
github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
|
||||||
github.com/gorilla/mux v1.4.0/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
github.com/gorilla/mux v1.4.0/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
||||||
|
github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
||||||
|
github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
|
||||||
|
github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
|
||||||
github.com/groob/finalizer v0.0.0-20170707115354-4c2ed49aabda/go.mod h1:MyndkAZd5rUMdNogn35MWXBX1UiBigrU8eTj8DoAC2c=
|
github.com/groob/finalizer v0.0.0-20170707115354-4c2ed49aabda/go.mod h1:MyndkAZd5rUMdNogn35MWXBX1UiBigrU8eTj8DoAC2c=
|
||||||
|
github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
|
||||||
|
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
|
||||||
|
github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
|
||||||
github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
|
github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
|
||||||
|
github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
|
||||||
|
github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
|
||||||
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
|
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
|
||||||
github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
|
github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
|
||||||
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
|
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
|
||||||
|
@ -339,6 +388,7 @@ github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjh
|
||||||
github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
|
github.com/hashicorp/go-immutable-radix v1.3.1 h1:DKHmCUm2hRBK510BaiZlwvpD40f8bJFeZnpfm2KLowc=
|
||||||
github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
|
github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
|
||||||
github.com/hashicorp/go-kms-wrapping/entropy v0.1.0/go.mod h1:d1g9WGtAunDNpek8jUIEJnBlbgKS1N2Q61QkHiZyR1g=
|
github.com/hashicorp/go-kms-wrapping/entropy v0.1.0/go.mod h1:d1g9WGtAunDNpek8jUIEJnBlbgKS1N2Q61QkHiZyR1g=
|
||||||
|
github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM=
|
||||||
github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
|
github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
|
||||||
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
|
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
|
||||||
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
|
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
|
||||||
|
@ -347,6 +397,7 @@ github.com/hashicorp/go-plugin v1.4.3/go.mod h1:5fGEH17QVwTTcR0zV7yhDPLLmFX9YSZ3
|
||||||
github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs=
|
github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs=
|
||||||
github.com/hashicorp/go-retryablehttp v0.6.6 h1:HJunrbHTDDbBb/ay4kxa1n+dLmttUlnP3V9oNE4hmsM=
|
github.com/hashicorp/go-retryablehttp v0.6.6 h1:HJunrbHTDDbBb/ay4kxa1n+dLmttUlnP3V9oNE4hmsM=
|
||||||
github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY=
|
github.com/hashicorp/go-retryablehttp v0.6.6/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY=
|
||||||
|
github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
|
||||||
github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
|
github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc=
|
||||||
github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
|
github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8=
|
||||||
github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
|
github.com/hashicorp/go-secure-stdlib/base62 v0.1.1/go.mod h1:EdWO6czbmthiwZ3/PUsDV+UD1D5IRU4ActiaWGwt0Yw=
|
||||||
|
@ -358,19 +409,27 @@ github.com/hashicorp/go-secure-stdlib/password v0.1.1/go.mod h1:9hH302QllNwu1o2T
|
||||||
github.com/hashicorp/go-secure-stdlib/strutil v0.1.1 h1:nd0HIW15E6FG1MsnArYaHfuw9C2zgzM8LxkG5Ty/788=
|
github.com/hashicorp/go-secure-stdlib/strutil v0.1.1 h1:nd0HIW15E6FG1MsnArYaHfuw9C2zgzM8LxkG5Ty/788=
|
||||||
github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U=
|
github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U=
|
||||||
github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.1/go.mod h1:l8slYwnJA26yBz+ErHpp2IRCLr0vuOMGBORIz4rRiAs=
|
github.com/hashicorp/go-secure-stdlib/tlsutil v0.1.1/go.mod h1:l8slYwnJA26yBz+ErHpp2IRCLr0vuOMGBORIz4rRiAs=
|
||||||
|
github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU=
|
||||||
github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc=
|
github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc=
|
||||||
github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A=
|
github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A=
|
||||||
|
github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4=
|
||||||
github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
|
github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
|
||||||
|
github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
|
||||||
github.com/hashicorp/go-uuid v1.0.2 h1:cfejS+Tpcp13yd5nYHWDI6qVCny6wyX2Mt5SGur2IGE=
|
github.com/hashicorp/go-uuid v1.0.2 h1:cfejS+Tpcp13yd5nYHWDI6qVCny6wyX2Mt5SGur2IGE=
|
||||||
github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
|
github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
|
||||||
github.com/hashicorp/go-version v1.2.0 h1:3vNe/fWF5CBgRIguda1meWhsZHy3m8gCJ5wx+dIzX/E=
|
github.com/hashicorp/go-version v1.2.0 h1:3vNe/fWF5CBgRIguda1meWhsZHy3m8gCJ5wx+dIzX/E=
|
||||||
github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
|
github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
|
||||||
|
github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90=
|
||||||
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||||
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
|
||||||
github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
|
github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc=
|
||||||
github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
|
github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
|
||||||
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
|
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
|
||||||
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
|
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
|
||||||
|
github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
|
||||||
|
github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ=
|
||||||
|
github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
|
||||||
|
github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
|
||||||
github.com/hashicorp/vault/api v1.3.0/go.mod h1:EabNQLI0VWbWoGlA+oBLC8PXmR9D60aUVgQGvangFWQ=
|
github.com/hashicorp/vault/api v1.3.0/go.mod h1:EabNQLI0VWbWoGlA+oBLC8PXmR9D60aUVgQGvangFWQ=
|
||||||
github.com/hashicorp/vault/api v1.3.1 h1:pkDkcgTh47PRjY1NEFeofqR4W/HkNUi9qIakESO2aRM=
|
github.com/hashicorp/vault/api v1.3.1 h1:pkDkcgTh47PRjY1NEFeofqR4W/HkNUi9qIakESO2aRM=
|
||||||
github.com/hashicorp/vault/api v1.3.1/go.mod h1:QeJoWxMFt+MsuWcYhmwRLwKEXrjwAFFywzhptMsTIUw=
|
github.com/hashicorp/vault/api v1.3.1/go.mod h1:QeJoWxMFt+MsuWcYhmwRLwKEXrjwAFFywzhptMsTIUw=
|
||||||
|
@ -382,9 +441,11 @@ github.com/hashicorp/vault/sdk v0.3.0 h1:kR3dpxNkhh/wr6ycaJYqp6AFT/i2xaftbfnwZdu
|
||||||
github.com/hashicorp/vault/sdk v0.3.0/go.mod h1:aZ3fNuL5VNydQk8GcLJ2TV8YCRVvyaakYkhZRoVuhj0=
|
github.com/hashicorp/vault/sdk v0.3.0/go.mod h1:aZ3fNuL5VNydQk8GcLJ2TV8YCRVvyaakYkhZRoVuhj0=
|
||||||
github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M=
|
github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb h1:b5rjCoWHc7eqmAS4/qyk21ZsHyb6Mxv/jykxvNTkU4M=
|
||||||
github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
|
github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM=
|
||||||
|
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
|
||||||
github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
||||||
github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw=
|
github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw=
|
||||||
github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
|
||||||
|
github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
|
||||||
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||||
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||||
github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
|
github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
|
||||||
|
@ -392,6 +453,7 @@ github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH
|
||||||
github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
|
github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
|
||||||
github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
|
github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
|
||||||
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
|
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
|
||||||
|
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
|
||||||
github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
|
github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
|
||||||
github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
|
github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
|
||||||
github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8=
|
github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8=
|
||||||
|
@ -443,15 +505,21 @@ github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJS
|
||||||
github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74=
|
github.com/jhump/protoreflect v1.6.0/go.mod h1:eaTn3RZAmMBcV0fifFvlm6VHNz3wSkYyXYWUh7ymB74=
|
||||||
github.com/jhump/protoreflect v1.9.0 h1:npqHz788dryJiR/l6K/RUQAyh2SwV91+d1dnh4RjO9w=
|
github.com/jhump/protoreflect v1.9.0 h1:npqHz788dryJiR/l6K/RUQAyh2SwV91+d1dnh4RjO9w=
|
||||||
github.com/jhump/protoreflect v1.9.0/go.mod h1:7GcYQDdMU/O/BBrl/cX6PNHpXh6cenjd8pneu5yW7Tg=
|
github.com/jhump/protoreflect v1.9.0/go.mod h1:7GcYQDdMU/O/BBrl/cX6PNHpXh6cenjd8pneu5yW7Tg=
|
||||||
|
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
|
||||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
||||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
|
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
|
||||||
|
github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
|
||||||
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
|
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
|
||||||
|
github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
||||||
|
github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
||||||
github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
|
||||||
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
|
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
|
||||||
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
|
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
|
||||||
|
github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
|
||||||
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
|
github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
|
||||||
|
github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
|
||||||
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
|
||||||
github.com/klauspost/compress v1.12.3 h1:G5AfA94pHPysR56qqrkO2pxEexdDzrpFJ6yt/VqWxVU=
|
github.com/klauspost/compress v1.12.3 h1:G5AfA94pHPysR56qqrkO2pxEexdDzrpFJ6yt/VqWxVU=
|
||||||
github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
|
github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
|
||||||
|
@ -473,6 +541,9 @@ github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
|
||||||
github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
|
github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
|
||||||
github.com/lib/pq v1.10.2 h1:AqzbZs4ZoCBp+GtejcpCpcxM3zlSMx29dXbUSeVtJb8=
|
github.com/lib/pq v1.10.2 h1:AqzbZs4ZoCBp+GtejcpCpcxM3zlSMx29dXbUSeVtJb8=
|
||||||
github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
||||||
|
github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM=
|
||||||
|
github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
|
||||||
|
github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
|
||||||
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
|
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
|
||||||
github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA=
|
github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA=
|
||||||
github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg=
|
github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg=
|
||||||
|
@ -483,6 +554,7 @@ github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope
|
||||||
github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
|
github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
|
||||||
github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
|
github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
|
||||||
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
|
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
|
||||||
|
github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
|
||||||
github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
||||||
github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
||||||
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
||||||
|
@ -491,11 +563,13 @@ github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOA
|
||||||
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
|
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
|
||||||
github.com/mattn/go-isatty v0.0.13 h1:qdl+GuBjcsKKDco5BsxPJlId98mSWNKqYA+Co0SC1yA=
|
github.com/mattn/go-isatty v0.0.13 h1:qdl+GuBjcsKKDco5BsxPJlId98mSWNKqYA+Co0SC1yA=
|
||||||
github.com/mattn/go-isatty v0.0.13/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
|
github.com/mattn/go-isatty v0.0.13/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
|
||||||
|
github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
||||||
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQE9x6ikvDFZS2mDVS3drnohI=
|
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d h1:5PJl274Y63IEHC+7izoQE9x6ikvDFZS2mDVS3drnohI=
|
||||||
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
|
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
|
||||||
github.com/micromdm/scep/v2 v2.1.0 h1:2fS9Rla7qRR266hvUoEauBJ7J6FhgssEiq2OkSKXmaU=
|
github.com/micromdm/scep/v2 v2.1.0 h1:2fS9Rla7qRR266hvUoEauBJ7J6FhgssEiq2OkSKXmaU=
|
||||||
github.com/micromdm/scep/v2 v2.1.0/go.mod h1:BkF7TkPPhmgJAMtHfP+sFTKXmgzNJgLQlvvGoOExBcc=
|
github.com/micromdm/scep/v2 v2.1.0/go.mod h1:BkF7TkPPhmgJAMtHfP+sFTKXmgzNJgLQlvvGoOExBcc=
|
||||||
|
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
|
||||||
github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
|
github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
|
||||||
github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU=
|
github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU=
|
||||||
github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
|
github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
|
||||||
|
@ -503,12 +577,16 @@ github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceT
|
||||||
github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
|
github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
|
||||||
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
|
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
|
||||||
github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
|
github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
|
||||||
|
github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
||||||
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
|
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
|
||||||
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
||||||
github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
|
github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
|
||||||
github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0=
|
github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0=
|
||||||
github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
|
github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
|
||||||
github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo=
|
github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo=
|
||||||
|
github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg=
|
||||||
|
github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
|
||||||
|
github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
|
||||||
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
|
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
|
||||||
github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
|
github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
|
||||||
github.com/mitchellh/mapstructure v1.4.2 h1:6h7AQ0yhTcIsmFmnAwQls75jp2Gzs4iB8W7pjMO+rqo=
|
github.com/mitchellh/mapstructure v1.4.2 h1:6h7AQ0yhTcIsmFmnAwQls75jp2Gzs4iB8W7pjMO+rqo=
|
||||||
|
@ -521,35 +599,72 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ
|
||||||
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
||||||
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
||||||
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
|
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
|
||||||
|
github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
|
||||||
|
github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU=
|
||||||
|
github.com/nats-io/nats-server/v2 v2.1.2/go.mod h1:Afk+wRZqkMQs/p45uXdrVLuab3gwv3Z8C4HTBu8GD/k=
|
||||||
|
github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w=
|
||||||
|
github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
|
||||||
|
github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
|
||||||
|
github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
|
||||||
github.com/newrelic/go-agent/v3 v3.18.0 h1:AOR3hhF2ZVE0yfvNPuOaEhEvNMYyIfEBY8EizQpnt7g=
|
github.com/newrelic/go-agent/v3 v3.18.0 h1:AOR3hhF2ZVE0yfvNPuOaEhEvNMYyIfEBY8EizQpnt7g=
|
||||||
github.com/newrelic/go-agent/v3 v3.18.0/go.mod h1:BFJOlbZWRlPTXKYIC1TTTtQKTnYntEJaU0VU507hDc0=
|
github.com/newrelic/go-agent/v3 v3.18.0/go.mod h1:BFJOlbZWRlPTXKYIC1TTTtQKTnYntEJaU0VU507hDc0=
|
||||||
github.com/nishanths/predeclared v0.0.0-20200524104333-86fad755b4d3/go.mod h1:nt3d53pc1VYcphSCIaYAJtnPYnr3Zyn8fMq2wvPGPso=
|
github.com/nishanths/predeclared v0.0.0-20200524104333-86fad755b4d3/go.mod h1:nt3d53pc1VYcphSCIaYAJtnPYnr3Zyn8fMq2wvPGPso=
|
||||||
|
github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs=
|
||||||
github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
|
github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
|
||||||
github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
|
github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
|
||||||
|
github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
|
||||||
|
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||||
|
github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
|
||||||
|
github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
|
||||||
|
github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
|
||||||
|
github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis=
|
||||||
|
github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74=
|
||||||
|
github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
|
||||||
|
github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
|
||||||
|
github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA=
|
||||||
|
github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
|
||||||
|
github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
|
||||||
|
github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
|
||||||
|
github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
|
||||||
|
github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
|
||||||
github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
|
github.com/pascaldekloe/goe v0.1.0 h1:cBOtyMzM9HTpWjXfbbunk26uA6nG3a8n06Wieeh0MwY=
|
||||||
github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
|
github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
|
||||||
|
github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
|
||||||
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
|
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
|
||||||
|
github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac=
|
||||||
|
github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
|
||||||
|
github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
|
||||||
github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI=
|
github.com/pierrec/lz4 v2.5.2+incompatible h1:WCjObylUIOlKy/+7Abdn34TLIkXiA4UWUMhxq9m9ZXI=
|
||||||
github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
|
github.com/pierrec/lz4 v2.5.2+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
|
||||||
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
|
github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA=
|
||||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
|
github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
|
||||||
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
|
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
|
||||||
|
github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
|
||||||
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
|
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
|
||||||
|
github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og=
|
||||||
github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
|
github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU=
|
||||||
github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
|
github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
|
||||||
|
github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
|
||||||
github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||||
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||||
|
github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||||
github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
|
||||||
|
github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
|
||||||
github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
|
github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
|
||||||
|
github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
|
||||||
github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4=
|
github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4=
|
||||||
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
|
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
|
||||||
|
github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
|
||||||
github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
|
github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
|
||||||
github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
|
github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
|
||||||
|
github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
|
||||||
|
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
|
||||||
github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
|
github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
|
||||||
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
|
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
|
||||||
github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
|
github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
|
||||||
|
@ -561,10 +676,13 @@ github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThC
|
||||||
github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
|
github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
|
||||||
github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
|
github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
|
||||||
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||||
|
github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
|
||||||
github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
|
github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
|
||||||
github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
|
github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
|
||||||
github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
|
github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
|
||||||
|
github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
|
||||||
github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
|
github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
|
||||||
|
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
|
||||||
github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
|
github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
|
||||||
github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
|
github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
|
||||||
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
|
github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
|
||||||
|
@ -584,6 +702,10 @@ github.com/smallstep/nosql v0.4.0 h1:Go3WYwttUuvwqMtFiiU4g7kBIlY+hR0bIZAqVdakQ3M
|
||||||
github.com/smallstep/nosql v0.4.0/go.mod h1:yKZT5h7cdIVm6wEKM9+jN5dgK80Hljpuy8HNsnI7Gzo=
|
github.com/smallstep/nosql v0.4.0/go.mod h1:yKZT5h7cdIVm6wEKM9+jN5dgK80Hljpuy8HNsnI7Gzo=
|
||||||
github.com/smallstep/pkcs7 v0.0.0-20211016004704-52592125d6f6 h1:8Rjy6IZbSM/jcYgBWCoLIGjug7QcoLtF9sUuhDrHD2U=
|
github.com/smallstep/pkcs7 v0.0.0-20211016004704-52592125d6f6 h1:8Rjy6IZbSM/jcYgBWCoLIGjug7QcoLtF9sUuhDrHD2U=
|
||||||
github.com/smallstep/pkcs7 v0.0.0-20211016004704-52592125d6f6/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk=
|
github.com/smallstep/pkcs7 v0.0.0-20211016004704-52592125d6f6/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk=
|
||||||
|
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
|
||||||
|
github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
|
||||||
|
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
|
||||||
|
github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
|
||||||
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
|
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
|
||||||
github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
|
github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
|
||||||
github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
|
github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
|
||||||
|
@ -592,10 +714,15 @@ github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU
|
||||||
github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
||||||
github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA=
|
github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA=
|
||||||
github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
|
||||||
|
github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
|
||||||
github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
|
github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
|
||||||
github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
|
github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
|
||||||
|
github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
|
||||||
github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
|
github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
|
||||||
github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
|
github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
|
||||||
|
github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
|
||||||
|
github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
|
||||||
|
github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
|
||||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=
|
github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=
|
||||||
|
@ -610,13 +737,17 @@ github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMT
|
||||||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg=
|
github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg=
|
||||||
github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU=
|
github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU=
|
||||||
|
github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
|
||||||
github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
|
github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=
|
||||||
github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
|
github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
|
||||||
|
github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
|
||||||
|
github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
||||||
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
||||||
github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA=
|
github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA=
|
||||||
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
||||||
github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
|
github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
|
||||||
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
|
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
|
||||||
|
github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
|
||||||
github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
|
github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
|
||||||
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
|
@ -624,9 +755,13 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
|
||||||
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||||
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
|
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
|
||||||
github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
|
github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
|
||||||
|
go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
|
||||||
go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
|
go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
|
||||||
go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU=
|
go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU=
|
||||||
go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
|
go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
|
||||||
|
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
|
||||||
|
go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
|
||||||
|
go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
|
||||||
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
|
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
|
||||||
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
|
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
|
||||||
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
|
@ -657,11 +792,13 @@ go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
|
||||||
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
|
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
|
||||||
go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
|
go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
|
||||||
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||||
|
golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||||
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
|
golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
|
||||||
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
|
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
|
@ -671,8 +808,9 @@ golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWP
|
||||||
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M=
|
|
||||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||||
|
golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 h1:a5Yg6ylndHHYJqIPrdq0AhvR6KTvDTAvgBtaidhEevY=
|
||||||
|
golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||||
|
@ -712,8 +850,13 @@ golang.org/x/net v0.0.0-20170726083632-f5079bd7f6f7/go.mod h1:mL1N/T3taQHkDXs73r
|
||||||
golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180530234432-1e491301e022/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
|
golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
|
@ -754,8 +897,9 @@ golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su
|
||||||
golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||||
golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||||
golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
|
||||||
golang.org/x/net v0.0.0-20220607020251-c690dde0001d h1:4SFsTMi4UahlKoloni7L4eYzhFRifURQLw+yv0QDCx8=
|
|
||||||
golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||||
|
golang.org/x/net v0.0.0-20220920203100-d0c6ba3f52d9 h1:asZqf0wXastQr+DudYagQS8uBO8bHKeYD1vbAvGmFL8=
|
||||||
|
golang.org/x/net v0.0.0-20220920203100-d0c6ba3f52d9/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
|
||||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
|
@ -793,6 +937,9 @@ golang.org/x/sys v0.0.0-20170728174421-0f826bdd13b5/go.mod h1:STP8DvDyc/dI5b8T5h
|
||||||
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
@ -809,10 +956,12 @@ golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||||
golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
@ -861,8 +1010,9 @@ golang.org/x/sys v0.0.0-20220328115105-d36c6a25d886/go.mod h1:oPkhp1MJrh7nUepCBc
|
||||||
golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d h1:Zu/JngovGLVi6t2J3nmAf3AoTDwuzw85YZ3b9o4yU7s=
|
|
||||||
golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 h1:WIoqL4EROvwiPdUtaip4VcDdpZ4kha7wBWZrbVKCIZg=
|
||||||
|
golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
|
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
|
||||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
|
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
|
||||||
|
@ -878,18 +1028,22 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||||
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b h1:NXqSWXSRUSCaFuvitrWtU169I3876zRTalMRbfd6LL0=
|
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b h1:NXqSWXSRUSCaFuvitrWtU169I3876zRTalMRbfd6LL0=
|
||||||
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b/go.mod h1:EFNZuWvGYxIRUEX+K8UmCFwYmZjqcrnq15ZuVldZkZ0=
|
golang.org/x/text v0.3.8-0.20211004125949-5bd84dd9b33b/go.mod h1:EFNZuWvGYxIRUEX+K8UmCFwYmZjqcrnq15ZuVldZkZ0=
|
||||||
|
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba h1:O8mE0/t419eoIwhTFpKVkHiTs/Igowgfkj25AcZrtiE=
|
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba h1:O8mE0/t419eoIwhTFpKVkHiTs/Igowgfkj25AcZrtiE=
|
||||||
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
|
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
|
||||||
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
|
golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
|
||||||
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||||
golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||||
golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||||
|
@ -950,6 +1104,7 @@ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8T
|
||||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
|
golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
|
||||||
|
google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
|
||||||
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
|
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
|
||||||
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
|
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
|
||||||
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
|
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
|
||||||
|
@ -990,6 +1145,7 @@ google.golang.org/api v0.78.0/go.mod h1:1Sg78yoMLOhlQTeF+ARBoytAcH1NNyyl390YMy6r
|
||||||
google.golang.org/api v0.84.0 h1:NMB9J4cCxs9xEm+1Z9QiO3eFvn7EnQj3Eo3hN6ugVlg=
|
google.golang.org/api v0.84.0 h1:NMB9J4cCxs9xEm+1Z9QiO3eFvn7EnQj3Eo3hN6ugVlg=
|
||||||
google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o=
|
google.golang.org/api v0.84.0/go.mod h1:NTsGnUFJMYROtiquksZHBWtHfeMC7iYthki7Eq3pa8o=
|
||||||
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
|
||||||
|
google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||||
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||||
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
|
||||||
google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
|
google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
|
||||||
|
@ -1003,6 +1159,7 @@ google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRn
|
||||||
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||||
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||||
google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
|
||||||
|
google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s=
|
||||||
google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||||
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
|
||||||
google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
|
google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
|
||||||
|
@ -1075,10 +1232,15 @@ google.golang.org/genproto v0.0.0-20220608133413-ed9918b62aac/go.mod h1:KEWEmljW
|
||||||
google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad h1:kqrS+lhvaMHCxul6sKQvKJ8nAAhlVItmZV822hYFH/U=
|
google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad h1:kqrS+lhvaMHCxul6sKQvKJ8nAAhlVItmZV822hYFH/U=
|
||||||
google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA=
|
google.golang.org/genproto v0.0.0-20220617124728-180714bec0ad/go.mod h1:KEWEmljWE5zPzLBa/oHl6DaEt9LmfH6WtH1OHIvleBA=
|
||||||
google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
|
google.golang.org/grpc v1.8.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
|
||||||
|
google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
|
||||||
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
|
||||||
|
google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
|
||||||
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
|
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
|
||||||
|
google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
|
||||||
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
|
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
|
||||||
|
google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||||
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||||
|
google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
|
||||||
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
|
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
|
||||||
google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||||
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
|
||||||
|
@ -1129,11 +1291,18 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
|
||||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
|
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
|
||||||
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
|
||||||
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
|
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
|
||||||
|
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
|
||||||
|
gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
|
||||||
gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
|
gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
|
||||||
|
gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
|
||||||
gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
|
gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
|
||||||
gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
|
gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
|
||||||
gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
|
gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
|
||||||
|
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
|
||||||
|
gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
|
||||||
|
gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
|
||||||
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
@ -1146,6 +1315,7 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
gopkg.in/yaml.v3 v3.0.0 h1:hjy8E9ON/egN1tAYqKb61G10WtihqetD4sz2H+8nIeA=
|
gopkg.in/yaml.v3 v3.0.0 h1:hjy8E9ON/egN1tAYqKb61G10WtihqetD4sz2H+8nIeA=
|
||||||
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
|
@ -1156,3 +1326,5 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
|
||||||
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
||||||
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
|
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
|
||||||
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
|
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
|
||||||
|
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
|
||||||
|
sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=
|
||||||
|
|
|
@ -389,7 +389,7 @@ func New(o apiv1.Options, opts ...Option) (*PKI, error) {
|
||||||
if port == "443" || p.options.isHelm {
|
if port == "443" || p.options.isHelm {
|
||||||
p.Defaults.CaUrl = fmt.Sprintf("https://%s", p.Defaults.CaUrl)
|
p.Defaults.CaUrl = fmt.Sprintf("https://%s", p.Defaults.CaUrl)
|
||||||
} else {
|
} else {
|
||||||
p.Defaults.CaUrl = fmt.Sprintf("https://%s:%s", p.Defaults.CaUrl, port)
|
p.Defaults.CaUrl = fmt.Sprintf("https://%s", net.JoinHostPort(p.Defaults.CaUrl, port))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -73,7 +73,6 @@ func (e *NamePolicyError) Detail() string {
|
||||||
// TODO(hs): implement matching URI schemes, paths, etc; not just the domain part of URI domains
|
// TODO(hs): implement matching URI schemes, paths, etc; not just the domain part of URI domains
|
||||||
|
|
||||||
type NamePolicyEngine struct {
|
type NamePolicyEngine struct {
|
||||||
|
|
||||||
// verifySubjectCommonName is set when Subject Common Name must be verified
|
// verifySubjectCommonName is set when Subject Common Name must be verified
|
||||||
verifySubjectCommonName bool
|
verifySubjectCommonName bool
|
||||||
// allowLiteralWildcardNames allows literal wildcard DNS domains
|
// allowLiteralWildcardNames allows literal wildcard DNS domains
|
||||||
|
@ -107,7 +106,6 @@ type NamePolicyEngine struct {
|
||||||
|
|
||||||
// NewNamePolicyEngine creates a new NamePolicyEngine with NamePolicyOptions
|
// NewNamePolicyEngine creates a new NamePolicyEngine with NamePolicyOptions
|
||||||
func New(opts ...NamePolicyOption) (*NamePolicyEngine, error) {
|
func New(opts ...NamePolicyOption) (*NamePolicyEngine, error) {
|
||||||
|
|
||||||
e := &NamePolicyEngine{}
|
e := &NamePolicyEngine{}
|
||||||
for _, option := range opts {
|
for _, option := range opts {
|
||||||
if err := option(e); err != nil {
|
if err := option(e); err != nil {
|
||||||
|
@ -153,7 +151,6 @@ func New(opts ...NamePolicyOption) (*NamePolicyEngine, error) {
|
||||||
// duplicate values removed. It retains the order of elements
|
// duplicate values removed. It retains the order of elements
|
||||||
// in the source slice.
|
// in the source slice.
|
||||||
func removeDuplicates(items []string) (ret []string) {
|
func removeDuplicates(items []string) (ret []string) {
|
||||||
|
|
||||||
// no need to remove dupes; return original
|
// no need to remove dupes; return original
|
||||||
if len(items) <= 1 {
|
if len(items) <= 1 {
|
||||||
return items
|
return items
|
||||||
|
@ -179,7 +176,6 @@ func removeDuplicates(items []string) (ret []string) {
|
||||||
// the source slice. An IPNet is considered duplicate if its CIDR
|
// the source slice. An IPNet is considered duplicate if its CIDR
|
||||||
// notation exists multiple times in the slice.
|
// notation exists multiple times in the slice.
|
||||||
func removeDuplicateIPNets(items []*net.IPNet) (ret []*net.IPNet) {
|
func removeDuplicateIPNets(items []*net.IPNet) (ret []*net.IPNet) {
|
||||||
|
|
||||||
// no need to remove dupes; return original
|
// no need to remove dupes; return original
|
||||||
if len(items) <= 1 {
|
if len(items) <= 1 {
|
||||||
return items
|
return items
|
||||||
|
|
|
@ -1,125 +0,0 @@
|
||||||
//go:build !go1.18
|
|
||||||
// +build !go1.18
|
|
||||||
|
|
||||||
package policy
|
|
||||||
|
|
||||||
import "testing"
|
|
||||||
|
|
||||||
func Test_normalizeAndValidateURIDomainConstraint(t *testing.T) {
|
|
||||||
tests := []struct {
|
|
||||||
name string
|
|
||||||
constraint string
|
|
||||||
want string
|
|
||||||
wantErr bool
|
|
||||||
}{
|
|
||||||
{
|
|
||||||
name: "fail/empty-constraint",
|
|
||||||
constraint: "",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/scheme-https",
|
|
||||||
constraint: `https://*.local`,
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/too-many-asterisks",
|
|
||||||
constraint: "**.local",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/empty-label",
|
|
||||||
constraint: "..local",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/empty-reverse",
|
|
||||||
constraint: ".",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/no-asterisk",
|
|
||||||
constraint: ".example.com",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/domain-with-port",
|
|
||||||
constraint: "host.local:8443",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv4",
|
|
||||||
constraint: "127.0.0.1",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv6-brackets",
|
|
||||||
constraint: "[::1]",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv6-no-brackets",
|
|
||||||
constraint: "::1",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv6-no-brackets",
|
|
||||||
constraint: "[::1",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/idna-internationalized-domain-name-lookup",
|
|
||||||
constraint: `\00local`,
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "ok/wildcard",
|
|
||||||
constraint: "*.local",
|
|
||||||
want: ".local",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "ok/specific-domain",
|
|
||||||
constraint: "example.local",
|
|
||||||
want: "example.local",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "ok/idna-internationalized-domain-name-lookup",
|
|
||||||
constraint: `*.bücher.example.com`,
|
|
||||||
want: ".xn--bcher-kva.example.com",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
// IDNA2003 vs. 2008 deviation: https://unicode.org/reports/tr46/#Deviations results
|
|
||||||
// in a difference between Go 1.18 and lower versions. Go 1.18 expects ".xn--fa-hia.de"; not .fass.de.
|
|
||||||
name: "ok/idna-internationalized-domain-name-lookup-deviation",
|
|
||||||
constraint: `*.faß.de`,
|
|
||||||
want: ".fass.de",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
for _, tt := range tests {
|
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
|
||||||
got, err := normalizeAndValidateURIDomainConstraint(tt.constraint)
|
|
||||||
if (err != nil) != tt.wantErr {
|
|
||||||
t.Errorf("normalizeAndValidateURIDomainConstraint() error = %v, wantErr %v", err, tt.wantErr)
|
|
||||||
}
|
|
||||||
if got != tt.want {
|
|
||||||
t.Errorf("normalizeAndValidateURIDomainConstraint() = %v, want %v", got, tt.want)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,125 +0,0 @@
|
||||||
//go:build go1.18
|
|
||||||
// +build go1.18
|
|
||||||
|
|
||||||
package policy
|
|
||||||
|
|
||||||
import "testing"
|
|
||||||
|
|
||||||
func Test_normalizeAndValidateURIDomainConstraint(t *testing.T) {
|
|
||||||
tests := []struct {
|
|
||||||
name string
|
|
||||||
constraint string
|
|
||||||
want string
|
|
||||||
wantErr bool
|
|
||||||
}{
|
|
||||||
{
|
|
||||||
name: "fail/empty-constraint",
|
|
||||||
constraint: "",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/scheme-https",
|
|
||||||
constraint: `https://*.local`,
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/too-many-asterisks",
|
|
||||||
constraint: "**.local",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/empty-label",
|
|
||||||
constraint: "..local",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/empty-reverse",
|
|
||||||
constraint: ".",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/domain-with-port",
|
|
||||||
constraint: "host.local:8443",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/no-asterisk",
|
|
||||||
constraint: ".example.com",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv4",
|
|
||||||
constraint: "127.0.0.1",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv6-brackets",
|
|
||||||
constraint: "[::1]",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv6-no-brackets",
|
|
||||||
constraint: "::1",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/ipv6-no-brackets",
|
|
||||||
constraint: "[::1",
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "fail/idna-internationalized-domain-name-lookup",
|
|
||||||
constraint: `\00local`,
|
|
||||||
want: "",
|
|
||||||
wantErr: true,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "ok/wildcard",
|
|
||||||
constraint: "*.local",
|
|
||||||
want: ".local",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "ok/specific-domain",
|
|
||||||
constraint: "example.local",
|
|
||||||
want: "example.local",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name: "ok/idna-internationalized-domain-name-lookup",
|
|
||||||
constraint: `*.bücher.example.com`,
|
|
||||||
want: ".xn--bcher-kva.example.com",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
{
|
|
||||||
// IDNA2003 vs. 2008 deviation: https://unicode.org/reports/tr46/#Deviations results
|
|
||||||
// in a difference between Go 1.18 and lower versions. Go 1.18 expects ".xn--fa-hia.de"; not .fass.de.
|
|
||||||
name: "ok/idna-internationalized-domain-name-lookup-deviation",
|
|
||||||
constraint: `*.faß.de`,
|
|
||||||
want: ".xn--fa-hia.de",
|
|
||||||
wantErr: false,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
for _, tt := range tests {
|
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
|
||||||
got, err := normalizeAndValidateURIDomainConstraint(tt.constraint)
|
|
||||||
if (err != nil) != tt.wantErr {
|
|
||||||
t.Errorf("normalizeAndValidateURIDomainConstraint() error = %v, wantErr %v", err, tt.wantErr)
|
|
||||||
}
|
|
||||||
if got != tt.want {
|
|
||||||
t.Errorf("normalizeAndValidateURIDomainConstraint() = %v, want %v", got, tt.want)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -658,3 +658,122 @@ func TestNew(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func Test_normalizeAndValidateURIDomainConstraint(t *testing.T) {
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
constraint string
|
||||||
|
want string
|
||||||
|
wantErr bool
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
name: "fail/empty-constraint",
|
||||||
|
constraint: "",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/scheme-https",
|
||||||
|
constraint: `https://*.local`,
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/too-many-asterisks",
|
||||||
|
constraint: "**.local",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/empty-label",
|
||||||
|
constraint: "..local",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/empty-reverse",
|
||||||
|
constraint: ".",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/domain-with-port",
|
||||||
|
constraint: "host.local:8443",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/no-asterisk",
|
||||||
|
constraint: ".example.com",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/ipv4",
|
||||||
|
constraint: "127.0.0.1",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/ipv6-brackets",
|
||||||
|
constraint: "[::1]",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/ipv6-no-brackets",
|
||||||
|
constraint: "::1",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/ipv6-no-brackets",
|
||||||
|
constraint: "[::1",
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "fail/idna-internationalized-domain-name-lookup",
|
||||||
|
constraint: `\00local`,
|
||||||
|
want: "",
|
||||||
|
wantErr: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/wildcard",
|
||||||
|
constraint: "*.local",
|
||||||
|
want: ".local",
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/specific-domain",
|
||||||
|
constraint: "example.local",
|
||||||
|
want: "example.local",
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "ok/idna-internationalized-domain-name-lookup",
|
||||||
|
constraint: `*.bücher.example.com`,
|
||||||
|
want: ".xn--bcher-kva.example.com",
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
// IDNA2003 vs. 2008 deviation: https://unicode.org/reports/tr46/#Deviations results
|
||||||
|
// in a difference between Go 1.18 and lower versions. Go 1.18 expects ".xn--fa-hia.de"; not .fass.de.
|
||||||
|
name: "ok/idna-internationalized-domain-name-lookup-deviation",
|
||||||
|
constraint: `*.faß.de`,
|
||||||
|
want: ".xn--fa-hia.de",
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
got, err := normalizeAndValidateURIDomainConstraint(tt.constraint)
|
||||||
|
if (err != nil) != tt.wantErr {
|
||||||
|
t.Errorf("normalizeAndValidateURIDomainConstraint() error = %v, wantErr %v", err, tt.wantErr)
|
||||||
|
}
|
||||||
|
if got != tt.want {
|
||||||
|
t.Errorf("normalizeAndValidateURIDomainConstraint() = %v, want %v", got, tt.want)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -8,6 +8,7 @@ package policy
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net"
|
"net"
|
||||||
"net/url"
|
"net/url"
|
||||||
|
@ -21,7 +22,6 @@ import (
|
||||||
|
|
||||||
// validateNames verifies that all names are allowed.
|
// validateNames verifies that all names are allowed.
|
||||||
func (e *NamePolicyEngine) validateNames(dnsNames []string, ips []net.IP, emailAddresses []string, uris []*url.URL, principals []string) error {
|
func (e *NamePolicyEngine) validateNames(dnsNames []string, ips []net.IP, emailAddresses []string, uris []*url.URL, principals []string) error {
|
||||||
|
|
||||||
// nothing to compare against; return early
|
// nothing to compare against; return early
|
||||||
if e.totalNumberOfConstraints == 0 {
|
if e.totalNumberOfConstraints == 0 {
|
||||||
return nil
|
return nil
|
||||||
|
@ -182,7 +182,6 @@ func (e *NamePolicyEngine) validateNames(dnsNames []string, ips []net.IP, emailA
|
||||||
|
|
||||||
// validateCommonName verifies that the Subject Common Name is allowed
|
// validateCommonName verifies that the Subject Common Name is allowed
|
||||||
func (e *NamePolicyEngine) validateCommonName(commonName string) error {
|
func (e *NamePolicyEngine) validateCommonName(commonName string) error {
|
||||||
|
|
||||||
// nothing to compare against; return early
|
// nothing to compare against; return early
|
||||||
if e.totalNumberOfConstraints == 0 {
|
if e.totalNumberOfConstraints == 0 {
|
||||||
return nil
|
return nil
|
||||||
|
@ -212,7 +211,8 @@ func (e *NamePolicyEngine) validateCommonName(commonName string) error {
|
||||||
|
|
||||||
err := e.validateNames(dnsNames, ips, emails, uris, []string{})
|
err := e.validateNames(dnsNames, ips, emails, uris, []string{})
|
||||||
|
|
||||||
if pe, ok := err.(*NamePolicyError); ok {
|
var pe *NamePolicyError
|
||||||
|
if errors.As(err, &pe) {
|
||||||
// override the name type with CN
|
// override the name type with CN
|
||||||
pe.NameType = CNNameType
|
pe.NameType = CNNameType
|
||||||
}
|
}
|
||||||
|
@ -229,7 +229,6 @@ func checkNameConstraints(
|
||||||
parsedName interface{},
|
parsedName interface{},
|
||||||
match func(parsedName, constraint interface{}) (match bool, err error),
|
match func(parsedName, constraint interface{}) (match bool, err error),
|
||||||
permitted, excluded interface{}) error {
|
permitted, excluded interface{}) error {
|
||||||
|
|
||||||
excludedValue := reflect.ValueOf(excluded)
|
excludedValue := reflect.ValueOf(excluded)
|
||||||
|
|
||||||
for i := 0; i < excludedValue.Len(); i++ {
|
for i := 0; i < excludedValue.Len(); i++ {
|
||||||
|
@ -552,7 +551,6 @@ func (e *NamePolicyEngine) matchDomainConstraint(domain, constraint string) (boo
|
||||||
|
|
||||||
// SOURCE: https://cs.opensource.google/go/go/+/refs/tags/go1.17.5:src/crypto/x509/verify.go
|
// SOURCE: https://cs.opensource.google/go/go/+/refs/tags/go1.17.5:src/crypto/x509/verify.go
|
||||||
func matchIPConstraint(ip net.IP, constraint *net.IPNet) (bool, error) {
|
func matchIPConstraint(ip net.IP, constraint *net.IPNet) (bool, error) {
|
||||||
|
|
||||||
// TODO(hs): this is code from Go library, but I got some unexpected result:
|
// TODO(hs): this is code from Go library, but I got some unexpected result:
|
||||||
// with permitted net 127.0.0.0/24, 127.0.0.1 is NOT allowed. When parsing 127.0.0.1 as net.IP
|
// with permitted net 127.0.0.0/24, 127.0.0.1 is NOT allowed. When parsing 127.0.0.1 as net.IP
|
||||||
// which is in the IPAddresses slice, the underlying length is 16. The contraint.IP has a length
|
// which is in the IPAddresses slice, the underlying length is 16. The contraint.IP has a length
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue