+
-
+
FrostFS is a decentralized distributed object storage integrated with the NEO Blockchain.
@@ -38,7 +38,7 @@ version Show current version
```
Or you can also use a [Docker
-image](https://hub.docker.com/r/truecloudlab/frostfs-http-gw) provided for the released
+image](https://git.frostfs.info/TrueCloudLab/-/packages/container/frostfs-http-gw) provided for the released
(and occasionally unreleased) versions of the gateway (`:latest` points to the
latest stable release).
@@ -217,41 +217,8 @@ Also, in case of downloading, you need to have a file inside a container.
### NNS
In all download/upload routes you can use container name instead of its id (`$CID`).
+Read more about it in [docs/nns.md](./docs/nns.md).
-Steps to start using name resolving:
-
-1. Enable NNS resolving in config (`rpc_endpoint` must be a valid neo rpc node, see [configs](./config) for other examples):
-
-```yaml
-rpc_endpoint: http://morph-chain.frostfs.devenv:30333
-resolve_order:
- - nns
-```
-
-2. Make sure your container is registered in NNS contract. If you use [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env)
-you can check if your container (e.g. with `container-name` name) is registered in NNS:
-
-```shell
-$ curl -s --data '{"id":1,"jsonrpc":"2.0","method":"getcontractstate","params":[1]}' \
- http://morph-chain.frostfs.devenv:30333 | jq -r '.result.hash'
-
-0x8e6c3cd4b976b28e84a3788f6ea9e2676c15d667
-
-$ docker exec -it morph_chain neo-go \
- contract testinvokefunction \
- -r http://morph-chain.frostfs.devenv:30333 0x8e6c3cd4b976b28e84a3788f6ea9e2676c15d667 \
- resolve string:container-name.container int:16 \
- | jq -r '.stack[0].value | if type=="array" then .[0].value else . end' \
- | base64 -d && echo
-
-7f3vvkw4iTiS5ZZbu5BQXEmJtETWbi3uUjLNaSs29xrL
-```
-
-3. Use container name instead of its `$CID`. For example:
-
-```shell
-$ curl http://localhost:8082/get_by_attribute/container-name/FileName/object-name
-```
#### Create a container
@@ -462,126 +429,7 @@ object ID, like this:
#### Authentication
-You can always upload files to public containers (open for anyone to put
-objects into), but for restricted containers you need to explicitly allow PUT
-operations for a request signed with your HTTP Gateway keys.
-
-If your don't want to manage gateway's secret keys and adjust eACL rules when
-gateway configuration changes (new gate, key rotation, etc) or you plan to use
-public services, there is an option to let your application backend (or you) to
-issue Bearer Tokens ans pass them from the client via gate down to FrostFS level
-to grant access.
-
-FrostFS Bearer Token basically is a container owner-signed ACL data (refer to FrostFS
-documentation for more details). There are two options to pass them to gateway:
- * "Authorization" header with "Bearer" type and base64-encoded token in
- credentials field
- * "Bearer" cookie with base64-encoded token contents
-
-For example, you have a mobile application frontend with a backend part storing
-data in FrostFS. When a user authorizes in the mobile app, the backend issues a FrostFS
-Bearer token and provides it to the frontend. Then, the mobile app may generate
-some data and upload it via any available FrostFS HTTP Gateway by adding
-the corresponding header to the upload request. Accessing the ACL protected data
-works the same way.
-
-##### Example
-In order to generate a bearer token, you need to have wallet (which will be used to sign the token) and
-the address of the sender who will do the request to FrostFS (in our case, it's a gateway wallet address).
-
-Suppose we have:
-* **NhVtreTTCoqsMQV5Wp55fqnriiUCpEaKm3** (token owner (gateway address))
-
-Firstly, we need to encode the container id and the sender address to base64 (now it's base58).
-So use **base58** and **base64** utils.
-
-1. Encoding token owner id:
-```
-$ echo 'NhVtreTTCoqsMQV5Wp55fqnriiUCpEaKm3' | base58 --decode | base64
-# output: NezFK4ujidF+X7bB88uzREQzRQeAvdj3Gg==
-```
-
-2. Form a Bearer token (10000 is lifetime expiration in epoch) and save it to **bearer.json**:
-```
-{
- "body": {
- "allowImpersonate": true,
- "ownerID": {
- "value": "NezFK4ujidF+X7bB88uzREQzRQeAvdj3Gg=="
- },
- "lifetime": {
- "exp": "10000",
- "nbf": "0",
- "iat": "0"
- }
- },
- "signature": null
-}
-```
-
-3. Sign it with the wallet:
-```
-$ frostfs-cli util sign bearer-token --from bearer.json --to signed.json -w ./wallet.json
-```
-
-4. Encode to base64 to use in header:
-```
-$ base64 -w 0 signed.json
-# output: Ck4KKgoECAIQBhIiCiCZGdlbN7DPGPMg9rsWqV+p2XdMzUqknRiexewSFp8kmBIbChk17MUri6OJ0X5ftsHzy7NERDNFB4C92PcaGgMIkE4SZgohAxpsb7vfAso1F0X6hrm6WpRS14WsT3/Ct1SMoqRsT89KEkEEGxKi8GjKSf52YqhppgaOTQHbUsL3jn7SHLqS3ndAQ7NtAATnmRHleZw2V2xRRSRBQdjDC05KK83LhdSax72Fsw==
-```
-
-After that, the Bearer token can be used:
-
-```
-$ curl -F 'file=@cat.jpeg;filename=cat.jpeg' -H "Authorization: Bearer Ck4KKgoECAIQBhIiCiCZGdlbN7DPGPMg9rsWqV+p2XdMzUqknRiexewSFp8kmBIbChk17MUri6OJ0X5ftsHzy7NERDNFB4C92PcaGgMIkE4SZgohAxpsb7vfAso1F0X6hrm6WpRS14WsT3/Ct1SMoqRsT89KEkEEGxKi8GjKSf52YqhppgaOTQHbUsL3jn7SHLqS3ndAQ7NtAATnmRHleZw2V2xRRSRBQdjDC05KK83LhdSax72Fsw==" \
- http://localhost:8082/upload/BJeErH9MWmf52VsR1mLWKkgF3pRm3FkubYxM7TZkBP4K
-# output:
-# {
-# "object_id": "DhfES9nVrFksxGDD2jQLunGADfrXExxNwqXbDafyBn9X",
-# "container_id": "BJeErH9MWmf52VsR1mLWKkgF3pRm3FkubYxM7TZkBP4K"
-# }
-```
-
-##### Note
-For the token to work correctly, you need to create a container with a basic ACL that:
-1. Allow PUT operation to others
-2. Doesn't set "final" bit
-
-For example:
-```
-$ frostfs-cli -w ./wallet.json --basic-acl 0x0FFFCFFF -r 192.168.130.72:8080 container create --policy "REP 3" --await
-```
-
-To deny access to a container without a token, set the eACL rules:
-```
-$ frostfs-cli -w ./wallet.json -r 192.168.130.72:8080 container set-eacl --table eacl.json --await --cid BJeErH9MWmf52VsR1mLWKkgF3pRm3FkubYxM7TZkBP4K
-```
-
-File **eacl.json**:
-```
-{
- "version": {
- "major": 0,
- "minor": 0
- },
- "containerID": {
- "value": "mRnZWzewzxjzIPa7Fqlfqdl3TM1KpJ0YnsXsEhafJJg="
- },
- "records": [
- {
- "operation": "PUT",
- "action": "DENY",
- "filters": [],
- "targets": [
- {
- "role": "OTHERS",
- "keys": []
- }
- ]
- }
- ]
-}
-```
+Read more about request authentication in [docs/authentication.md](./docs/authemtnication.md)
### Metrics and Pprof
@@ -592,3 +440,26 @@ See [configuration](./docs/gate-configuration.md).
## Credits
Please see [CREDITS](CREDITS.md) for details.
+
+## Fuzzing
+
+To run fuzzing tests use the following command:
+
+```shell
+$ make fuzz
+```
+
+This command will install dependencies for the fuzzing process and run existing fuzzing tests.
+
+You can also use the following arguments:
+
+```
+FUZZ_TIMEOUT - time to run each fuzzing test (default 30)
+FUZZ_FUNCTIONS - fuzzing tests that will be started (default "all")
+FUZZ_AUX - additional parameters for the fuzzer (for example, "-debug")
+FUZZ_NGFUZZ_DIR - path to ngfuzz tool
+````
+
+## Credits
+
+Please see [CREDITS](CREDITS.md) for details.
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..46fe5358
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,26 @@
+# Security Policy
+
+
+## How To Report a Vulnerability
+
+If you think you have found a vulnerability in this repository, please report it to us through coordinated disclosure.
+
+**Please do not report security vulnerabilities through public issues, discussions, or change requests.**
+
+Instead, you can report it using one of the following ways:
+
+* Contact the [TrueCloudLab Security Team](mailto:security@frostfs.info) via email
+
+Please include as much of the information listed below as you can to help us better understand and resolve the issue:
+
+* The type of issue (e.g., buffer overflow, or cross-site scripting)
+* Affected version(s)
+* Impact of the issue, including how an attacker might exploit the issue
+* Step-by-step instructions to reproduce the issue
+* The location of the affected source code (tag/branch/commit or direct URL)
+* Full paths of source file(s) related to the manifestation of the issue
+* Any special configuration required to reproduce the issue
+* Any log files that are related to this issue (if possible)
+* Proof-of-concept or exploit code (if possible)
+
+This information will help us triage your report more quickly.
diff --git a/VERSION b/VERSION
index 0a8bf80d..2c768c55 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-v0.27.0
+v0.32.3
diff --git a/cmd/http-gw/app.go b/cmd/http-gw/app.go
index 40db4336..4a83cafb 100644
--- a/cmd/http-gw/app.go
+++ b/cmd/http-gw/app.go
@@ -1,26 +1,39 @@
package main
import (
+ "bytes"
"context"
+ "crypto/x509"
+ "errors"
"fmt"
"net/http"
"os"
"os/signal"
"runtime/debug"
+ "strconv"
+ "strings"
"sync"
"syscall"
"time"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/frostfs/services"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/cache"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler/middleware"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ internalnet "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/net"
+ containerClient "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/service/contracts/container"
+ contractsUtil "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/service/contracts/util"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/service/frostfs"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/templates"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/metrics"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/tree"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
"git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
+ v2container "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
treepool "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool/tree"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
@@ -28,30 +41,46 @@ import (
"github.com/nspcc-dev/neo-go/cli/flags"
"github.com/nspcc-dev/neo-go/cli/input"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
+ "github.com/nspcc-dev/neo-go/pkg/rpcclient"
"github.com/nspcc-dev/neo-go/pkg/util"
"github.com/nspcc-dev/neo-go/pkg/wallet"
+ "github.com/panjf2000/ants/v2"
"github.com/spf13/viper"
"github.com/valyala/fasthttp"
+ "go.opentelemetry.io/otel/trace"
"go.uber.org/zap"
+ "go.uber.org/zap/zapcore"
+ "golang.org/x/exp/slices"
)
type (
app struct {
- ctx context.Context
- log *zap.Logger
- logLevel zap.AtomicLevel
- pool *pool.Pool
- treePool *treepool.Pool
- key *keys.PrivateKey
- owner *user.ID
- cfg *viper.Viper
- webServer *fasthttp.Server
- webDone chan struct{}
- resolver *resolver.ContainerResolver
- metrics *gateMetrics
- services []*metrics.Service
- settings *handler.Settings
- servers []Server
+ ctx context.Context
+ log *zap.Logger
+ pool *pool.Pool
+ treePool *treepool.Pool
+ key *keys.PrivateKey
+ owner *user.ID
+ cfg *appCfg
+ webServer *fasthttp.Server
+ webDone chan struct{}
+ resolver *resolver.ContainerResolver
+ metrics *gateMetrics
+ services []*metrics.Service
+ settings *appSettings
+ loggerSettings *loggerSettings
+ bucketCache *cache.BucketCache
+ handle *handler.Handler
+ corsCnrID cid.ID
+
+ servers []Server
+ unbindServers []ServerInfo
+ mu sync.RWMutex
+ }
+
+ loggerSettings struct {
+ mu sync.RWMutex
+ appMetrics *metrics.GateMetrics
}
// App is an interface for the main gateway function.
@@ -60,64 +89,169 @@ type (
Serve()
}
- // Option is an application option.
- Option func(a *app)
-
gateMetrics struct {
logger *zap.Logger
provider *metrics.GateMetrics
mu sync.RWMutex
enabled bool
}
+
+ // appSettings stores reloading parameters, so it has to provide getters and setters which use RWMutex.
+ appSettings struct {
+ reconnectInterval time.Duration
+ dialerSource *internalnet.DialerSource
+ workerPoolSize int
+ logLevelConfig *logLevelConfig
+
+ mu sync.RWMutex
+ defaultTimestamp bool
+ archiveCompression bool
+ clientCut bool
+ returnIndexPage bool
+ indexPageTemplate string
+ bufferMaxSizeForPut uint64
+ namespaceHeader string
+ defaultNamespaces []string
+ cors *data.CORSRule
+ enableFilepathFallback bool
+ enableFilepathSlashFallback bool
+ }
+
+ tagsConfig struct {
+ tagLogs sync.Map
+ defaultLvl zap.AtomicLevel
+ }
+
+ logLevelConfig struct {
+ logLevel zap.AtomicLevel
+ tagsConfig *tagsConfig
+ }
)
-// WithLogger returns Option to set a specific logger.
-func WithLogger(l *zap.Logger, lvl zap.AtomicLevel) Option {
- return func(a *app) {
- if l == nil {
- return
- }
- a.log = l
- a.logLevel = lvl
+func newLogLevel(v *viper.Viper) zap.AtomicLevel {
+ ll, err := getLogLevel(v)
+ if err != nil {
+ panic(err.Error())
}
+ atomicLogLevel := zap.NewAtomicLevel()
+ atomicLogLevel.SetLevel(ll)
+ return atomicLogLevel
}
-// WithConfig returns Option to use specific Viper configuration.
-func WithConfig(c *viper.Viper) Option {
- return func(a *app) {
- if c == nil {
- return
- }
- a.cfg = c
+func newTagsConfig(v *viper.Viper, ll zapcore.Level) *tagsConfig {
+ t := tagsConfig{defaultLvl: zap.NewAtomicLevelAt(ll)}
+ if err := t.update(v, ll); err != nil {
+ // panic here is analogue of the similar panic during common log level initialization.
+ panic(err.Error())
}
+
+ return &t
}
-func newApp(ctx context.Context, opt ...Option) App {
+func newLogLevelConfig(lvl zap.AtomicLevel, tagsConfig *tagsConfig) *logLevelConfig {
+ cfg := &logLevelConfig{
+ logLevel: lvl,
+ tagsConfig: tagsConfig,
+ }
+
+ cfg.setMinLogLevel()
+
+ return cfg
+}
+
+func (l *logLevelConfig) setMinLogLevel() {
+ l.tagsConfig.tagLogs.Range(func(_, value any) bool {
+ v := value.(zapcore.Level)
+ if v < l.logLevel.Level() {
+ l.logLevel.SetLevel(v)
+ }
+ return true
+ })
+}
+
+func (l *logLevelConfig) update(cfg *viper.Viper, log *zap.Logger) {
+ if lvl, err := getLogLevel(cfg); err != nil {
+ log.Warn(logs.LogLevelWontBeUpdated, zap.Error(err), logs.TagField(logs.TagApp))
+ } else {
+ l.logLevel.SetLevel(lvl)
+ }
+
+ if err := l.tagsConfig.update(cfg, l.logLevel.Level()); err != nil {
+ log.Warn(logs.TagsLogConfigWontBeUpdated, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+
+ l.setMinLogLevel()
+}
+
+func (t *tagsConfig) LevelEnabled(tag string, tgtLevel zapcore.Level) bool {
+ lvl, ok := t.tagLogs.Load(tag)
+ if !ok {
+ return t.defaultLvl.Enabled(tgtLevel)
+ }
+
+ return lvl.(zapcore.Level).Enabled(tgtLevel)
+}
+
+func (t *tagsConfig) DefaultEnabled(lvl zapcore.Level) bool {
+ return t.defaultLvl.Enabled(lvl)
+}
+
+func (t *tagsConfig) update(cfg *viper.Viper, ll zapcore.Level) error {
+ tags, err := fetchLogTagsConfig(cfg, ll)
+ if err != nil {
+ return err
+ }
+
+ t.tagLogs.Range(func(key, _ any) bool {
+ k := key.(string)
+
+ if _, ok := tags[k]; !ok {
+ t.tagLogs.Delete(key)
+ }
+ return true
+ })
+
+ for k, v := range tags {
+ t.tagLogs.Store(k, v)
+ }
+ t.defaultLvl.SetLevel(ll)
+
+ return nil
+}
+
+func newApp(ctx context.Context, cfg *appCfg) App {
+ logSettings := &loggerSettings{}
+ logLevel := newLogLevel(cfg.config())
+ tagConfig := newTagsConfig(cfg.config(), logLevel.Level())
+ logConfig := newLogLevelConfig(logLevel, tagConfig)
+ log := pickLogger(cfg.config(), logConfig.logLevel, logSettings, tagConfig)
+
a := &app{
- ctx: ctx,
- log: zap.L(),
- cfg: viper.GetViper(),
- webServer: new(fasthttp.Server),
- webDone: make(chan struct{}),
- }
- for i := range opt {
- opt[i](a)
+ ctx: ctx,
+ log: log.logger,
+ cfg: cfg,
+ loggerSettings: logSettings,
+ webServer: new(fasthttp.Server),
+ webDone: make(chan struct{}),
+ bucketCache: cache.NewBucketCache(getBucketCacheOptions(cfg.config(), log.logger), cfg.config().GetBool(cfgFeaturesTreePoolNetmapSupport)),
}
+ a.initAppSettings(logConfig)
+
// -- setup FastHTTP server --
a.webServer.Name = "frost-http-gw"
- a.webServer.ReadBufferSize = a.cfg.GetInt(cfgWebReadBufferSize)
- a.webServer.WriteBufferSize = a.cfg.GetInt(cfgWebWriteBufferSize)
- a.webServer.ReadTimeout = a.cfg.GetDuration(cfgWebReadTimeout)
- a.webServer.WriteTimeout = a.cfg.GetDuration(cfgWebWriteTimeout)
+ a.webServer.ReadBufferSize = a.config().GetInt(cfgWebReadBufferSize)
+ a.webServer.WriteBufferSize = a.config().GetInt(cfgWebWriteBufferSize)
+ a.webServer.ReadTimeout = a.config().GetDuration(cfgWebReadTimeout)
+ a.webServer.WriteTimeout = a.config().GetDuration(cfgWebWriteTimeout)
a.webServer.DisableHeaderNamesNormalizing = true
a.webServer.NoDefaultServerHeader = true
a.webServer.NoDefaultContentType = true
- a.webServer.MaxRequestBodySize = a.cfg.GetInt(cfgWebMaxRequestBodySize)
+ a.webServer.MaxRequestBodySize = a.config().GetInt(cfgWebMaxRequestBodySize)
a.webServer.DisablePreParseMultipartForm = true
- a.webServer.StreamRequestBody = a.cfg.GetBool(cfgWebStreamRequestBody)
+ a.webServer.StreamRequestBody = a.config().GetBool(cfgWebStreamRequestBody)
// -- -- -- -- -- -- -- -- -- -- -- -- -- --
- a.pool, a.treePool, a.key = getPools(ctx, a.log, a.cfg)
+ a.initPools(ctx)
var owner user.ID
user.IDFromKey(&owner, a.key.PrivateKey.PublicKey)
@@ -125,42 +259,211 @@ func newApp(ctx context.Context, opt ...Option) App {
a.setRuntimeParameters()
- a.initAppSettings()
a.initResolver()
a.initMetrics()
a.initTracing(ctx)
+ a.initContainers(ctx)
return a
}
-func (a *app) initAppSettings() {
- a.settings = &handler.Settings{}
+func (a *app) config() *viper.Viper {
+ return a.cfg.config()
+}
- a.updateSettings()
+func (a *app) initContainers(ctx context.Context) {
+ corsCnrID, err := a.fetchContainerID(ctx, cfgContainersCORS)
+ if err != nil {
+ a.log.Fatal(logs.CouldNotFetchCORSContainerInfo, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+ a.corsCnrID = *corsCnrID
+}
+
+func (a *app) initRPCClient(ctx context.Context) *rpcclient.Client {
+ rpcCli, err := rpcclient.New(ctx, a.config().GetString(cfgRPCEndpoint), rpcclient.Options{})
+ if err != nil {
+ a.log.Fatal(logs.InitRPCClientFailed, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+ return rpcCli
+}
+
+func (a *app) initAppSettings(lc *logLevelConfig) {
+ a.settings = &appSettings{
+ reconnectInterval: fetchReconnectInterval(a.config()),
+ dialerSource: getDialerSource(a.log, a.config()),
+ workerPoolSize: a.config().GetInt(cfgWorkerPoolSize),
+ logLevelConfig: lc,
+ }
+ a.settings.update(a.config(), a.log)
+}
+
+func (s *appSettings) update(v *viper.Viper, l *zap.Logger) {
+ defaultTimestamp := v.GetBool(cfgUploaderHeaderEnableDefaultTimestamp)
+ archiveCompression := fetchArchiveCompression(v)
+ returnIndexPage := v.GetBool(cfgIndexPageEnabled)
+ clientCut := v.GetBool(cfgClientCut)
+ bufferMaxSizeForPut := v.GetUint64(cfgBufferMaxSizeForPut)
+ namespaceHeader := v.GetString(cfgResolveNamespaceHeader)
+ defaultNamespaces := fetchDefaultNamespaces(v)
+ indexPage, indexEnabled := fetchIndexPageTemplate(v, l)
+ cors := fetchCORSConfig(v)
+ enableFilepathFallback := v.GetBool(cfgFeaturesEnableFilepathFallback)
+ enableFilepathSlashFallback := v.GetBool(cfgFeaturesEnableFilepathSlashFallback)
+
+ s.mu.Lock()
+ defer s.mu.Unlock()
+
+ s.defaultTimestamp = defaultTimestamp
+ s.archiveCompression = archiveCompression
+ s.returnIndexPage = returnIndexPage
+ s.clientCut = clientCut
+ s.bufferMaxSizeForPut = bufferMaxSizeForPut
+ s.namespaceHeader = namespaceHeader
+ s.defaultNamespaces = defaultNamespaces
+ s.returnIndexPage = indexEnabled
+ s.indexPageTemplate = indexPage
+ s.cors = cors
+ s.enableFilepathFallback = enableFilepathFallback
+ s.enableFilepathSlashFallback = enableFilepathSlashFallback
+}
+
+func (s *loggerSettings) DroppedLogsInc() {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+
+ if s.appMetrics != nil {
+ s.appMetrics.DroppedLogsInc()
+ }
+}
+
+func (s *loggerSettings) setMetrics(appMetrics *metrics.GateMetrics) {
+ s.mu.Lock()
+ defer s.mu.Unlock()
+
+ s.appMetrics = appMetrics
+}
+
+func (s *appSettings) DefaultTimestamp() bool {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.defaultTimestamp
+}
+
+func (s *appSettings) ArchiveCompression() bool {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.archiveCompression
+}
+
+func (s *appSettings) IndexPageEnabled() bool {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.returnIndexPage
+}
+
+func (s *appSettings) IndexPageTemplate() string {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ if s.indexPageTemplate == "" {
+ return templates.DefaultIndexTemplate
+ }
+ return s.indexPageTemplate
+}
+
+func (s *appSettings) CORS() *data.CORSRule {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+
+ if s.cors == nil {
+ return nil
+ }
+
+ allowMethods := make([]string, len(s.cors.AllowedMethods))
+ copy(allowMethods, s.cors.AllowedMethods)
+
+ allowHeaders := make([]string, len(s.cors.AllowedHeaders))
+ copy(allowHeaders, s.cors.AllowedHeaders)
+
+ exposeHeaders := make([]string, len(s.cors.ExposeHeaders))
+ copy(exposeHeaders, s.cors.ExposeHeaders)
+
+ allowOrigins := make([]string, len(s.cors.AllowedOrigins))
+ copy(allowOrigins, s.cors.AllowedOrigins)
+
+ return &data.CORSRule{
+ AllowedOrigins: allowOrigins,
+ AllowedMethods: allowMethods,
+ AllowedHeaders: allowHeaders,
+ ExposeHeaders: exposeHeaders,
+ AllowedCredentials: s.cors.AllowedCredentials,
+ MaxAgeSeconds: s.cors.MaxAgeSeconds,
+ }
+}
+
+func (s *appSettings) ClientCut() bool {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.clientCut
+}
+
+func (s *appSettings) BufferMaxSizeForPut() uint64 {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.bufferMaxSizeForPut
+}
+
+func (s *appSettings) NamespaceHeader() string {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.namespaceHeader
+}
+
+func (s *appSettings) FormContainerZone(ns string) string {
+ s.mu.RLock()
+ namespaces := s.defaultNamespaces
+ s.mu.RUnlock()
+ if slices.Contains(namespaces, ns) {
+ return v2container.SysAttributeZoneDefault
+ }
+
+ return ns + ".ns"
+}
+
+func (s *appSettings) EnableFilepathFallback() bool {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.enableFilepathFallback
+}
+
+func (s *appSettings) EnableFilepathSlashFallback() bool {
+ s.mu.RLock()
+ defer s.mu.RUnlock()
+ return s.enableFilepathSlashFallback
}
func (a *app) initResolver() {
var err error
a.resolver, err = resolver.NewContainerResolver(a.getResolverConfig())
if err != nil {
- a.log.Fatal(logs.FailedToCreateResolver, zap.Error(err))
+ a.log.Fatal(logs.FailedToCreateResolver, zap.Error(err), logs.TagField(logs.TagApp))
}
}
func (a *app) getResolverConfig() ([]string, *resolver.Config) {
resolveCfg := &resolver.Config{
- FrostFS: resolver.NewFrostFSResolver(a.pool),
- RPCAddress: a.cfg.GetString(cfgRPCEndpoint),
+ FrostFS: frostfs.NewResolverFrostFS(a.pool),
+ RPCAddress: a.config().GetString(cfgRPCEndpoint),
}
- order := a.cfg.GetStringSlice(cfgResolveOrder)
+ order := a.config().GetStringSlice(cfgResolveOrder)
if resolveCfg.RPCAddress == "" {
order = remove(order, resolver.NNSResolver)
- a.log.Warn(logs.ResolverNNSWontBeUsedSinceRPCEndpointIsntProvided)
+ a.log.Warn(logs.ResolverNNSWontBeUsedSinceRPCEndpointIsntProvided, logs.TagField(logs.TagApp))
}
if len(order) == 0 {
- a.log.Info(logs.ContainerResolverWillBeDisabledBecauseOfResolversResolverOrderIsEmpty)
+ a.log.Info(logs.ContainerResolverWillBeDisabledBecauseOfResolversResolverOrderIsEmpty,
+ logs.TagField(logs.TagApp))
}
return order, resolveCfg
@@ -168,13 +471,14 @@ func (a *app) getResolverConfig() ([]string, *resolver.Config) {
func (a *app) initMetrics() {
gateMetricsProvider := metrics.NewGateMetrics(a.pool)
- a.metrics = newGateMetrics(a.log, gateMetricsProvider, a.cfg.GetBool(cfgPrometheusEnabled))
+ a.metrics = newGateMetrics(a.log, gateMetricsProvider, a.config().GetBool(cfgPrometheusEnabled))
a.metrics.SetHealth(metrics.HealthStatusStarting)
+ a.loggerSettings.setMetrics(a.metrics.provider)
}
func newGateMetrics(logger *zap.Logger, provider *metrics.GateMetrics, enabled bool) *gateMetrics {
if !enabled {
- logger.Warn(logs.MetricsAreDisabled)
+ logger.Warn(logs.MetricsAreDisabled, logs.TagField(logs.TagApp))
}
return &gateMetrics{
logger: logger,
@@ -192,7 +496,7 @@ func (m *gateMetrics) isEnabled() bool {
func (m *gateMetrics) SetEnabled(enabled bool) {
if !enabled {
- m.logger.Warn(logs.MetricsAreDisabled)
+ m.logger.Warn(logs.MetricsAreDisabled, logs.TagField(logs.TagApp))
}
m.mu.Lock()
@@ -255,7 +559,7 @@ func getFrostFSKey(cfg *viper.Viper, log *zap.Logger) (*keys.PrivateKey, error)
walletPath := cfg.GetString(cfgWalletPath)
if len(walletPath) == 0 {
- log.Info(logs.NoWalletPathSpecifiedCreatingEphemeralKeyAutomaticallyForThisRun)
+ log.Info(logs.NoWalletPathSpecifiedCreatingEphemeralKeyAutomaticallyForThisRun, logs.TagField(logs.TagApp))
key, err := keys.NewPrivateKey()
if err != nil {
return nil, err
@@ -312,7 +616,10 @@ func getKeyFromWallet(w *wallet.Wallet, addrStr string, password *string) (*keys
}
func (a *app) Wait() {
- a.log.Info(logs.StartingApplication, zap.String("app_name", "frostfs-http-gw"), zap.String("version", Version))
+ a.log.Info(logs.StartingApplication,
+ zap.String("app_name", "frostfs-http-gw"),
+ zap.String("version", Version),
+ logs.TagField(logs.TagApp))
a.metrics.SetVersion(Version)
a.setHealthStatus()
@@ -325,24 +632,34 @@ func (a *app) setHealthStatus() {
}
func (a *app) Serve() {
- handler := handler.New(a.AppParams(), a.settings, tree.NewTree(services.NewPoolWrapper(a.treePool)))
+ workerPool := a.initWorkerPool()
+ defer func() {
+ workerPool.Release()
+ close(a.webDone)
+ }()
// Configure router.
- a.configureRouter(handler)
+ a.configureRouter(workerPool)
a.startServices()
a.initServers(a.ctx)
- for i := range a.servers {
+ servs := a.getServers()
+
+ for i := range servs {
go func(i int) {
- a.log.Info(logs.StartingServer, zap.String("address", a.servers[i].Address()))
- if err := a.webServer.Serve(a.servers[i].Listener()); err != nil && err != http.ErrServerClosed {
- a.metrics.MarkUnhealthy(a.servers[i].Address())
- a.log.Fatal(logs.ListenAndServe, zap.Error(err))
+ a.log.Info(logs.StartingServer, zap.String("address", servs[i].Address()), logs.TagField(logs.TagApp))
+ if err := a.webServer.Serve(servs[i].Listener()); err != nil && err != http.ErrServerClosed {
+ a.metrics.MarkUnhealthy(servs[i].Address())
+ a.log.Fatal(logs.ListenAndServe, zap.Error(err), logs.TagField(logs.TagApp))
}
}(i)
}
+ if len(a.unbindServers) != 0 {
+ a.scheduleReconnect(a.ctx, a.webServer)
+ }
+
sigs := make(chan os.Signal, 1)
signal.Notify(sigs, syscall.SIGHUP)
@@ -356,13 +673,19 @@ LOOP:
}
}
- a.log.Info(logs.ShuttingDownWebServer, zap.Error(a.webServer.Shutdown()))
+ a.log.Info(logs.ShuttingDownWebServer, zap.Error(a.webServer.Shutdown()), logs.TagField(logs.TagApp))
a.metrics.Shutdown()
a.stopServices()
a.shutdownTracing()
+}
- close(a.webDone)
+func (a *app) initWorkerPool() *ants.Pool {
+ workerPool, err := ants.NewPool(a.settings.workerPoolSize)
+ if err != nil {
+ a.log.Fatal(logs.FailedToCreateWorkerPool, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+ return workerPool
}
func (a *app) shutdownTracing() {
@@ -371,33 +694,33 @@ func (a *app) shutdownTracing() {
defer cancel()
if err := tracing.Shutdown(shdnCtx); err != nil {
- a.log.Warn(logs.FailedToShutdownTracing, zap.Error(err))
+ a.log.Warn(logs.FailedToShutdownTracing, zap.Error(err), logs.TagField(logs.TagApp))
}
}
func (a *app) configReload(ctx context.Context) {
- a.log.Info(logs.SIGHUPConfigReloadStarted)
- if !a.cfg.IsSet(cmdConfig) && !a.cfg.IsSet(cmdConfigDir) {
- a.log.Warn(logs.FailedToReloadConfigBecauseItsMissed)
+ a.log.Info(logs.SIGHUPConfigReloadStarted, logs.TagField(logs.TagApp))
+ if !a.config().IsSet(cmdConfig) && !a.config().IsSet(cmdConfigDir) {
+ a.log.Warn(logs.FailedToReloadConfigBecauseItsMissed, logs.TagField(logs.TagApp))
return
}
- if err := readInConfig(a.cfg); err != nil {
- a.log.Warn(logs.FailedToReloadConfig, zap.Error(err))
+ if err := a.cfg.reload(); err != nil {
+ a.log.Warn(logs.FailedToReloadConfig, zap.Error(err), logs.TagField(logs.TagApp))
return
}
- if lvl, err := getLogLevel(a.cfg); err != nil {
- a.log.Warn(logs.LogLevelWontBeUpdated, zap.Error(err))
- } else {
- a.logLevel.SetLevel(lvl)
+ a.settings.logLevelConfig.update(a.cfg.config(), a.log)
+
+ if err := a.settings.dialerSource.Update(fetchMultinetConfig(a.config(), a.log)); err != nil {
+ a.log.Warn(logs.MultinetConfigWontBeUpdated, zap.Error(err), logs.TagField(logs.TagApp))
}
if err := a.resolver.UpdateResolvers(a.getResolverConfig()); err != nil {
- a.log.Warn(logs.FailedToUpdateResolvers, zap.Error(err))
+ a.log.Warn(logs.FailedToUpdateResolvers, zap.Error(err), logs.TagField(logs.TagApp))
}
if err := a.updateServers(); err != nil {
- a.log.Warn(logs.FailedToReloadServerParameters, zap.Error(err))
+ a.log.Warn(logs.FailedToReloadServerParameters, zap.Error(err), logs.TagField(logs.TagApp))
}
a.setRuntimeParameters()
@@ -405,27 +728,24 @@ func (a *app) configReload(ctx context.Context) {
a.stopServices()
a.startServices()
- a.updateSettings()
+ a.settings.update(a.config(), a.log)
- a.metrics.SetEnabled(a.cfg.GetBool(cfgPrometheusEnabled))
+ a.metrics.SetEnabled(a.config().GetBool(cfgPrometheusEnabled))
a.initTracing(ctx)
a.setHealthStatus()
- a.log.Info(logs.SIGHUPConfigReloadCompleted)
-}
-
-func (a *app) updateSettings() {
- a.settings.SetDefaultTimestamp(a.cfg.GetBool(cfgUploaderHeaderEnableDefaultTimestamp))
- a.settings.SetZipCompression(a.cfg.GetBool(cfgZipCompression))
+ a.log.Info(logs.SIGHUPConfigReloadCompleted, logs.TagField(logs.TagApp))
}
func (a *app) startServices() {
- pprofConfig := metrics.Config{Enabled: a.cfg.GetBool(cfgPprofEnabled), Address: a.cfg.GetString(cfgPprofAddress)}
+ a.services = a.services[:0]
+
+ pprofConfig := metrics.Config{Enabled: a.config().GetBool(cfgPprofEnabled), Address: a.config().GetString(cfgPprofAddress)}
pprofService := metrics.NewPprofService(a.log, pprofConfig)
a.services = append(a.services, pprofService)
go pprofService.Start()
- prometheusConfig := metrics.Config{Enabled: a.cfg.GetBool(cfgPrometheusEnabled), Address: a.cfg.GetString(cfgPrometheusAddress)}
+ prometheusConfig := metrics.Config{Enabled: a.config().GetBool(cfgPrometheusEnabled), Address: a.config().GetString(cfgPrometheusAddress)}
prometheusService := metrics.NewPrometheusService(a.log, prometheusConfig)
a.services = append(a.services, prometheusService)
go prometheusService.Start()
@@ -440,47 +760,158 @@ func (a *app) stopServices() {
}
}
-func (a *app) configureRouter(handler *handler.Handler) {
+func (a *app) configureRouter(workerPool *ants.Pool) {
+ rpcCli := a.initRPCClient(a.ctx)
+ cnrContractName := a.config().GetString(cfgContractsContainerName)
+ rpcEndpoint := a.config().GetString(cfgRPCEndpoint)
+ cnrAddr, err := contractsUtil.ResolveContractHash(cnrContractName, rpcEndpoint)
+ if err != nil {
+ a.log.Fatal(logs.FailedToResolveContractHash, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+ cnrClient, err := containerClient.New(containerClient.Config{
+ ContractHash: cnrAddr,
+ Key: a.key,
+ RPCClient: rpcCli,
+ })
+ if err != nil {
+ a.log.Fatal(logs.InitContainerContractFailed, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+ a.handle = handler.New(a.AppParams(), a.settings, tree.NewTree(frostfs.NewPoolWrapper(a.treePool), a.log), cnrClient, workerPool)
+
r := router.New()
r.RedirectTrailingSlash = true
r.NotFound = func(r *fasthttp.RequestCtx) {
- response.Error(r, "Not found", fasthttp.StatusNotFound)
+ handler.ResponseError(r, "Route Not found", fasthttp.StatusNotFound)
}
r.MethodNotAllowed = func(r *fasthttp.RequestCtx) {
- response.Error(r, "Method Not Allowed", fasthttp.StatusMethodNotAllowed)
+ handler.ResponseError(r, "Method Not Allowed", fasthttp.StatusMethodNotAllowed)
}
- r.POST("/upload/{cid}", a.logger(a.tokenizer(a.tracer(handler.Upload))))
- a.log.Info(logs.AddedPathUploadCid)
- r.GET("/get/{cid}/{oid:*}", a.logger(a.tokenizer(a.tracer(handler.DownloadByAddressOrBucketName))))
- r.HEAD("/get/{cid}/{oid:*}", a.logger(a.tokenizer(a.tracer(handler.HeadByAddressOrBucketName))))
- a.log.Info(logs.AddedPathGetCidOid)
- r.GET("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.logger(a.tokenizer(a.tracer(handler.DownloadByAttribute))))
- r.HEAD("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.logger(a.tokenizer(a.tracer(handler.HeadByAttribute))))
- a.log.Info(logs.AddedPathGetByAttributeCidAttrKeyAttrVal)
- r.GET("/zip/{cid}/{prefix:*}", a.logger(a.tokenizer(a.tracer(handler.DownloadZipped))))
- a.log.Info(logs.AddedPathZipCidPrefix)
+ r.POST("/upload/{cid}", a.addMiddlewares(a.handle.Upload))
+ r.OPTIONS("/upload/{cid}", a.addPreflight(a.handle.Preflight))
+ a.log.Info(logs.AddedPathUploadCid, logs.TagField(logs.TagApp))
+ r.GET("/get/{cid}/{oid:*}", a.addMiddlewares(a.handle.DownloadByAddressOrBucketName))
+ r.HEAD("/get/{cid}/{oid:*}", a.addMiddlewares(a.handle.HeadByAddressOrBucketName))
+ r.OPTIONS("/get/{cid}/{oid:*}", a.addPreflight(a.handle.Preflight))
+ a.log.Info(logs.AddedPathGetCidOid, logs.TagField(logs.TagApp))
+ r.GET("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.addMiddlewares(a.handle.DownloadByAttribute))
+ r.HEAD("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.addMiddlewares(a.handle.HeadByAttribute))
+ r.OPTIONS("/get_by_attribute/{cid}/{attr_key}/{attr_val:*}", a.addPreflight(a.handle.Preflight))
+ a.log.Info(logs.AddedPathGetByAttributeCidAttrKeyAttrVal, logs.TagField(logs.TagApp))
+ r.GET("/zip/{cid}/{prefix:*}", a.addMiddlewares(a.handle.DownloadZip))
+ r.OPTIONS("/zip/{cid}/{prefix:*}", a.addPreflight(a.handle.Preflight))
+ r.GET("/tar/{cid}/{prefix:*}", a.addMiddlewares(a.handle.DownloadTar))
+ r.OPTIONS("/tar/{cid}/{prefix:*}", a.addPreflight(a.handle.Preflight))
+ a.log.Info(logs.AddedPathZipCidPrefix, logs.TagField(logs.TagApp))
a.webServer.Handler = r.Handler
}
+func (a *app) addMiddlewares(h fasthttp.RequestHandler) fasthttp.RequestHandler {
+ list := []func(fasthttp.RequestHandler) fasthttp.RequestHandler{
+ a.tracer,
+ a.logger,
+ a.canonicalizer,
+ a.tokenizer,
+ a.reqNamespace,
+ a.cors,
+ }
+
+ for i := len(list) - 1; i >= 0; i-- {
+ h = list[i](h)
+ }
+
+ return h
+}
+
+func (a *app) addPreflight(h fasthttp.RequestHandler) fasthttp.RequestHandler {
+ list := []func(fasthttp.RequestHandler) fasthttp.RequestHandler{
+ a.tracer,
+ a.logger,
+ a.canonicalizer,
+ a.reqNamespace,
+ }
+
+ for i := len(list) - 1; i >= 0; i-- {
+ h = list[i](h)
+ }
+
+ return h
+}
+
+func (a *app) cors(h fasthttp.RequestHandler) fasthttp.RequestHandler {
+ return func(c *fasthttp.RequestCtx) {
+ h(c)
+ code := c.Response.StatusCode()
+ if code >= fasthttp.StatusOK && code < fasthttp.StatusMultipleChoices {
+ a.handle.SetCORSHeaders(c)
+ }
+ }
+}
+
func (a *app) logger(h fasthttp.RequestHandler) fasthttp.RequestHandler {
return func(req *fasthttp.RequestCtx) {
- a.log.Info(logs.Request, zap.String("remote", req.RemoteAddr().String()),
+ requiredFields := []zap.Field{zap.Uint64("id", req.ID())}
+ reqCtx := utils.GetContextFromRequest(req)
+ if traceID := trace.SpanFromContext(reqCtx).SpanContext().TraceID(); traceID.IsValid() {
+ requiredFields = append(requiredFields, zap.String("trace_id", traceID.String()))
+ }
+ log := a.log.With(requiredFields...)
+
+ reqCtx = utils.SetReqLog(reqCtx, log)
+ utils.SetContextToRequest(reqCtx, req)
+
+ log.Info(logs.Request, zap.String("remote", req.RemoteAddr().String()),
zap.ByteString("method", req.Method()),
zap.ByteString("path", req.Path()),
zap.ByteString("query", req.QueryArgs().QueryString()),
- zap.Uint64("id", req.ID()))
+ logs.TagField(logs.TagDatapath))
+ h(req)
+ }
+}
+
+func (a *app) canonicalizer(h fasthttp.RequestHandler) fasthttp.RequestHandler {
+ return func(req *fasthttp.RequestCtx) {
+ // regardless of DisableHeaderNamesNormalizing setting, some headers
+ // MUST be normalized in order to process execution. They are normalized
+ // here.
+
+ toAddKeys := make([][]byte, 0, 10)
+ toAddValues := make([][]byte, 0, 10)
+ prefix := []byte(utils.UserAttributeHeaderPrefix)
+
+ req.Request.Header.VisitAll(func(k, v []byte) {
+ if bytes.HasPrefix(k, prefix) {
+ return
+ }
+ toAddKeys = append(toAddKeys, k)
+ toAddValues = append(toAddValues, v)
+ })
+
+ // this is safe to do after all headers were read into header structure
+ req.Request.Header.EnableNormalizing()
+
+ for i := range toAddKeys {
+ req.Request.Header.SetBytesKV(toAddKeys[i], toAddValues[i])
+ }
+
+ // return normalization setting back
+ req.Request.Header.DisableNormalizing()
+
h(req)
}
}
func (a *app) tokenizer(h fasthttp.RequestHandler) fasthttp.RequestHandler {
return func(req *fasthttp.RequestCtx) {
- appCtx, err := tokens.StoreBearerTokenAppCtx(a.ctx, req)
+ reqCtx := utils.GetContextFromRequest(req)
+ appCtx, err := tokens.StoreBearerTokenAppCtx(reqCtx, req)
if err != nil {
- a.log.Error(logs.CouldNotFetchAndStoreBearerToken, zap.Error(err))
- response.Error(req, "could not fetch and store bearer token: "+err.Error(), fasthttp.StatusBadRequest)
+ log := utils.GetReqLogOrDefault(reqCtx, a.log)
+
+ log.Error(logs.CouldNotFetchAndStoreBearerToken, zap.Error(err), logs.TagField(logs.TagDatapath))
+ handler.ResponseError(req, "could not fetch and store bearer token: "+err.Error(), fasthttp.StatusBadRequest)
+ return
}
utils.SetContextToRequest(appCtx, req)
h(req)
@@ -489,30 +920,45 @@ func (a *app) tokenizer(h fasthttp.RequestHandler) fasthttp.RequestHandler {
func (a *app) tracer(h fasthttp.RequestHandler) fasthttp.RequestHandler {
return func(req *fasthttp.RequestCtx) {
- appCtx := utils.GetContextFromRequest(req)
-
- appCtx, span := utils.StartHTTPServerSpan(appCtx, req, "REQUEST")
+ appCtx, span := utils.StartHTTPServerSpan(a.ctx, req, "REQUEST")
defer func() {
utils.SetHTTPTraceInfo(appCtx, span, req)
span.End()
}()
+ appCtx = treepool.SetRequestID(appCtx, strconv.FormatUint(req.ID(), 10))
+
utils.SetContextToRequest(appCtx, req)
h(req)
}
}
-func (a *app) AppParams() *utils.AppParams {
- return &utils.AppParams{
- Logger: a.log,
- Pool: a.pool,
- Owner: a.owner,
- Resolver: a.resolver,
+func (a *app) reqNamespace(h fasthttp.RequestHandler) fasthttp.RequestHandler {
+ return func(req *fasthttp.RequestCtx) {
+ appCtx := utils.GetContextFromRequest(req)
+
+ nsBytes := req.Request.Header.Peek(a.settings.NamespaceHeader())
+ appCtx = middleware.SetNamespace(appCtx, string(nsBytes))
+
+ utils.SetContextToRequest(appCtx, req)
+ h(req)
+ }
+}
+
+func (a *app) AppParams() *handler.AppParams {
+ return &handler.AppParams{
+ Logger: a.log,
+ FrostFS: frostfs.NewFrostFS(a.pool),
+ Owner: a.owner,
+ Resolver: a.resolver,
+ Cache: a.bucketCache,
+ CORSCnrID: a.corsCnrID,
+ CORSCache: cache.NewCORSCache(getCORSCacheOptions(a.config(), a.log)),
}
}
func (a *app) initServers(ctx context.Context) {
- serversInfo := fetchServers(a.cfg)
+ serversInfo := fetchServers(a.config(), a.log)
a.servers = make([]Server, 0, len(serversInfo))
for _, serverInfo := range serversInfo {
@@ -522,37 +968,41 @@ func (a *app) initServers(ctx context.Context) {
}
srv, err := newServer(ctx, serverInfo)
if err != nil {
+ a.unbindServers = append(a.unbindServers, serverInfo)
a.metrics.MarkUnhealthy(serverInfo.Address)
- a.log.Warn(logs.FailedToAddServer, append(fields, zap.Error(err))...)
+ a.log.Warn(logs.FailedToAddServer, append(fields, zap.Error(err), logs.TagField(logs.TagApp))...)
continue
}
a.metrics.MarkHealthy(serverInfo.Address)
a.servers = append(a.servers, srv)
- a.log.Info(logs.AddServer, fields...)
+ a.log.Info(logs.AddServer, append(fields, logs.TagField(logs.TagApp))...)
}
if len(a.servers) == 0 {
- a.log.Fatal(logs.NoHealthyServers)
+ a.log.Fatal(logs.NoHealthyServers, logs.TagField(logs.TagApp))
}
}
func (a *app) updateServers() error {
- serversInfo := fetchServers(a.cfg)
+ serversInfo := fetchServers(a.config(), a.log)
+
+ a.mu.Lock()
+ defer a.mu.Unlock()
var found bool
for _, serverInfo := range serversInfo {
- index := a.serverIndex(serverInfo.Address)
- if index == -1 {
- continue
- }
-
- if serverInfo.TLS.Enabled {
- if err := a.servers[index].UpdateCert(serverInfo.TLS.CertFile, serverInfo.TLS.KeyFile); err != nil {
- return fmt.Errorf("failed to update tls certs: %w", err)
+ ser := a.getServer(serverInfo.Address)
+ if ser != nil {
+ if serverInfo.TLS.Enabled {
+ if err := ser.UpdateCert(serverInfo.TLS.CertFile, serverInfo.TLS.KeyFile); err != nil {
+ return fmt.Errorf("failed to update tls certs: %w", err)
+ }
}
+ found = true
+ } else if unbind := a.updateUnbindServerInfo(serverInfo); unbind {
+ found = true
}
- found = true
}
if !found {
@@ -562,13 +1012,29 @@ func (a *app) updateServers() error {
return nil
}
-func (a *app) serverIndex(address string) int {
+func (a *app) getServers() []Server {
+ a.mu.RLock()
+ defer a.mu.RUnlock()
+ return a.servers
+}
+
+func (a *app) getServer(address string) Server {
for i := range a.servers {
if a.servers[i].Address() == address {
- return i
+ return a.servers[i]
}
}
- return -1
+ return nil
+}
+
+func (a *app) updateUnbindServerInfo(info ServerInfo) bool {
+ for i := range a.unbindServers {
+ if a.unbindServers[i].Address == info.Address {
+ a.unbindServers[i] = info
+ return true
+ }
+ }
+ return false
}
func (a *app) initTracing(ctx context.Context) {
@@ -577,34 +1043,155 @@ func (a *app) initTracing(ctx context.Context) {
instanceID = a.servers[0].Address()
}
cfg := tracing.Config{
- Enabled: a.cfg.GetBool(cfgTracingEnabled),
- Exporter: tracing.Exporter(a.cfg.GetString(cfgTracingExporter)),
- Endpoint: a.cfg.GetString(cfgTracingEndpoint),
+ Enabled: a.config().GetBool(cfgTracingEnabled),
+ Exporter: tracing.Exporter(a.config().GetString(cfgTracingExporter)),
+ Endpoint: a.config().GetString(cfgTracingEndpoint),
Service: "frostfs-http-gw",
InstanceID: instanceID,
Version: Version,
}
+
+ if trustedCa := a.config().GetString(cfgTracingTrustedCa); trustedCa != "" {
+ caBytes, err := os.ReadFile(trustedCa)
+ if err != nil {
+ a.log.Warn(logs.FailedToInitializeTracing, zap.Error(err), logs.TagField(logs.TagApp))
+ return
+ }
+ certPool := x509.NewCertPool()
+ ok := certPool.AppendCertsFromPEM(caBytes)
+ if !ok {
+ a.log.Warn(logs.FailedToInitializeTracing, zap.String("error", "can't fill cert pool by ca cert"),
+ logs.TagField(logs.TagApp))
+ return
+ }
+ cfg.ServerCaCertPool = certPool
+ }
+
+ attributes, err := fetchTracingAttributes(a.config())
+ if err != nil {
+ a.log.Warn(logs.FailedToInitializeTracing, zap.Error(err), logs.TagField(logs.TagApp))
+ return
+ }
+ cfg.Attributes = attributes
+
updated, err := tracing.Setup(ctx, cfg)
if err != nil {
- a.log.Warn(logs.FailedToInitializeTracing, zap.Error(err))
+ a.log.Warn(logs.FailedToInitializeTracing, zap.Error(err), logs.TagField(logs.TagApp))
}
if updated {
- a.log.Info(logs.TracingConfigUpdated)
+ a.log.Info(logs.TracingConfigUpdated, logs.TagField(logs.TagApp))
}
}
func (a *app) setRuntimeParameters() {
if len(os.Getenv("GOMEMLIMIT")) != 0 {
// default limit < yaml limit < app env limit < GOMEMLIMIT
- a.log.Warn(logs.RuntimeSoftMemoryDefinedWithGOMEMLIMIT)
+ a.log.Warn(logs.RuntimeSoftMemoryDefinedWithGOMEMLIMIT, logs.TagField(logs.TagApp))
return
}
- softMemoryLimit := fetchSoftMemoryLimit(a.cfg)
+ softMemoryLimit := fetchSoftMemoryLimit(a.config())
previous := debug.SetMemoryLimit(softMemoryLimit)
if softMemoryLimit != previous {
a.log.Info(logs.RuntimeSoftMemoryLimitUpdated,
zap.Int64("new_value", softMemoryLimit),
- zap.Int64("old_value", previous))
+ zap.Int64("old_value", previous),
+ logs.TagField(logs.TagApp))
}
}
+
+func (a *app) scheduleReconnect(ctx context.Context, srv *fasthttp.Server) {
+ go func() {
+ t := time.NewTicker(a.settings.reconnectInterval)
+ defer t.Stop()
+ for {
+ select {
+ case <-t.C:
+ if a.tryReconnect(ctx, srv) {
+ return
+ }
+ t.Reset(a.settings.reconnectInterval)
+ case <-ctx.Done():
+ return
+ }
+ }
+ }()
+}
+
+func (a *app) tryReconnect(ctx context.Context, sr *fasthttp.Server) bool {
+ a.mu.Lock()
+ defer a.mu.Unlock()
+
+ a.log.Info(logs.ServerReconnecting, logs.TagField(logs.TagApp))
+ var failedServers []ServerInfo
+
+ for _, serverInfo := range a.unbindServers {
+ srv, err := newServer(ctx, serverInfo)
+ if err != nil {
+ a.log.Warn(logs.ServerReconnectFailed, zap.Error(err), logs.TagField(logs.TagApp))
+ failedServers = append(failedServers, serverInfo)
+ a.metrics.MarkUnhealthy(serverInfo.Address)
+ continue
+ }
+
+ go func() {
+ a.log.Info(logs.StartingServer, zap.String("address", srv.Address()), logs.TagField(logs.TagApp))
+ a.metrics.MarkHealthy(serverInfo.Address)
+ if err = sr.Serve(srv.Listener()); err != nil && !errors.Is(err, http.ErrServerClosed) {
+ a.log.Warn(logs.ListenAndServe, zap.Error(err), logs.TagField(logs.TagApp))
+ a.metrics.MarkUnhealthy(serverInfo.Address)
+ }
+ }()
+
+ a.servers = append(a.servers, srv)
+ a.log.Info(logs.ServerReconnectedSuccessfully,
+ zap.String("address", serverInfo.Address), zap.Bool("tls enabled", serverInfo.TLS.Enabled),
+ zap.String("tls cert", serverInfo.TLS.CertFile), zap.String("tls key", serverInfo.TLS.KeyFile),
+ logs.TagField(logs.TagApp))
+ }
+
+ a.unbindServers = failedServers
+
+ return len(a.unbindServers) == 0
+}
+
+func (a *app) fetchContainerID(ctx context.Context, cfgKey string) (id *cid.ID, err error) {
+ cnrID, err := a.resolveContainerID(ctx, cfgKey)
+ if err != nil {
+ return nil, err
+ }
+
+ err = checkContainerExists(ctx, *cnrID, a.pool)
+ if err != nil {
+ return nil, err
+ }
+
+ return cnrID, nil
+}
+
+func (a *app) resolveContainerID(ctx context.Context, cfgKey string) (*cid.ID, error) {
+ containerString := a.config().GetString(cfgKey)
+
+ id := new(cid.ID)
+ if err := id.DecodeString(containerString); err != nil {
+ i := strings.Index(containerString, ".")
+ if i < 0 {
+ return nil, fmt.Errorf("invalid container address: %s", containerString)
+ }
+
+ if id, err = a.resolver.Resolve(ctx, containerString[i+1:], containerString[:i]); err != nil {
+ return nil, fmt.Errorf("resolve container address %s: %w", containerString, err)
+ }
+ }
+
+ return id, nil
+}
+
+func checkContainerExists(ctx context.Context, id cid.ID, frostFSPool *pool.Pool) error {
+ prm := pool.PrmContainerGet{
+ ContainerID: id,
+ }
+
+ _, err := frostFSPool.GetContainer(ctx, prm)
+ return err
+}
diff --git a/cmd/http-gw/integration_test.go b/cmd/http-gw/integration_test.go
index 76a8325b..6ab8e99d 100644
--- a/cmd/http-gw/integration_test.go
+++ b/cmd/http-gw/integration_test.go
@@ -6,26 +6,34 @@ import (
"archive/zip"
"bytes"
"context"
+ "encoding/base64"
"encoding/json"
"fmt"
"io"
"mime/multipart"
"net/http"
+ "os"
"sort"
+ "strings"
"testing"
"time"
- containerv2 "git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/container"
+ containerv2 "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/eacl"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+ docker "github.com/docker/docker/api/types/container"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
- "github.com/spf13/viper"
+ "github.com/nspcc-dev/neo-go/pkg/wallet"
"github.com/stretchr/testify/require"
"github.com/testcontainers/testcontainers-go"
"github.com/testcontainers/testcontainers-go/wait"
@@ -37,20 +45,29 @@ type putResponse struct {
}
const (
- testContainerName = "friendly"
- testListenAddress = "localhost:8082"
- testHost = "http://" + testListenAddress
+ testContainerName = "friendly"
+ testListenAddress = "localhost:8082"
+ testHost = "http://" + testListenAddress
+ testCORSContainerName = "cors"
)
func TestIntegration(t *testing.T) {
rootCtx := context.Background()
- aioImage := "truecloudlab/frostfs-aio:"
+ aioImage := "git.frostfs.info/truecloudlab/frostfs-aio:"
versions := []string{
- "1.2.7", // frostfs-storage v0.36.0 RC
+ "1.2.7",
+ "1.3.0",
+ "1.5.0",
+ "1.6.5",
}
key, err := keys.NewPrivateKeyFromHex("1dd37fba80fec4e6a6f13fd708d8dcb3b29def768017052f6c930fa1c5d90bbb")
require.NoError(t, err)
+ file, err := os.CreateTemp("", "wallet")
+ require.NoError(t, err)
+ defer os.Remove(file.Name())
+ makeTempWallet(t, key, file.Name())
+
var ownerID user.ID
user.IDFromKey(&ownerID, key.PrivateKey.PublicKey)
@@ -58,16 +75,33 @@ func TestIntegration(t *testing.T) {
ctx, cancel2 := context.WithCancel(rootCtx)
aioContainer := createDockerContainer(ctx, t, aioImage+version)
- server, cancel := runServer()
+ if strings.HasPrefix(version, "1.6") {
+ registerUser(t, ctx, aioContainer, file.Name())
+ }
+
+ // Creating CORS container
clientPool := getPool(ctx, t, key)
- CID, err := createContainer(ctx, t, clientPool, ownerID, version)
+ _, err = createContainer(ctx, t, clientPool, ownerID, testCORSContainerName)
require.NoError(t, err, version)
- t.Run("simple put "+version, func(t *testing.T) { simplePut(ctx, t, clientPool, CID, version) })
+ // See the logs from the command execution.
+ server, cancel := runServer(file.Name())
+ CID, err := createContainer(ctx, t, clientPool, ownerID, testContainerName)
+ require.NoError(t, err, version)
+
+ jsonToken, binaryToken := makeBearerTokens(t, key, ownerID, version)
+
+ t.Run("simple put "+version, func(t *testing.T) { simplePut(ctx, t, clientPool, CID) })
+ t.Run("put with json bearer token in header"+version, func(t *testing.T) { putWithBearerTokenInHeader(ctx, t, clientPool, CID, jsonToken) })
+ t.Run("put with json bearer token in cookie"+version, func(t *testing.T) { putWithBearerTokenInCookie(ctx, t, clientPool, CID, jsonToken) })
+ t.Run("put with binary bearer token in header"+version, func(t *testing.T) { putWithBearerTokenInHeader(ctx, t, clientPool, CID, binaryToken) })
+ t.Run("put with binary bearer token in cookie"+version, func(t *testing.T) { putWithBearerTokenInCookie(ctx, t, clientPool, CID, binaryToken) })
t.Run("put with duplicate keys "+version, func(t *testing.T) { putWithDuplicateKeys(t, CID) })
- t.Run("simple get "+version, func(t *testing.T) { simpleGet(ctx, t, clientPool, ownerID, CID, version) })
- t.Run("get by attribute "+version, func(t *testing.T) { getByAttr(ctx, t, clientPool, ownerID, CID, version) })
- t.Run("get zip "+version, func(t *testing.T) { getZip(ctx, t, clientPool, ownerID, CID, version) })
+ t.Run("simple get "+version, func(t *testing.T) { simpleGet(ctx, t, clientPool, ownerID, CID) })
+ t.Run("get by attribute "+version, func(t *testing.T) { getByAttr(ctx, t, clientPool, ownerID, CID) })
+ t.Run("get zip "+version, func(t *testing.T) { getZip(ctx, t, clientPool, ownerID, CID) })
+ t.Run("test namespaces "+version, func(t *testing.T) { checkNamespaces(ctx, t, clientPool, ownerID, CID) })
+ t.Run("test status codes "+version, func(t *testing.T) { checkStatusCodes(ctx, t, clientPool, ownerID, version) })
cancel()
server.Wait()
@@ -77,18 +111,22 @@ func TestIntegration(t *testing.T) {
}
}
-func runServer() (App, context.CancelFunc) {
+func runServer(pathToWallet string) (App, context.CancelFunc) {
cancelCtx, cancel := context.WithCancel(context.Background())
v := getDefaultConfig()
- l, lvl := newLogger(v)
- application := newApp(cancelCtx, WithConfig(v), WithLogger(l, lvl))
+ v.config().Set(cfgWalletPath, pathToWallet)
+ v.config().Set(cfgWalletPassphrase, "")
+
+ v.config().Set(cfgContainersCORS, testCORSContainerName+"."+containerv2.SysAttributeZoneDefault)
+
+ application := newApp(cancelCtx, v)
go application.Serve()
return application, cancel
}
-func simplePut(ctx context.Context, t *testing.T, p *pool.Pool, CID cid.ID, version string) {
+func simplePut(ctx context.Context, t *testing.T, p *pool.Pool, CID cid.ID) {
url := testHost + "/upload/" + CID.String()
makePutRequestAndCheck(ctx, t, p, CID, url)
@@ -96,7 +134,38 @@ func simplePut(ctx context.Context, t *testing.T, p *pool.Pool, CID cid.ID, vers
makePutRequestAndCheck(ctx, t, p, CID, url)
}
+func putWithBearerTokenInHeader(ctx context.Context, t *testing.T, p *pool.Pool, CID cid.ID, token string) {
+ url := testHost + "/upload/" + CID.String()
+
+ request, content, attributes := makePutRequest(t, url)
+ request.Header.Set("Authorization", "Bearer "+token)
+ resp, err := http.DefaultClient.Do(request)
+ require.NoError(t, err)
+
+ checkPutResponse(ctx, t, p, CID, resp, content, attributes)
+}
+
+func putWithBearerTokenInCookie(ctx context.Context, t *testing.T, p *pool.Pool, CID cid.ID, token string) {
+ url := testHost + "/upload/" + CID.String()
+
+ request, content, attributes := makePutRequest(t, url)
+ request.AddCookie(&http.Cookie{Name: "Bearer", Value: token})
+ resp, err := http.DefaultClient.Do(request)
+ require.NoError(t, err)
+
+ checkPutResponse(ctx, t, p, CID, resp, content, attributes)
+}
+
func makePutRequestAndCheck(ctx context.Context, t *testing.T, p *pool.Pool, cnrID cid.ID, url string) {
+ request, content, attributes := makePutRequest(t, url)
+
+ resp, err := http.DefaultClient.Do(request)
+ require.NoError(t, err)
+
+ checkPutResponse(ctx, t, p, cnrID, resp, content, attributes)
+}
+
+func makePutRequest(t *testing.T, url string) (*http.Request, string, map[string]string) {
content := "content of file"
keyAttr, valAttr := "User-Attribute", "user value"
attributes := map[string]string{
@@ -118,9 +187,10 @@ func makePutRequestAndCheck(ctx context.Context, t *testing.T, p *pool.Pool, cnr
request.Header.Set("Content-Type", w.FormDataContentType())
request.Header.Set("X-Attribute-"+keyAttr, valAttr)
- resp, err := http.DefaultClient.Do(request)
- require.NoError(t, err)
+ return request, content, attributes
+}
+func checkPutResponse(ctx context.Context, t *testing.T, p *pool.Pool, cnrID cid.ID, resp *http.Response, content string, attributes map[string]string) {
defer func() {
err := resp.Body.Close()
require.NoError(t, err)
@@ -200,11 +270,11 @@ func putWithDuplicateKeys(t *testing.T, CID cid.ID) {
body, err := io.ReadAll(resp.Body)
require.NoError(t, err)
- require.Equal(t, "key duplication error: "+attr+"\n", string(body))
+ require.Contains(t, string(body), "key duplication error: "+attr+"\n")
require.Equal(t, http.StatusBadRequest, resp.StatusCode)
}
-func simpleGet(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID, version string) {
+func simpleGet(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID) {
content := "content of file"
attributes := map[string]string{
"some-attr": "some-get-value",
@@ -251,7 +321,7 @@ func checkGetByAttrResponse(t *testing.T, resp *http.Response, content string, a
}
}
-func getByAttr(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID, version string) {
+func getByAttr(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID) {
keyAttr, valAttr := "some-attr", "some-get-by-attr-value"
content := "content of file"
attributes := map[string]string{keyAttr: valAttr}
@@ -273,7 +343,7 @@ func getByAttr(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID
checkGetByAttrResponse(t, resp, content, expectedAttr)
}
-func getZip(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID, version string) {
+func getZip(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID) {
names := []string{"zipfolder/dir/name1.txt", "zipfolder/name2.txt"}
contents := []string{"content of file1", "content of file2"}
attributes1 := map[string]string{object.AttributeFilePath: names[0]}
@@ -338,13 +408,122 @@ func checkZip(t *testing.T, data []byte, length int64, names, contents []string)
}
}
+func checkNamespaces(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID) {
+ content := "content of file"
+ attributes := map[string]string{
+ "some-attr": "some-get-value",
+ }
+
+ id := putObject(ctx, t, clientPool, ownerID, CID, content, attributes)
+
+ req, err := http.NewRequest(http.MethodGet, testHost+"/get/"+testContainerName+"/"+id.String(), nil)
+ require.NoError(t, err)
+ req.Header.Set(defaultNamespaceHeader, "")
+
+ resp, err := http.DefaultClient.Do(req)
+ require.NoError(t, err)
+ checkGetResponse(t, resp, content, attributes)
+
+ req, err = http.NewRequest(http.MethodGet, testHost+"/get/"+testContainerName+"/"+id.String(), nil)
+ require.NoError(t, err)
+ req.Header.Set(defaultNamespaceHeader, "root")
+
+ resp, err = http.DefaultClient.Do(req)
+ require.NoError(t, err)
+ checkGetResponse(t, resp, content, attributes)
+
+ req, err = http.NewRequest(http.MethodGet, testHost+"/get/"+testContainerName+"/"+id.String(), nil)
+ require.NoError(t, err)
+ req.Header.Set(defaultNamespaceHeader, "root2")
+
+ resp, err = http.DefaultClient.Do(req)
+ require.NoError(t, err)
+ require.Equal(t, http.StatusNotFound, resp.StatusCode)
+}
+
+func checkStatusCodes(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, version string) {
+ cli := http.Client{Timeout: 30 * time.Second}
+
+ t.Run("container not found by name", func(t *testing.T) {
+ resp, err := cli.Get(testHost + "/get/unknown/object")
+ require.NoError(t, err)
+ require.Equal(t, http.StatusNotFound, resp.StatusCode)
+ requireBodyContains(t, resp, "container not found")
+ })
+
+ t.Run("container not found by cid", func(t *testing.T) {
+ cnrIDTest := cidtest.ID()
+ resp, err := cli.Get(testHost + "/get/" + cnrIDTest.EncodeToString() + "/object")
+ require.NoError(t, err)
+ requireBodyContains(t, resp, "container not found")
+ require.Equal(t, http.StatusNotFound, resp.StatusCode)
+ })
+
+ t.Run("object not found in storage", func(t *testing.T) {
+ resp, err := cli.Get(testHost + "/get_by_attribute/" + testContainerName + "/FilePath/object2")
+ require.NoError(t, err)
+ requireBodyContains(t, resp, "object not found")
+ require.Equal(t, http.StatusNotFound, resp.StatusCode)
+ })
+
+ t.Run("access denied", func(t *testing.T) {
+ basicACL := acl.Private
+ var recs []*eacl.Record
+ if version == "1.2.7" {
+ basicACL = acl.PublicRWExtended
+ rec := eacl.NewRecord()
+ rec.SetAction(eacl.ActionDeny)
+ rec.SetOperation(eacl.OperationGet)
+ recs = append(recs, rec)
+ }
+
+ cnrID, err := createContainerBase(ctx, t, clientPool, ownerID, basicACL, "")
+ require.NoError(t, err)
+
+ key, err := keys.NewPrivateKey()
+ require.NoError(t, err)
+ jsonToken, _ := makeBearerTokens(t, key, ownerID, version, recs...)
+
+ t.Run("get", func(t *testing.T) {
+ request, err := http.NewRequest(http.MethodGet, testHost+"/get/"+cnrID.EncodeToString()+"/object", nil)
+ require.NoError(t, err)
+ request.Header.Set("Authorization", "Bearer "+jsonToken)
+
+ resp, err := cli.Do(request)
+ require.NoError(t, err)
+ requireBodyContains(t, resp, "access denied")
+ require.Equal(t, http.StatusForbidden, resp.StatusCode)
+ })
+
+ t.Run("upload", func(t *testing.T) {
+ request, _, _ := makePutRequest(t, testHost+"/upload/"+cnrID.EncodeToString())
+ request.Header.Set("Authorization", "Bearer "+jsonToken)
+
+ resp, err := cli.Do(request)
+ require.NoError(t, err)
+ requireBodyContains(t, resp, "access denied")
+ require.Equal(t, http.StatusForbidden, resp.StatusCode)
+ })
+ })
+}
+
+func requireBodyContains(t *testing.T, resp *http.Response, msg string) {
+ data, err := io.ReadAll(resp.Body)
+ require.NoError(t, err)
+ defer resp.Body.Close()
+
+ require.Contains(t, strings.ToLower(string(data)), strings.ToLower(msg))
+}
+
func createDockerContainer(ctx context.Context, t *testing.T, image string) testcontainers.Container {
req := testcontainers.ContainerRequest{
- Image: image,
- WaitingFor: wait.NewLogStrategy("aio container started").WithStartupTimeout(30 * time.Second),
- Name: "aio",
- Hostname: "aio",
- NetworkMode: "host",
+ Image: image,
+ WaitingFor: wait.NewLogStrategy("aio container started").WithStartupTimeout(2 * time.Minute),
+ Name: "aio",
+ Hostname: "aio",
+ HostConfigModifier: func(hc *docker.HostConfig) {
+ hc.NetworkMode = "host"
+ },
}
aioC, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
ContainerRequest: req,
@@ -355,14 +534,14 @@ func createDockerContainer(ctx context.Context, t *testing.T, image string) test
return aioC
}
-func getDefaultConfig() *viper.Viper {
+func getDefaultConfig() *appCfg {
v := settings()
- v.SetDefault(cfgPeers+".0.address", "localhost:8080")
- v.SetDefault(cfgPeers+".0.weight", 1)
- v.SetDefault(cfgPeers+".0.priority", 1)
+ v.config().SetDefault(cfgPeers+".0.address", "localhost:8080")
+ v.config().SetDefault(cfgPeers+".0.weight", 1)
+ v.config().SetDefault(cfgPeers+".0.priority", 1)
- v.SetDefault(cfgRPCEndpoint, "http://localhost:30333")
- v.SetDefault("server.0.address", testListenAddress)
+ v.config().SetDefault(cfgRPCEndpoint, "http://localhost:30333")
+ v.config().SetDefault("server.0.address", testListenAddress)
return v
}
@@ -381,7 +560,11 @@ func getPool(ctx context.Context, t *testing.T, key *keys.PrivateKey) *pool.Pool
return clientPool
}
-func createContainer(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, version string) (cid.ID, error) {
+func createContainer(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, name string) (cid.ID, error) {
+ return createContainerBase(ctx, t, clientPool, ownerID, acl.PublicRWExtended, name)
+}
+
+func createContainerBase(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, basicACL acl.Basic, name string) (cid.ID, error) {
var policy netmap.PlacementPolicy
err := policy.DecodeString("REP 1")
require.NoError(t, err)
@@ -389,24 +572,28 @@ func createContainer(ctx context.Context, t *testing.T, clientPool *pool.Pool, o
var cnr container.Container
cnr.Init()
cnr.SetPlacementPolicy(policy)
- cnr.SetBasicACL(acl.PublicRWExtended)
+ cnr.SetBasicACL(basicACL)
cnr.SetOwner(ownerID)
container.SetCreationTime(&cnr, time.Now())
- var domain container.Domain
- domain.SetName(testContainerName)
+ if name != "" {
+ var domain container.Domain
+ domain.SetName(name)
- cnr.SetAttribute(containerv2.SysAttributeName, domain.Name())
- cnr.SetAttribute(containerv2.SysAttributeZone, domain.Zone())
+ cnr.SetAttribute(containerv2.SysAttributeName, domain.Name())
+ cnr.SetAttribute(containerv2.SysAttributeZone, domain.Zone())
+ }
- var waitPrm pool.WaitParams
- waitPrm.SetTimeout(15 * time.Second)
- waitPrm.SetPollInterval(3 * time.Second)
-
- var prm pool.PrmContainerPut
- prm.SetContainer(cnr)
- prm.SetWaitParams(waitPrm)
+ prm := pool.PrmContainerPut{
+ ClientParams: client.PrmContainerPut{
+ Container: &cnr,
+ },
+ WaitParams: &pool.WaitParams{
+ Timeout: 15 * time.Second,
+ PollInterval: 3 * time.Second,
+ },
+ }
CID, err := clientPool.PutContainer(ctx, prm)
if err != nil {
@@ -420,7 +607,7 @@ func createContainer(ctx context.Context, t *testing.T, clientPool *pool.Pool, o
func putObject(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID user.ID, CID cid.ID, content string, attributes map[string]string) oid.ID {
obj := object.New()
obj.SetContainerID(CID)
- obj.SetOwnerID(&ownerID)
+ obj.SetOwnerID(ownerID)
var attrs []object.Attribute
for key, val := range attributes {
@@ -438,5 +625,62 @@ func putObject(ctx context.Context, t *testing.T, clientPool *pool.Pool, ownerID
id, err := clientPool.PutObject(ctx, prm)
require.NoError(t, err)
- return id
+ return id.ObjectID
+}
+
+func registerUser(t *testing.T, ctx context.Context, aioContainer testcontainers.Container, pathToWallet string) {
+ err := aioContainer.CopyFileToContainer(ctx, pathToWallet, "/usr/wallet.json", 644)
+ require.NoError(t, err)
+
+ _, _, err = aioContainer.Exec(ctx, []string{
+ "/usr/bin/frostfs-s3-authmate", "register-user",
+ "--wallet", "/usr/wallet.json",
+ "--rpc-endpoint", "http://localhost:30333",
+ "--contract-wallet", "/config/s3-gw-wallet.json"})
+ require.NoError(t, err)
+}
+
+func makeBearerTokens(t *testing.T, key *keys.PrivateKey, ownerID user.ID, version string, records ...*eacl.Record) (jsonTokenBase64, binaryTokenBase64 string) {
+ tkn := new(bearer.Token)
+ tkn.ForUser(ownerID)
+ tkn.SetExp(10000)
+
+ if version == "1.2.7" {
+ table := eacl.NewTable()
+ for i := range records {
+ table.AddRecord(records[i])
+ }
+
+ tkn.SetEACLTable(*table)
+ } else {
+ tkn.SetImpersonate(true)
+ }
+
+ err := tkn.Sign(key.PrivateKey)
+ require.NoError(t, err)
+
+ jsonToken, err := tkn.MarshalJSON()
+ require.NoError(t, err)
+
+ jsonTokenBase64 = base64.StdEncoding.EncodeToString(jsonToken)
+ binaryTokenBase64 = base64.StdEncoding.EncodeToString(tkn.Marshal())
+
+ require.NotEmpty(t, jsonTokenBase64)
+ require.NotEmpty(t, binaryTokenBase64)
+
+ return
+}
+
+func makeTempWallet(t *testing.T, key *keys.PrivateKey, path string) {
+ w, err := wallet.NewWallet(path)
+ require.NoError(t, err)
+
+ acc := wallet.NewAccountFromPrivateKey(key)
+ err = acc.Encrypt("", w.Scrypt)
+ require.NoError(t, err)
+
+ w.AddAccount(acc)
+
+ err = w.Save()
+ require.NoError(t, err)
}
diff --git a/cmd/http-gw/logger.go b/cmd/http-gw/logger.go
new file mode 100644
index 00000000..196cff33
--- /dev/null
+++ b/cmd/http-gw/logger.go
@@ -0,0 +1,175 @@
+package main
+
+import (
+ "fmt"
+ "os"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ "git.frostfs.info/TrueCloudLab/zapjournald"
+ "github.com/spf13/viper"
+ "github.com/ssgreg/journald"
+ "go.uber.org/zap"
+ "go.uber.org/zap/zapcore"
+)
+
+func getLogLevel(v *viper.Viper) (zapcore.Level, error) {
+ var lvl zapcore.Level
+ lvlStr := v.GetString(cfgLoggerLevel)
+ err := lvl.UnmarshalText([]byte(lvlStr))
+ if err != nil {
+ return lvl, fmt.Errorf("incorrect logger level configuration %s (%v), "+
+ "value should be one of %v", lvlStr, err, [...]zapcore.Level{
+ zapcore.DebugLevel,
+ zapcore.InfoLevel,
+ zapcore.WarnLevel,
+ zapcore.ErrorLevel,
+ zapcore.DPanicLevel,
+ zapcore.PanicLevel,
+ zapcore.FatalLevel,
+ })
+ }
+ return lvl, nil
+}
+
+var _ zapcore.Core = (*zapCoreTagFilterWrapper)(nil)
+
+type zapCoreTagFilterWrapper struct {
+ core zapcore.Core
+ settings TagFilterSettings
+ extra []zap.Field
+}
+
+type TagFilterSettings interface {
+ LevelEnabled(tag string, lvl zapcore.Level) bool
+ DefaultEnabled(lvl zapcore.Level) bool
+}
+
+func (c *zapCoreTagFilterWrapper) Enabled(level zapcore.Level) bool {
+ return c.core.Enabled(level)
+}
+
+func (c *zapCoreTagFilterWrapper) With(fields []zapcore.Field) zapcore.Core {
+ return &zapCoreTagFilterWrapper{
+ core: c.core.With(fields),
+ settings: c.settings,
+ extra: append(c.extra, fields...),
+ }
+}
+
+func (c *zapCoreTagFilterWrapper) Check(entry zapcore.Entry, checked *zapcore.CheckedEntry) *zapcore.CheckedEntry {
+ if c.core.Enabled(entry.Level) {
+ return checked.AddCore(entry, c)
+ }
+ return checked
+}
+
+func (c *zapCoreTagFilterWrapper) Write(entry zapcore.Entry, fields []zapcore.Field) error {
+ if c.shouldSkip(entry, fields, c.extra) {
+ return nil
+ }
+
+ return c.core.Write(entry, fields)
+}
+
+func (c *zapCoreTagFilterWrapper) shouldSkip(entry zapcore.Entry, fields []zap.Field, extra []zap.Field) bool {
+ for _, field := range fields {
+ if field.Key == logs.TagFieldName && field.Type == zapcore.StringType {
+ return !c.settings.LevelEnabled(field.String, entry.Level)
+ }
+ }
+ for _, field := range extra {
+ if field.Key == logs.TagFieldName && field.Type == zapcore.StringType {
+ return !c.settings.LevelEnabled(field.String, entry.Level)
+ }
+ }
+
+ return !c.settings.DefaultEnabled(entry.Level)
+}
+
+func (c *zapCoreTagFilterWrapper) Sync() error {
+ return c.core.Sync()
+}
+
+func applyZapCoreMiddlewares(core zapcore.Core, v *viper.Viper, loggerSettings LoggerAppSettings, tagSetting TagFilterSettings) zapcore.Core {
+ core = &zapCoreTagFilterWrapper{
+ core: core,
+ settings: tagSetting,
+ }
+
+ if v.GetBool(cfgLoggerSamplingEnabled) {
+ core = zapcore.NewSamplerWithOptions(core,
+ v.GetDuration(cfgLoggerSamplingInterval),
+ v.GetInt(cfgLoggerSamplingInitial),
+ v.GetInt(cfgLoggerSamplingThereafter),
+ zapcore.SamplerHook(func(_ zapcore.Entry, dec zapcore.SamplingDecision) {
+ if dec&zapcore.LogDropped > 0 {
+ loggerSettings.DroppedLogsInc()
+ }
+ }))
+ }
+
+ return core
+}
+
+func newLogEncoder() zapcore.Encoder {
+ c := zap.NewProductionEncoderConfig()
+ c.EncodeTime = zapcore.ISO8601TimeEncoder
+
+ return zapcore.NewConsoleEncoder(c)
+}
+
+// newStdoutLogger constructs a zap.Logger instance for current application.
+// Panics on failure.
+//
+// Logger is built from zap's production logging configuration with:
+// - parameterized level (debug by default)
+// - console encoding
+// - ISO8601 time encoding
+//
+// Logger records a stack trace for all messages at or above fatal level.
+//
+// See also zapcore.Level, zap.NewProductionConfig, zap.AddStacktrace.
+func newStdoutLogger(v *viper.Viper, lvl zap.AtomicLevel, loggerSettings LoggerAppSettings, tagSetting TagFilterSettings) *Logger {
+ stdout := zapcore.AddSync(os.Stdout)
+
+ consoleOutCore := zapcore.NewCore(newLogEncoder(), stdout, lvl)
+ consoleOutCore = applyZapCoreMiddlewares(consoleOutCore, v, loggerSettings, tagSetting)
+
+ return &Logger{
+ logger: zap.New(consoleOutCore, zap.AddStacktrace(zap.NewAtomicLevelAt(zap.FatalLevel))),
+ }
+}
+
+func newJournaldLogger(v *viper.Viper, lvl zap.AtomicLevel, loggerSettings LoggerAppSettings, tagSetting TagFilterSettings) *Logger {
+ encoder := zapjournald.NewPartialEncoder(newLogEncoder(), zapjournald.SyslogFields)
+
+ core := zapjournald.NewCore(lvl, encoder, &journald.Journal{}, zapjournald.SyslogFields)
+ coreWithContext := core.With([]zapcore.Field{
+ zapjournald.SyslogFacility(zapjournald.LogDaemon),
+ zapjournald.SyslogIdentifier(),
+ zapjournald.SyslogPid(),
+ })
+
+ coreWithContext = applyZapCoreMiddlewares(coreWithContext, v, loggerSettings, tagSetting)
+
+ return &Logger{
+ logger: zap.New(coreWithContext, zap.AddStacktrace(zap.NewAtomicLevelAt(zap.FatalLevel))),
+ }
+}
+
+type LoggerAppSettings interface {
+ DroppedLogsInc()
+}
+
+func pickLogger(v *viper.Viper, lvl zap.AtomicLevel, loggerSettings LoggerAppSettings, tagSettings TagFilterSettings) *Logger {
+ dest := v.GetString(cfgLoggerDestination)
+
+ switch dest {
+ case destinationStdout:
+ return newStdoutLogger(v, lvl, loggerSettings, tagSettings)
+ case destinationJournald:
+ return newJournaldLogger(v, lvl, loggerSettings, tagSettings)
+ default:
+ panic(fmt.Sprintf("wrong destination for logger: %s", dest))
+ }
+}
diff --git a/cmd/http-gw/main.go b/cmd/http-gw/main.go
index 57626755..002f1906 100644
--- a/cmd/http-gw/main.go
+++ b/cmd/http-gw/main.go
@@ -8,10 +8,9 @@ import (
func main() {
globalContext, _ := signal.NotifyContext(context.Background(), syscall.SIGINT, syscall.SIGTERM)
- v := settings()
- logger, atomicLevel := newLogger(v)
+ cfg := settings()
- application := newApp(globalContext, WithLogger(logger, atomicLevel), WithConfig(v))
+ application := newApp(globalContext, cfg)
go application.Serve()
application.Wait()
}
diff --git a/cmd/http-gw/server.go b/cmd/http-gw/server.go
index c5852d86..f8a20d9f 100644
--- a/cmd/http-gw/server.go
+++ b/cmd/http-gw/server.go
@@ -68,7 +68,8 @@ func newServer(ctx context.Context, serverInfo ServerInfo) (*server, error) {
if serverInfo.TLS.Enabled {
if err = tlsProvider.UpdateCert(serverInfo.TLS.CertFile, serverInfo.TLS.KeyFile); err != nil {
- return nil, fmt.Errorf("failed to update cert: %w", err)
+ lnErr := ln.Close()
+ return nil, fmt.Errorf("failed to update cert (listener close: %v): %w", lnErr, err)
}
ln = tls.NewListener(ln, &tls.Config{
diff --git a/cmd/http-gw/server_test.go b/cmd/http-gw/server_test.go
new file mode 100644
index 00000000..6f92f17a
--- /dev/null
+++ b/cmd/http-gw/server_test.go
@@ -0,0 +1,112 @@
+package main
+
+import (
+ "context"
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/tls"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "encoding/pem"
+ "fmt"
+ "math/big"
+ "net"
+ "net/http"
+ "os"
+ "path"
+ "testing"
+ "time"
+
+ "github.com/stretchr/testify/require"
+ "github.com/valyala/fasthttp"
+)
+
+const (
+ expHeaderKey = "Foo"
+ expHeaderValue = "Bar"
+)
+
+func TestHTTP_TLS(t *testing.T) {
+ ctx := context.Background()
+ certPath, keyPath := prepareTestCerts(t)
+
+ tlsListener, err := newServer(ctx, ServerInfo{
+ Address: ":0",
+ TLS: ServerTLSInfo{
+ Enabled: true,
+ CertFile: certPath,
+ KeyFile: keyPath,
+ },
+ })
+ require.NoError(t, err)
+ port := tlsListener.Listener().Addr().(*net.TCPAddr).Port
+ addr := fmt.Sprintf("https://localhost:%d", port)
+
+ go func() {
+ _ = fasthttp.Serve(tlsListener.Listener(), testHandler)
+ }()
+
+ tlsClientConfig := &tls.Config{
+ InsecureSkipVerify: true,
+ }
+
+ cliHTTP := http.Client{Transport: &http.Transport{}}
+ cliHTTPS := http.Client{Transport: &http.Transport{TLSClientConfig: tlsClientConfig}}
+
+ req, err := http.NewRequest("GET", addr, nil)
+ require.NoError(t, err)
+ req.Header[expHeaderKey] = []string{expHeaderValue}
+
+ resp, err := cliHTTPS.Do(req)
+ require.NoError(t, err)
+ require.Equal(t, http.StatusOK, resp.StatusCode)
+
+ _, err = cliHTTP.Do(req)
+ require.ErrorContains(t, err, "failed to verify certificate")
+}
+
+func testHandler(ctx *fasthttp.RequestCtx) {
+ hdr := ctx.Request.Header.Peek(expHeaderKey)
+ if len(hdr) == 0 || string(hdr) != expHeaderValue {
+ ctx.Response.SetStatusCode(http.StatusBadRequest)
+ } else {
+ ctx.Response.SetStatusCode(http.StatusOK)
+ }
+}
+
+func prepareTestCerts(t *testing.T) (certPath, keyPath string) {
+ privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
+ require.NoError(t, err)
+
+ template := x509.Certificate{
+ SerialNumber: big.NewInt(1),
+ Subject: pkix.Name{CommonName: "localhost"},
+ NotBefore: time.Now(),
+ NotAfter: time.Now().Add(time.Hour * 24 * 365),
+ KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
+ BasicConstraintsValid: true,
+ }
+
+ derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &privateKey.PublicKey, privateKey)
+ require.NoError(t, err)
+
+ dir := t.TempDir()
+ certPath = path.Join(dir, "cert.pem")
+ keyPath = path.Join(dir, "key.pem")
+
+ certFile, err := os.Create(certPath)
+ require.NoError(t, err)
+ defer certFile.Close()
+
+ keyFile, err := os.Create(keyPath)
+ require.NoError(t, err)
+ defer keyFile.Close()
+
+ err = pem.Encode(certFile, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+ require.NoError(t, err)
+
+ err = pem.Encode(keyFile, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)})
+ require.NoError(t, err)
+
+ return certPath, keyPath
+}
diff --git a/cmd/http-gw/settings.go b/cmd/http-gw/settings.go
index 6708ad45..40719693 100644
--- a/cmd/http-gw/settings.go
+++ b/cmd/http-gw/settings.go
@@ -4,6 +4,7 @@ import (
"context"
"encoding/hex"
"fmt"
+ "io"
"math"
"os"
"path"
@@ -11,14 +12,19 @@ import (
"sort"
"strconv"
"strings"
+ "sync"
"time"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/cache"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ internalnet "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/net"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/service/frostfs"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
grpctracing "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing/grpc"
+ qostagging "git.frostfs.info/TrueCloudLab/frostfs-qos/tagging"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
treepool "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool/tree"
- "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/spf13/pflag"
"github.com/spf13/viper"
"github.com/valyala/fasthttp"
@@ -27,23 +33,49 @@ import (
"google.golang.org/grpc"
)
+const (
+ destinationStdout = "stdout"
+ destinationJournald = "journald"
+)
+
const (
defaultRebalanceTimer = 60 * time.Second
defaultRequestTimeout = 15 * time.Second
defaultConnectTimeout = 10 * time.Second
defaultStreamTimeout = 10 * time.Second
+ defaultLoggerSamplerInterval = 1 * time.Second
+
defaultShutdownTimeout = 15 * time.Second
defaultPoolErrorThreshold uint32 = 100
defaultSoftMemoryLimit = math.MaxInt64
+ defaultBufferMaxSizeForPut = 1024 * 1024 // 1mb
+
+ defaultNamespaceHeader = "X-Frostfs-Namespace"
+
+ defaultReconnectInterval = time.Minute
+
+ defaultCORSMaxAge = 600 // seconds
+
+ defaultMultinetFallbackDelay = 300 * time.Millisecond
+
+ defaultContainerContractName = "container.frostfs"
+
cfgServer = "server"
cfgTLSEnabled = "tls.enabled"
cfgTLSCertFile = "tls.cert_file"
cfgTLSKeyFile = "tls.key_file"
+ cfgReconnectInterval = "reconnect_interval"
+
+ cfgIndexPageEnabled = "index_page.enabled"
+ cfgIndexPageTemplatePath = "index_page.template_path"
+
+ cfgWorkerPoolSize = "worker_pool_size"
+
// Web.
cfgWebReadBufferSize = "web.read_buffer_size"
cfgWebWriteBufferSize = "web.write_buffer_size"
@@ -59,9 +91,11 @@ const (
cfgPprofAddress = "pprof.address"
// Tracing ...
- cfgTracingEnabled = "tracing.enabled"
- cfgTracingExporter = "tracing.exporter"
- cfgTracingEndpoint = "tracing.endpoint"
+ cfgTracingEnabled = "tracing.enabled"
+ cfgTracingExporter = "tracing.exporter"
+ cfgTracingEndpoint = "tracing.endpoint"
+ cfgTracingTrustedCa = "tracing.trusted_ca"
+ cfgTracingAttributes = "tracing.attributes"
// Pool config.
cfgConTimeout = "connect_timeout"
@@ -71,7 +105,18 @@ const (
cfgPoolErrorThreshold = "pool_error_threshold"
// Logger.
- cfgLoggerLevel = "logger.level"
+ cfgLoggerLevel = "logger.level"
+ cfgLoggerDestination = "logger.destination"
+
+ cfgLoggerSamplingEnabled = "logger.sampling.enabled"
+ cfgLoggerSamplingInitial = "logger.sampling.initial"
+ cfgLoggerSamplingThereafter = "logger.sampling.thereafter"
+ cfgLoggerSamplingInterval = "logger.sampling.interval"
+
+ cfgLoggerTags = "logger.tags"
+ cfgLoggerTagsPrefixTmpl = cfgLoggerTags + ".%d."
+ cfgLoggerTagsNameTmpl = cfgLoggerTagsPrefixTmpl + "names"
+ cfgLoggerTagsLevelTmpl = cfgLoggerTagsPrefixTmpl + "level"
// Wallet.
cfgWalletPassphrase = "wallet.passphrase"
@@ -91,11 +136,59 @@ const (
cfgResolveOrder = "resolve_order"
// Zip compression.
+ //
+ // Deprecated: Use cfgArchiveCompression instead.
cfgZipCompression = "zip.compression"
+ // Archive compression.
+ cfgArchiveCompression = "archive.compression"
+
// Runtime.
cfgSoftMemoryLimit = "runtime.soft_memory_limit"
+ // Enabling client side object preparing for PUT operations.
+ cfgClientCut = "frostfs.client_cut"
+ // Sets max buffer size for read payload in put operations.
+ cfgBufferMaxSizeForPut = "frostfs.buffer_max_size_for_put"
+ // Configuration of parameters of requests to FrostFS.
+ // Sets max attempt to make successful tree request.
+ cfgTreePoolMaxAttempts = "frostfs.tree_pool_max_attempts"
+
+ // Caching.
+ cfgBucketsCacheLifetime = "cache.buckets.lifetime"
+ cfgBucketsCacheSize = "cache.buckets.size"
+ cfgNetmapCacheLifetime = "cache.netmap.lifetime"
+ cfgCORSCacheLifetime = "cache.cors.lifetime"
+ cfgCORSCacheSize = "cache.cors.size"
+
+ // Bucket resolving options.
+ cfgResolveNamespaceHeader = "resolve_bucket.namespace_header"
+ cfgResolveDefaultNamespaces = "resolve_bucket.default_namespaces"
+
+ // CORS.
+ cfgCORS = "cors"
+ cfgCORSAllowOrigin = cfgCORS + ".allow_origin"
+ cfgCORSAllowMethods = cfgCORS + ".allow_methods"
+ cfgCORSAllowHeaders = cfgCORS + ".allow_headers"
+ cfgCORSExposeHeaders = cfgCORS + ".expose_headers"
+ cfgCORSAllowCredentials = cfgCORS + ".allow_credentials"
+ cfgCORSMaxAge = cfgCORS + ".max_age"
+
+ // Multinet.
+ cfgMultinetEnabled = "multinet.enabled"
+ cfgMultinetBalancer = "multinet.balancer"
+ cfgMultinetRestrict = "multinet.restrict"
+ cfgMultinetFallbackDelay = "multinet.fallback_delay"
+ cfgMultinetSubnets = "multinet.subnets"
+
+ // Feature.
+ cfgFeaturesEnableFilepathFallback = "features.enable_filepath_fallback"
+ cfgFeaturesEnableFilepathSlashFallback = "features.enable_filepath_slash_fallback"
+ cfgFeaturesTreePoolNetmapSupport = "features.tree_pool_netmap_support"
+
+ // Containers.
+ cfgContainersCORS = "containers.cors"
+
// Command line args.
cmdHelp = "help"
cmdVersion = "version"
@@ -106,6 +199,9 @@ const (
cmdConfig = "config"
cmdConfigDir = "config-dir"
cmdListenAddress = "listen_address"
+
+ // Contracts.
+ cfgContractsContainerName = "contracts.container.name"
)
var ignore = map[string]struct{}{
@@ -114,14 +210,78 @@ var ignore = map[string]struct{}{
cmdVersion: {},
}
-func settings() *viper.Viper {
+var defaultTags = []string{logs.TagApp, logs.TagDatapath, logs.TagExternalStorage, logs.TagExternalStorageTree}
+
+type Logger struct {
+ logger *zap.Logger
+}
+
+type appCfg struct {
+ flags *pflag.FlagSet
+
+ mu sync.RWMutex
+ settings *viper.Viper
+}
+
+func (a *appCfg) reload() error {
+ old := a.config()
+
+ v, err := newViper(a.flags)
+ if err != nil {
+ return err
+ }
+
+ if old.IsSet(cmdConfig) {
+ v.Set(cmdConfig, old.Get(cmdConfig))
+ }
+ if old.IsSet(cmdConfigDir) {
+ v.Set(cmdConfigDir, old.Get(cmdConfigDir))
+ }
+
+ if err = readInConfig(v); err != nil {
+ return err
+ }
+
+ a.setConfig(v)
+ return nil
+}
+
+func (a *appCfg) config() *viper.Viper {
+ a.mu.RLock()
+ defer a.mu.RUnlock()
+
+ return a.settings
+}
+
+func (a *appCfg) setConfig(v *viper.Viper) {
+ a.mu.Lock()
+ a.settings = v
+ a.mu.Unlock()
+}
+
+func newViper(flags *pflag.FlagSet) (*viper.Viper, error) {
v := viper.New()
+
v.AutomaticEnv()
v.SetEnvPrefix(Prefix)
v.AllowEmptyEnv(true)
v.SetConfigType("yaml")
v.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
+ if err := bindFlags(v, flags); err != nil {
+ return nil, err
+ }
+
+ setDefaults(v, flags)
+
+ if v.IsSet(cfgServer+".0."+cfgTLSKeyFile) && v.IsSet(cfgServer+".0."+cfgTLSCertFile) {
+ v.Set(cfgServer+".0."+cfgTLSEnabled, true)
+ }
+
+ return v, nil
+}
+
+func settings() *appCfg {
// flags setup:
flags := pflag.NewFlagSet("commandline", pflag.ExitOnError)
flags.SetOutput(os.Stdout)
@@ -145,76 +305,17 @@ func settings() *viper.Viper {
flags.String(cmdListenAddress, "0.0.0.0:8080", "addresses to listen")
flags.String(cfgTLSCertFile, "", "TLS certificate path")
flags.String(cfgTLSKeyFile, "", "TLS key path")
- peers := flags.StringArrayP(cfgPeers, "p", nil, "FrostFS nodes")
+ flags.StringArrayP(cfgPeers, "p", nil, "FrostFS nodes")
- resolveMethods := flags.StringSlice(cfgResolveOrder, []string{resolver.NNSResolver, resolver.DNSResolver}, "set container name resolve order")
-
- // set defaults:
-
- // logger:
- v.SetDefault(cfgLoggerLevel, "debug")
-
- // pool:
- v.SetDefault(cfgPoolErrorThreshold, defaultPoolErrorThreshold)
-
- // web-server:
- v.SetDefault(cfgWebReadBufferSize, 4096)
- v.SetDefault(cfgWebWriteBufferSize, 4096)
- v.SetDefault(cfgWebReadTimeout, time.Minute*10)
- v.SetDefault(cfgWebWriteTimeout, time.Minute*5)
- v.SetDefault(cfgWebStreamRequestBody, true)
- v.SetDefault(cfgWebMaxRequestBodySize, fasthttp.DefaultMaxRequestBodySize)
-
- // upload header
- v.SetDefault(cfgUploaderHeaderEnableDefaultTimestamp, false)
-
- // zip:
- v.SetDefault(cfgZipCompression, false)
-
- // metrics
- v.SetDefault(cfgPprofAddress, "localhost:8083")
- v.SetDefault(cfgPrometheusAddress, "localhost:8084")
-
- // Binding flags
- if err := v.BindPFlag(cfgPprofEnabled, flags.Lookup(cmdPprof)); err != nil {
- panic(err)
- }
- if err := v.BindPFlag(cfgPrometheusEnabled, flags.Lookup(cmdMetrics)); err != nil {
- panic(err)
- }
-
- if err := v.BindPFlag(cfgWalletPath, flags.Lookup(cmdWallet)); err != nil {
- panic(err)
- }
-
- if err := v.BindPFlag(cfgWalletAddress, flags.Lookup(cmdAddress)); err != nil {
- panic(err)
- }
-
- if err := v.BindPFlags(flags); err != nil {
- panic(err)
- }
-
- if err := v.BindPFlag(cfgServer+".0.address", flags.Lookup(cmdListenAddress)); err != nil {
- panic(err)
- }
- if err := v.BindPFlag(cfgServer+".0."+cfgTLSKeyFile, flags.Lookup(cfgTLSKeyFile)); err != nil {
- panic(err)
- }
- if err := v.BindPFlag(cfgServer+".0."+cfgTLSCertFile, flags.Lookup(cfgTLSCertFile)); err != nil {
- panic(err)
- }
+ flags.StringSlice(cfgResolveOrder, []string{resolver.NNSResolver, resolver.DNSResolver}, "set container name resolve order")
if err := flags.Parse(os.Args); err != nil {
panic(err)
}
- if v.IsSet(cfgServer+".0."+cfgTLSKeyFile) && v.IsSet(cfgServer+".0."+cfgTLSCertFile) {
- v.Set(cfgServer+".0."+cfgTLSEnabled, true)
- }
-
- if resolveMethods != nil {
- v.SetDefault(cfgResolveOrder, *resolveMethods)
+ v, err := newViper(flags)
+ if err != nil {
+ panic(fmt.Errorf("bind flags: %w", err))
}
switch {
@@ -259,15 +360,100 @@ func settings() *viper.Viper {
panic(err)
}
- if peers != nil && len(*peers) > 0 {
- for i := range *peers {
- v.SetDefault(cfgPeers+"."+strconv.Itoa(i)+".address", (*peers)[i])
+ return &appCfg{
+ flags: flags,
+ settings: v,
+ }
+}
+
+func setDefaults(v *viper.Viper, flags *pflag.FlagSet) {
+ // set defaults:
+
+ // logger:
+ v.SetDefault(cfgLoggerLevel, "debug")
+ v.SetDefault(cfgLoggerDestination, "stdout")
+ v.SetDefault(cfgLoggerSamplingEnabled, false)
+ v.SetDefault(cfgLoggerSamplingThereafter, 100)
+ v.SetDefault(cfgLoggerSamplingInitial, 100)
+ v.SetDefault(cfgLoggerSamplingInterval, defaultLoggerSamplerInterval)
+
+ // pool:
+ v.SetDefault(cfgPoolErrorThreshold, defaultPoolErrorThreshold)
+
+ // frostfs:
+ v.SetDefault(cfgBufferMaxSizeForPut, defaultBufferMaxSizeForPut)
+
+ // web-server:
+ v.SetDefault(cfgWebReadBufferSize, 4096)
+ v.SetDefault(cfgWebWriteBufferSize, 4096)
+ v.SetDefault(cfgWebReadTimeout, time.Minute*10)
+ v.SetDefault(cfgWebWriteTimeout, time.Minute*5)
+ v.SetDefault(cfgWebStreamRequestBody, true)
+ v.SetDefault(cfgWebMaxRequestBodySize, fasthttp.DefaultMaxRequestBodySize)
+
+ v.SetDefault(cfgWorkerPoolSize, 1000)
+ // upload header
+ v.SetDefault(cfgUploaderHeaderEnableDefaultTimestamp, false)
+
+ // metrics
+ v.SetDefault(cfgPprofAddress, "localhost:8083")
+ v.SetDefault(cfgPrometheusAddress, "localhost:8084")
+
+ // resolve bucket
+ v.SetDefault(cfgResolveNamespaceHeader, defaultNamespaceHeader)
+ v.SetDefault(cfgResolveDefaultNamespaces, []string{"", "root"})
+
+ // multinet
+ v.SetDefault(cfgMultinetFallbackDelay, defaultMultinetFallbackDelay)
+
+ // contracts
+ v.SetDefault(cfgContractsContainerName, defaultContainerContractName)
+
+ if resolveMethods, err := flags.GetStringSlice(cfgResolveOrder); err == nil {
+ v.SetDefault(cfgResolveOrder, resolveMethods)
+ }
+
+ if peers, err := flags.GetStringArray(cfgPeers); err == nil {
+ for i := range peers {
+ v.SetDefault(cfgPeers+"."+strconv.Itoa(i)+".address", peers[i])
v.SetDefault(cfgPeers+"."+strconv.Itoa(i)+".weight", 1)
v.SetDefault(cfgPeers+"."+strconv.Itoa(i)+".priority", 1)
}
}
+}
- return v
+func bindFlags(v *viper.Viper, flags *pflag.FlagSet) error {
+ // Binding flags
+ if err := v.BindPFlag(cfgPprofEnabled, flags.Lookup(cmdPprof)); err != nil {
+ return err
+ }
+ if err := v.BindPFlag(cfgPrometheusEnabled, flags.Lookup(cmdMetrics)); err != nil {
+ return err
+ }
+
+ if err := v.BindPFlag(cfgWalletPath, flags.Lookup(cmdWallet)); err != nil {
+ return err
+ }
+
+ if err := v.BindPFlag(cfgWalletAddress, flags.Lookup(cmdAddress)); err != nil {
+ return err
+ }
+
+ if err := v.BindPFlags(flags); err != nil {
+ return err
+ }
+
+ if err := v.BindPFlag(cfgServer+".0.address", flags.Lookup(cmdListenAddress)); err != nil {
+ return err
+ }
+ if err := v.BindPFlag(cfgServer+".0."+cfgTLSKeyFile, flags.Lookup(cfgTLSKeyFile)); err != nil {
+ return err
+ }
+ if err := v.BindPFlag(cfgServer+".0."+cfgTLSCertFile, flags.Lookup(cfgTLSCertFile)); err != nil {
+ return err
+ }
+
+ return nil
}
func readInConfig(v *viper.Viper) error {
@@ -334,59 +520,91 @@ func mergeConfig(v *viper.Viper, fileName string) error {
return v.MergeConfig(cfgFile)
}
-// newLogger constructs a zap.Logger instance for current application.
-// Panics on failure.
-//
-// Logger is built from zap's production logging configuration with:
-// - parameterized level (debug by default)
-// - console encoding
-// - ISO8601 time encoding
-//
-// Logger records a stack trace for all messages at or above fatal level.
-//
-// See also zapcore.Level, zap.NewProductionConfig, zap.AddStacktrace.
-func newLogger(v *viper.Viper) (*zap.Logger, zap.AtomicLevel) {
- lvl, err := getLogLevel(v)
- if err != nil {
- panic(err)
+func fetchLogTagsConfig(v *viper.Viper, defaultLvl zapcore.Level) (map[string]zapcore.Level, error) {
+ res := make(map[string]zapcore.Level)
+
+ for i := 0; ; i++ {
+ tagNames := v.GetString(fmt.Sprintf(cfgLoggerTagsNameTmpl, i))
+ if tagNames == "" {
+ break
+ }
+
+ lvl := defaultLvl
+ level := v.GetString(fmt.Sprintf(cfgLoggerTagsLevelTmpl, i))
+ if level != "" {
+ if err := lvl.Set(level); err != nil {
+ return nil, fmt.Errorf("failed to parse log tags config, unknown level: '%s'", level)
+ }
+ }
+
+ for _, tagName := range strings.Split(tagNames, ",") {
+ tagName = strings.TrimSpace(tagName)
+ if len(tagName) != 0 {
+ res[tagName] = lvl
+ }
+ }
}
- c := zap.NewProductionConfig()
- c.Level = zap.NewAtomicLevelAt(lvl)
- c.Encoding = "console"
- c.EncoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
-
- l, err := c.Build(
- zap.AddStacktrace(zap.NewAtomicLevelAt(zap.FatalLevel)),
- )
- if err != nil {
- panic(fmt.Sprintf("build zap logger instance: %v", err))
+ if len(res) == 0 && !v.IsSet(cfgLoggerTags) {
+ for _, tag := range defaultTags {
+ res[tag] = defaultLvl
+ }
}
- return l, c.Level
+ return res, nil
}
-func getLogLevel(v *viper.Viper) (zapcore.Level, error) {
- var lvl zapcore.Level
- lvlStr := v.GetString(cfgLoggerLevel)
- err := lvl.UnmarshalText([]byte(lvlStr))
- if err != nil {
- return lvl, fmt.Errorf("incorrect logger level configuration %s (%v), "+
- "value should be one of %v", lvlStr, err, [...]zapcore.Level{
- zapcore.DebugLevel,
- zapcore.InfoLevel,
- zapcore.WarnLevel,
- zapcore.ErrorLevel,
- zapcore.DPanicLevel,
- zapcore.PanicLevel,
- zapcore.FatalLevel,
- })
+func fetchReconnectInterval(cfg *viper.Viper) time.Duration {
+ reconnect := cfg.GetDuration(cfgReconnectInterval)
+ if reconnect <= 0 {
+ reconnect = defaultReconnectInterval
}
- return lvl, nil
+
+ return reconnect
}
-func fetchServers(v *viper.Viper) []ServerInfo {
+func fetchIndexPageTemplate(v *viper.Viper, l *zap.Logger) (string, bool) {
+ if !v.GetBool(cfgIndexPageEnabled) {
+ return "", false
+ }
+ reader, err := os.Open(v.GetString(cfgIndexPageTemplatePath))
+ if err != nil {
+ l.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err), logs.TagField(logs.TagApp))
+ return "", true
+ }
+
+ tmpl, err := io.ReadAll(reader)
+ if err != nil {
+ l.Warn(logs.FailedToReadIndexPageTemplate, zap.Error(err), logs.TagField(logs.TagApp))
+ return "", true
+ }
+
+ l.Info(logs.SetCustomIndexPageTemplate, logs.TagField(logs.TagApp))
+ return string(tmpl), true
+}
+
+func fetchDefaultNamespaces(v *viper.Viper) []string {
+ namespaces := v.GetStringSlice(cfgResolveDefaultNamespaces)
+
+ for i := range namespaces { // to be set namespaces in env variable as `HTTP_GW_RESOLVE_BUCKET_DEFAULT_NAMESPACES="" "root"`
+ namespaces[i] = strings.Trim(namespaces[i], "\"")
+ }
+
+ return namespaces
+}
+
+func fetchCORSMaxAge(v *viper.Viper) int {
+ maxAge := v.GetInt(cfgCORSMaxAge)
+ if maxAge <= 0 {
+ maxAge = defaultCORSMaxAge
+ }
+
+ return maxAge
+}
+
+func fetchServers(v *viper.Viper, log *zap.Logger) []ServerInfo {
var servers []ServerInfo
+ seen := make(map[string]struct{})
for i := 0; ; i++ {
key := cfgServer + "." + strconv.Itoa(i) + "."
@@ -401,16 +619,21 @@ func fetchServers(v *viper.Viper) []ServerInfo {
break
}
+ if _, ok := seen[serverInfo.Address]; ok {
+ log.Warn(logs.WarnDuplicateAddress, zap.String("address", serverInfo.Address), logs.TagField(logs.TagApp))
+ continue
+ }
+ seen[serverInfo.Address] = struct{}{}
servers = append(servers, serverInfo)
}
return servers
}
-func getPools(ctx context.Context, logger *zap.Logger, cfg *viper.Viper) (*pool.Pool, *treepool.Pool, *keys.PrivateKey) {
- key, err := getFrostFSKey(cfg, logger)
+func (a *app) initPools(ctx context.Context) {
+ key, err := getFrostFSKey(a.config(), a.log)
if err != nil {
- logger.Fatal(logs.CouldNotLoadFrostFSPrivateKey, zap.Error(err))
+ a.log.Fatal(logs.CouldNotLoadFrostFSPrivateKey, zap.Error(err), logs.TagField(logs.TagApp))
}
var prm pool.InitParameters
@@ -418,80 +641,86 @@ func getPools(ctx context.Context, logger *zap.Logger, cfg *viper.Viper) (*pool.
prm.SetKey(&key.PrivateKey)
prmTree.SetKey(key)
- logger.Info(logs.UsingCredentials, zap.String("FrostFS", hex.EncodeToString(key.PublicKey().Bytes())))
+ a.log.Info(logs.UsingCredentials, zap.String("FrostFS", hex.EncodeToString(key.PublicKey().Bytes())),
+ logs.TagField(logs.TagApp))
- for _, peer := range fetchPeers(logger, cfg) {
+ for _, peer := range fetchPeers(a.log, a.config()) {
prm.AddNode(peer)
prmTree.AddNode(peer)
}
- connTimeout := cfg.GetDuration(cfgConTimeout)
+ connTimeout := a.config().GetDuration(cfgConTimeout)
if connTimeout <= 0 {
connTimeout = defaultConnectTimeout
}
prm.SetNodeDialTimeout(connTimeout)
prmTree.SetNodeDialTimeout(connTimeout)
- streamTimeout := cfg.GetDuration(cfgStreamTimeout)
+ streamTimeout := a.config().GetDuration(cfgStreamTimeout)
if streamTimeout <= 0 {
streamTimeout = defaultStreamTimeout
}
prm.SetNodeStreamTimeout(streamTimeout)
prmTree.SetNodeStreamTimeout(streamTimeout)
- healthCheckTimeout := cfg.GetDuration(cfgReqTimeout)
+ healthCheckTimeout := a.config().GetDuration(cfgReqTimeout)
if healthCheckTimeout <= 0 {
healthCheckTimeout = defaultRequestTimeout
}
prm.SetHealthcheckTimeout(healthCheckTimeout)
prmTree.SetHealthcheckTimeout(healthCheckTimeout)
- rebalanceInterval := cfg.GetDuration(cfgRebalance)
+ rebalanceInterval := a.config().GetDuration(cfgRebalance)
if rebalanceInterval <= 0 {
rebalanceInterval = defaultRebalanceTimer
}
prm.SetClientRebalanceInterval(rebalanceInterval)
prmTree.SetClientRebalanceInterval(rebalanceInterval)
- errorThreshold := cfg.GetUint32(cfgPoolErrorThreshold)
+ errorThreshold := a.config().GetUint32(cfgPoolErrorThreshold)
if errorThreshold <= 0 {
errorThreshold = defaultPoolErrorThreshold
}
prm.SetErrorThreshold(errorThreshold)
- prm.SetLogger(logger)
- prmTree.SetLogger(logger)
+ prm.SetLogger(a.log.With(logs.TagField(logs.TagDatapath)))
+ prmTree.SetLogger(a.log.With(logs.TagField(logs.TagDatapath)))
- var apiGRPCDialOpts []grpc.DialOption
- var treeGRPCDialOpts []grpc.DialOption
- if cfg.GetBool(cfgTracingEnabled) {
- interceptors := []grpc.DialOption{
- grpc.WithUnaryInterceptor(grpctracing.NewUnaryClientInteceptor()),
- grpc.WithStreamInterceptor(grpctracing.NewStreamClientInterceptor()),
- }
- treeGRPCDialOpts = append(treeGRPCDialOpts, interceptors...)
- apiGRPCDialOpts = append(apiGRPCDialOpts, interceptors...)
+ prmTree.SetMaxRequestAttempts(a.config().GetInt(cfgTreePoolMaxAttempts))
+
+ interceptors := []grpc.DialOption{
+ grpc.WithUnaryInterceptor(grpctracing.NewUnaryClientInteceptor()),
+ grpc.WithStreamInterceptor(grpctracing.NewStreamClientInterceptor()),
+ grpc.WithContextDialer(a.settings.dialerSource.GrpcContextDialer()),
+ grpc.WithChainUnaryInterceptor(qostagging.NewUnaryClientInteceptor()),
+ grpc.WithChainStreamInterceptor(qostagging.NewStreamClientInterceptor()),
}
- prm.SetGRPCDialOptions(apiGRPCDialOpts...)
- prmTree.SetGRPCDialOptions(treeGRPCDialOpts...)
+ prm.SetGRPCDialOptions(interceptors...)
+ prmTree.SetGRPCDialOptions(interceptors...)
p, err := pool.NewPool(prm)
if err != nil {
- logger.Fatal(logs.FailedToCreateConnectionPool, zap.Error(err))
+ a.log.Fatal(logs.FailedToCreateConnectionPool, zap.Error(err), logs.TagField(logs.TagApp))
}
if err = p.Dial(ctx); err != nil {
- logger.Fatal(logs.FailedToDialConnectionPool, zap.Error(err))
+ a.log.Fatal(logs.FailedToDialConnectionPool, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+
+ if a.config().GetBool(cfgFeaturesTreePoolNetmapSupport) {
+ prmTree.SetNetMapInfoSource(frostfs.NewSource(frostfs.NewFrostFS(p), cache.NewNetmapCache(getNetmapCacheOptions(a.config(), a.log)), a.bucketCache, a.log))
}
treePool, err := treepool.NewPool(prmTree)
if err != nil {
- logger.Fatal(logs.FailedToCreateTreePool, zap.Error(err))
+ a.log.Fatal(logs.FailedToCreateTreePool, zap.Error(err), logs.TagField(logs.TagApp))
}
if err = treePool.Dial(ctx); err != nil {
- logger.Fatal(logs.FailedToDialTreePool, zap.Error(err))
+ a.log.Fatal(logs.FailedToDialTreePool, zap.Error(err), logs.TagField(logs.TagApp))
}
- return p, treePool, key
+ a.pool = p
+ a.treePool = treePool
+ a.key = key
}
func fetchPeers(l *zap.Logger, v *viper.Viper) []pool.NodeParam {
@@ -517,7 +746,8 @@ func fetchPeers(l *zap.Logger, v *viper.Viper) []pool.NodeParam {
l.Info(logs.AddedStoragePeer,
zap.Int("priority", priority),
zap.String("address", address),
- zap.Float64("weight", weight))
+ zap.Float64("weight", weight),
+ logs.TagField(logs.TagApp))
}
return nodes
@@ -531,3 +761,140 @@ func fetchSoftMemoryLimit(cfg *viper.Viper) int64 {
return int64(softMemoryLimit)
}
+
+func getBucketCacheOptions(v *viper.Viper, l *zap.Logger) *cache.Config {
+ cacheCfg := cache.DefaultBucketConfig(l)
+
+ cacheCfg.Lifetime = fetchCacheLifetime(v, l, cfgBucketsCacheLifetime, cacheCfg.Lifetime)
+ cacheCfg.Size = fetchCacheSize(v, l, cfgBucketsCacheSize, cacheCfg.Size)
+
+ return cacheCfg
+}
+
+func getNetmapCacheOptions(v *viper.Viper, l *zap.Logger) *cache.NetmapCacheConfig {
+ cacheCfg := cache.DefaultNetmapConfig(l)
+
+ cacheCfg.Lifetime = fetchCacheLifetime(v, l, cfgNetmapCacheLifetime, cacheCfg.Lifetime)
+
+ return cacheCfg
+}
+
+func getCORSCacheOptions(v *viper.Viper, l *zap.Logger) *cache.Config {
+ cacheCfg := cache.DefaultCORSConfig(l)
+
+ cacheCfg.Lifetime = fetchCacheLifetime(v, l, cfgCORSCacheLifetime, cacheCfg.Lifetime)
+ cacheCfg.Size = fetchCacheSize(v, l, cfgCORSCacheSize, cacheCfg.Size)
+
+ return cacheCfg
+}
+
+func fetchCacheLifetime(v *viper.Viper, l *zap.Logger, cfgEntry string, defaultValue time.Duration) time.Duration {
+ if v.IsSet(cfgEntry) {
+ lifetime := v.GetDuration(cfgEntry)
+ if lifetime <= 0 {
+ l.Error(logs.InvalidLifetimeUsingDefaultValue,
+ zap.String("parameter", cfgEntry),
+ zap.Duration("value in config", lifetime),
+ zap.Duration("default", defaultValue),
+ logs.TagField(logs.TagApp))
+ } else {
+ return lifetime
+ }
+ }
+
+ return defaultValue
+}
+
+func fetchCacheSize(v *viper.Viper, l *zap.Logger, cfgEntry string, defaultValue int) int {
+ if v.IsSet(cfgEntry) {
+ size := v.GetInt(cfgEntry)
+ if size <= 0 {
+ l.Error(logs.InvalidCacheSizeUsingDefaultValue,
+ zap.String("parameter", cfgEntry),
+ zap.Int("value in config", size),
+ zap.Int("default", defaultValue),
+ logs.TagField(logs.TagApp))
+ } else {
+ return size
+ }
+ }
+
+ return defaultValue
+}
+
+func getDialerSource(logger *zap.Logger, cfg *viper.Viper) *internalnet.DialerSource {
+ source, err := internalnet.NewDialerSource(fetchMultinetConfig(cfg, logger))
+ if err != nil {
+ logger.Fatal(logs.FailedToLoadMultinetConfig, zap.Error(err), logs.TagField(logs.TagApp))
+ }
+ return source
+}
+
+func fetchMultinetConfig(v *viper.Viper, l *zap.Logger) (cfg internalnet.Config) {
+ cfg.Enabled = v.GetBool(cfgMultinetEnabled)
+ cfg.Balancer = v.GetString(cfgMultinetBalancer)
+ cfg.Restrict = v.GetBool(cfgMultinetRestrict)
+ cfg.FallbackDelay = v.GetDuration(cfgMultinetFallbackDelay)
+ cfg.Subnets = make([]internalnet.Subnet, 0, 5)
+ cfg.EventHandler = internalnet.NewLogEventHandler(l)
+
+ for i := 0; ; i++ {
+ key := cfgMultinetSubnets + "." + strconv.Itoa(i) + "."
+ subnet := internalnet.Subnet{}
+
+ subnet.Prefix = v.GetString(key + "mask")
+ if subnet.Prefix == "" {
+ break
+ }
+ subnet.SourceIPs = v.GetStringSlice(key + "source_ips")
+ cfg.Subnets = append(cfg.Subnets, subnet)
+ }
+
+ return
+}
+
+func fetchTracingAttributes(v *viper.Viper) (map[string]string, error) {
+ attributes := make(map[string]string)
+ for i := 0; ; i++ {
+ key := cfgTracingAttributes + "." + strconv.Itoa(i) + "."
+ attrKey := v.GetString(key + "key")
+ attrValue := v.GetString(key + "value")
+ if attrKey == "" {
+ break
+ }
+
+ if _, ok := attributes[attrKey]; ok {
+ return nil, fmt.Errorf("tracing attribute key %s defined more than once", attrKey)
+ }
+
+ if attrValue == "" {
+ return nil, fmt.Errorf("empty tracing attribute value for key %s", attrKey)
+ }
+
+ attributes[attrKey] = attrValue
+ }
+
+ return attributes, nil
+}
+
+func fetchArchiveCompression(v *viper.Viper) bool {
+ if v.IsSet(cfgZipCompression) {
+ return v.GetBool(cfgZipCompression)
+ }
+ return v.GetBool(cfgArchiveCompression)
+}
+
+func fetchCORSConfig(v *viper.Viper) *data.CORSRule {
+ if !v.IsSet(cfgCORS) {
+ return nil
+ }
+
+ return &data.CORSRule{
+ AllowedOrigins: []string{v.GetString(cfgCORSAllowOrigin)},
+ AllowedMethods: v.GetStringSlice(cfgCORSAllowMethods),
+ AllowedHeaders: v.GetStringSlice(cfgCORSAllowHeaders),
+ ExposeHeaders: v.GetStringSlice(cfgCORSExposeHeaders),
+ AllowedCredentials: v.GetBool(cfgCORSAllowCredentials),
+ MaxAgeSeconds: fetchCORSMaxAge(v),
+ }
+}
diff --git a/cmd/http-gw/settings_test.go b/cmd/http-gw/settings_test.go
new file mode 100644
index 00000000..13bd50d0
--- /dev/null
+++ b/cmd/http-gw/settings_test.go
@@ -0,0 +1,60 @@
+package main
+
+import (
+ "os"
+ "testing"
+ "time"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
+ "github.com/stretchr/testify/require"
+)
+
+func TestConfigReload(t *testing.T) {
+ f, err := os.CreateTemp("", "conf")
+ require.NoError(t, err)
+ defer func() {
+ require.NoError(t, os.Remove(f.Name()))
+ }()
+
+ confData := `
+pprof:
+ enabled: true
+
+resolve_bucket:
+ default_namespaces: [""]
+
+resolve_order:
+ - nns
+`
+
+ _, err = f.WriteString(confData)
+ require.NoError(t, err)
+ require.NoError(t, f.Close())
+
+ cfg := settings()
+
+ require.NoError(t, cfg.flags.Parse([]string{"--config", f.Name(), "--connect_timeout", "15s"}))
+ require.NoError(t, cfg.reload())
+
+ require.True(t, cfg.config().GetBool(cfgPprofEnabled))
+ require.Equal(t, []string{""}, cfg.config().GetStringSlice(cfgResolveDefaultNamespaces))
+ require.Equal(t, []string{resolver.NNSResolver}, cfg.config().GetStringSlice(cfgResolveOrder))
+ require.Equal(t, 15*time.Second, cfg.config().GetDuration(cfgConTimeout))
+
+ require.NoError(t, os.Truncate(f.Name(), 0))
+ require.NoError(t, cfg.reload())
+
+ require.False(t, cfg.config().GetBool(cfgPprofEnabled))
+ require.Equal(t, []string{"", "root"}, cfg.config().GetStringSlice(cfgResolveDefaultNamespaces))
+ require.Equal(t, []string{resolver.NNSResolver, resolver.DNSResolver}, cfg.config().GetStringSlice(cfgResolveOrder))
+ require.Equal(t, 15*time.Second, cfg.config().GetDuration(cfgConTimeout))
+}
+
+func TestSetTLSEnabled(t *testing.T) {
+ cfg := settings()
+
+ require.NoError(t, cfg.flags.Parse([]string{"--" + cfgTLSCertFile, "tls.crt", "--" + cfgTLSKeyFile, "tls.key"}))
+ require.NoError(t, cfg.reload())
+
+ require.True(t, cfg.config().GetBool(cfgServer+".0."+cfgTLSEnabled))
+}
diff --git a/config/config.env b/config/config.env
index 62920a2c..ff880d54 100644
--- a/config/config.env
+++ b/config/config.env
@@ -14,8 +14,15 @@ HTTP_GW_PPROF_ADDRESS=localhost:8083
HTTP_GW_PROMETHEUS_ENABLED=true
HTTP_GW_PROMETHEUS_ADDRESS=localhost:8084
-# Log level.
+# Logger.
HTTP_GW_LOGGER_LEVEL=debug
+HTTP_GW_LOGGER_SAMPLING_ENABLED=false
+HTTP_GW_LOGGER_SAMPLING_INITIAL=100
+HTTP_GW_LOGGER_SAMPLING_THEREAFTER=100
+HTTP_GW_LOGGER_SAMPLING_INTERVAL=1s
+HTTP_GW_LOGGER_TAGS_0_NAMES=app,datapath
+HTTP_GW_LOGGER_TAGS_0_LEVEL=level
+HTTP_GW_LOGGER_TAGS_1_NAME=external_storage_tree
HTTP_GW_SERVER_0_ADDRESS=0.0.0.0:443
HTTP_GW_SERVER_0_TLS_ENABLED=false
@@ -26,6 +33,9 @@ HTTP_GW_SERVER_1_TLS_ENABLED=true
HTTP_GW_SERVER_1_TLS_CERT_FILE=/path/to/tls/cert
HTTP_GW_SERVER_1_TLS_KEY_FILE=/path/to/tls/key
+# How often to reconnect to the servers
+HTTP_GW_RECONNECT_INTERVAL: 1m
+
# Nodes configuration.
# This configuration make the gateway use the first node (grpc://s01.frostfs.devenv:8080)
# while it's healthy. Otherwise, the gateway use the second node (grpc://s01.frostfs.devenv:8080)
@@ -90,11 +100,87 @@ HTTP_GW_REBALANCE_TIMER=30s
# The number of errors on connection after which node is considered as unhealthy
HTTP_GW_POOL_ERROR_THRESHOLD=100
-# Enable zip compression to download files by common prefix.
+# Enable archive compression to download files by common prefix.
+# DEPRECATED: Use HTTP_GW_ARCHIVE_COMPRESSION instead.
HTTP_GW_ZIP_COMPRESSION=false
+# Enable archive compression to download files by common prefix.
+HTTP_GW_ARCHIVE_COMPRESSION=false
+
HTTP_GW_TRACING_ENABLED=true
HTTP_GW_TRACING_ENDPOINT="localhost:4317"
HTTP_GW_TRACING_EXPORTER="otlp_grpc"
+HTTP_GW_TRACING_TRUSTED_CA=""
+HTTP_GW_TRACING_ATTRIBUTES_0_KEY=key0
+HTTP_GW_TRACING_ATTRIBUTES_0_VALUE=value
+HTTP_GW_TRACING_ATTRIBUTES_1_KEY=key1
+HTTP_GW_TRACING_ATTRIBUTES_1_VALUE=value
HTTP_GW_RUNTIME_SOFT_MEMORY_LIMIT=1073741824
+
+# Parameters of requests to FrostFS
+# This flag enables client side object preparing.
+HTTP_GW_FROSTFS_CLIENT_CUT=false
+# Sets max buffer size for read payload in put operations.
+HTTP_GW_FROSTFS_BUFFER_MAX_SIZE_FOR_PUT=1048576
+
+# Caching
+# Cache which contains mapping of bucket name to bucket info
+HTTP_GW_CACHE_BUCKETS_LIFETIME=1m
+HTTP_GW_CACHE_BUCKETS_SIZE=1000
+# Cache which stores netmap
+HTTP_GW_CACHE_NETMAP_LIFETIME=1m
+# Cache which stores container CORS configurations
+HTTP_GW_CACHE_CORS_LIFETIME=5m
+HTTP_GW_CACHE_CORS_SIZE=1000
+
+# Header to determine zone to resolve bucket name
+HTTP_GW_RESOLVE_BUCKET_NAMESPACE_HEADER=X-Frostfs-Namespace
+# Namespaces that should be handled as default
+HTTP_GW_RESOLVE_BUCKET_DEFAULT_NAMESPACES="" "root"
+
+# Max attempt to make successful tree request.
+# default value is 0 that means the number of attempts equals to number of nodes in pool.
+HTTP_GW_FROSTFS_TREE_POOL_MAX_ATTEMPTS=0
+
+HTTP_GW_CORS_ALLOW_ORIGIN="*"
+HTTP_GW_CORS_ALLOW_METHODS="GET" "POST"
+HTTP_GW_CORS_ALLOW_HEADERS="*"
+HTTP_GW_CORS_EXPOSE_HEADERS="*"
+HTTP_GW_CORS_ALLOW_CREDENTIALS=false
+HTTP_GW_CORS_MAX_AGE=600
+
+# Multinet properties
+# Enable multinet support
+HTTP_GW_MULTINET_ENABLED=false
+# Strategy to pick source IP address
+HTTP_GW_MULTINET_BALANCER=roundrobin
+# Restrict requests with unknown destination subnet
+HTTP_GW_MULTINET_RESTRICT=false
+# Delay between ipv6 to ipv4 fallback switch
+HTTP_GW_MULTINET_FALLBACK_DELAY=300ms
+# List of subnets and IP addresses to use as source for those subnets
+HTTP_GW_MULTINET_SUBNETS_1_MASK=1.2.3.4/24
+HTTP_GW_MULTINET_SUBNETS_1_SOURCE_IPS=1.2.3.4 1.2.3.5
+
+# Number of workers in handler's worker pool
+HTTP_GW_WORKER_POOL_SIZE=1000
+
+# Index page
+# Enable index page support
+HTTP_GW_INDEX_PAGE_ENABLED=false
+# Index page template path
+HTTP_GW_INDEX_PAGE_TEMPLATE_PATH=internal/handler/templates/index.gotmpl
+
+# Enable using fallback path to search for a object by attribute
+HTTP_GW_FEATURES_ENABLE_FILEPATH_FALLBACK=false
+# See description in docs/gate-configuration.md
+HTTP_GW_FEATURES_ENABLE_FILEPATH_SLASH_FALLBACK=false
+# Enable using new version of tree pool, which uses netmap to select nodes, for requests to tree service
+HTTP_GW_FEATURES_TREE_POOL_NETMAP_SUPPORT=true
+
+# Containers properties
+HTTP_GW_CONTAINERS_CORS=AZjLTXfK4vs4ovxMic2xEJKSymMNLqdwq9JT64ASFCRj
+
+# Container contract hash (LE) or name in NNS.
+HTTP_GW_CONTRACTS_CONTAINER_NAME=container.frostfs
diff --git a/config/config.yaml b/config/config.yaml
index d2804d61..9b4b3c9c 100644
--- a/config/config.yaml
+++ b/config/config.yaml
@@ -9,13 +9,29 @@ pprof:
prometheus:
enabled: false # Enable metrics.
address: localhost:8084
+
tracing:
enabled: true
exporter: "otlp_grpc"
endpoint: "localhost:4317"
+ trusted_ca: ""
+ attributes:
+ - key: key0
+ value: value
+ - key: key1
+ value: value
logger:
level: debug # Log level.
+ destination: stdout
+ sampling:
+ enabled: false
+ initial: 100
+ thereafter: 100
+ interval: 1s
+ tags:
+ - names: app,datapath
+ level: debug
server:
- address: 0.0.0.0:8080
@@ -54,6 +70,7 @@ peers:
priority: 2
weight: 9
+reconnect_interval: 1m
web:
# Per-connection buffer size for requests' reading.
@@ -99,8 +116,91 @@ request_timeout: 5s # Timeout to check node health during rebalance.
rebalance_timer: 30s # Interval to check nodes health.
pool_error_threshold: 100 # The number of errors on connection after which node is considered as unhealthy.
+# Number of workers in handler's worker pool
+worker_pool_size: 1000
+
+# Enables index page to see objects list for specified container and prefix
+index_page:
+ enabled: false
+ template_path: internal/handler/templates/index.gotmpl
+
+# Deprecated: Use archive.compression instead
zip:
- compression: false # Enable zip compression to download files by common prefix.
+ # Enables zip compression to download files by common prefix.
+ compression: false
+
+archive:
+ # Enables archive compression to download files by common prefix.
+ compression: false
runtime:
soft_memory_limit: 1gb
+
+# Parameters of requests to FrostFS
+frostfs:
+ # This flag enables client side object preparing.
+ client_cut: false
+ # Sets max buffer size for read payload in put operations.
+ buffer_max_size_for_put: 1048576
+ # Max attempt to make successful tree request.
+ # default value is 0 that means the number of attempts equals to number of nodes in pool.
+ tree_pool_max_attempts: 0
+
+# Caching
+cache:
+ # Cache which contains mapping of bucket name to bucket info
+ buckets:
+ lifetime: 1m
+ size: 1000
+ # Cache which stores netmap
+ netmap:
+ lifetime: 1m
+ # Cache which stores container CORS configurations
+ cors:
+ lifetime: 5m
+ size: 1000
+
+resolve_bucket:
+ namespace_header: X-Frostfs-Namespace
+ default_namespaces: [ "", "root" ]
+
+cors:
+ allow_origin: ""
+ allow_methods: []
+ allow_headers: []
+ expose_headers: []
+ allow_credentials: false
+ max_age: 600
+
+# Multinet properties
+multinet:
+ # Enable multinet support
+ enabled: false
+ # Strategy to pick source IP address
+ balancer: roundrobin
+ # Restrict requests with unknown destination subnet
+ restrict: false
+ # Delay between ipv6 to ipv4 fallback switch
+ fallback_delay: 300ms
+ # List of subnets and IP addresses to use as source for those subnets
+ subnets:
+ - mask: 1.2.3.4/24
+ source_ips:
+ - 1.2.3.4
+ - 1.2.3.5
+
+features:
+ # Enable using fallback path to search for a object by attribute
+ enable_filepath_fallback: false
+ # See description in docs/gate-configuration.md
+ enable_filepath_slash_fallback: false
+ # Enable using new version of tree pool, which uses netmap to select nodes, for requests to tree service
+ tree_pool_netmap_support: true
+
+containers:
+ cors: AZjLTXfK4vs4ovxMic2xEJKSymMNLqdwq9JT64ASFCRj
+
+contracts:
+ container:
+ # Container contract hash (LE) or name in NNS.
+ name: container.frostfs
diff --git a/docs/api.md b/docs/api.md
index 78df7660..698e9b14 100644
--- a/docs/api.md
+++ b/docs/api.md
@@ -1,14 +1,14 @@
# HTTP Gateway Specification
-| Route | Description |
-|-------------------------------------------------|----------------------------------------------|
-| `/upload/{cid}` | [Put object](#put-object) |
-| `/get/{cid}/{oid}` | [Get object](#get-object) |
-| `/get_by_attribute/{cid}/{attr_key}/{attr_val}` | [Search object](#search-object) |
-| `/zip/{cid}/{prefix}` | [Download objects in archive](#download-zip) |
+| Route | Description |
+|-------------------------------------------------|--------------------------------------------------|
+| `/upload/{cid}` | [Put object](#put-object) |
+| `/get/{cid}/{oid}` | [Get object](#get-object) |
+| `/get_by_attribute/{cid}/{attr_key}/{attr_val}` | [Search object](#search-object) |
+| `/zip/{cid}/{prefix}`, `/tar/{cid}/{prefix}` | [Download objects in archive](#download-archive) |
**Note:** `cid` parameter can be base58 encoded container ID or container name
-(the name must be registered in NNS, see appropriate section in [README](../README.md#nns)).
+(the name must be registered in NNS, see appropriate section in [nns.md](./nns.md)).
Route parameters can be:
@@ -18,7 +18,7 @@ Route parameters can be:
### Bearer token
-All routes can accept [bearer token](../README.md#authentication) from:
+All routes can accept [bearer token](./authentication.md) from:
* `Authorization` header with `Bearer` type and base64-encoded token in
credentials field
@@ -56,12 +56,14 @@ Upload file as object with attributes to FrostFS.
###### Headers
-| Header | Description |
-|------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------|
-| Common headers | See [bearer token](#bearer-token). |
-| `X-Attribute-System-*` | Used to set system FrostFS object attributes
(e.g. use "X-Attribute-System-Expiration-Epoch" to set `__SYSTEM__EXPIRATION_EPOCH` attribute). |
-| `X-Attribute-*` | Used to set regular object attributes
(e.g. use "X-Attribute-My-Tag" to set `My-Tag` attribute). |
-| `Date` | This header is used to calculate the right `__SYSTEM__EXPIRATION` attribute for object. If the header is missing, the current server time is used. |
+| Header | Description |
+|------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| Common headers | See [bearer token](#bearer-token). |
+| `X-Attribute-System-*` | Used to set system FrostFS object attributes
(e.g. use "X-Attribute-System-Expiration-Epoch" to set `__SYSTEM__EXPIRATION_EPOCH` attribute). |
+| `X-Attribute-*` | Used to set regular object attributes
(e.g. use "X-Attribute-My-Tag" to set `My-Tag` attribute). |
+| `X-Explode-Archive` | If set, gate tries to read files from uploading `tar` archive and creates an object for each file in it. Uploading `tar` could be compressed via Gzip by setting a `Content-Encoding` header. Sets a `FilePath` attribute as a relative path from archive root and a `FileName` as the last path element of the `FilePath`. |
+| `Content-Encoding` | If set and value is `gzip`, gate will handle uploading file as a `Gzip` compressed `tar` file. |
+| `Date` | This header is used to calculate the right `__SYSTEM__EXPIRATION` attribute for object. If the header is missing, the current server time is used. |
There are some reserved headers type of `X-Attribute-FROSTFS-*` (headers are arranged in descending order of priority):
@@ -92,15 +94,17 @@ The `filename` field from the multipart form will be set as `FileName` attribute
|--------|----------------------------------------------|
| 200 | Object created successfully. |
| 400 | Some error occurred during object uploading. |
+| 403 | Access denied. |
+| 409 | Can not upload object due to quota reached. |
## Get object
-Route: `/get/{cid}/{oid}?[download=true]`
+Route: `/get/{cid}/{oid}?[download=false]`
| Route parameter | Type | Description |
|-----------------|--------|------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `cid` | Single | Base58 encoded container ID or container name from NNS. |
-| `oid` | Single | Base58 encoded object ID. |
+| `cid` | Single | Base58 encoded `container ID` or `container name` from NNS or `bucket name`. |
+| `oid` | Single | Base58 encoded `object ID`. Also could be `S3 object name` if `cid` is specified as bucket name. |
| `download` | Query | Set the `Content-Disposition` header as `attachment` in response.
This make the browser to download object as file instead of showing it on the page. |
### Methods
@@ -139,8 +143,16 @@ Get an object (payload and attributes) by an address.
|--------|------------------------------------------------|
| 200 | Object got successfully. |
| 400 | Some error occurred during object downloading. |
+| 403 | Access denied. |
| 404 | Container or object not found. |
+###### Body
+
+Returns object data. If request performed from browser, either displays raw data or downloads it as
+attachment if `download` query parameter is set to `true`.
+If `index_page.enabled` is set to `true`, returns HTML with index-page if no object with specified
+S3-name was found.
+
#### HEAD
Get an object attributes by an address.
@@ -174,6 +186,7 @@ Get an object attributes by an address.
|--------|---------------------------------------------------|
| 200 | Object head successfully. |
| 400 | Some error occurred during object HEAD operation. |
+| 403 | Access denied. |
| 404 | Container or object not found. |
## Search object
@@ -224,6 +237,7 @@ If more than one object is found, an arbitrary one will be returned.
|--------|------------------------------------------------|
| 200 | Object got successfully. |
| 400 | Some error occurred during object downloading. |
+| 403 | Access denied. |
| 404 | Container or object not found. |
#### HEAD
@@ -260,11 +274,12 @@ If more than one object is found, an arbitrary one will be used to get attribute
|--------|---------------------------------------|
| 200 | Object head successfully. |
| 400 | Some error occurred during operation. |
+| 403 | Access denied. |
| 404 | Container or object not found. |
-## Download zip
+## Download archive
-Route: `/zip/{cid}/{prefix}`
+Route: `/zip/{cid}/{prefix}`, `/tar/{cid}/{prefix}`
| Route parameter | Type | Description |
|-----------------|-----------|---------------------------------------------------------|
@@ -275,12 +290,13 @@ Route: `/zip/{cid}/{prefix}`
#### GET
-Find objects by prefix for `FilePath` attributes. Return found objects in zip archive.
+Find objects by prefix for `FilePath` attributes. Return found objects in zip or tar archive.
Name of files in archive sets to `FilePath` attribute of objects.
Time of files sets to time when object has started downloading.
-You can download all files in container that have `FilePath` attribute by `/zip/{cid}/` route.
+You can download all files in container that have `FilePath` attribute by `/zip/{cid}/` or
+`/tar/{cid}/` route.
-Archive can be compressed (see http-gw [configuration](gate-configuration.md#zip-section)).
+Archive can be compressed (see http-gw [configuration](gate-configuration.md#archive-section)).
##### Request
@@ -294,16 +310,16 @@ Archive can be compressed (see http-gw [configuration](gate-configuration.md#zip
###### Headers
-| Header | Description |
-|-----------------------|-------------------------------------------------------------------------------------------------------------------|
-| `Content-Disposition` | Indicate how to browsers should treat file (`attachment`). Set `filename` as `archive.zip`. |
-| `Content-Type` | Indicate content type of object. Set to `application/zip` |
+| Header | Description |
+|-----------------------|---------------------------------------------------------------------------------------------|
+| `Content-Disposition` | Indicate how to browsers should treat file (`attachment`). Set `filename` as `archive.zip`. |
+| `Content-Type` | Indicate content type of object. Set to `application/zip` |
###### Status codes
-| Status | Description |
-|--------|-----------------------------------------------------|
-| 200 | Object got successfully. |
-| 400 | Some error occurred during object downloading. |
-| 404 | Container or objects not found. |
-| 500 | Some inner error (e.g. error on streaming objects). |
+| Status | Description |
+|--------|------------------------------------------------|
+| 200 | Object got successfully. |
+| 400 | Some error occurred during object downloading. |
+| 403 | Access denied. |
+| 404 | Container or objects not found. |
diff --git a/docs/authentication.md b/docs/authentication.md
new file mode 100644
index 00000000..d8bb2357
--- /dev/null
+++ b/docs/authentication.md
@@ -0,0 +1,108 @@
+# Request authentication
+
+HTTP Gateway does not authorize requests. Gateway converts HTTP request to a
+FrostFS request and signs it with its own private key.
+
+You can always upload files to public containers (open for anyone to put
+objects into), but for restricted containers you need to explicitly allow PUT
+operations for a request signed with your HTTP Gateway keys.
+
+If you don't want to manage gateway's secret keys and adjust policies when
+gateway configuration changes (new gate, key rotation, etc) or you plan to use
+public services, there is an option to let your application backend (or you) to
+issue Bearer Tokens and pass them from the client via gate down to FrostFS level
+to grant access.
+
+FrostFS Bearer Token basically is a container owner-signed policy (refer to FrostFS
+documentation for more details). There are two options to pass them to gateway:
+* "Authorization" header with "Bearer" type and base64-encoded token in
+ credentials field
+* "Bearer" cookie with base64-encoded token contents
+
+For example, you have a mobile application frontend with a backend part storing
+data in FrostFS. When a user authorizes in the mobile app, the backend issues a FrostFS
+Bearer token and provides it to the frontend. Then, the mobile app may generate
+some data and upload it via any available FrostFS HTTP Gateway by adding
+the corresponding header to the upload request. Accessing policy protected data
+works the same way.
+
+##### Example
+In order to generate a bearer token, you need to have wallet (which will be used to sign the token)
+
+1. Suppose you have a container with private policy for wallet key
+
+```
+$ frostfs-cli container create -r
Possible values: `debug`, `info`, `warn`, `error`, `dpanic`, `panic`, `fatal`. |
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|-----------------------|------------|---------------|---------------|----------------------------------------------------------------------------------------------------|
+| `level` | `string` | yes | `debug` | Logging level.
Possible values: `debug`, `info`, `warn`, `error`, `dpanic`, `panic`, `fatal`. |
+| `destination` | `string` | no | `stdout` | Destination for logger: `stdout` or `journald` |
+| `sampling.enabled` | `bool` | no | false | Sampling enabling flag. |
+| `sampling.initial` | `int` | no | '100' | Sampling count of first log entries. |
+| `sampling.thereafter` | `int` | no | '100' | Sampling count of entries after an `interval`. |
+| `sampling.interval` | `duration` | no | '1s' | Sampling interval of messaging similar entries. |
+| `sampling.tags` | `[]Tag` | yes | | Tagged log entries that should be additionally logged (available tags see in the next section). |
+## Tags
+
+There are additional log entries that can hurt performance and can be additionally logged by using `logger.tags`
+parameter. Available tags:
+
+```yaml
+tags:
+ - names: "app,datapath"
+ level: info
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|-----------|------------|---------------|---------------------------|-------------------------------------------------------------------------------------------------------|
+| `names` | `[]string` | yes | | Tag names separated by `,`. Possible values see below in `Tag values` section. |
+| `level` | `string` | yes | Value from `logger.level` | Logging level for specific tag. Possible values: `debug`, `info`, `warn`, `dpanic`, `panic`, `fatal`. |
+
+### Tag values
+
+* `app` - common application logs (enabled by default).
+* `datapath` - main logic of application (enabled by default).
+* `external_storage` - external interaction with storage node (enabled by default).
+* `external_storage_tree` - external interaction with tree service in storage node (enabled by default).
# `web` section
@@ -186,7 +234,6 @@ web:
| `stream_request_body` | `bool` | `true` | Enables request body streaming, and calls the handler sooner when given body is larger than the current limit. |
| `max_request_body_size` | `int` | `4194304` | Maximum request body size. The server rejects requests with bodies exceeding this limit. |
-
# `upload-header` section
```yaml
@@ -198,9 +245,10 @@ upload_header:
|-------------------------|--------|---------------|---------------|-------------------------------------------------------------|
| `use_default_timestamp` | `bool` | yes | `false` | Create timestamp for object if it isn't provided by header. |
-
# `zip` section
+> **_DEPRECATED:_** Use archive section instead
+
```yaml
zip:
compression: false
@@ -210,6 +258,16 @@ zip:
|---------------|--------|---------------|---------------|--------------------------------------------------------------|
| `compression` | `bool` | yes | `false` | Enable zip compression when download files by common prefix. |
+# `archive` section
+
+```yaml
+archive:
+ compression: false
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|---------------|--------|---------------|---------------|------------------------------------------------------------------|
+| `compression` | `bool` | yes | `false` | Enable archive compression when download files by common prefix. |
# `pprof` section
@@ -250,15 +308,39 @@ tracing:
enabled: true
exporter: "otlp_grpc"
endpoint: "localhost:4317"
+ trusted_ca: "/etc/ssl/telemetry-trusted-ca.pem"
+ attributes:
+ - key: key0
+ value: value
+ - key: key1
+ value: value
```
-| Parameter | Type | SIGHUP reload | Default value | Description |
-|------------|----------|---------------|------------------|---------------------------------------------------------------|
-| `enabled` | `bool` | yes | `false` | Flag to enable the tracing. |
-| `exporter` | `string` | yes | | Trace collector type (`stdout` or `otlp_grpc` are supported). |
-| `endpoint` | `string` | yes | | Address of collector endpoint for OTLP exporters. |
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|--------------|----------------------------------------|---------------|---------------|---------------------------------------------------------------------------------------------------------------------------------|
+| `enabled` | `bool` | yes | `false` | Flag to enable the tracing. |
+| `exporter` | `string` | yes | | Trace collector type (`stdout` or `otlp_grpc` are supported). |
+| `endpoint` | `string` | yes | | Address of collector endpoint for OTLP exporters. |
+| `trusted_ca` | `string` | yes | | Path to certificate of a certification authority in pem format, that issued the TLS certificate of the telemetry remote server. |
+| `attributes` | [[]Attributes](#attributes-subsection) | yes | | An array of configurable attributes in key-value format. |
+
+#### `attributes` subsection
+
+```yaml
+ attributes:
+ - key: key0
+ value: value
+ - key: key1
+ value: value
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|-----------|----------|---------------|---------------|------------------|
+| `key` | `string` | yes | | Attribute key. |
+| `value` | `string` | yes | | Attribute value. |
# `runtime` section
+
Contains runtime parameters.
```yaml
@@ -268,4 +350,193 @@ runtime:
| Parameter | Type | SIGHUP reload | Default value | Description |
|---------------------|--------|---------------|---------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `soft_memory_limit` | `size` | yes | maxint64 | Soft memory limit for the runtime. Zero or no value stands for no limit. If `GOMEMLIMIT` environment variable is set, the value from the configuration file will be ignored. |
\ No newline at end of file
+| `soft_memory_limit` | `size` | yes | maxint64 | Soft memory limit for the runtime. Zero or no value stands for no limit. If `GOMEMLIMIT` environment variable is set, the value from the configuration file will be ignored. |
+
+# `frostfs` section
+
+Contains parameters of requests to FrostFS.
+
+```yaml
+frostfs:
+ client_cut: false
+ buffer_max_size_for_put: 1048576 # 1mb
+ tree_pool_max_attempts: 0
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|---------------------------|----------|---------------|---------------|---------------------------------------------------------------------------------------------------------------------------|
+| `client_cut` | `bool` | yes | `false` | This flag enables client side object preparing. |
+| `buffer_max_size_for_put` | `uint64` | yes | `1048576` | Sets max buffer size for read payload in put operations. |
+| `tree_pool_max_attempts` | `uint32` | no | `0` | Sets max attempt to make successful tree request. Value 0 means the number of attempts equals to number of nodes in pool. |
+
+### `cache` section
+
+```yaml
+cache:
+ buckets:
+ lifetime: 1m
+ size: 1000
+ netmap:
+ lifetime: 1m
+ cors:
+ lifetime: 5m
+ size: 1000
+```
+
+| Parameter | Type | Default value | Description |
+|-----------|-----------------------------------|---------------------------------|---------------------------------------------------------------------------|
+| `buckets` | [Cache config](#cache-subsection) | `lifetime: 60s`
`size: 1000` | Cache which contains mapping of bucket name to bucket info. |
+| `netmap` | [Cache config](#cache-subsection) | `lifetime: 1m` | Cache which stores netmap. `netmap.size` isn't applicable for this cache. |
+| `cors` | [Cache config](#cache-subsection) | `lifetime: 5m`
`size: 1000` | Cache which stores container CORS configurations. |
+
+#### `cache` subsection
+
+```yaml
+lifetime: 1m
+size: 1000
+```
+
+| Parameter | Type | Default value | Description |
+|------------|------------|------------------|-------------------------------|
+| `lifetime` | `duration` | depends on cache | Lifetime of entries in cache. |
+| `size` | `int` | depends on cache | LRU cache size. |
+
+# `resolve_bucket` section
+
+Bucket name resolving parameters from and to container ID.
+
+```yaml
+resolve_bucket:
+ namespace_header: X-Frostfs-Namespace
+ default_namespaces: [ "", "root" ]
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|----------------------|------------|---------------|-----------------------|--------------------------------------------------|
+| `namespace_header` | `string` | yes | `X-Frostfs-Namespace` | Header to determine zone to resolve bucket name. |
+| `default_namespaces` | `[]string` | yes | ["","root"] | Namespaces that should be handled as default. |
+
+# `index_page` section
+
+Parameters for index HTML-page output. Activates if `GetObject` request returns `not found`. Two
+index page modes available:
+
+* `s3` mode uses tree service for listing objects,
+* `native` sends requests to nodes via native protocol.
+ If request pass S3-bucket name instead of CID, `s3` mode will be used, otherwise `native`.
+
+```yaml
+index_page:
+ enabled: false
+ template_path: ""
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|-----------------|----------|---------------|---------------|---------------------------------------------------------------------------------|
+| `enabled` | `bool` | yes | `false` | Flag to enable index_page return if no object with specified S3-name was found. |
+| `template_path` | `string` | yes | `""` | Path to .gotmpl file with html template for index_page. |
+
+# `cors` section
+
+Parameters for CORS (used in OPTIONS requests and responses in all handlers).
+If values are not set, settings from CORS container will be used.
+
+```yaml
+cors:
+ allow_origin: "*"
+ allow_methods: [ "GET", "HEAD" ]
+ allow_headers: [ "Authorization" ]
+ expose_headers: [ "*" ]
+ allow_credentials: false
+ max_age: 600
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|---------------------|------------|---------------|---------------|--------------------------------------------------------|
+| `allow_origin` | `string` | yes | | Values for `Access-Control-Allow-Origin` headers. |
+| `allow_methods` | `[]string` | yes | | Values for `Access-Control-Allow-Methods` headers. |
+| `allow_headers` | `[]string` | yes | | Values for `Access-Control-Allow-Headers` headers. |
+| `expose_headers` | `[]string` | yes | | Values for `Access-Control-Expose-Headers` headers. |
+| `allow_credentials` | `bool` | yes | `false` | Values for `Access-Control-Allow-Credentials` headers. |
+| `max_age` | `int` | yes | `600` | Values for `Access-Control-Max-Age ` headers. |
+
+# `multinet` section
+
+Configuration of multinet support.
+
+```yaml
+multinet:
+ enabled: false
+ balancer: roundrobin
+ restrict: false
+ fallback_delay: 300ms
+ subnets:
+ - mask: 1.2.3.4/24
+ source_ips:
+ - 1.2.3.4
+ - 1.2.3.5
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|------------------|--------------------------------|---------------|---------------|--------------------------------------------------------------------------------------------|
+| `enabled` | `bool` | yes | `false` | Enables multinet setting to manage source ip of outcoming requests. |
+| `balancer` | `string` | yes | `""` | Strategy to pick source IP. By default picks first address. Supports `roundrobin` setting. |
+| `restrict` | `bool` | yes | `false` | Restricts requests to an undefined subnets. |
+| `fallback_delay` | `duration` | yes | `300ms` | Delay between IPv6 and IPv4 fallback stack switch. |
+| `subnets` | [[]Subnet](#subnet-subsection) | yes | | Set of subnets to apply multinet dial settings. |
+
+#### `subnet` subsection
+
+```yaml
+- mask: 1.2.3.4/24
+ source_ips:
+ - 1.2.3.4
+ - 1.2.3.5
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|--------------|------------|---------------|---------------|----------------------------------------------------------------------|
+| `mask` | `string` | yes | | Destination subnet. |
+| `source_ips` | `[]string` | yes | | Array of source IP addresses to use when dialing destination subnet. |
+
+# `features` section
+
+Contains parameters for enabling features.
+
+```yaml
+features:
+ enable_filepath_fallback: true
+ enable_filepath_slash_fallback: false
+ tree_pool_netmap_support: true
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|-------------------------------------------|--------|---------------|---------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `features.enable_filepath_fallback` | `bool` | yes | `false` | Enable using fallback path to search for a object by `FileName` attribute if object with `FilePath` attribute wasn't found. |
+| `features.enable_filepath_slash_fallback` | `bool` | yes | `false` | Enable using fallback path to search for a object by `FilePath`/`FileName` with/without (depends on provided value in `FilePath`/`FileName`) leading slash if object with provided `FilePath`/`FileName` wasn't found. This fallback goes before `enable_filepath_fallback`. |
+| `features.tree_pool_netmap_support` | `bool` | no | `false` | Enable using new version of tree pool, which uses netmap to select nodes, for requests to tree service. |
+
+# `containers` section
+
+Section for well-known containers to store data and settings.
+
+```yaml
+containers:
+ cors: AZjLTXfK4vs4ovxMic2xEJKSymMNLqdwq9JT64ASFCRj
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|-----------|----------|---------------|---------------|-----------------------------------------|
+| `cors` | `string` | no | | Container name for CORS configurations. |
+
+# `contracts` section
+
+```yaml
+contracts:
+ container:
+ name: container.frostfs
+```
+
+| Parameter | Type | SIGHUP reload | Default value | Description |
+|------------------|----------|---------------|---------------------|----------------------------------------------|
+| `container.name` | `string` | no | `container.frostfs` | Container contract hash (LE) or name in NNS. |
diff --git a/docs/nns.md b/docs/nns.md
new file mode 100644
index 00000000..acb9f218
--- /dev/null
+++ b/docs/nns.md
@@ -0,0 +1,36 @@
+# Nicename Resolving with NNS
+
+Steps to start using name resolving:
+
+1. Enable NNS resolving in config (`rpc_endpoint` must be a valid neo rpc node, see [configs](./config) for other examples):
+
+```yaml
+rpc_endpoint: http://morph-chain.frostfs.devenv:30333
+resolve_order:
+ - nns
+```
+
+2. Make sure your container is registered in NNS contract. If you use [frostfs-dev-env](https://git.frostfs.info/TrueCloudLab/frostfs-dev-env)
+ you can check if your container (e.g. with `container-name` name) is registered in NNS:
+
+```shell
+$ curl -s --data '{"id":1,"jsonrpc":"2.0","method":"getcontractstate","params":[1]}' \
+ http://morph-chain.frostfs.devenv:30333 | jq -r '.result.hash'
+
+0x8e6c3cd4b976b28e84a3788f6ea9e2676c15d667
+
+$ docker exec -it morph_chain neo-go \
+ contract testinvokefunction \
+ -r http://morph-chain.frostfs.devenv:30333 0x8e6c3cd4b976b28e84a3788f6ea9e2676c15d667 \
+ resolve string:container-name.container int:16 \
+ | jq -r '.stack[0].value | if type=="array" then .[0].value else . end' \
+ | base64 -d && echo
+
+7f3vvkw4iTiS5ZZbu5BQXEmJtETWbi3uUjLNaSs29xrL
+```
+
+3. Use container name instead of its `$CID`. For example:
+
+```shell
+$ curl http://localhost:8082/get_by_attribute/container-name/FileName/object-name
+```
diff --git a/go.mod b/go.mod
index 80d794cb..6082ef61 100644
--- a/go.mod
+++ b/go.mod
@@ -1,113 +1,139 @@
module git.frostfs.info/TrueCloudLab/frostfs-http-gw
-go 1.20
+go 1.23
require (
- git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.15.1-0.20230802075510-964c3edb3f44
- git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20230531082742-c97d21411eb6
- git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20230802103237-363f153eafa6
+ git.frostfs.info/TrueCloudLab/frostfs-contract v0.19.3-0.20240621131249-49e5270f673e
+ git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20241125133852-37bd75821121
+ git.frostfs.info/TrueCloudLab/frostfs-qos v0.0.0-20250128150313-cfbca7fa1dfe
+ git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20250317082814-87bb55f992dc
+ git.frostfs.info/TrueCloudLab/multinet v0.0.0-20241015075604-6cb0d80e0972
+ git.frostfs.info/TrueCloudLab/zapjournald v0.0.0-20240124114243-cb2e66427d02
+ github.com/bluele/gcache v0.0.2
+ github.com/docker/docker v27.1.1+incompatible
+ github.com/docker/go-units v0.5.0
github.com/fasthttp/router v1.4.1
- github.com/nspcc-dev/neo-go v0.101.2-0.20230601131642-a0117042e8fc
- github.com/prometheus/client_golang v1.15.1
- github.com/prometheus/client_model v0.3.0
+ github.com/nspcc-dev/neo-go v0.106.2
+ github.com/panjf2000/ants/v2 v2.5.0
+ github.com/prometheus/client_golang v1.19.0
+ github.com/prometheus/client_model v0.5.0
github.com/spf13/pflag v1.0.5
github.com/spf13/viper v1.15.0
- github.com/stretchr/testify v1.8.3
- github.com/testcontainers/testcontainers-go v0.13.0
+ github.com/ssgreg/journald v1.0.0
+ github.com/stretchr/testify v1.9.0
+ github.com/testcontainers/testcontainers-go v0.35.0
+ github.com/trailofbits/go-fuzz-utils v0.0.0-20230413173806-58c38daa3cb4
github.com/valyala/fasthttp v1.34.0
- go.opentelemetry.io/otel v1.16.0
- go.opentelemetry.io/otel/trace v1.16.0
- go.uber.org/zap v1.24.0
- google.golang.org/grpc v1.55.0
+ go.opentelemetry.io/otel v1.31.0
+ go.opentelemetry.io/otel/trace v1.31.0
+ go.uber.org/zap v1.27.0
+ golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842
+ golang.org/x/sys v0.28.0
+ google.golang.org/grpc v1.69.2
)
require (
- git.frostfs.info/TrueCloudLab/frostfs-contract v0.0.0-20230307110621-19a8ef2d02fb // indirect
+ dario.cat/mergo v1.0.0 // indirect
git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0 // indirect
git.frostfs.info/TrueCloudLab/hrw v1.2.1 // indirect
git.frostfs.info/TrueCloudLab/rfc6979 v0.4.0 // indirect
git.frostfs.info/TrueCloudLab/tzhash v1.8.0 // indirect
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
- github.com/Microsoft/go-winio v0.5.2 // indirect
- github.com/Microsoft/hcsshim v0.9.2 // indirect
+ github.com/Microsoft/go-winio v0.6.2 // indirect
+ github.com/VictoriaMetrics/easyproto v0.1.4 // indirect
github.com/andybalholm/brotli v1.0.4 // indirect
- github.com/antlr4-go/antlr/v4 v4.13.0 // indirect
+ github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
github.com/beorn7/perks v1.0.1 // indirect
- github.com/cenkalti/backoff/v4 v4.2.1 // indirect
- github.com/cespare/xxhash/v2 v2.2.0 // indirect
- github.com/containerd/cgroups v1.0.3 // indirect
- github.com/containerd/containerd v1.6.2 // indirect
- github.com/cpuguy83/go-md2man/v2 v2.0.1 // indirect
+ github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+ github.com/cespare/xxhash/v2 v2.3.0 // indirect
+ github.com/containerd/containerd v1.7.18 // indirect
+ github.com/containerd/log v0.1.0 // indirect
+ github.com/containerd/platforms v0.2.1 // indirect
+ github.com/cpuguy83/dockercfg v0.3.2 // indirect
+ github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect
- github.com/docker/distribution v2.8.1+incompatible // indirect
- github.com/docker/docker v20.10.14+incompatible // indirect
- github.com/docker/go-connections v0.4.0 // indirect
- github.com/docker/go-units v0.4.0 // indirect
+ github.com/distribution/reference v0.6.0 // indirect
+ github.com/docker/go-connections v0.5.0 // indirect
+ github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
- github.com/go-logr/logr v1.2.4 // indirect
+ github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
+ github.com/go-ole/go-ole v1.2.6 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
- github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
- github.com/golang/protobuf v1.5.3 // indirect
- github.com/google/uuid v1.3.0 // indirect
- github.com/gorilla/mux v1.8.0 // indirect
- github.com/gorilla/websocket v1.5.0 // indirect
- github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.2 // indirect
- github.com/hashicorp/golang-lru v0.6.0 // indirect
- github.com/hashicorp/golang-lru/v2 v2.0.2 // indirect
+ github.com/golang/snappy v0.0.4 // indirect
+ github.com/google/uuid v1.6.0 // indirect
+ github.com/gorilla/websocket v1.5.1 // indirect
+ github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
+ github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
- github.com/klauspost/compress v1.16.4 // indirect
+ github.com/ipfs/go-cid v0.0.7 // indirect
+ github.com/klauspost/compress v1.17.4 // indirect
+ github.com/klauspost/cpuid/v2 v2.2.6 // indirect
+ github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/magiconair/properties v1.8.7 // indirect
- github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+ github.com/minio/sha256-simd v1.0.1 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
- github.com/moby/sys/mount v0.3.2 // indirect
- github.com/moby/sys/mountinfo v0.6.1 // indirect
- github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
+ github.com/moby/docker-image-spec v1.3.1 // indirect
+ github.com/moby/patternmatcher v0.6.0 // indirect
+ github.com/moby/sys/sequential v0.5.0 // indirect
+ github.com/moby/sys/user v0.1.0 // indirect
+ github.com/moby/term v0.5.0 // indirect
github.com/morikuni/aec v1.0.0 // indirect
github.com/mr-tron/base58 v1.2.0 // indirect
- github.com/nspcc-dev/go-ordered-json v0.0.0-20220111165707-25110be27d22 // indirect
- github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20230615193820-9185820289ce // indirect
- github.com/nspcc-dev/rfc6979 v0.2.0 // indirect
+ github.com/multiformats/go-base32 v0.1.0 // indirect
+ github.com/multiformats/go-base36 v0.2.0 // indirect
+ github.com/multiformats/go-multiaddr v0.14.0 // indirect
+ github.com/multiformats/go-multibase v0.2.0 // indirect
+ github.com/multiformats/go-multihash v0.2.3 // indirect
+ github.com/multiformats/go-varint v0.0.7 // indirect
+ github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2 // indirect
+ github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d // indirect
+ github.com/nspcc-dev/rfc6979 v0.2.1 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
- github.com/opencontainers/image-spec v1.0.2 // indirect
- github.com/opencontainers/runc v1.1.1 // indirect
+ github.com/opencontainers/image-spec v1.1.0 // indirect
github.com/pelletier/go-toml/v2 v2.0.6 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
- github.com/prometheus/common v0.42.0 // indirect
- github.com/prometheus/procfs v0.9.0 // indirect
+ github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
+ github.com/prometheus/common v0.48.0 // indirect
+ github.com/prometheus/procfs v0.12.0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/savsgio/gotils v0.0.0-20210617111740-97865ed5a873 // indirect
- github.com/sirupsen/logrus v1.8.1 // indirect
+ github.com/shirou/gopsutil/v3 v3.23.12 // indirect
+ github.com/shoenig/go-m1cpu v0.1.6 // indirect
+ github.com/sirupsen/logrus v1.9.3 // indirect
+ github.com/spaolacci/murmur3 v1.1.0 // indirect
github.com/spf13/afero v1.9.3 // indirect
github.com/spf13/cast v1.5.0 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/subosito/gotenv v1.4.2 // indirect
github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 // indirect
+ github.com/tklauser/go-sysconf v0.3.12 // indirect
+ github.com/tklauser/numcpus v0.6.1 // indirect
github.com/twmb/murmur3 v1.1.8 // indirect
- github.com/urfave/cli v1.22.5 // indirect
+ github.com/urfave/cli v1.22.12 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
- go.opencensus.io v0.24.0 // indirect
- go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 // indirect
- go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 // indirect
- go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0 // indirect
- go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.16.0 // indirect
- go.opentelemetry.io/otel/metric v1.16.0 // indirect
- go.opentelemetry.io/otel/sdk v1.16.0 // indirect
- go.opentelemetry.io/proto/otlp v0.19.0 // indirect
- go.uber.org/atomic v1.10.0 // indirect
+ github.com/yusufpapurcu/wmi v1.2.3 // indirect
+ go.etcd.io/bbolt v1.3.9 // indirect
+ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
+ go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect
+ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 // indirect
+ go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.28.0 // indirect
+ go.opentelemetry.io/otel/metric v1.31.0 // indirect
+ go.opentelemetry.io/otel/sdk v1.31.0 // indirect
+ go.opentelemetry.io/proto/otlp v1.3.1 // indirect
go.uber.org/multierr v1.11.0 // indirect
- golang.org/x/crypto v0.9.0 // indirect
- golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc // indirect
- golang.org/x/net v0.10.0 // indirect
- golang.org/x/sync v0.2.0 // indirect
- golang.org/x/sys v0.8.0 // indirect
- golang.org/x/term v0.8.0 // indirect
- golang.org/x/text v0.9.0 // indirect
+ golang.org/x/crypto v0.31.0 // indirect
+ golang.org/x/net v0.30.0 // indirect
+ golang.org/x/sync v0.10.0 // indirect
+ golang.org/x/term v0.27.0 // indirect
+ golang.org/x/text v0.21.0 // indirect
golang.org/x/time v0.3.0 // indirect
- google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
- google.golang.org/protobuf v1.30.0 // indirect
+ google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 // indirect
+ google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 // indirect
+ google.golang.org/protobuf v1.36.1 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
+ lukechampine.com/blake3 v1.2.1 // indirect
)
diff --git a/go.sum b/go.sum
index f4c8c565..6050ad64 100644
--- a/go.sum
+++ b/go.sum
@@ -1,4 +1,3 @@
-bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8=
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
@@ -36,410 +35,124 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo=
+dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
+dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
-git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.15.1-0.20230802075510-964c3edb3f44 h1:v6JqBD/VzZx3QSxbaXnUwnnJ1KEYheU4LzLGr3IhsAE=
-git.frostfs.info/TrueCloudLab/frostfs-api-go/v2 v2.15.1-0.20230802075510-964c3edb3f44/go.mod h1:pKJJRLOChW4zDQsAt1e8k/snWKljJtpkiPfxV53ngjI=
-git.frostfs.info/TrueCloudLab/frostfs-contract v0.0.0-20230307110621-19a8ef2d02fb h1:S/TrbOOu9qEXZRZ9/Ddw7crnxbBUQLo68PSzQWYrc9M=
-git.frostfs.info/TrueCloudLab/frostfs-contract v0.0.0-20230307110621-19a8ef2d02fb/go.mod h1:nkR5gaGeez3Zv2SE7aceP0YwxG2FzIB5cGKpQO2vV2o=
+git.frostfs.info/TrueCloudLab/frostfs-contract v0.19.3-0.20240621131249-49e5270f673e h1:kcBqZBiFIUBATUqEuvVigtkJJWQ2Gug/eYXn967o3M4=
+git.frostfs.info/TrueCloudLab/frostfs-contract v0.19.3-0.20240621131249-49e5270f673e/go.mod h1:F/fe1OoIDKr5Bz99q4sriuHDuf3aZefZy9ZsCqEtgxc=
git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0 h1:FxqFDhQYYgpe41qsIHVOcdzSVCB8JNSfPG7Uk4r2oSk=
git.frostfs.info/TrueCloudLab/frostfs-crypto v0.6.0/go.mod h1:RUIKZATQLJ+TaYQa60X2fTDwfuhMfm8Ar60bQ5fr+vU=
-git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20230531082742-c97d21411eb6 h1:aGQ6QaAnTerQ5Dq5b2/f9DUQtSqPkZZ/bkMx/HKuLCo=
-git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20230531082742-c97d21411eb6/go.mod h1:W8Nn08/l6aQ7UlIbpF7FsQou7TVpcRD1ZT1KG4TrFhE=
-git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20230802103237-363f153eafa6 h1:u6lzNotV6MEMNEG/XeS7g+FjPrrf+j4gnOHtvun2KJc=
-git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20230802103237-363f153eafa6/go.mod h1:LI2GOj0pEx0jYTjB3QHja2PNhQFYL2pCm71RAFwDv0M=
+git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20241125133852-37bd75821121 h1:/Z8DfbLZXp7exUQWUKoG/9tbFdI9d5lV1qSReaYoG8I=
+git.frostfs.info/TrueCloudLab/frostfs-observability v0.0.0-20241125133852-37bd75821121/go.mod h1:kbwB4v2o6RyOfCo9kEFeUDZIX3LKhmS0yXPrtvzkQ1g=
+git.frostfs.info/TrueCloudLab/frostfs-qos v0.0.0-20250128150313-cfbca7fa1dfe h1:81gDNdWNLP24oMQukRiCE9R1wGSh0l0dRq3F1W+Oesc=
+git.frostfs.info/TrueCloudLab/frostfs-qos v0.0.0-20250128150313-cfbca7fa1dfe/go.mod h1:PCijYq4oa8vKtIEcUX6jRiszI6XAW+nBwU+T1kB4d1U=
+git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20250317082814-87bb55f992dc h1:fS6Yp4GvI+C22UrWz9oqJXwvQw5Q6SmADIY4H9eIQsc=
+git.frostfs.info/TrueCloudLab/frostfs-sdk-go v0.0.0-20250317082814-87bb55f992dc/go.mod h1:aQpPWfG8oyfJ2X+FenPTJpSRWZjwcP5/RAtkW+/VEX8=
git.frostfs.info/TrueCloudLab/hrw v1.2.1 h1:ccBRK21rFvY5R1WotI6LNoPlizk7qSvdfD8lNIRudVc=
git.frostfs.info/TrueCloudLab/hrw v1.2.1/go.mod h1:C1Ygde2n843yTZEQ0FP69jYiuaYV0kriLvP4zm8JuvM=
+git.frostfs.info/TrueCloudLab/multinet v0.0.0-20241015075604-6cb0d80e0972 h1:/960fWeyn2AFHwQUwDsWB3sbP6lTEnFnMzLMM6tx6N8=
+git.frostfs.info/TrueCloudLab/multinet v0.0.0-20241015075604-6cb0d80e0972/go.mod h1:2hM42MBrlhvN6XToaW6OWNk5ZLcu1FhaukGgxtfpDDI=
git.frostfs.info/TrueCloudLab/rfc6979 v0.4.0 h1:M2KR3iBj7WpY3hP10IevfIB9MURr4O9mwVfJ+SjT3HA=
git.frostfs.info/TrueCloudLab/rfc6979 v0.4.0/go.mod h1:okpbKfVYf/BpejtfFTfhZqFP+sZ8rsHrP8Rr/jYPNRc=
git.frostfs.info/TrueCloudLab/tzhash v1.8.0 h1:UFMnUIk0Zh17m8rjGHJMqku2hCgaXDqjqZzS4gsb4UA=
git.frostfs.info/TrueCloudLab/tzhash v1.8.0/go.mod h1:dhY+oy274hV8wGvGL4MwwMpdL3GYvaX1a8GQZQHvlF8=
-github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
-github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
+git.frostfs.info/TrueCloudLab/zapjournald v0.0.0-20240124114243-cb2e66427d02 h1:HeY8n27VyPRQe49l/fzyVMkWEB2fsLJYKp64pwA7tz4=
+git.frostfs.info/TrueCloudLab/zapjournald v0.0.0-20240124114243-cb2e66427d02/go.mod h1:rQFJJdEOV7KbbMtQYR2lNfiZk+ONRDJSbMCTWxKt8Fw=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU=
+github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8=
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
-github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
-github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
-github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw=
-github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg=
-github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A=
-github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74=
-github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k=
-github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k=
-github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8=
-github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
-github.com/CityOfZion/neo-go v0.62.1-pre.0.20191114145240-e740fbe708f8/go.mod h1:MJCkWUBhi9pn/CrYO1Q3P687y2KeahrOPS9BD9LDGb0=
-github.com/CityOfZion/neo-go v0.70.1-pre.0.20191209120015-fccb0085941e/go.mod h1:0enZl0az8xA6PVkwzEOwPWVJGqlt/GO4hA4kmQ5Xzig=
-github.com/CityOfZion/neo-go v0.70.1-pre.0.20191212173117-32ac01130d4c/go.mod h1:JtlHfeqLywZLswKIKFnAp+yzezY4Dji9qlfQKB2OD/I=
-github.com/CityOfZion/neo-go v0.71.1-pre.0.20200129171427-f773ec69fb84/go.mod h1:FLI526IrRWHmcsO+mHsCbj64pJZhwQFTLJZu+A4PGOA=
-github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA=
-github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
-github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw=
-github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0=
-github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0=
-github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84=
-github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84=
-github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84=
-github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA=
-github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
-github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg=
-github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg=
-github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ=
-github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8=
-github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg=
-github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00=
-github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600=
-github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4=
-github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg=
-github.com/Microsoft/hcsshim v0.9.2 h1:wB06W5aYFfUB3IvootYAY2WnOmIdgPGfqSI6tufQNnY=
-github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc=
-github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU=
-github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY=
-github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
-github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
-github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
-github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
-github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
-github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
-github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ=
-github.com/Workiva/go-datastructures v1.0.50/go.mod h1:Z+F2Rca0qCsVYDS8z7bAGm8f3UkzuWYS/oBZz5a7VVA=
-github.com/abiosoft/ishell v2.0.0+incompatible/go.mod h1:HQR9AqF2R3P4XXpMpI0NAzgHf/aS6+zVXRj14cVk9qg=
-github.com/abiosoft/ishell/v2 v2.0.2/go.mod h1:E4oTCXfo6QjoCart0QYa5m9w4S+deXs/P/9jA77A9Bs=
-github.com/abiosoft/readline v0.0.0-20180607040430-155bce2042db/go.mod h1:rB3B4rKii8V21ydCbIzH5hZiCQE7f5E9SzUb/ZZx530=
-github.com/aead/siphash v1.0.1/go.mod h1:Nywa3cDsYNNK3gaciGTWPwHt0wlpNV15vwmswBAUSII=
-github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
-github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
-github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
-github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
-github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
-github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0=
-github.com/alicebob/gopher-json v0.0.0-20180125190556-5a6b3ba71ee6/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc=
-github.com/alicebob/miniredis v2.5.0+incompatible/go.mod h1:8HZjEj4yU0dwhYHky+DxYx+6BMjkBbe5ONFIF1MXffk=
+github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
+github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
+github.com/VictoriaMetrics/easyproto v0.1.4 h1:r8cNvo8o6sR4QShBXQd1bKw/VVLSQma/V2KhTBPf+Sc=
+github.com/VictoriaMetrics/easyproto v0.1.4/go.mod h1:QlGlzaJnDfFd8Lk6Ci/fuLxfTo3/GThPs2KH23mv710=
github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
-github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
-github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210521073959-f0d4d129b7f1/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY=
-github.com/antlr4-go/antlr/v4 v4.13.0 h1:lxCg3LAv+EUK6t1i0y1V6/SLeUi0eKEKdhQAlS8TVTI=
-github.com/antlr4-go/antlr/v4 v4.13.0/go.mod h1:pfChB/xh/Unjila75QW7+VU4TSnWnnk9UTnmpPaOR2g=
-github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
-github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
-github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0=
-github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
-github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
-github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
-github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
-github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
+github.com/antlr4-go/antlr/v4 v4.13.1 h1:SqQKkuVZ+zWkMMNkjy5FZe5mr5WURWnlpmOuzYWrPrQ=
+github.com/antlr4-go/antlr/v4 v4.13.1/go.mod h1:GKmUxMtwp6ZgGwZSva4eWPC5mS6vUAmOABFgjdkM7Nw=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
-github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
-github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA=
-github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
-github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
-github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
-github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4=
-github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk=
-github.com/btcsuite/btcd v0.20.1-beta/go.mod h1:wVuoA8VJLEcwgqHBwHmzLRazpKxTv13Px/pDuV7OomQ=
-github.com/btcsuite/btcd v0.22.0-beta/go.mod h1:9n5ntfhhHQBIhUvlhDvD3Qg6fRUj4jkN0VB8L8svzOA=
-github.com/btcsuite/btclog v0.0.0-20170628155309-84c8d2346e9f/go.mod h1:TdznJufoqS23FtqVCzL0ZqgP5MqXbb4fg/WgDys70nA=
-github.com/btcsuite/btcutil v0.0.0-20190425235716-9e5f4b9a998d/go.mod h1:+5NJ2+qvTyV9exUAL/rxXi3DcLg2Ts+ymUAY5y4NvMg=
-github.com/btcsuite/btcutil v1.0.3-0.20201208143702-a53e38424cce/go.mod h1:0DVlHczLPewLcPGEIeUEzfOJhqGPQ0mJJRDBtD307+o=
-github.com/btcsuite/go-socks v0.0.0-20170105172521-4720035b7bfd/go.mod h1:HHNXQzUsZCxOoE+CPiyCTO6x34Zs86zZUiwtpXoGdtg=
-github.com/btcsuite/goleveldb v0.0.0-20160330041536-7834afc9e8cd/go.mod h1:F+uVaaLLH7j4eDXPRvw78tMflu7Ie2bzYOH4Y8rRKBY=
-github.com/btcsuite/goleveldb v1.0.0/go.mod h1:QiK9vBlgftBg6rWQIj6wFzbPfRjiykIEhBH4obrXJ/I=
-github.com/btcsuite/snappy-go v0.0.0-20151229074030-0bdef8d06723/go.mod h1:8woku9dyThutzjeg+3xrA5iCpBRH8XEEg3lh6TiUghc=
-github.com/btcsuite/snappy-go v1.0.0/go.mod h1:8woku9dyThutzjeg+3xrA5iCpBRH8XEEg3lh6TiUghc=
-github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792/go.mod h1:ghJtEyQwv5/p4Mg4C0fgbePVuGr935/5ddU9Z3TmDRY=
-github.com/btcsuite/winsvc v1.0.0/go.mod h1:jsenWakMcC0zFBFurPLEAyrnc/teJEM1O46fmI40EZs=
-github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
-github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8=
-github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50=
-github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE=
-github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
-github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw=
-github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
-github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
+github.com/bits-and-blooms/bitset v1.8.0 h1:FD+XqgOZDUxxZ8hzoBFuV9+cGWY9CslN6d5MS5JVb4c=
+github.com/bits-and-blooms/bitset v1.8.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8=
+github.com/bluele/gcache v0.0.2 h1:WcbfdXICg7G/DGBh1PFfcirkWOQV+v077yF1pSy3DGw=
+github.com/bluele/gcache v0.0.2/go.mod h1:m15KV+ECjptwSPxKhOhQoAFQVtUFjTVkc3H8o0t/fp0=
+github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
+github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
-github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
-github.com/cespare/xxhash/v2 v2.1.0/go.mod h1:dgIUBU3pDso/gPgZ1osOZ0iQf77oPR28Tjxl5dIMyVM=
-github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
-github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw=
-github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M=
-github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
-github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg=
-github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLIdUjrmSXlK9pkrsDlLHbO8jiB8X8JnOc=
-github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs=
-github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs=
-github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs=
-github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
-github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
-github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
-github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
-github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE=
-github.com/containerd/aufs v0.0.0-20201003224125-76a6863f2989/go.mod h1:AkGGQs9NM2vtYHaUen+NljV0/baGCAPELGm2q9ZXpWU=
-github.com/containerd/aufs v0.0.0-20210316121734-20793ff83c97/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU=
-github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU=
-github.com/containerd/btrfs v0.0.0-20201111183144-404b9149801e/go.mod h1:jg2QkJcsabfHugurUvvPhS3E08Oxiuh5W/g1ybB4e0E=
-github.com/containerd/btrfs v0.0.0-20210316141732-918d888fb676/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss=
-github.com/containerd/btrfs v1.0.0/go.mod h1:zMcX3qkXTAi9GI50+0HOeuV8LU2ryCE/V2vG/ZBiTss=
-github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601/go.mod h1:X9rLEHIqSf/wfK8NsPqxJmeZgW4pcfzdXITDrUSJ6uI=
-github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko=
-github.com/containerd/cgroups v0.0.0-20200531161412-0dbf7f05ba59/go.mod h1:pA0z1pT8KYB3TCXK/ocprsh7MAkoW8bZVzPdih9snmM=
-github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo=
-github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo=
-github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE=
-github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU=
-github.com/containerd/cgroups v1.0.3 h1:ADZftAkglvCiD44c77s5YmMqaP2pzVCFZvBmAlBdAP4=
-github.com/containerd/cgroups v1.0.3/go.mod h1:/ofk34relqNjSGyqPrmEULrO4Sc8LJhvJmWbUCUKqj8=
-github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw=
-github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw=
-github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE=
-github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw=
-github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ=
-github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U=
-github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.3.1-0.20191213020239-082f7e3aed57/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.4.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA=
-github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ=
-github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU=
-github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI=
-github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s=
-github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g=
-github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c=
-github.com/containerd/containerd v1.5.9/go.mod h1:fvQqCfadDGga5HZyn3j4+dx56qj2I9YwBrlSdalvJYQ=
-github.com/containerd/containerd v1.6.2 h1:pcaPUGbYW8kBw6OgIZwIVIeEhdWVrBzsoCfVJ5BjrLU=
-github.com/containerd/containerd v1.6.2/go.mod h1:sidY30/InSE1j2vdD1ihtKoJz+lWdaXMdiAeIupaf+s=
-github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
-github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
-github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y=
-github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cECdGN1O8G9bgKTlLhuPJimka6Xb/Gg7vYzCTNVxhvo=
-github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y=
-github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ=
-github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM=
-github.com/containerd/continuity v0.2.2 h1:QSqfxcn8c+12slxwu00AtzXrsami0MJb/MQs9lOLHLA=
-github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI=
-github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI=
-github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0=
-github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0=
-github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4=
-github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4=
-github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU=
-github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk=
-github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0=
-github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0=
-github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g=
-github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok=
-github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok=
-github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak9TYCG3juvb0=
-github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA=
-github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow=
-github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms=
-github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c=
-github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY=
-github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY=
-github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+ELgxmo4gBUeJB0tl5dqH1Sdz0nJU1QM=
-github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o=
-github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o=
-github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8=
-github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y=
-github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y=
-github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Evzy5KFQpQ=
-github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc=
-github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk=
-github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg=
-github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s=
-github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw=
-github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y=
-github.com/containerd/zfs v0.0.0-20210315114300-dde8f0fda960/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY=
-github.com/containerd/zfs v0.0.0-20210324211415-d5c4544f0433/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY=
-github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNRIRHsFY=
-github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
-github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
-github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
-github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM=
-github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8=
-github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc=
-github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4=
-github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY=
-github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
-github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
-github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
-github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
-github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
-github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
-github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
-github.com/coreos/go-systemd v0.0.0-20161114122254-48702e0da86b/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
-github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
-github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
-github.com/coreos/go-systemd/v22 v22.0.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
-github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk=
-github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
-github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
-github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
-github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
-github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU=
-github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
-github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
-github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/creack/pty v1.1.11 h1:07n33Z8lZxZ2qwegKbObQohDhXDQxiMMz1NOUGYlesw=
-github.com/creack/pty v1.1.11/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4=
-github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
-github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1SMSibvLzxjeJLnrYEVLULFNiHY9YfQ=
-github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s=
-github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8=
-github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I=
-github.com/davecgh/go-spew v0.0.0-20171005155431-ecdeabc65495/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/consensys/bavard v0.1.13 h1:oLhMLOFGTLdlda/kma4VOJazblc7IM5y5QPd2A/YjhQ=
+github.com/consensys/bavard v0.1.13/go.mod h1:9ItSMtA/dXMAiL7BG6bqW2m3NdSEObYWoH223nGHukI=
+github.com/consensys/gnark-crypto v0.12.2-0.20231013160410-1f65e75b6dfb h1:f0BMgIjhZy4lSRHCXFbQst85f5agZAjtDMixQqBWNpc=
+github.com/consensys/gnark-crypto v0.12.2-0.20231013160410-1f65e75b6dfb/go.mod h1:v2Gy7L/4ZRosZ7Ivs+9SfUDr0f5UlG+EM5t7MPHiLuY=
+github.com/containerd/containerd v1.7.18 h1:jqjZTQNfXGoEaZdW1WwPU0RqSn1Bm2Ay/KJPUuO8nao=
+github.com/containerd/containerd v1.7.18/go.mod h1:IYEk9/IO6wAPUz2bCMVUbsfXjzw5UNP5fLz4PsUygQ4=
+github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
+github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo=
+github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A=
+github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw=
+github.com/cpuguy83/dockercfg v0.3.2 h1:DlJTyZGBDlXqUZ2Dk2Q3xHs/FtnooJJVaad2S9GKorA=
+github.com/cpuguy83/dockercfg v0.3.2/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc=
+github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
+github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
+github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
+github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
-github.com/decred/dcrd/lru v1.0.0/go.mod h1:mxKOwFd7lFjN2GZYsiz/ecgqR6kkYAl+0pz0tEMk218=
-github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0=
-github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
-github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
-github.com/dnephin/pflag v1.0.7/go.mod h1:uxE91IoWURlOiTUIA8Mq5ZZkAv3dPUfZNaT80Zm7OQE=
-github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
-github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY=
-github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68=
-github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v1.4.2-0.20190924003213-a8608b5b67c7/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.11+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker v20.10.14+incompatible h1:+T9/PRYWNDo5SZl5qS1r9Mo/0Q8AwxKKPtu9S1yxM0w=
-github.com/docker/docker v20.10.14+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y=
-github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
-github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
-github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
-github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA=
-github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI=
-github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw=
-github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
-github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
-github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE=
-github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM=
-github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
-github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
-github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
-github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
-github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
-github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
+github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
+github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
+github.com/docker/docker v27.1.1+incompatible h1:hO/M4MtV36kzKldqnA37IWhebRA+LnqqcqDja6kVaKY=
+github.com/docker/docker v27.1.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
+github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
+github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
+github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po=
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
-github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
-github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
-github.com/etcd-io/bbolt v1.3.3/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHjkjCrw=
-github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
github.com/fasthttp/router v1.4.1 h1:3xPUO+hy/HAkgGDSd5sX5w18cyGDIFbC7vip8KwPDk8=
github.com/fasthttp/router v1.4.1/go.mod h1:4P0Kq4C882tA2evBKDW7De7hGfWmvV8FN+zqt8Lu49Q=
-github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
-github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
-github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
-github.com/flynn-archive/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:rZfgFAXFS/z/lEd6LJmf9HVZ1LkgYiHx5pHhV5DR16M=
-github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
-github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k=
-github.com/frankban/quicktest v1.14.0/go.mod h1:NeW+ay9A/U67EYXNFA1nPE8e/tnQv/09mUdL/ijj8og=
+github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
+github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA=
+github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
-github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA=
-github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY=
-github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
-github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
-github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
-github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
-github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
-github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0=
-github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
-github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
-github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
-github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs=
-github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
-github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
-github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
+github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
-github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0=
-github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg=
-github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg=
-github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg=
-github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc=
-github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8=
-github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc=
-github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo=
-github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
-github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
-github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk=
-github.com/go-redis/redis v6.10.2+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
-github.com/go-redis/redis v6.15.9+incompatible h1:K0pv1D7EQUjfyoMql+r/jZqCLizCGKFlFgcHWWmHQjg=
-github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA=
-github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
-github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
-github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0=
-github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw=
-github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw=
-github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4=
-github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
-github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
-github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
-github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU=
-github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c=
-github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
-github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
-github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
-github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
-github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
+github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4=
-github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE=
-github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
@@ -447,8 +160,6 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
-github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8=
-github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
@@ -463,16 +174,11 @@ github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvq
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
-github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
-github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
+github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
@@ -483,15 +189,11 @@ github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
-github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0=
-github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
@@ -506,520 +208,258 @@ github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLe
github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
-github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
-github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
-github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
-github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=
github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g=
-github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
-github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
-github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
-github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
-github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
-github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
-github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
-github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
-github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
-github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
-github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
-github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
-github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
-github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0/go.mod h1:hgWBS7lorOAVIJEQMi4ZsPv9hVvWI6+ch50m39Pf2Ks=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.2 h1:gDLXvp5S9izjldquuoAhDzccbskOL6tDC5jMSyx3zxE=
-github.com/grpc-ecosystem/grpc-gateway/v2 v2.15.2/go.mod h1:7pdNwVWBBHGiCxa9lAszqCJMbfTISJ7oMftp8+UGV08=
-github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
-github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I=
-github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
+github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY=
+github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0=
+github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
-github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
-github.com/hashicorp/golang-lru v0.6.0 h1:uL2shRDx7RTrOrTCUZEGP/wJUFiUI8QT6E7z5o8jga4=
-github.com/hashicorp/golang-lru v0.6.0/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
-github.com/hashicorp/golang-lru/v2 v2.0.2 h1:Dwmkdr5Nc/oBiXgJS3CDHNhJtIHkuZ3DZF5twqnfBdU=
-github.com/hashicorp/golang-lru/v2 v2.0.2/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
+github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
+github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
-github.com/holiman/uint256 v1.2.0/go.mod h1:y4ga/t+u+Xwd7CpDgZESaRcWy0I7XMlTMA25ApIH5Jw=
+github.com/holiman/uint256 v1.2.4 h1:jUc4Nk8fm9jZabQuqr2JzednajVmBpC+oiTiXZJEApU=
+github.com/holiman/uint256 v1.2.4/go.mod h1:EOMSn4q6Nyt9P6efbI3bueV4e1b3dGlUCXeiRV4ng7E=
github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
-github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
-github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
-github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
-github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
-github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
-github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
-github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA=
-github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
-github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
-github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
-github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
-github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8=
-github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
-github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
-github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4=
-github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ=
-github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
-github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
-github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
-github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
-github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/ipfs/go-cid v0.0.7 h1:ysQJVJA3fNDF1qigJbsSQOdjhVLsOEoPdh0+R97k3jY=
+github.com/ipfs/go-cid v0.0.7/go.mod h1:6Ux9z5e+HpkQdckYoX1PG/6xqKspzlEIR5SDmgqgC/I=
+github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
+github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
-github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
-github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
-github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
-github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
-github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
-github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/kkdai/bstream v0.0.0-20161212061736-f391b8402d23/go.mod h1:J+Gs4SYgM6CZQHDETBtE9HaSEkGmuNXF86RwHhHUvq4=
-github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
-github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
github.com/klauspost/compress v1.12.2/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
github.com/klauspost/compress v1.15.0/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
-github.com/klauspost/compress v1.16.4 h1:91KN02FnsOYhuunwU4ssRe8lc2JosWmizWa91B5v1PU=
-github.com/klauspost/compress v1.16.4/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
-github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW4fZ4=
+github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM=
+github.com/klauspost/cpuid/v2 v2.2.6 h1:ndNyv040zDGIDh8thGkXYjnFtiN02M1PVVF+JE/48xc=
+github.com/klauspost/cpuid/v2 v2.2.6/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg=
-github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
-github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
-github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
-github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo=
-github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
-github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
-github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
-github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
-github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
-github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs=
-github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho=
-github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
-github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
-github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
-github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
-github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
-github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
-github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
-github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84=
-github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
-github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
-github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o=
-github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o=
-github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
-github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
-github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
-github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY=
-github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
-github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4=
-github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
-github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
+github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
+github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
+github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ=
+github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM=
+github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM=
+github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8=
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
-github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A=
-github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc=
-github.com/moby/sys/mount v0.2.0/go.mod h1:aAivFE2LB3W4bACsUXChRHQ0qKWsetY4Y9V7sxOougM=
-github.com/moby/sys/mount v0.3.2 h1:uq/CiGDZPvr+c85RYHtKIUORFbmavBUyWH3E1NEyjqI=
-github.com/moby/sys/mount v0.3.2/go.mod h1:iN27Ec0LtJ0Mx/++rE6t6mTdbbEEZd+oKfAHP1y6vHs=
-github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A=
-github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A=
-github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU=
-github.com/moby/sys/mountinfo v0.6.1 h1:+H/KnGEAGRpTrEAqNVQ2AM3SiwMgJUt/TXj+Z8cmCIc=
-github.com/moby/sys/mountinfo v0.6.1/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU=
-github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ=
-github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo=
-github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 h1:dcztxKSvZ4Id8iPpHERQBbIJfabdt4wUm5qy3wOL2Zc=
-github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw=
-github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
-github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
+github.com/mmcloughlin/addchain v0.4.0 h1:SobOdjm2xLj1KkXN5/n0xTIWyZA2+s99UCY1iPfkHRY=
+github.com/mmcloughlin/addchain v0.4.0/go.mod h1:A86O+tHqZLMNO4w6ZZ4FlVQEadcoqkyU72HC5wJ4RlU=
+github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
+github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
+github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
+github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc=
+github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc=
+github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo=
+github.com/moby/sys/user v0.1.0 h1:WmZ93f5Ux6het5iituh9x2zAG7NFY9Aqi49jjE1PaQg=
+github.com/moby/sys/user v0.1.0/go.mod h1:fKJhFOnsCN6xZ5gSfbM6zaHGgDJMrqt9/reuj4T7MmU=
+github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
+github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
-github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
+github.com/mr-tron/base58 v1.1.0/go.mod h1:xcD2VGqlgYjBdcBLw+TuYLr8afG+Hj8g2eTVqeSzSU8=
+github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
-github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ=
-github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
-github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
-github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
-github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
-github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/nspcc-dev/dbft v0.0.0-20191205084618-dacb1a30c254/go.mod h1:w1Ln2aT+dBlPhLnuZhBV+DfPEdS2CHWWLp5JTScY3bw=
-github.com/nspcc-dev/dbft v0.0.0-20191209120240-0d6b7568d9ae/go.mod h1:3FjXOoHmA51EGfb5GS/HOv7VdmngNRTssSeQ729dvGY=
-github.com/nspcc-dev/dbft v0.0.0-20200117124306-478e5cfbf03a/go.mod h1:/YFK+XOxxg0Bfm6P92lY5eDSLYfp06XOdL8KAVgXjVk=
-github.com/nspcc-dev/dbft v0.0.0-20200219114139-199d286ed6c1/go.mod h1:O0qtn62prQSqizzoagHmuuKoz8QMkU3SzBoKdEvm3aQ=
-github.com/nspcc-dev/dbft v0.0.0-20210721160347-1b03241391ac/go.mod h1:U8MSnEShH+o5hexfWJdze6uMFJteP0ko7J2frO7Yu1Y=
-github.com/nspcc-dev/dbft v0.0.0-20220902113116-58a5e763e647/go.mod h1:g9xisXmX9NP9MjioaTe862n9SlZTrP+6PVUWLBYOr98=
-github.com/nspcc-dev/go-ordered-json v0.0.0-20210915112629-e1b6cce73d02/go.mod h1:79bEUDEviBHJMFV6Iq6in57FEOCMcRhfQnfaf0ETA5U=
-github.com/nspcc-dev/go-ordered-json v0.0.0-20220111165707-25110be27d22 h1:n4ZaFCKt1pQJd7PXoMJabZWK9ejjbLOVrkl/lOUmshg=
-github.com/nspcc-dev/go-ordered-json v0.0.0-20220111165707-25110be27d22/go.mod h1:79bEUDEviBHJMFV6Iq6in57FEOCMcRhfQnfaf0ETA5U=
-github.com/nspcc-dev/hrw v1.0.9/go.mod h1:l/W2vx83vMQo6aStyx2AuZrJ+07lGv2JQGlVkPG06MU=
-github.com/nspcc-dev/neo-go v0.73.1-pre.0.20200303142215-f5a1b928ce09/go.mod h1:pPYwPZ2ks+uMnlRLUyXOpLieaDQSEaf4NM3zHVbRjmg=
-github.com/nspcc-dev/neo-go v0.98.0/go.mod h1:E3cc1x6RXSXrJb2nDWXTXjnXk3rIqVN8YdFyWv+FrqM=
-github.com/nspcc-dev/neo-go v0.99.4/go.mod h1:mKTolfRUfKjFso5HPvGSQtUZc70n0VKBMs16eGuC5gA=
-github.com/nspcc-dev/neo-go v0.101.2-0.20230601131642-a0117042e8fc h1:fySIWvUQsitK5e5qYIHnTDCXuPpwzz89SEUEIyY11sg=
-github.com/nspcc-dev/neo-go v0.101.2-0.20230601131642-a0117042e8fc/go.mod h1:s9QhjMC784MWqTURovMbyYduIJc86mnCruxcMiAebpc=
-github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20220927123257-24c107e3a262/go.mod h1:23bBw0v6pBYcrWs8CBEEDIEDJNbcFoIh8pGGcf2Vv8s=
-github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20230615193820-9185820289ce h1:vLGuUNDkmQrWMa4rr4vTd1u8ULqejWxVmNz1L7ocTEI=
-github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20230615193820-9185820289ce/go.mod h1:ZUuXOkdtHZgaC13za/zMgXfQFncZ0jLzfQTe+OsDOtg=
-github.com/nspcc-dev/neofs-api-go/v2 v2.11.0-pre.0.20211201134523-3604d96f3fe1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs=
-github.com/nspcc-dev/neofs-api-go/v2 v2.11.1/go.mod h1:oS8dycEh8PPf2Jjp6+8dlwWyEv2Dy77h/XhhcdxYEFs=
-github.com/nspcc-dev/neofs-crypto v0.2.0/go.mod h1:F/96fUzPM3wR+UGsPi3faVNmFlA9KAEAUQR7dMxZmNA=
-github.com/nspcc-dev/neofs-crypto v0.2.3/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw=
-github.com/nspcc-dev/neofs-crypto v0.3.0/go.mod h1:8w16GEJbH6791ktVqHN9YRNH3s9BEEKYxGhlFnp0cDw=
-github.com/nspcc-dev/neofs-crypto v0.4.0/go.mod h1:6XJ8kbXgOfevbI2WMruOtI+qUJXNwSGM/E9eClXxPHs=
-github.com/nspcc-dev/neofs-sdk-go v0.0.0-20211201182451-a5b61c4f6477/go.mod h1:dfMtQWmBHYpl9Dez23TGtIUKiFvCIxUZq/CkSIhEpz4=
-github.com/nspcc-dev/neofs-sdk-go v0.0.0-20220113123743-7f3162110659/go.mod h1:/jay1lr3w7NQd/VDBkEhkJmDmyPNsu4W+QV2obsUV40=
-github.com/nspcc-dev/rfc6979 v0.1.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso=
-github.com/nspcc-dev/rfc6979 v0.2.0 h1:3e1WNxrN60/6N0DW7+UYisLeZJyfqZTNOjeV/toYvOE=
-github.com/nspcc-dev/rfc6979 v0.2.0/go.mod h1:exhIh1PdpDC5vQmyEsGvc4YDM/lyQp/452QxGq/UEso=
+github.com/multiformats/go-base32 v0.0.3/go.mod h1:pLiuGC8y0QR3Ue4Zug5UzK9LjgbkL8NSQj0zQ5Nz/AA=
+github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aGkbLYxPE=
+github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI=
+github.com/multiformats/go-base36 v0.1.0/go.mod h1:kFGE83c6s80PklsHO9sRn2NCoffoRdUUOENyW/Vv6sM=
+github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0=
+github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a1UV0xHgWc0hkp4=
+github.com/multiformats/go-multiaddr v0.14.0 h1:bfrHrJhrRuh/NXH5mCnemjpbGjzRw/b+tJFOD41g2tU=
+github.com/multiformats/go-multiaddr v0.14.0/go.mod h1:6EkVAxtznq2yC3QT5CM1UTAwG0GTP3EWAIcjHuzQ+r4=
+github.com/multiformats/go-multibase v0.0.3/go.mod h1:5+1R4eQrT3PkYZ24C3W2Ue2tPwIdYQD509ZjSb5y9Oc=
+github.com/multiformats/go-multibase v0.2.0 h1:isdYCVLvksgWlMW9OZRYJEa9pZETFivncJHmHnnd87g=
+github.com/multiformats/go-multibase v0.2.0/go.mod h1:bFBZX4lKCA/2lyOFSAoKH5SS6oPyjtnzK/XTFDPkNuk=
+github.com/multiformats/go-multihash v0.0.13/go.mod h1:VdAWLKTwram9oKAatUcLxBNUjdtcVwxObEQBtRfuyjc=
+github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7BFvVU9RSh+U=
+github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM=
+github.com/multiformats/go-varint v0.0.5/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE=
+github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8=
+github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU=
+github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2 h1:mD9hU3v+zJcnHAVmHnZKt3I++tvn30gBj2rP2PocZMk=
+github.com/nspcc-dev/go-ordered-json v0.0.0-20240301084351-0246b013f8b2/go.mod h1:U5VfmPNM88P4RORFb6KSUVBdJBDhlqggJZYGXGPxOcc=
+github.com/nspcc-dev/neo-go v0.106.2 h1:KXSJ2J5Oacc7LrX3r4jvnC8ihKqHs5NB21q4f2S3r9o=
+github.com/nspcc-dev/neo-go v0.106.2/go.mod h1:Ojwfx3/lv0VTeEHMpQ17g0wTnXcCSoFQVq5GEeCZmGo=
+github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d h1:Vcb7YkZuUSSIC+WF/xV3UDfHbAxZgyT2zGleJP3Ig5k=
+github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20240521091047-78685785716d/go.mod h1:/vrbWSHc7YS1KSYhVOyyeucXW/e+1DkVBOgnBEXUCeY=
+github.com/nspcc-dev/rfc6979 v0.2.1 h1:8wWxkamHWFmO790GsewSoKUSJjVnL1fmdRpokU/RgRM=
+github.com/nspcc-dev/rfc6979 v0.2.1/go.mod h1:Tk7h5kyUWkhjyO3zUgFFhy1v2vQv3BvQEntakdtqrWc=
+github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
-github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U=
-github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
-github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg=
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.14.0 h1:2mOpI4JVVPBN+WQRa0WKH2eXR+Ey+uK4n7Zj0aYpIQA=
github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
-github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
-github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
-github.com/onsi/gomega v1.4.1/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
-github.com/onsi/gomega v1.4.2/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
-github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
-github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
-github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
-github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA=
+github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE=
github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
-github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc=
-github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
-github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
-github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
-github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
-github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
-github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
-github.com/opencontainers/image-spec v1.0.2 h1:9yCKha/T5XdGtO0q9Q9a6T5NUCsTn/DrBg0D7ufOcFM=
-github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
-github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
-github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
-github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
-github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
-github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0=
-github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0=
-github.com/opencontainers/runc v1.1.1 h1:PJ9DSs2sVwE0iVr++pAHE6QkS9tzcVWozlPifdwMgrU=
-github.com/opencontainers/runc v1.1.1/go.mod h1:Tj1hFw6eFWp/o33uxGf5yF2BX5yz2Z6iptFpuvbbKqc=
-github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs=
-github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE=
-github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo=
-github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8=
-github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI=
-github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
-github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc=
+github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
+github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM=
+github.com/panjf2000/ants/v2 v2.5.0 h1:1rWGWSnxCsQBga+nQbA4/iY6VMeNoOIAM0ZWh9u3q2Q=
+github.com/panjf2000/ants/v2 v2.5.0/go.mod h1:cU93usDlihJZ5CfRGNDYsiBYvoilLvBF5Qp/BT2GNRE=
github.com/pelletier/go-toml/v2 v2.0.6 h1:nrzqCb7j9cDFj2coyLNLaZuJTLjWjlaz6nvTvIwycIU=
github.com/pelletier/go-toml/v2 v2.0.6/go.mod h1:eumQOmlWiOPt5WriQQqoM5y18pDHwha2N+QD+EUNTek=
-github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
-github.com/pierrec/lz4 v2.6.1+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
-github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA=
-github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
-github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
-github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso=
-github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
-github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g=
-github.com/prometheus/client_golang v1.2.1/go.mod h1:XMU6Z2MjaRKVu/dC1qupJI9SiNkDYzz3xecMgSW/F+U=
-github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
-github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY=
-github.com/prometheus/client_golang v1.13.0/go.mod h1:vTeo+zgvILHsnnj/39Ou/1fPN5nJFOEMgftOUOmlvYQ=
-github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI=
-github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk=
-github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
-github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
-github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
+github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU=
+github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k=
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4=
-github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w=
-github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
-github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
-github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
-github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
-github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc=
-github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
-github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
-github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
-github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA=
-github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM=
-github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc=
-github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
-github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
-github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
-github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
-github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ=
-github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
-github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
-github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
-github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4=
-github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI=
-github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY=
-github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
-github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
-github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
+github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
+github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
+github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
+github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
+github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
+github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
-github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
-github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
-github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
+github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4=
-github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
github.com/savsgio/gotils v0.0.0-20210617111740-97865ed5a873 h1:N3Af8f13ooDKcIhsmFT7Z05CStZWu4C7Md0uDEy4q6o=
github.com/savsgio/gotils v0.0.0-20210617111740-97865ed5a873/go.mod h1:dmPawKuiAeG/aFYVs2i+Dyosoo7FNcm+Pi8iK6ZUrX8=
-github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U=
-github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo=
-github.com/seccomp/libseccomp-golang v0.9.2-0.20210429002308-3879420cc921/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg=
-github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
-github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
-github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc=
-github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
-github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
-github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
-github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
-github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
-github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
-github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
-github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
-github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
-github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
-github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/shirou/gopsutil/v3 v3.23.12 h1:z90NtUkp3bMtmICZKpC4+WaknU1eXtp5vtbQ11DgpE4=
+github.com/shirou/gopsutil/v3 v3.23.12/go.mod h1:1FrWgea594Jp7qmjHUUPlJDTPgcsb9mGnXDxavtikzM=
+github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
+github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
+github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU=
+github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
-github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
-github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
github.com/spf13/afero v1.9.3 h1:41FoI0fD7OR7mGcKE/aOiLkGreyf8ifIOQmJANWogMk=
github.com/spf13/afero v1.9.3/go.mod h1:iUV7ddyEEZPO5gA3zD4fJt6iStLlL+Lg4m2cihcDf8Y=
-github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU=
-github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
-github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
-github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
-github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk=
github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo=
-github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
-github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
-github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
-github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
-github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
github.com/spf13/viper v1.15.0 h1:js3yy885G8xwJa6iOISGFwd+qlUo5AvyXb7CiihdtiU=
github.com/spf13/viper v1.15.0/go.mod h1:fFcTBJxvhhzSJiZy8n+PeW6t8l+KeT/uTARa0jHOQLA=
-github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8=
-github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/ssgreg/journald v1.0.0 h1:0YmTDPJXxcWDPba12qNMdO6TxvfkFSYpFIJ31CwmLcU=
+github.com/ssgreg/journald v1.0.0/go.mod h1:RUckwmTM8ghGWPslq2+ZBZzbb9/2KgjzYZ4JEP+oRt0=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
-github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
-github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8=
github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0=
-github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
-github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
-github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
-github.com/syndtr/goleveldb v0.0.0-20180307113352-169b1b37be73/go.mod h1:Z4AUp2Km+PwemOoO/VB5AOx9XSsIItzFjoJlOSiYmn0=
-github.com/syndtr/goleveldb v1.0.1-0.20210305035536-64b5b1c73954/go.mod h1:u2MKkTVTVJWe5D1rCvame8WqhBd88EuIwODJZ1VHCPM=
github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 h1:epCh84lMvA70Z7CTTCmYQn2CKbY8j86K7/FAIr141uY=
github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7/go.mod h1:q4W45IWZaF22tdD+VEXcAWRA037jwmWEB5VWYORlTpc=
-github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I=
-github.com/testcontainers/testcontainers-go v0.13.0 h1:OUujSlEGsXVo/ykPVZk3KanBNGN0TYb/7oKIPVn15JA=
-github.com/testcontainers/testcontainers-go v0.13.0/go.mod h1:z1abufU633Eb/FmSBTzV6ntZAC1eZBYPtaFsn4nPuDk=
-github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
-github.com/twmb/murmur3 v1.1.5/go.mod h1:Qq/R7NUyOfr65zD+6Q5IHKsJLwP7exErjN6lyyq3OSQ=
+github.com/testcontainers/testcontainers-go v0.35.0 h1:uADsZpTKFAtp8SLK+hMwSaa+X+JiERHtd4sQAFmXeMo=
+github.com/testcontainers/testcontainers-go v0.35.0/go.mod h1:oEVBj5zrfJTrgjwONs1SsRbnBtH9OKl+IGl3UMcr2B4=
+github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU=
+github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI=
+github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
+github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY=
+github.com/trailofbits/go-fuzz-utils v0.0.0-20230413173806-58c38daa3cb4 h1:GpfJ7OdNjS7BFTVwNCUI9L4aCJOFRbr5fdHqjdhoYE8=
+github.com/trailofbits/go-fuzz-utils v0.0.0-20230413173806-58c38daa3cb4/go.mod h1:f3jBhpWvuZmue0HZK52GzRHJOYHYSILs/c8+K2S/J+o=
github.com/twmb/murmur3 v1.1.8 h1:8Yt9taO/WN3l08xErzjeschgZU2QSrwm1kclYq+0aRg=
github.com/twmb/murmur3 v1.1.8/go.mod h1:Qq/R7NUyOfr65zD+6Q5IHKsJLwP7exErjN6lyyq3OSQ=
-github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
-github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
-github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
-github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
-github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
-github.com/urfave/cli v1.22.5 h1:lNq9sAHXK2qfdI8W+GRItjCEkI+2oR4d+MEHy1CKXoU=
-github.com/urfave/cli v1.22.5/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/urfave/cli v1.22.12 h1:igJgVw1JdKH+trcLWLeLwZjU9fEfPesQ+9/e4MQ44S8=
+github.com/urfave/cli v1.22.12/go.mod h1:sSBEIC79qR6OvcmsD4U3KABeOTxDqQtdDnaFuUN30b8=
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
github.com/valyala/fasthttp v1.28.0/go.mod h1:cmWIqlu99AO/RKcp1HWaViTqc57FswJOfYYdPJBl8BA=
github.com/valyala/fasthttp v1.34.0 h1:d3AAQJ2DRcxJYHm7OXNXtXt2as1vMDfxeIcFvhmGGm4=
github.com/valyala/fasthttp v1.34.0/go.mod h1:epZA5N+7pY6ZaEKRmstzOuYJx9HI8DI1oaCGZpdH4h0=
github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
-github.com/virtuald/go-ordered-json v0.0.0-20170621173500-b18e6e673d74 h1:JwtAtbp7r/7QSyGz8mKUbYJBg2+6Cd7OjM8o/GNOcVo=
-github.com/virtuald/go-ordered-json v0.0.0-20170621173500-b18e6e673d74/go.mod h1:RmMWU37GKR2s6pgrIEB4ixgpVCt/cf7dnJv3fuH1J1c=
-github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
-github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
-github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho=
-github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI=
-github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU=
-github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
-github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
-github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI=
-github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
-github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
-github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs=
-github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
-github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-github.com/yuin/gopher-lua v0.0.0-20190514113301-1cd887cd7036/go.mod h1:gqRgreBUhTSL0GeU64rtZ3Uq3wtjOa/TB2YfrtkCbVQ=
-github.com/yuin/gopher-lua v0.0.0-20191128022950-c6266f4fe8d7/go.mod h1:gqRgreBUhTSL0GeU64rtZ3Uq3wtjOa/TB2YfrtkCbVQ=
-github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs=
-github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA=
-github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg=
-go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
-go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
-go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
-go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU=
-go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
-go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg=
-go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk=
+github.com/yusufpapurcu/wmi v1.2.3 h1:E1ctvB7uKFMOJw3fdOW32DwGE9I7t++CRUEMKvFoFiw=
+github.com/yusufpapurcu/wmi v1.2.3/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
+go.etcd.io/bbolt v1.3.9 h1:8x7aARPEXiXbHmtUwAIv7eV2fQFHrLLavdiJ3uzJXoI=
+go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE=
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
-go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
-go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
-go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s=
-go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4=
-go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 h1:t4ZwRPU+emrcvM2e9DHd0Fsf0JTPVcbfa/BhTDF03d0=
-go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0/go.mod h1:vLarbg68dH2Wa77g71zmKQqlQ8+8Rq3GRG31uc0WcWI=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 h1:cbsD4cUcviQGXdw8+bo5x2wazq10SKz8hEbtCRPcU78=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0/go.mod h1:JgXSGah17croqhJfhByOLVY719k1emAXC8MVhCIJlRs=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0 h1:TVQp/bboR4mhZSav+MdgXB8FaRho1RC8UwVn3T0vjVc=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0/go.mod h1:I33vtIe0sR96wfrUcilIzLoA3mLHhRmz9S9Te0S3gDo=
-go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.16.0 h1:+XWJd3jf75RXJq29mxbuXhCXFDG3S3R4vBUeSI2P7tE=
-go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.16.0/go.mod h1:hqgzBPTf4yONMFgdZvL/bK42R/iinTyVQtiWihs3SZc=
-go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo=
-go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4=
-go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiMWgE=
-go.opentelemetry.io/otel/sdk v1.16.0/go.mod h1:tMsIuKXuuIWPBAOrH+eHtvhTL+SntFtXF9QD68aP6p4=
-go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs=
-go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0=
-go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
-go.opentelemetry.io/proto/otlp v0.19.0 h1:IVN6GR+mhC4s5yfcTbmzHYODqvWAp3ZedA2SJPI1Nnw=
-go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U=
-go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
-go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
-go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
-go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
-go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
-go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
-go.uber.org/goleak v1.1.12/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
-go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
-go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
-go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 h1:jq9TW8u3so/bN+JPT166wjOI6/vQPF6Xe7nMNIltagk=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0/go.mod h1:p8pYQP+m5XfbZm9fxtSKAbM6oIllS7s2AfxrChvc7iw=
+go.opentelemetry.io/otel v1.31.0 h1:NsJcKPIW0D0H3NgzPDHmo0WW6SptzPdqg/L1zsIm2hY=
+go.opentelemetry.io/otel v1.31.0/go.mod h1:O0C14Yl9FgkjqcCZAsE053C13OaddMYr/hz6clDkEJE=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0/go.mod h1:s75jGIWA9OfCMzF0xr+ZgfrB5FEbbV7UuYo32ahUiFI=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 h1:R3X6ZXmNPRR8ul6i3WgFURCHzaXjHdm0karRG/+dj3s=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0/go.mod h1:QWFXnDavXWwMx2EEcZsf3yxgEKAqsxQ+Syjp+seyInw=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0 h1:IeMeyr1aBvBiPVYihXIaeIZba6b8E1bYp7lbdxK8CQg=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0/go.mod h1:oVdCUtjq9MK9BlS7TtucsQwUcXcymNiEDjgDD2jMtZU=
+go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.28.0 h1:EVSnY9JbEEW92bEkIYOVMw4q1WJxIAGoFTrtYOzWuRQ=
+go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.28.0/go.mod h1:Ea1N1QQryNXpCD0I1fdLibBAIpQuBkznMmkdKrapk1Y=
+go.opentelemetry.io/otel/metric v1.31.0 h1:FSErL0ATQAmYHUIzSezZibnyVlft1ybhy4ozRPcF2fE=
+go.opentelemetry.io/otel/metric v1.31.0/go.mod h1:C3dEloVbLuYoX41KpmAhOqNriGbA+qqH6PQ5E5mUfnY=
+go.opentelemetry.io/otel/sdk v1.31.0 h1:xLY3abVHYZ5HSfOg3l2E5LUj2Cwva5Y7yGxnSW9H5Gk=
+go.opentelemetry.io/otel/sdk v1.31.0/go.mod h1:TfRbMdhvxIIr/B2N2LQW2S5v9m3gOQ/08KsbbO5BPT0=
+go.opentelemetry.io/otel/sdk/metric v1.31.0 h1:i9hxxLJF/9kkvfHppyLL55aW7iIJz4JjxTeYusH7zMc=
+go.opentelemetry.io/otel/sdk/metric v1.31.0/go.mod h1:CRInTMVvNhUKgSAMbKyTMxqOBC0zgyxzW55lZzX43Y8=
+go.opentelemetry.io/otel/trace v1.31.0 h1:ffjsj1aRouKewfr85U2aGagJ46+MvodynlQ1HYdmJys=
+go.opentelemetry.io/otel/trace v1.31.0/go.mod h1:TXZkRk7SM2ZQLtR6eoAWQFIHPvzQ06FJAsO1tJg480A=
+go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0=
+go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
-go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
-go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
-go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
-go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
-golang.org/x/crypto v0.0.0-20170930174604-9419663f5a44/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20181009213950-7c1a557ab941/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200115085410-6d4e4cb37c7d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
-golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
-golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
+golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -1030,8 +470,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
-golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc h1:mCRnTeVUjcrhlRmO0VK8a6k6Rrf6TF9htwo2pJVSjIU=
-golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
+golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 h1:vr/HnozRka3pE4EsMEg1lgkXJkTFJCVUX+S/ZT6wYzM=
+golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842/go.mod h1:XtvwrStGgqGPLc4cjQfWqZHG1YFdYs6swckp8vpsjnc=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -1055,31 +495,21 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro=
-golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
+golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
-golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -1096,24 +526,16 @@ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81R
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200813134508-3edf25e44fcc/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
-golang.org/x/net v0.0.0-20201006153459-a7d1128ccaa0/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20211108170745-6635138e15ea/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
-golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
-golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1123,9 +545,6 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ
golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -1136,58 +555,29 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
-golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190522044717-8097e1b27ff5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20191210023423-ac6580df4449/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -1197,98 +587,66 @@ golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200814200057-3d37ad5750ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200817155316-9781c653f443/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200916030750-2334cc1a136f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200922070232-aee5d888a860/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201112073958-5cba982894dd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201117170446-d9b008d0a637/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220227234510-4e6760a101f9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.0.0-20210429154555-c04ba851c2a4/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols=
-golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
+golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
+golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
-golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20180318012157-96caea41033d/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
-golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
@@ -1308,18 +666,14 @@ golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjs
golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
-golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
-golang.org/x/tools v0.0.0-20200916195026-c9a70fc28ce3/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
-golang.org/x/tools v0.0.0-20201022035929-9cf592e881e9/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
@@ -1327,14 +681,14 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
-golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.1.8/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
+golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk=
+golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
@@ -1361,13 +715,11 @@ google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww
google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
-google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto v0.0.0-20190522204451-c2c4e71fbf69/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s=
google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
@@ -1376,7 +728,6 @@ google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvx
google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
-google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
@@ -1387,33 +738,27 @@ google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfG
google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/genproto v0.0.0-20200527145253-8367513e4ece/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
-google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
-google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 h1:KpwkzHKEF7B9Zxg18WzOa7djJ+Ha5DzthMyZYQfEn2A=
-google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1/go.mod h1:nKE/iIaLqn2bQwXBg8f1g2Ylh6r5MN5CmZvuzZCgsCU=
-google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
+google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 h1:fVoAXEKA4+yufmbdVYv+SE73+cPZbbbe8paLsHfkK+U=
+google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53/go.mod h1:riSXTwQ4+nqmPGtobMFyW5FqVAmIs0St6VPp4Ug7CE4=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 h1:X58yt85/IXCx0Y3ZwN6sEIKZzQtDEYaBWrDvErdXrRE=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
-google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA=
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
@@ -1423,16 +768,11 @@ google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3Iji
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
-google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8=
google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
-google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
-google.golang.org/grpc v1.41.0/go.mod h1:U3l9uK9J0sini8mHphKoXyaqDA/8VyGnDee1zzIUK6k=
-google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
-google.golang.org/grpc v1.55.0 h1:3Oj82/tFSCeUrRTg/5E/7d/W5A1tj6Ky1ABAuZuv5ag=
-google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8=
+google.golang.org/grpc v1.69.2 h1:U3S9QEtbXC0bYNvRtcoklF3xGtLViumSYxWykJS+7AU=
+google.golang.org/grpc v1.69.2/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
@@ -1443,53 +783,29 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
-google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
-google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-gopkg.in/abiosoft/ishell.v2 v2.0.0/go.mod h1:sFp+cGtH6o4s1FtpVPTMcHq2yue+c4DGOVohJCPUzwY=
-gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U=
-gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
+google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
+google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
-gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
-gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo=
-gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
-gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k=
-gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
-gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
-gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
-gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
-gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
-gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
-gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
-gotest.tools/gotestsum v1.7.0/go.mod h1:V1m4Jw3eBerhI/A6qCxUE07RnCg7ACkKj9BYcAm09V8=
-gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk=
-gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0=
-gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8=
+gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU=
+gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -1497,43 +813,10 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo=
-k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ=
-k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8=
-k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
-k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU=
-k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc=
-k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU=
-k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM=
-k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q=
-k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y=
-k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k=
-k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0=
-k8s.io/code-generator v0.19.7/go.mod h1:lwEq3YnLYb/7uVXLorOJfxg+cUu2oihFhHZ0n9NIla0=
-k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk=
-k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI=
-k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM=
-k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM=
-k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI=
-k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI=
-k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc=
-k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
-k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
-k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E=
-k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
-k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
-k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
-k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o=
-k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM=
-k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk=
-k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
+lukechampine.com/blake3 v1.2.1 h1:YuqqRuaqsGV71BV/nm9xlI0MKUv4QC54jQnBChWbGnI=
+lukechampine.com/blake3 v1.2.1/go.mod h1:0OFRp7fBtAylGVCO40o87sbupkyIGgbpv1+M1k1LM6k=
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
-sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.14/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
-sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.15/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg=
-sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
-sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
-sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw=
-sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
-sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
+rsc.io/tmplfunc v0.0.3 h1:53XFQh69AfOa8Tw0Jm7t+GV7KZhOi6jzsCzTtKbMvzU=
+rsc.io/tmplfunc v0.0.3/go.mod h1:AG3sTPzElb1Io3Yg4voV9AGZJuleGAwaVRxL9M49PhA=
diff --git a/internal/api/layer/tree_service.go b/internal/api/layer/tree_service.go
deleted file mode 100644
index beb1e7aa..00000000
--- a/internal/api/layer/tree_service.go
+++ /dev/null
@@ -1,22 +0,0 @@
-package layer
-
-import (
- "context"
- "errors"
-
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/api"
- cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
-)
-
-// TreeService provide interface to interact with tree service using s3 data models.
-type TreeService interface {
- GetLatestVersion(ctx context.Context, cnrID *cid.ID, objectName string) (*api.NodeVersion, error)
-}
-
-var (
- // ErrNodeNotFound is returned from Tree service in case of not found error.
- ErrNodeNotFound = errors.New("not found")
-
- // ErrNodeAccessDenied is returned from Tree service in case of access denied error.
- ErrNodeAccessDenied = errors.New("access denied")
-)
diff --git a/internal/cache/buckets.go b/internal/cache/buckets.go
new file mode 100644
index 00000000..91ae5b2d
--- /dev/null
+++ b/internal/cache/buckets.go
@@ -0,0 +1,111 @@
+package cache
+
+import (
+ "fmt"
+ "time"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "github.com/bluele/gcache"
+ "go.uber.org/zap"
+)
+
+// BucketCache contains cache with objects and the lifetime of cache entries.
+type BucketCache struct {
+ cache gcache.Cache
+ cidCache gcache.Cache
+ logger *zap.Logger
+}
+
+// Config stores expiration params for cache.
+type Config struct {
+ Size int
+ Lifetime time.Duration
+ Logger *zap.Logger
+}
+
+const (
+ // DefaultBucketCacheSize is a default maximum number of entries in cache.
+ DefaultBucketCacheSize = 1e3
+ // DefaultBucketCacheLifetime is a default lifetime of entries in cache.
+ DefaultBucketCacheLifetime = time.Minute
+)
+
+// DefaultBucketConfig returns new default cache expiration values.
+func DefaultBucketConfig(logger *zap.Logger) *Config {
+ return &Config{
+ Size: DefaultBucketCacheSize,
+ Lifetime: DefaultBucketCacheLifetime,
+ Logger: logger,
+ }
+}
+
+// NewBucketCache creates an object of BucketCache.
+func NewBucketCache(config *Config, cidCache bool) *BucketCache {
+ cache := &BucketCache{
+ cache: gcache.New(config.Size).LRU().Expiration(config.Lifetime).Build(),
+ logger: config.Logger,
+ }
+
+ if cidCache {
+ cache.cidCache = gcache.New(config.Size).LRU().Expiration(config.Lifetime).Build()
+ }
+ return cache
+}
+
+// Get returns a cached object.
+func (o *BucketCache) Get(ns, bktName string) *data.BucketInfo {
+ return o.get(formKey(ns, bktName))
+}
+
+func (o *BucketCache) GetByCID(cnrID cid.ID) *data.BucketInfo {
+ if o.cidCache == nil {
+ return nil
+ }
+
+ entry, err := o.cidCache.Get(cnrID)
+ if err != nil {
+ return nil
+ }
+
+ key, ok := entry.(string)
+ if !ok {
+ o.logger.Warn(logs.InvalidCacheEntryType, zap.String("actual", fmt.Sprintf("%T", entry)),
+ zap.String("expected", fmt.Sprintf("%T", key)), logs.TagField(logs.TagDatapath))
+ return nil
+ }
+
+ return o.get(key)
+}
+
+func (o *BucketCache) get(key string) *data.BucketInfo {
+ entry, err := o.cache.Get(key)
+ if err != nil {
+ return nil
+ }
+
+ result, ok := entry.(*data.BucketInfo)
+ if !ok {
+ o.logger.Warn(logs.InvalidCacheEntryType, zap.String("actual", fmt.Sprintf("%T", entry)),
+ zap.String("expected", fmt.Sprintf("%T", result)), logs.TagField(logs.TagDatapath))
+ return nil
+ }
+
+ return result
+}
+
+// Put puts an object to cache.
+func (o *BucketCache) Put(bkt *data.BucketInfo) error {
+ if o.cidCache != nil {
+ if err := o.cidCache.Set(bkt.CID, formKey(bkt.Zone, bkt.Name)); err != nil {
+ return err
+ }
+ }
+
+ return o.cache.Set(formKey(bkt.Zone, bkt.Name), bkt)
+}
+
+func formKey(ns, name string) string {
+ return name + "." + ns
+}
diff --git a/internal/cache/cors.go b/internal/cache/cors.go
new file mode 100644
index 00000000..24465b89
--- /dev/null
+++ b/internal/cache/cors.go
@@ -0,0 +1,62 @@
+package cache
+
+import (
+ "fmt"
+ "time"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "github.com/bluele/gcache"
+ "go.uber.org/zap"
+)
+
+// CORSCache contains cache with CORS objects.
+type CORSCache struct {
+ cache gcache.Cache
+ logger *zap.Logger
+}
+
+const (
+ // DefaultCORSCacheSize is a default maximum number of entries in cache.
+ DefaultCORSCacheSize = 1e3
+ // DefaultCORSCacheLifetime is a default lifetime of entries in cache.
+ DefaultCORSCacheLifetime = 5 * time.Minute
+)
+
+// DefaultCORSConfig returns new default cache expiration values.
+func DefaultCORSConfig(logger *zap.Logger) *Config {
+ return &Config{
+ Size: DefaultCORSCacheSize,
+ Lifetime: DefaultCORSCacheLifetime,
+ Logger: logger,
+ }
+}
+
+// NewCORSCache creates an object of CORSCache.
+func NewCORSCache(config *Config) *CORSCache {
+ gc := gcache.New(config.Size).LRU().Expiration(config.Lifetime).Build()
+ return &CORSCache{cache: gc, logger: config.Logger}
+}
+
+// Get returns a cached object.
+func (o *CORSCache) Get(cnrID cid.ID) *data.CORSConfiguration {
+ entry, err := o.cache.Get(cnrID)
+ if err != nil {
+ return nil
+ }
+
+ result, ok := entry.(*data.CORSConfiguration)
+ if !ok {
+ o.logger.Warn(logs.InvalidCacheEntryType, zap.String("actual", fmt.Sprintf("%T", entry)),
+ zap.String("expected", fmt.Sprintf("%T", result)), logs.TagField(logs.TagDatapath))
+ return nil
+ }
+
+ return result
+}
+
+// Put puts an object to cache.
+func (o *CORSCache) Put(cnrID cid.ID, cors *data.CORSConfiguration) error {
+ return o.cache.Set(cnrID, cors)
+}
diff --git a/internal/cache/netmap.go b/internal/cache/netmap.go
new file mode 100644
index 00000000..ce01b47c
--- /dev/null
+++ b/internal/cache/netmap.go
@@ -0,0 +1,65 @@
+package cache
+
+import (
+ "fmt"
+ "time"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
+ "github.com/bluele/gcache"
+ "go.uber.org/zap"
+)
+
+type (
+ // NetmapCache provides cache for netmap.
+ NetmapCache struct {
+ cache gcache.Cache
+ logger *zap.Logger
+ }
+
+ // NetmapCacheConfig stores expiration params for cache.
+ NetmapCacheConfig struct {
+ Lifetime time.Duration
+ Logger *zap.Logger
+ }
+)
+
+const (
+ DefaultNetmapCacheLifetime = time.Minute
+ netmapCacheSize = 1
+ netmapKey = "netmap"
+)
+
+// DefaultNetmapConfig returns new default cache expiration values.
+func DefaultNetmapConfig(logger *zap.Logger) *NetmapCacheConfig {
+ return &NetmapCacheConfig{
+ Lifetime: DefaultNetmapCacheLifetime,
+ Logger: logger,
+ }
+}
+
+// NewNetmapCache creates an object of NetmapCache.
+func NewNetmapCache(config *NetmapCacheConfig) *NetmapCache {
+ gc := gcache.New(netmapCacheSize).LRU().Expiration(config.Lifetime).Build()
+ return &NetmapCache{cache: gc, logger: config.Logger}
+}
+
+func (c *NetmapCache) Get() *netmap.NetMap {
+ entry, err := c.cache.Get(netmapKey)
+ if err != nil {
+ return nil
+ }
+
+ result, ok := entry.(netmap.NetMap)
+ if !ok {
+ c.logger.Warn(logs.InvalidCacheEntryType, zap.String("actual", fmt.Sprintf("%T", entry)),
+ zap.String("expected", fmt.Sprintf("%T", result)), logs.TagField(logs.TagDatapath))
+ return nil
+ }
+
+ return &result
+}
+
+func (c *NetmapCache) Put(nm netmap.NetMap) error {
+ return c.cache.Set(netmapKey, nm)
+}
diff --git a/internal/data/cors.go b/internal/data/cors.go
new file mode 100644
index 00000000..d1b1106c
--- /dev/null
+++ b/internal/data/cors.go
@@ -0,0 +1,18 @@
+package data
+
+type (
+ // CORSConfiguration stores CORS configuration of a request.
+ CORSConfiguration struct {
+ CORSRules []CORSRule `xml:"CORSRule" json:"CORSRules"`
+ }
+
+ // CORSRule stores rules for CORS configuration.
+ CORSRule struct {
+ AllowedHeaders []string `xml:"AllowedHeader" json:"AllowedHeaders"`
+ AllowedMethods []string `xml:"AllowedMethod" json:"AllowedMethods"`
+ AllowedOrigins []string `xml:"AllowedOrigin" json:"AllowedOrigins"`
+ ExposeHeaders []string `xml:"ExposeHeader" json:"ExposeHeaders"`
+ MaxAgeSeconds int `xml:"MaxAgeSeconds,omitempty" json:"MaxAgeSeconds,omitempty"`
+ AllowedCredentials bool `xml:"AllowedCredentials,omitempty" json:"AllowedCredentials,omitempty"`
+ }
+)
diff --git a/internal/data/info.go b/internal/data/info.go
new file mode 100644
index 00000000..f5c80d60
--- /dev/null
+++ b/internal/data/info.go
@@ -0,0 +1,14 @@
+package data
+
+import (
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
+)
+
+type BucketInfo struct {
+ Name string // container name from system attribute
+ Zone string // container zone from system attribute
+ CID cid.ID
+ HomomorphicHashDisabled bool
+ PlacementPolicy netmap.PlacementPolicy
+}
diff --git a/internal/api/tree.go b/internal/data/tree.go
similarity index 61%
rename from internal/api/tree.go
rename to internal/data/tree.go
index 4d16cc79..fcf8add1 100644
--- a/internal/api/tree.go
+++ b/internal/data/tree.go
@@ -1,4 +1,4 @@
-package api
+package data
import (
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
@@ -7,11 +7,21 @@ import (
// NodeVersion represent node from tree service.
type NodeVersion struct {
BaseNodeVersion
- DeleteMarker bool
}
// BaseNodeVersion is minimal node info from tree service.
// Basically used for "system" object.
type BaseNodeVersion struct {
- OID oid.ID
+ ID uint64
+ OID oid.ID
+ IsDeleteMarker bool
+}
+
+type NodeInfo struct {
+ Meta []NodeMeta
+}
+
+type NodeMeta interface {
+ GetKey() string
+ GetValue() []byte
}
diff --git a/internal/frostfs/services/pool_wrapper.go b/internal/frostfs/services/pool_wrapper.go
deleted file mode 100644
index 039d5750..00000000
--- a/internal/frostfs/services/pool_wrapper.go
+++ /dev/null
@@ -1,115 +0,0 @@
-package services
-
-import (
- "context"
- "errors"
- "fmt"
-
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tree"
- treepool "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool/tree"
- grpcService "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool/tree/service"
-)
-
-type GetNodeByPathResponseInfoWrapper struct {
- response *grpcService.GetNodeByPathResponse_Info
-}
-
-func (n GetNodeByPathResponseInfoWrapper) GetNodeID() uint64 {
- return n.response.GetNodeId()
-}
-
-func (n GetNodeByPathResponseInfoWrapper) GetParentID() uint64 {
- return n.response.GetParentId()
-}
-
-func (n GetNodeByPathResponseInfoWrapper) GetTimestamp() uint64 {
- return n.response.GetTimestamp()
-}
-
-func (n GetNodeByPathResponseInfoWrapper) GetMeta() []tree.Meta {
- res := make([]tree.Meta, len(n.response.Meta))
- for i, value := range n.response.Meta {
- res[i] = value
- }
- return res
-}
-
-type GetSubTreeResponseBodyWrapper struct {
- response *grpcService.GetSubTreeResponse_Body
-}
-
-func (n GetSubTreeResponseBodyWrapper) GetNodeID() uint64 {
- return n.response.GetNodeId()
-}
-
-func (n GetSubTreeResponseBodyWrapper) GetParentID() uint64 {
- return n.response.GetParentId()
-}
-
-func (n GetSubTreeResponseBodyWrapper) GetTimestamp() uint64 {
- return n.response.GetTimestamp()
-}
-
-func (n GetSubTreeResponseBodyWrapper) GetMeta() []tree.Meta {
- res := make([]tree.Meta, len(n.response.Meta))
- for i, value := range n.response.Meta {
- res[i] = value
- }
- return res
-}
-
-type PoolWrapper struct {
- p *treepool.Pool
-}
-
-func NewPoolWrapper(p *treepool.Pool) *PoolWrapper {
- return &PoolWrapper{p: p}
-}
-
-func (w *PoolWrapper) GetNodes(ctx context.Context, prm *tree.GetNodesParams) ([]tree.NodeResponse, error) {
- poolPrm := treepool.GetNodesParams{
- CID: prm.CnrID,
- TreeID: prm.TreeID,
- Path: prm.Path,
- Meta: prm.Meta,
- PathAttribute: tree.FileNameKey,
- LatestOnly: prm.LatestOnly,
- AllAttrs: prm.AllAttrs,
- BearerToken: getBearer(ctx),
- }
-
- nodes, err := w.p.GetNodes(ctx, poolPrm)
- if err != nil {
- return nil, handleError(err)
- }
-
- res := make([]tree.NodeResponse, len(nodes))
- for i, info := range nodes {
- res[i] = GetNodeByPathResponseInfoWrapper{info}
- }
-
- return res, nil
-}
-
-func getBearer(ctx context.Context) []byte {
- token, err := tokens.LoadBearerToken(ctx)
- if err != nil {
- return nil
- }
- return token.Marshal()
-}
-
-func handleError(err error) error {
- if err == nil {
- return nil
- }
- if errors.Is(err, treepool.ErrNodeNotFound) {
- return fmt.Errorf("%w: %s", tree.ErrNodeNotFound, err.Error())
- }
- if errors.Is(err, treepool.ErrNodeAccessDenied) {
- return fmt.Errorf("%w: %s", tree.ErrNodeAccessDenied, err.Error())
- }
-
- return err
-}
diff --git a/internal/handler/browse.go b/internal/handler/browse.go
new file mode 100644
index 00000000..d9e6625a
--- /dev/null
+++ b/internal/handler/browse.go
@@ -0,0 +1,382 @@
+package handler
+
+import (
+ "context"
+ "html/template"
+ "net/url"
+ "sort"
+ "strconv"
+ "strings"
+ "sync"
+ "time"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
+ oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+ "github.com/docker/go-units"
+ "github.com/valyala/fasthttp"
+ "go.uber.org/zap"
+)
+
+const (
+ dateFormat = "02-01-2006 15:04"
+ attrOID = "OID"
+ attrCreated = "Created"
+ attrFileName = "FileName"
+ attrFilePath = "FilePath"
+ attrSize = "Size"
+ attrDeleteMarker = "IsDeleteMarker"
+)
+
+type (
+ BrowsePageData struct {
+ HasErrors bool
+ Container string
+ Prefix string
+ Protocol string
+ Objects []ResponseObject
+ }
+ ResponseObject struct {
+ OID string
+ Created string
+ FileName string
+ FilePath string
+ Size string
+ IsDir bool
+ GetURL string
+ IsDeleteMarker bool
+ }
+)
+
+func newListObjectsResponseS3(attrs map[string]string) ResponseObject {
+ return ResponseObject{
+ Created: formatTimestamp(attrs[attrCreated]),
+ OID: attrs[attrOID],
+ FileName: attrs[attrFileName],
+ Size: attrs[attrSize],
+ IsDir: attrs[attrOID] == "",
+ IsDeleteMarker: attrs[attrDeleteMarker] == "true",
+ }
+}
+
+func newListObjectsResponseNative(attrs map[string]string) ResponseObject {
+ filename := lastPathElement(attrs[object.AttributeFilePath])
+ if filename == "" {
+ filename = attrs[attrFileName]
+ }
+ return ResponseObject{
+ OID: attrs[attrOID],
+ Created: formatTimestamp(attrs[object.AttributeTimestamp] + "000"),
+ FileName: filename,
+ FilePath: attrs[object.AttributeFilePath],
+ Size: attrs[attrSize],
+ IsDir: false,
+ }
+}
+
+func getNextDir(filepath, prefix string) string {
+ restPath := strings.Replace(filepath, prefix, "", 1)
+ index := strings.Index(restPath, "/")
+ if index == -1 {
+ return ""
+ }
+ return restPath[:index]
+}
+
+func lastPathElement(path string) string {
+ if path == "" {
+ return path
+ }
+ index := strings.LastIndex(path, "/")
+ if index == len(path)-1 {
+ index = strings.LastIndex(path[:index], "/")
+ }
+ return path[index+1:]
+}
+
+func parseTimestamp(tstamp string) (time.Time, error) {
+ millis, err := strconv.ParseInt(tstamp, 10, 64)
+ if err != nil {
+ return time.Time{}, err
+ }
+
+ return time.UnixMilli(millis), nil
+}
+
+func formatTimestamp(strdate string) string {
+ date, err := parseTimestamp(strdate)
+ if err != nil || date.IsZero() {
+ return ""
+ }
+
+ return date.Format(dateFormat)
+}
+
+func formatSize(strsize string) string {
+ size, err := strconv.ParseFloat(strsize, 64)
+ if err != nil {
+ return "0B"
+ }
+ return units.HumanSize(size)
+}
+
+func parentDir(prefix string) string {
+ index := strings.LastIndex(prefix, "/")
+ if index == -1 {
+ return prefix
+ }
+ return prefix[index:]
+}
+
+func getParent(encPrefix string) string {
+ prefix, err := url.PathUnescape(encPrefix)
+ if err != nil {
+ return ""
+ }
+ if prefix != "" && prefix[len(prefix)-1] == '/' {
+ prefix = prefix[:len(prefix)-1]
+ }
+
+ slashIndex := strings.LastIndex(prefix, "/")
+ if slashIndex == -1 {
+ return ""
+ }
+ return prefix[:slashIndex]
+}
+
+func urlencode(path string) string {
+ var res strings.Builder
+
+ prefixParts := strings.Split(path, "/")
+ for _, prefixPart := range prefixParts {
+ prefixPart = "/" + url.PathEscape(prefixPart)
+ if prefixPart == "/." || prefixPart == "/.." {
+ prefixPart = url.PathEscape(prefixPart)
+ }
+ res.WriteString(prefixPart)
+ }
+
+ return res.String()
+}
+
+type GetObjectsResponse struct {
+ objects []ResponseObject
+ hasErrors bool
+ isNative bool
+}
+
+func (h *Handler) getDirObjectsS3(ctx context.Context, bucketInfo *data.BucketInfo, prefix string) (*GetObjectsResponse, error) {
+ if prefix != "" && prefix[len(prefix)-1] == '/' {
+ prefix = prefix[:len(prefix)-1]
+ }
+
+ nodes, err := h.tree.GetSubTreeByPrefix(ctx, bucketInfo, prefix, true)
+ if err != nil {
+ return nil, err
+ }
+
+ result := &GetObjectsResponse{
+ objects: make([]ResponseObject, 0, len(nodes)),
+ }
+ for _, node := range nodes {
+ meta := node.Meta
+ if meta == nil {
+ continue
+ }
+ var attrs = make(map[string]string, len(meta))
+ for _, m := range meta {
+ attrs[m.GetKey()] = string(m.GetValue())
+ }
+ obj := newListObjectsResponseS3(attrs)
+ if obj.IsDeleteMarker {
+ continue
+ }
+ obj.FilePath = prefix + "/" + obj.FileName
+ obj.GetURL = "/get/" + bucketInfo.Name + urlencode(obj.FilePath)
+ result.objects = append(result.objects, obj)
+ }
+
+ return result, nil
+}
+
+func (h *Handler) getDirObjectsNative(ctx context.Context, bucketInfo *data.BucketInfo, prefix string) (*GetObjectsResponse, error) {
+ basePath := prefix
+ if basePath != "" && basePath[len(basePath)-1] != '/' {
+ basePath += "/"
+ }
+
+ filters := object.NewSearchFilters()
+ filters.AddRootFilter()
+ if prefix != "" {
+ filters.AddFilter(object.AttributeFilePath, prefix, object.MatchCommonPrefix)
+ }
+
+ prm := PrmObjectSearch{
+ PrmAuth: PrmAuth{
+ BearerToken: bearerToken(ctx),
+ },
+ Container: bucketInfo.CID,
+ Filters: filters,
+ }
+ objectIDs, err := h.frostfs.SearchObjects(ctx, prm)
+ if err != nil {
+ return nil, err
+ }
+ defer objectIDs.Close()
+
+ resp, err := h.headDirObjects(ctx, bucketInfo.CID, objectIDs, basePath)
+ if err != nil {
+ return nil, err
+ }
+
+ log := h.reqLogger(ctx)
+ dirs := make(map[string]struct{})
+ result := &GetObjectsResponse{
+ objects: make([]ResponseObject, 0, 100),
+ isNative: true,
+ }
+ for objExt := range resp {
+ if objExt.Error != nil {
+ log.Error(logs.FailedToHeadObject, zap.Error(objExt.Error), logs.TagField(logs.TagExternalStorage))
+ result.hasErrors = true
+ continue
+ }
+ if objExt.Object.IsDir {
+ if _, ok := dirs[objExt.Object.FileName]; ok {
+ continue
+ }
+ objExt.Object.GetURL = "/get/" + bucketInfo.CID.EncodeToString() + urlencode(objExt.Object.FilePath)
+ dirs[objExt.Object.FileName] = struct{}{}
+ } else {
+ objExt.Object.GetURL = "/get/" + bucketInfo.CID.EncodeToString() + "/" + objExt.Object.OID
+ }
+ result.objects = append(result.objects, objExt.Object)
+ }
+ return result, nil
+}
+
+type ResponseObjectExtended struct {
+ Object ResponseObject
+ Error error
+}
+
+func (h *Handler) headDirObjects(ctx context.Context, cnrID cid.ID, objectIDs ResObjectSearch, basePath string) (<-chan ResponseObjectExtended, error) {
+ res := make(chan ResponseObjectExtended)
+
+ go func() {
+ defer close(res)
+ log := h.reqLogger(ctx).With(
+ zap.String("cid", cnrID.EncodeToString()),
+ zap.String("path", basePath),
+ )
+ var wg sync.WaitGroup
+ err := objectIDs.Iterate(func(id oid.ID) bool {
+ wg.Add(1)
+ err := h.workerPool.Submit(func() {
+ defer wg.Done()
+ var obj ResponseObjectExtended
+ obj.Object, obj.Error = h.headDirObject(ctx, cnrID, id, basePath)
+ res <- obj
+ })
+ if err != nil {
+ wg.Done()
+ log.Warn(logs.FailedToSubmitTaskToPool, zap.Error(err), logs.TagField(logs.TagDatapath))
+ }
+ select {
+ case <-ctx.Done():
+ return true
+ default:
+ return false
+ }
+ })
+ if err != nil {
+ log.Error(logs.FailedToIterateOverResponse, zap.Error(err), logs.TagField(logs.TagDatapath))
+ }
+ wg.Wait()
+ }()
+
+ return res, nil
+}
+
+func (h *Handler) headDirObject(ctx context.Context, cnrID cid.ID, objID oid.ID, basePath string) (ResponseObject, error) {
+ addr := newAddress(cnrID, objID)
+ obj, err := h.frostfs.HeadObject(ctx, PrmObjectHead{
+ PrmAuth: PrmAuth{BearerToken: bearerToken(ctx)},
+ Address: addr,
+ })
+ if err != nil {
+ return ResponseObject{}, err
+ }
+
+ attrs := loadAttributes(obj.Attributes())
+ attrs[attrOID] = objID.EncodeToString()
+ if multipartSize, ok := attrs[attributeMultipartObjectSize]; ok {
+ attrs[attrSize] = multipartSize
+ } else {
+ attrs[attrSize] = strconv.FormatUint(obj.PayloadSize(), 10)
+ }
+
+ dirname := getNextDir(attrs[object.AttributeFilePath], basePath)
+ if dirname == "" {
+ return newListObjectsResponseNative(attrs), nil
+ }
+
+ return ResponseObject{
+ FileName: dirname,
+ FilePath: basePath + dirname,
+ IsDir: true,
+ }, nil
+}
+
+type browseParams struct {
+ bucketInfo *data.BucketInfo
+ prefix string
+ objects *GetObjectsResponse
+}
+
+func (h *Handler) browseObjects(ctx context.Context, req *fasthttp.RequestCtx, p browseParams) {
+ const S3Protocol = "s3"
+ const FrostfsProtocol = "frostfs"
+
+ objects := p.objects.objects
+ sort.Slice(objects, func(i, j int) bool {
+ if objects[i].IsDir == objects[j].IsDir {
+ return objects[i].FileName < objects[j].FileName
+ }
+ return objects[i].IsDir
+ })
+
+ tmpl, err := template.New("index").Funcs(template.FuncMap{
+ "formatSize": formatSize,
+ "getParent": getParent,
+ "urlencode": urlencode,
+ "parentDir": parentDir,
+ }).Parse(h.config.IndexPageTemplate())
+ if err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToParseTemplate, err)
+ return
+ }
+ bucketName := p.bucketInfo.Name
+ protocol := S3Protocol
+ if p.objects.isNative {
+ bucketName = p.bucketInfo.CID.EncodeToString()
+ protocol = FrostfsProtocol
+ }
+ prefix := p.prefix
+ if prefix != "" && prefix[len(prefix)-1] != '/' {
+ prefix += "/"
+ }
+
+ if err = tmpl.Execute(req, &BrowsePageData{
+ Container: bucketName,
+ Prefix: prefix,
+ Objects: objects,
+ Protocol: protocol,
+ HasErrors: p.objects.hasErrors,
+ }); err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToExecuteTemplate, err)
+ return
+ }
+}
diff --git a/internal/handler/container.go b/internal/handler/container.go
new file mode 100644
index 00000000..3c7bec84
--- /dev/null
+++ b/internal/handler/container.go
@@ -0,0 +1,42 @@
+package handler
+
+import (
+ "context"
+ "fmt"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "go.uber.org/zap"
+)
+
+func (h *Handler) containerInfo(ctx context.Context, cnrID cid.ID) (*data.BucketInfo, error) {
+ info := &data.BucketInfo{
+ CID: cnrID,
+ Name: cnrID.EncodeToString(),
+ }
+ res, err := h.cnrContract.GetContainerByID(cnrID)
+ if err != nil {
+ return nil, fmt.Errorf("get frostfs container: %w", err)
+ }
+
+ cnr := *res
+
+ if domain := container.ReadDomain(cnr); domain.Name() != "" {
+ info.Name = domain.Name()
+ info.Zone = domain.Zone()
+ }
+ info.HomomorphicHashDisabled = container.IsHomomorphicHashingDisabled(cnr)
+ info.PlacementPolicy = cnr.PlacementPolicy()
+
+ if err = h.cache.Put(info); err != nil {
+ h.reqLogger(ctx).Warn(logs.CouldntPutBucketIntoCache,
+ zap.String("bucket name", info.Name),
+ zap.Stringer("cid", info.CID),
+ zap.Error(err),
+ logs.TagField(logs.TagDatapath))
+ }
+
+ return info, nil
+}
diff --git a/internal/handler/cors.go b/internal/handler/cors.go
new file mode 100644
index 00000000..7e8db93f
--- /dev/null
+++ b/internal/handler/cors.go
@@ -0,0 +1,345 @@
+package handler
+
+import (
+ "context"
+ "encoding/xml"
+ "errors"
+ "fmt"
+ "regexp"
+ "slices"
+ "sort"
+ "strconv"
+ "strings"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
+ "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
+ qostagging "git.frostfs.info/TrueCloudLab/frostfs-qos/tagging"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
+ oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+ "github.com/valyala/fasthttp"
+ "go.uber.org/zap"
+)
+
+const (
+ internalIOTag = "internal"
+ corsFilePathTemplate = "/%s.cors"
+ wildcard = "*"
+)
+
+var errNoCORS = errors.New("no CORS objects found")
+
+func (h *Handler) Preflight(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.Preflight")
+ defer span.End()
+
+ ctx = qostagging.ContextWithIOTag(ctx, internalIOTag)
+ cidParam, _ := req.UserValue("cid").(string)
+ reqLog := h.reqLogger(ctx)
+ log := reqLog.With(zap.String("cid", cidParam))
+
+ origin := req.Request.Header.Peek(fasthttp.HeaderOrigin)
+ if len(origin) == 0 {
+ log.Error(logs.EmptyOriginRequestHeader, logs.TagField(logs.TagDatapath))
+ ResponseError(req, "Origin request header needed", fasthttp.StatusBadRequest)
+ return
+ }
+
+ method := req.Request.Header.Peek(fasthttp.HeaderAccessControlRequestMethod)
+ if len(method) == 0 {
+ log.Error(logs.EmptyAccessControlRequestMethodHeader, logs.TagField(logs.TagDatapath))
+ ResponseError(req, "Access-Control-Request-Method request header needed", fasthttp.StatusBadRequest)
+ return
+ }
+
+ corsRule := h.config.CORS()
+ if corsRule != nil {
+ setCORSHeadersFromRule(req, corsRule)
+ return
+ }
+
+ corsConfig, err := h.getCORSConfig(ctx, log, cidParam)
+ if err != nil {
+ log.Error(logs.CouldNotGetCORSConfiguration, zap.Error(err), logs.TagField(logs.TagDatapath))
+ status := fasthttp.StatusInternalServerError
+ if errors.Is(err, errNoCORS) {
+ status = fasthttp.StatusNotFound
+ }
+ ResponseError(req, "could not get CORS configuration: "+err.Error(), status)
+ return
+ }
+
+ var headers []string
+ requestHeaders := req.Request.Header.Peek(fasthttp.HeaderAccessControlRequestHeaders)
+ if len(requestHeaders) > 0 {
+ headers = strings.Split(string(requestHeaders), ", ")
+ }
+
+ for _, rule := range corsConfig.CORSRules {
+ for _, o := range rule.AllowedOrigins {
+ if o == string(origin) || o == wildcard || (strings.Contains(o, "*") && match(o, string(origin))) {
+ for _, m := range rule.AllowedMethods {
+ if m == string(method) {
+ if !checkSubslice(rule.AllowedHeaders, headers) {
+ continue
+ }
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowOrigin, string(origin))
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowMethods, strings.Join(rule.AllowedMethods, ", "))
+ if headers != nil {
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowHeaders, string(requestHeaders))
+ }
+ if rule.ExposeHeaders != nil {
+ req.Response.Header.Set(fasthttp.HeaderAccessControlExposeHeaders, strings.Join(rule.ExposeHeaders, ", "))
+ }
+ if rule.MaxAgeSeconds > 0 || rule.MaxAgeSeconds == -1 {
+ req.Response.Header.Set(fasthttp.HeaderAccessControlMaxAge, strconv.Itoa(rule.MaxAgeSeconds))
+ }
+ if o != wildcard {
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowCredentials, "true")
+ }
+ return
+ }
+ }
+ }
+ }
+ }
+ log.Error(logs.CORSRuleWasNotMatched, logs.TagField(logs.TagDatapath))
+ ResponseError(req, "Forbidden", fasthttp.StatusForbidden)
+}
+
+func (h *Handler) SetCORSHeaders(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.SetCORSHeaders")
+ defer span.End()
+
+ origin := req.Request.Header.Peek(fasthttp.HeaderOrigin)
+ if len(origin) == 0 {
+ return
+ }
+
+ method := req.Request.Header.Peek(fasthttp.HeaderAccessControlRequestMethod)
+ if len(method) == 0 {
+ method = req.Method()
+ }
+
+ ctx = qostagging.ContextWithIOTag(ctx, internalIOTag)
+ cidParam, _ := req.UserValue("cid").(string)
+ reqLog := h.reqLogger(ctx)
+ log := reqLog.With(zap.String("cid", cidParam))
+
+ corsRule := h.config.CORS()
+ if corsRule != nil {
+ setCORSHeadersFromRule(req, corsRule)
+ return
+ }
+
+ corsConfig, err := h.getCORSConfig(ctx, log, cidParam)
+ if err != nil {
+ log.Error(logs.CouldNotGetCORSConfiguration, zap.Error(err), logs.TagField(logs.TagDatapath))
+ return
+ }
+
+ var withCredentials bool
+ if tkn, err := tokens.LoadBearerToken(ctx); err == nil && tkn != nil {
+ withCredentials = true
+ }
+
+ for _, rule := range corsConfig.CORSRules {
+ for _, o := range rule.AllowedOrigins {
+ if o == string(origin) || (strings.Contains(o, "*") && len(o) > 1 && match(o, string(origin))) {
+ for _, m := range rule.AllowedMethods {
+ if m == string(method) {
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowOrigin, string(origin))
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowMethods, strings.Join(rule.AllowedMethods, ", "))
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowCredentials, "true")
+ req.Response.Header.Set(fasthttp.HeaderVary, fasthttp.HeaderOrigin)
+ return
+ }
+ }
+ }
+ if o == wildcard {
+ for _, m := range rule.AllowedMethods {
+ if m == string(method) {
+ if withCredentials {
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowOrigin, string(origin))
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowCredentials, "true")
+ req.Response.Header.Set(fasthttp.HeaderVary, fasthttp.HeaderOrigin)
+ } else {
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowOrigin, o)
+ }
+ req.Response.Header.Set(fasthttp.HeaderAccessControlAllowMethods, strings.Join(rule.AllowedMethods, ", "))
+ return
+ }
+ }
+ }
+ }
+ }
+}
+
+func (h *Handler) getCORSConfig(ctx context.Context, log *zap.Logger, cidStr string) (*data.CORSConfiguration, error) {
+ cnrID, err := h.resolveContainer(ctx, cidStr)
+ if err != nil {
+ return nil, fmt.Errorf("resolve container '%s': %w", cidStr, err)
+ }
+
+ if cors := h.corsCache.Get(*cnrID); cors != nil {
+ return cors, nil
+ }
+
+ objID, err := h.getLastCORSObject(ctx, *cnrID)
+ if err != nil {
+ return nil, fmt.Errorf("get last cors object: %w", err)
+ }
+
+ var addr oid.Address
+ addr.SetContainer(h.corsCnrID)
+ addr.SetObject(objID)
+ corsObj, err := h.frostfs.GetObject(ctx, PrmObjectGet{
+ Address: addr,
+ })
+ if err != nil {
+ return nil, fmt.Errorf("get cors object '%s': %w", addr.EncodeToString(), err)
+ }
+
+ corsConfig := &data.CORSConfiguration{}
+ if err = xml.NewDecoder(corsObj.Payload).Decode(corsConfig); err != nil {
+ return nil, fmt.Errorf("decode cors object: %w", err)
+ }
+
+ if err = h.corsCache.Put(*cnrID, corsConfig); err != nil {
+ log.Warn(logs.CouldntCacheCors, zap.Error(err), logs.TagField(logs.TagDatapath))
+ }
+
+ return corsConfig, nil
+}
+
+func (h *Handler) getLastCORSObject(ctx context.Context, cnrID cid.ID) (oid.ID, error) {
+ filters := object.NewSearchFilters()
+ filters.AddRootFilter()
+ filters.AddFilter(object.AttributeFilePath, fmt.Sprintf(corsFilePathTemplate, cnrID), object.MatchStringEqual)
+
+ res, err := h.frostfs.SearchObjects(ctx, PrmObjectSearch{
+ Container: h.corsCnrID,
+ Filters: filters,
+ })
+ if err != nil {
+ return oid.ID{}, fmt.Errorf("search cors versions: %w", err)
+ }
+ defer res.Close()
+
+ var (
+ addr oid.Address
+ obj *object.Object
+ headErr error
+ objs = make([]*object.Object, 0)
+ )
+ addr.SetContainer(h.corsCnrID)
+ err = res.Iterate(func(id oid.ID) bool {
+ addr.SetObject(id)
+ obj, headErr = h.frostfs.HeadObject(ctx, PrmObjectHead{
+ Address: addr,
+ })
+ if headErr != nil {
+ headErr = fmt.Errorf("head cors object '%s': %w", addr.EncodeToString(), headErr)
+ return true
+ }
+
+ objs = append(objs, obj)
+ return false
+ })
+ if err != nil {
+ return oid.ID{}, fmt.Errorf("iterate cors objects: %w", err)
+ }
+
+ if headErr != nil {
+ return oid.ID{}, headErr
+ }
+
+ if len(objs) == 0 {
+ return oid.ID{}, errNoCORS
+ }
+
+ sort.Slice(objs, func(i, j int) bool {
+ versionID1, _ := objs[i].ID()
+ versionID2, _ := objs[j].ID()
+ timestamp1 := utils.GetAttributeValue(objs[i].Attributes(), object.AttributeTimestamp)
+ timestamp2 := utils.GetAttributeValue(objs[j].Attributes(), object.AttributeTimestamp)
+
+ if objs[i].CreationEpoch() != objs[j].CreationEpoch() {
+ return objs[i].CreationEpoch() < objs[j].CreationEpoch()
+ }
+
+ if len(timestamp1) > 0 && len(timestamp2) > 0 && timestamp1 != timestamp2 {
+ unixTime1, err := strconv.ParseInt(timestamp1, 10, 64)
+ if err != nil {
+ return versionID1.EncodeToString() < versionID2.EncodeToString()
+ }
+
+ unixTime2, err := strconv.ParseInt(timestamp2, 10, 64)
+ if err != nil {
+ return versionID1.EncodeToString() < versionID2.EncodeToString()
+ }
+
+ return unixTime1 < unixTime2
+ }
+
+ return versionID1.EncodeToString() < versionID2.EncodeToString()
+ })
+
+ objID, _ := objs[len(objs)-1].ID()
+ return objID, nil
+}
+
+func setCORSHeadersFromRule(c *fasthttp.RequestCtx, cors *data.CORSRule) {
+ c.Response.Header.Set(fasthttp.HeaderAccessControlMaxAge, strconv.Itoa(cors.MaxAgeSeconds))
+
+ if len(cors.AllowedOrigins) != 0 {
+ c.Response.Header.Set(fasthttp.HeaderAccessControlAllowOrigin, cors.AllowedOrigins[0])
+ }
+
+ if len(cors.AllowedMethods) != 0 {
+ c.Response.Header.Set(fasthttp.HeaderAccessControlAllowMethods, strings.Join(cors.AllowedMethods, ", "))
+ }
+
+ if len(cors.AllowedHeaders) != 0 {
+ c.Response.Header.Set(fasthttp.HeaderAccessControlAllowHeaders, strings.Join(cors.AllowedHeaders, ", "))
+ }
+
+ if len(cors.ExposeHeaders) != 0 {
+ c.Response.Header.Set(fasthttp.HeaderAccessControlExposeHeaders, strings.Join(cors.ExposeHeaders, ", "))
+ }
+
+ if cors.AllowedCredentials {
+ c.Response.Header.Set(fasthttp.HeaderAccessControlAllowCredentials, "true")
+ }
+}
+
+func checkSubslice(slice []string, subSlice []string) bool {
+ if slices.Contains(slice, wildcard) {
+ return true
+ }
+ for _, r := range subSlice {
+ if !sliceContains(slice, r) {
+ return false
+ }
+ }
+ return true
+}
+
+func sliceContains(slice []string, str string) bool {
+ for _, s := range slice {
+ if s == str || (strings.Contains(s, "*") && match(s, str)) {
+ return true
+ }
+ }
+ return false
+}
+
+func match(tmpl, str string) bool {
+ regexpStr := "^" + regexp.QuoteMeta(tmpl) + "$"
+ regexpStr = regexpStr[:strings.Index(regexpStr, "*")-1] + "." + regexpStr[strings.Index(regexpStr, "*"):]
+ reg := regexp.MustCompile(regexpStr)
+ return reg.Match([]byte(str))
+}
diff --git a/internal/handler/cors_test.go b/internal/handler/cors_test.go
new file mode 100644
index 00000000..1ac07d78
--- /dev/null
+++ b/internal/handler/cors_test.go
@@ -0,0 +1,930 @@
+package handler
+
+import (
+ "encoding/base64"
+ "encoding/xml"
+ "fmt"
+ "net/http"
+ "testing"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
+ oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+ oidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id/test"
+ "github.com/stretchr/testify/require"
+ "github.com/valyala/fasthttp"
+)
+
+func TestPreflight(t *testing.T) {
+ hc := prepareHandlerContext(t)
+
+ bktName := "bucket-preflight"
+ cnrID, cnr, err := hc.prepareContainer(bktName, acl.Private)
+ require.NoError(t, err)
+ hc.frostfs.SetContainer(cnrID, cnr)
+
+ var epoch uint64
+
+ t.Run("CORS object", func(t *testing.T) {
+ for _, tc := range []struct {
+ name string
+ corsConfig *data.CORSConfiguration
+ requestHeaders map[string]string
+ expectedHeaders map[string]string
+ status int
+ }{
+ {
+ name: "no CORS configuration",
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ fasthttp.HeaderAccessControlExposeHeaders: "",
+ fasthttp.HeaderAccessControlMaxAge: "",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ },
+ status: fasthttp.StatusNotFound,
+ },
+ {
+ name: "specific allowed origin",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"http://example.com"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ AllowedHeaders: []string{"Content-Type"},
+ ExposeHeaders: []string{"x-amz-*", "X-Amz-*"},
+ MaxAgeSeconds: 900,
+ },
+ },
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "Content-Type",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "GET, HEAD",
+ fasthttp.HeaderAccessControlAllowHeaders: "Content-Type",
+ fasthttp.HeaderAccessControlExposeHeaders: "x-amz-*, X-Amz-*",
+ fasthttp.HeaderAccessControlMaxAge: "900",
+ fasthttp.HeaderAccessControlAllowCredentials: "true",
+ },
+ status: fasthttp.StatusOK,
+ },
+ {
+ name: "wildcard allowed origin",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ AllowedHeaders: []string{"Content-Type"},
+ ExposeHeaders: []string{"x-amz-*", "X-Amz-*"},
+ MaxAgeSeconds: 900,
+ },
+ },
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "GET, HEAD",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ fasthttp.HeaderAccessControlExposeHeaders: "x-amz-*, X-Amz-*",
+ fasthttp.HeaderAccessControlMaxAge: "900",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ status: fasthttp.StatusOK,
+ },
+ {
+ name: "not allowed header",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ AllowedHeaders: []string{"Content-Type"},
+ },
+ },
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ fasthttp.HeaderAccessControlRequestHeaders: "Authorization",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ fasthttp.HeaderAccessControlExposeHeaders: "",
+ fasthttp.HeaderAccessControlMaxAge: "",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ status: fasthttp.StatusForbidden,
+ },
+ {
+ name: "empty Origin header",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ },
+ },
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ fasthttp.HeaderAccessControlExposeHeaders: "",
+ fasthttp.HeaderAccessControlMaxAge: "",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ status: fasthttp.StatusBadRequest,
+ },
+ {
+ name: "empty Access-Control-Request-Method header",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ },
+ },
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ fasthttp.HeaderAccessControlExposeHeaders: "",
+ fasthttp.HeaderAccessControlMaxAge: "",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ status: fasthttp.StatusBadRequest,
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ if tc.corsConfig != nil {
+ epoch++
+ setCORSObject(t, hc, cnrID, tc.corsConfig, epoch)
+ }
+
+ r := prepareCORSRequest(t, bktName, tc.requestHeaders)
+ hc.Handler().Preflight(r)
+
+ require.Equal(t, tc.status, r.Response.StatusCode())
+ for k, v := range tc.expectedHeaders {
+ require.Equal(t, v, string(r.Response.Header.Peek(k)))
+ }
+ })
+ }
+ })
+
+ t.Run("CORS config", func(t *testing.T) {
+ hc.cfg.cors = &data.CORSRule{
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ AllowedHeaders: []string{"Content-Type", "Content-Encoding"},
+ ExposeHeaders: []string{"x-amz-*", "X-Amz-*"},
+ MaxAgeSeconds: 900,
+ AllowedCredentials: true,
+ }
+
+ r := prepareCORSRequest(t, bktName, map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ })
+ hc.Handler().Preflight(r)
+
+ require.Equal(t, fasthttp.StatusOK, r.Response.StatusCode())
+ require.Equal(t, "900", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlMaxAge)))
+ require.Equal(t, "*", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowOrigin)))
+ require.Equal(t, "GET, HEAD", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowMethods)))
+ require.Equal(t, "Content-Type, Content-Encoding", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowHeaders)))
+ require.Equal(t, "x-amz-*, X-Amz-*", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlExposeHeaders)))
+ require.Equal(t, "true", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowCredentials)))
+ })
+}
+
+func TestSetCORSHeaders(t *testing.T) {
+ hc := prepareHandlerContext(t)
+
+ bktName := "bucket-set-cors-headers"
+ cnrID, cnr, err := hc.prepareContainer(bktName, acl.Private)
+ require.NoError(t, err)
+ hc.frostfs.SetContainer(cnrID, cnr)
+
+ var epoch uint64
+
+ t.Run("CORS object", func(t *testing.T) {
+ for _, tc := range []struct {
+ name string
+ corsConfig *data.CORSConfiguration
+ requestHeaders map[string]string
+ expectedHeaders map[string]string
+ }{
+ {
+ name: "empty Origin header",
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderVary: "",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ },
+ {
+ name: "no CORS configuration",
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderVary: "",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ },
+ },
+ {
+ name: "specific allowed origin",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"http://example.com"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ },
+ },
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "GET, HEAD",
+ fasthttp.HeaderVary: fasthttp.HeaderOrigin,
+ fasthttp.HeaderAccessControlAllowCredentials: "true",
+ },
+ },
+ {
+ name: "wildcard allowed origin, with credentials",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ },
+ },
+ },
+ requestHeaders: func() map[string]string {
+ tkn := new(bearer.Token)
+ err = tkn.Sign(hc.key.PrivateKey)
+ require.NoError(t, err)
+
+ t64 := base64.StdEncoding.EncodeToString(tkn.Marshal())
+ require.NotEmpty(t, t64)
+
+ return map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ fasthttp.HeaderAuthorization: "Bearer " + t64,
+ }
+ }(),
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "http://example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "GET, HEAD",
+ fasthttp.HeaderVary: fasthttp.HeaderOrigin,
+ fasthttp.HeaderAccessControlAllowCredentials: "true",
+ },
+ },
+ {
+ name: "wildcard allowed origin, without credentials",
+ corsConfig: &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ },
+ },
+ },
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://example.com",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "*",
+ fasthttp.HeaderAccessControlAllowMethods: "GET, HEAD",
+ fasthttp.HeaderVary: "",
+ fasthttp.HeaderAccessControlAllowCredentials: "",
+ },
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ epoch++
+ setCORSObject(t, hc, cnrID, tc.corsConfig, epoch)
+ r := prepareCORSRequest(t, bktName, tc.requestHeaders)
+ hc.Handler().SetCORSHeaders(r)
+
+ require.Equal(t, fasthttp.StatusOK, r.Response.StatusCode())
+ for k, v := range tc.expectedHeaders {
+ require.Equal(t, v, string(r.Response.Header.Peek(k)))
+ }
+ })
+ }
+ })
+
+ t.Run("CORS config", func(t *testing.T) {
+ hc.cfg.cors = &data.CORSRule{
+ AllowedOrigins: []string{"*"},
+ AllowedMethods: []string{"GET", "HEAD"},
+ AllowedHeaders: []string{"Content-Type", "Content-Encoding"},
+ ExposeHeaders: []string{"x-amz-*", "X-Amz-*"},
+ MaxAgeSeconds: 900,
+ AllowedCredentials: true,
+ }
+
+ r := prepareCORSRequest(t, bktName, map[string]string{fasthttp.HeaderOrigin: "http://example.com"})
+ hc.Handler().SetCORSHeaders(r)
+
+ require.Equal(t, "900", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlMaxAge)))
+ require.Equal(t, "*", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowOrigin)))
+ require.Equal(t, "GET, HEAD", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowMethods)))
+ require.Equal(t, "Content-Type, Content-Encoding", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowHeaders)))
+ require.Equal(t, "x-amz-*, X-Amz-*", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlExposeHeaders)))
+ require.Equal(t, "true", string(r.Response.Header.Peek(fasthttp.HeaderAccessControlAllowCredentials)))
+ })
+}
+
+func TestCheckSubslice(t *testing.T) {
+ for _, tc := range []struct {
+ name string
+ allowed []string
+ actual []string
+ expected bool
+ }{
+ {
+ name: "empty allowed slice",
+ allowed: []string{},
+ actual: []string{"str1", "str2", "str3"},
+ expected: false,
+ },
+ {
+ name: "empty actual slice",
+ allowed: []string{"str1", "str2", "str3"},
+ actual: []string{},
+ expected: true,
+ },
+ {
+ name: "allowed wildcard",
+ allowed: []string{"str", "*"},
+ actual: []string{"str1", "str2", "str3"},
+ expected: true,
+ },
+ {
+ name: "similar allowed and actual",
+ allowed: []string{"str1", "str2", "str3"},
+ actual: []string{"str1", "str2", "str3"},
+ expected: true,
+ },
+ {
+ name: "allowed actual",
+ allowed: []string{"str", "str1", "str2", "str4"},
+ actual: []string{"str1", "str2"},
+ expected: true,
+ },
+ {
+ name: "not allowed actual",
+ allowed: []string{"str", "str1", "str2", "str4"},
+ actual: []string{"str1", "str5"},
+ expected: false,
+ },
+ {
+ name: "wildcard in allowed",
+ allowed: []string{"str*"},
+ actual: []string{"str", "str5"},
+ expected: true,
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ require.Equal(t, tc.expected, checkSubslice(tc.allowed, tc.actual))
+ })
+ }
+}
+
+func TestAllowedOriginWildcards(t *testing.T) {
+ hc := prepareHandlerContext(t)
+ bktName := "bucket-allowed-origin-wildcards"
+ cnrID, cnr, err := hc.prepareContainer(bktName, acl.Private)
+ require.NoError(t, err)
+ hc.frostfs.SetContainer(cnrID, cnr)
+
+ cfg := &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"*suffix.example"},
+ AllowedMethods: []string{"GET"},
+ },
+ {
+ AllowedOrigins: []string{"https://*example"},
+ AllowedMethods: []string{"GET"},
+ },
+ {
+ AllowedOrigins: []string{"prefix.example*"},
+ AllowedMethods: []string{"GET"},
+ },
+ },
+ }
+ setCORSObject(t, hc, cnrID, cfg, 1)
+
+ for _, tc := range []struct {
+ name string
+ handler func(*fasthttp.RequestCtx)
+ requestHeaders map[string]string
+ expectedHeaders map[string]string
+ expectedStatus int
+ }{
+ {
+ name: "set cors headers, empty request cors headers",
+ handler: hc.Handler().SetCORSHeaders,
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ },
+ {
+ name: "set cors headers, invalid origin",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://origin.com",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ },
+ {
+ name: "set cors headers, first rule, no symbols in place of wildcard",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "suffix.example",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "suffix.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "set cors headers, first rule, valid origin",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://suffix.example",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "http://suffix.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "set cors headers, first rule, invalid origin",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://suffix-example",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ },
+ {
+ name: "set cors headers, second rule, no symbols in place of wildcard",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://example",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "https://example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "set cors headers, second rule, valid origin",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "https://www.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "set cors headers, second rule, invalid origin",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ },
+ {
+ name: "set cors headers, third rule, no symbols in place of wildcard",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "prefix.example",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "prefix.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "set cors headers, third rule, valid origin",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "prefix.example.com",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "prefix.example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "set cors headers, third rule, invalid origin",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "www.prefix.example",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ },
+ {
+ name: "set cors headers, third rule, invalid request method in header",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "prefix.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "PUT",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ },
+ {
+ name: "set cors headers, third rule, valid request method in header",
+ handler: hc.Handler().SetCORSHeaders,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "prefix.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "prefix.example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "preflight, empty request cors headers",
+ handler: hc.Handler().Preflight,
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ expectedStatus: http.StatusBadRequest,
+ },
+ {
+ name: "preflight, invalid origin",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://origin.com",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ {
+ name: "preflight, first rule, no symbols in place of wildcard",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "suffix.example",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "suffix.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "prelight, first rule, valid origin",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://suffix.example",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "http://suffix.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "preflight, first rule, invalid origin",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "http://suffix-example",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ {
+ name: "preflight, second rule, no symbols in place of wildcard",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://example",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "https://example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "preflight, second rule, valid origin",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "https://www.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "preflight, second rule, invalid origin",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ {
+ name: "preflight, third rule, no symbols in place of wildcard",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "prefix.example",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "prefix.example",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "preflight, third rule, valid origin",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "prefix.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "prefix.example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "GET",
+ },
+ },
+ {
+ name: "preflight, third rule, invalid origin",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "www.prefix.example",
+ fasthttp.HeaderAccessControlRequestMethod: "GET",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ {
+ name: "preflight, third rule, invalid request method in header",
+ handler: hc.Handler().Preflight,
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "prefix.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "PUT",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ r := prepareCORSRequest(t, bktName, tc.requestHeaders)
+ tc.handler(r)
+
+ expectedStatus := fasthttp.StatusOK
+ if tc.expectedStatus != 0 {
+ expectedStatus = tc.expectedStatus
+ }
+ require.Equal(t, expectedStatus, r.Response.StatusCode())
+ for k, v := range tc.expectedHeaders {
+ require.Equal(t, v, string(r.Response.Header.Peek(k)))
+ }
+ })
+ }
+}
+
+func TestAllowedHeaderWildcards(t *testing.T) {
+ hc := prepareHandlerContext(t)
+ bktName := "bucket-allowed-header-wildcards"
+ cnrID, cnr, err := hc.prepareContainer(bktName, acl.Private)
+ require.NoError(t, err)
+ hc.frostfs.SetContainer(cnrID, cnr)
+
+ cfg := &data.CORSConfiguration{
+ CORSRules: []data.CORSRule{
+ {
+ AllowedOrigins: []string{"https://www.example.com"},
+ AllowedMethods: []string{"HEAD"},
+ AllowedHeaders: []string{"*-suffix"},
+ },
+ {
+ AllowedOrigins: []string{"https://www.example.com"},
+ AllowedMethods: []string{"HEAD"},
+ AllowedHeaders: []string{"start-*-end"},
+ },
+ {
+ AllowedOrigins: []string{"https://www.example.com"},
+ AllowedMethods: []string{"HEAD"},
+ AllowedHeaders: []string{"X-Amz-*"},
+ },
+ },
+ }
+ setCORSObject(t, hc, cnrID, cfg, 1)
+
+ for _, tc := range []struct {
+ name string
+ requestHeaders map[string]string
+ expectedHeaders map[string]string
+ expectedStatus int
+ }{
+ {
+ name: "first rule, valid headers",
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "header-suffix, -suffix",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "HEAD",
+ fasthttp.HeaderAccessControlAllowHeaders: "header-suffix, -suffix",
+ },
+ },
+ {
+ name: "first rule, invalid headers",
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "header-suffix-*",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ {
+ name: "second rule, valid headers",
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "start--end, start-header-end",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "HEAD",
+ fasthttp.HeaderAccessControlAllowHeaders: "start--end, start-header-end",
+ },
+ },
+ {
+ name: "second rule, invalid header ending",
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "start-header-end-*",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ {
+ name: "second rule, invalid header beginning",
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "*-start-header-end",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ {
+ name: "third rule, valid headers",
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "X-Amz-Date, X-Amz-Content-Sha256",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlAllowMethods: "HEAD",
+ fasthttp.HeaderAccessControlAllowHeaders: "X-Amz-Date, X-Amz-Content-Sha256",
+ },
+ },
+ {
+ name: "third rule, invalid headers",
+ requestHeaders: map[string]string{
+ fasthttp.HeaderOrigin: "https://www.example.com",
+ fasthttp.HeaderAccessControlRequestMethod: "HEAD",
+ fasthttp.HeaderAccessControlRequestHeaders: "Authorization",
+ },
+ expectedHeaders: map[string]string{
+ fasthttp.HeaderAccessControlAllowOrigin: "",
+ fasthttp.HeaderAccessControlAllowMethods: "",
+ fasthttp.HeaderAccessControlAllowHeaders: "",
+ },
+ expectedStatus: http.StatusForbidden,
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ r := prepareCORSRequest(t, bktName, tc.requestHeaders)
+ hc.Handler().Preflight(r)
+
+ expectedStatus := http.StatusOK
+ if tc.expectedStatus != 0 {
+ expectedStatus = tc.expectedStatus
+ }
+ require.Equal(t, expectedStatus, r.Response.StatusCode())
+ for k, v := range tc.expectedHeaders {
+ require.Equal(t, v, string(r.Response.Header.Peek(k)))
+ }
+ })
+ }
+}
+
+func setCORSObject(t *testing.T, hc *handlerContext, cnrID cid.ID, corsConfig *data.CORSConfiguration, epoch uint64) {
+ payload, err := xml.Marshal(corsConfig)
+ require.NoError(t, err)
+
+ a := object.NewAttribute()
+ a.SetKey(object.AttributeFilePath)
+ a.SetValue(fmt.Sprintf(corsFilePathTemplate, cnrID))
+
+ objID := oidtest.ID()
+ obj := object.New()
+ obj.SetAttributes(*a)
+ obj.SetOwnerID(hc.owner)
+ obj.SetPayload(payload)
+ obj.SetPayloadSize(uint64(len(payload)))
+ obj.SetContainerID(hc.corsCnr)
+ obj.SetID(objID)
+ obj.SetCreationEpoch(epoch)
+
+ var addr oid.Address
+ addr.SetObject(objID)
+ addr.SetContainer(hc.corsCnr)
+
+ hc.frostfs.SetObject(addr, obj)
+}
diff --git a/internal/handler/download.go b/internal/handler/download.go
index 8ee76bfb..15fb8865 100644
--- a/internal/handler/download.go
+++ b/internal/handler/download.go
@@ -1,82 +1,302 @@
package handler
import (
+ "archive/tar"
"archive/zip"
"bufio"
+ "compress/gzip"
"context"
+ "errors"
"fmt"
"io"
- "net/http"
"net/url"
+ "strings"
"time"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tree"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
+ "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
"github.com/valyala/fasthttp"
"go.uber.org/zap"
)
// DownloadByAddressOrBucketName handles download requests using simple cid/oid or bucketname/key format.
-func (h *Handler) DownloadByAddressOrBucketName(c *fasthttp.RequestCtx) {
- test, _ := c.UserValue("oid").(string)
- var id oid.ID
- err := id.DecodeString(test)
+func (h *Handler) DownloadByAddressOrBucketName(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.DownloadByAddressOrBucketName")
+ defer span.End()
+
+ cidParam := req.UserValue("cid").(string)
+ oidParam := req.UserValue("oid").(string)
+
+ ctx = utils.SetReqLog(ctx, h.reqLogger(ctx).With(
+ zap.String("cid", cidParam),
+ zap.String("oid", oidParam),
+ ))
+
+ path, err := url.QueryUnescape(oidParam)
if err != nil {
- h.byBucketname(c, h.receiveFile)
+ h.logAndSendError(ctx, req, logs.FailedToUnescapePath, err)
+ return
+ }
+
+ bktInfo, err := h.getBucketInfo(ctx, cidParam)
+ if err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToGetBucketInfo, err)
+ return
+ }
+
+ checkS3Err := h.tree.CheckSettingsNodeExists(ctx, bktInfo)
+ if checkS3Err != nil && !errors.Is(checkS3Err, tree.ErrNodeNotFound) {
+ h.logAndSendError(ctx, req, logs.FailedToCheckIfSettingsNodeExist, checkS3Err)
+ return
+ }
+
+ prm := MiddlewareParam{
+ Context: ctx,
+ Request: req,
+ BktInfo: bktInfo,
+ Path: path,
+ }
+
+ indexPageEnabled := h.config.IndexPageEnabled()
+
+ if checkS3Err == nil {
+ run(prm, h.errorMiddleware(logs.ObjectNotFound, ErrObjectNotFound),
+ Middleware{Func: h.byS3PathMiddleware(h.receiveFile, noopFormer), Enabled: true},
+ Middleware{Func: h.byS3PathMiddleware(h.receiveFile, indexFormer), Enabled: indexPageEnabled},
+ Middleware{Func: h.browseIndexMiddleware(h.getDirObjectsS3), Enabled: indexPageEnabled},
+ )
} else {
- h.byAddress(c, h.receiveFile)
+ slashFallbackEnabled := h.config.EnableFilepathSlashFallback()
+ fileNameFallbackEnabled := h.config.EnableFilepathFallback()
+
+ run(prm, h.errorMiddleware(logs.ObjectNotFound, ErrObjectNotFound),
+ Middleware{Func: h.byAddressMiddleware(h.receiveFile), Enabled: true},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.receiveFile, object.AttributeFilePath, noopFormer), Enabled: true},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.receiveFile, object.AttributeFilePath, reverseLeadingSlash), Enabled: slashFallbackEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.receiveFile, object.AttributeFileName, noopFormer), Enabled: fileNameFallbackEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.receiveFile, object.AttributeFileName, reverseLeadingSlash), Enabled: fileNameFallbackEnabled && slashFallbackEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.receiveFile, object.AttributeFilePath, indexFormer), Enabled: indexPageEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.receiveFile, object.AttributeFileName, indexFormer), Enabled: fileNameFallbackEnabled && indexPageEnabled},
+ Middleware{Func: h.browseIndexMiddleware(h.getDirObjectsNative), Enabled: indexPageEnabled},
+ )
}
}
-func (h *Handler) newRequest(ctx *fasthttp.RequestCtx, log *zap.Logger) *request {
- return &request{
- RequestCtx: ctx,
- log: log,
+type ObjectHandlerFunc func(context.Context, *fasthttp.RequestCtx, oid.Address)
+
+type MiddlewareFunc func(param MiddlewareParam) bool
+
+type MiddlewareParam struct {
+ Context context.Context
+ Request *fasthttp.RequestCtx
+ BktInfo *data.BucketInfo
+ Path string
+}
+
+type Middleware struct {
+ Func MiddlewareFunc
+ Enabled bool
+}
+
+func run(prm MiddlewareParam, defaultMiddleware MiddlewareFunc, middlewares ...Middleware) {
+ for _, m := range middlewares {
+ if m.Enabled && !m.Func(prm) {
+ return
+ }
+ }
+
+ defaultMiddleware(prm)
+}
+
+func indexFormer(path string) string {
+ indexPath := path
+ if indexPath != "" && !strings.HasSuffix(indexPath, "/") {
+ indexPath += "/"
+ }
+
+ return indexPath + "index.html"
+}
+
+func reverseLeadingSlash(path string) string {
+ if path == "" || path == "/" {
+ return path
+ }
+
+ if path[0] == '/' {
+ return path[1:]
+ }
+
+ return "/" + path
+}
+
+func noopFormer(path string) string {
+ return path
+}
+
+func (h *Handler) byS3PathMiddleware(handler func(context.Context, *fasthttp.RequestCtx, oid.Address), pathFormer func(string) string) MiddlewareFunc {
+ return func(prm MiddlewareParam) bool {
+ ctx, span := tracing.StartSpanFromContext(prm.Context, "handler.byS3Path")
+ defer span.End()
+
+ path := pathFormer(prm.Path)
+
+ foundOID, err := h.tree.GetLatestVersion(ctx, &prm.BktInfo.CID, path)
+ if err == nil {
+ if foundOID.IsDeleteMarker {
+ h.logAndSendError(ctx, prm.Request, logs.IndexWasDeleted, ErrObjectNotFound)
+ return false
+ }
+
+ addr := newAddress(prm.BktInfo.CID, foundOID.OID)
+ handler(ctx, prm.Request, addr)
+ return false
+ }
+
+ if !errors.Is(err, tree.ErrNodeNotFound) {
+ h.logAndSendError(ctx, prm.Request, logs.FailedToGetLatestVersionOfIndexObject, err, zap.String("path", path))
+ return false
+ }
+
+ return true
+ }
+}
+
+func (h *Handler) byAttributeSearchMiddleware(handler ObjectHandlerFunc, attr string, pathFormer func(string) string) MiddlewareFunc {
+ return func(prm MiddlewareParam) bool {
+ ctx, span := tracing.StartSpanFromContext(prm.Context, "handler.byAttributeSearch")
+ defer span.End()
+
+ path := pathFormer(prm.Path)
+
+ res, err := h.search(ctx, prm.BktInfo.CID, attr, path, object.MatchStringEqual)
+ if err != nil {
+ h.logAndSendError(ctx, prm.Request, logs.FailedToFindObjectByAttribute, err)
+ return false
+ }
+ defer res.Close()
+
+ buf := make([]oid.ID, 1)
+ n, err := res.Read(buf)
+ if err == nil && n > 0 {
+ addr := newAddress(prm.BktInfo.CID, buf[0])
+ handler(ctx, prm.Request, addr)
+ return false
+ }
+
+ if !errors.Is(err, io.EOF) {
+ h.logAndSendError(ctx, prm.Request, logs.FailedToFindObjectByAttribute, err)
+ return false
+ }
+
+ return true
+ }
+}
+
+func (h *Handler) byAddressMiddleware(handler ObjectHandlerFunc) MiddlewareFunc {
+ return func(prm MiddlewareParam) bool {
+ ctx, span := tracing.StartSpanFromContext(prm.Context, "handler.byAddress")
+ defer span.End()
+
+ var objID oid.ID
+ if objID.DecodeString(prm.Path) == nil {
+ handler(ctx, prm.Request, newAddress(prm.BktInfo.CID, objID))
+ return false
+ }
+
+ return true
}
}
// DownloadByAttribute handles attribute-based download requests.
-func (h *Handler) DownloadByAttribute(c *fasthttp.RequestCtx) {
- h.byAttribute(c, h.receiveFile)
+func (h *Handler) DownloadByAttribute(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.DownloadByAttribute")
+ defer span.End()
+
+ h.byAttribute(ctx, req, h.receiveFile)
}
-func (h *Handler) search(ctx context.Context, cid *cid.ID, key, val string, op object.SearchMatchType) (pool.ResObjectSearch, error) {
+func (h *Handler) search(ctx context.Context, cnrID cid.ID, key, val string, op object.SearchMatchType) (ResObjectSearch, error) {
filters := object.NewSearchFilters()
filters.AddRootFilter()
filters.AddFilter(key, val, op)
- var prm pool.PrmObjectSearch
- prm.SetContainerID(*cid)
- prm.SetFilters(filters)
- if btoken := bearerToken(ctx); btoken != nil {
- prm.UseBearer(*btoken)
+ prm := PrmObjectSearch{
+ PrmAuth: PrmAuth{
+ BearerToken: bearerToken(ctx),
+ },
+ Container: cnrID,
+ Filters: filters,
}
- return h.pool.SearchObjects(ctx, prm)
+ return h.frostfs.SearchObjects(ctx, prm)
}
-func (h *Handler) getContainer(ctx context.Context, cnrID cid.ID) (container.Container, error) {
- var prm pool.PrmContainerGet
- prm.SetContainerID(cnrID)
+// DownloadZip handles zip by prefix requests.
+func (h *Handler) DownloadZip(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.DownloadZip")
+ defer span.End()
- return h.pool.GetContainer(ctx, prm)
+ scid, _ := req.UserValue("cid").(string)
+ prefix, _ := req.UserValue("prefix").(string)
+
+ ctx = utils.SetReqLog(ctx, h.reqLogger(ctx).With(zap.String("cid", scid), zap.String("prefix", prefix)))
+
+ bktInfo, err := h.getBucketInfo(ctx, scid)
+ if err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToGetBucketInfo, err)
+ return
+ }
+
+ resSearch, err := h.searchObjectsByPrefix(ctx, bktInfo.CID, prefix)
+ if err != nil {
+ return
+ }
+
+ req.Response.Header.Set(fasthttp.HeaderContentType, "application/zip")
+ req.Response.Header.Set(fasthttp.HeaderContentDisposition, "attachment; filename=\"archive.zip\"")
+
+ req.SetBodyStreamWriter(h.getZipResponseWriter(ctx, resSearch, bktInfo))
}
-func (h *Handler) addObjectToZip(zw *zip.Writer, obj *object.Object) (io.Writer, error) {
+func (h *Handler) getZipResponseWriter(ctx context.Context, resSearch ResObjectSearch, bktInfo *data.BucketInfo) func(w *bufio.Writer) {
+ return func(w *bufio.Writer) {
+ defer resSearch.Close()
+
+ buf := make([]byte, 3<<20)
+ zipWriter := zip.NewWriter(w)
+ var objectsWritten int
+
+ errIter := resSearch.Iterate(h.putObjectToArchive(ctx, bktInfo.CID, buf,
+ func(obj *object.Object) (io.Writer, error) {
+ objectsWritten++
+ return h.createZipFile(zipWriter, obj)
+ }),
+ )
+ if errIter != nil {
+ h.reqLogger(ctx).Error(logs.IteratingOverSelectedObjectsFailed, zap.Error(errIter), logs.TagField(logs.TagDatapath))
+ return
+ } else if objectsWritten == 0 {
+ h.reqLogger(ctx).Warn(logs.ObjectsNotFound, logs.TagField(logs.TagDatapath))
+ }
+ if err := zipWriter.Close(); err != nil {
+ h.reqLogger(ctx).Error(logs.CloseZipWriter, zap.Error(err), logs.TagField(logs.TagDatapath))
+ }
+ }
+}
+
+func (h *Handler) createZipFile(zw *zip.Writer, obj *object.Object) (io.Writer, error) {
method := zip.Store
- if h.settings.ZipCompression() {
+ if h.config.ArchiveCompression() {
method = zip.Deflate
}
- filePath := getZipFilePath(obj)
+ filePath := getFilePath(obj)
if len(filePath) == 0 || filePath[len(filePath)-1] == '/' {
return nil, fmt.Errorf("invalid filepath '%s'", filePath)
}
@@ -88,103 +308,134 @@ func (h *Handler) addObjectToZip(zw *zip.Writer, obj *object.Object) (io.Writer,
})
}
-// DownloadZipped handles zip by prefix requests.
-func (h *Handler) DownloadZipped(c *fasthttp.RequestCtx) {
- scid, _ := c.UserValue("cid").(string)
- prefix, _ := url.QueryUnescape(c.UserValue("prefix").(string))
- log := h.log.With(zap.String("cid", scid), zap.String("prefix", prefix))
+// DownloadTar forms tar.gz from objects by prefix.
+func (h *Handler) DownloadTar(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.DownloadTar")
+ defer span.End()
- ctx := utils.GetContextFromRequest(c)
+ scid, _ := req.UserValue("cid").(string)
+ prefix, _ := req.UserValue("prefix").(string)
- containerID, err := h.getContainerID(ctx, scid)
+ ctx = utils.SetReqLog(ctx, h.reqLogger(ctx).With(zap.String("cid", scid), zap.String("prefix", prefix)))
+
+ bktInfo, err := h.getBucketInfo(ctx, scid)
if err != nil {
- log.Error(logs.WrongContainerID, zap.Error(err))
- response.Error(c, "wrong container id", fasthttp.StatusBadRequest)
+ h.logAndSendError(ctx, req, logs.FailedToGetBucketInfo, err)
return
}
- // check if container exists here to be able to return 404 error,
- // otherwise we get this error only in object iteration step
- // and client get 200 OK.
- if _, err = h.getContainer(ctx, *containerID); err != nil {
- log.Error(logs.CouldNotCheckContainerExistence, zap.Error(err))
- if client.IsErrContainerNotFound(err) {
- response.Error(c, "Not Found", fasthttp.StatusNotFound)
- return
- }
- response.Error(c, "could not check container existence: "+err.Error(), fasthttp.StatusBadRequest)
- return
- }
-
- resSearch, err := h.search(ctx, containerID, object.AttributeFilePath, prefix, object.MatchCommonPrefix)
+ resSearch, err := h.searchObjectsByPrefix(ctx, bktInfo.CID, prefix)
if err != nil {
- log.Error(logs.CouldNotSearchForObjects, zap.Error(err))
- response.Error(c, "could not search for objects: "+err.Error(), fasthttp.StatusBadRequest)
return
}
- c.Response.Header.Set(fasthttp.HeaderContentType, "application/zip")
- c.Response.Header.Set(fasthttp.HeaderContentDisposition, "attachment; filename=\"archive.zip\"")
- c.Response.SetStatusCode(http.StatusOK)
+ req.Response.Header.Set(fasthttp.HeaderContentType, "application/gzip")
+ req.Response.Header.Set(fasthttp.HeaderContentDisposition, "attachment; filename=\"archive.tar.gz\"")
- c.SetBodyStreamWriter(func(w *bufio.Writer) {
+ req.SetBodyStreamWriter(h.getTarResponseWriter(ctx, resSearch, bktInfo))
+}
+
+func (h *Handler) getTarResponseWriter(ctx context.Context, resSearch ResObjectSearch, bktInfo *data.BucketInfo) func(w *bufio.Writer) {
+ return func(w *bufio.Writer) {
defer resSearch.Close()
- zipWriter := zip.NewWriter(w)
+ compressionLevel := gzip.NoCompression
+ if h.config.ArchiveCompression() {
+ compressionLevel = gzip.DefaultCompression
+ }
- var bufZip []byte
- var addr oid.Address
+ // ignore error because it's not nil only if compressionLevel argument is invalid
+ gzipWriter, _ := gzip.NewWriterLevel(w, compressionLevel)
+ tarWriter := tar.NewWriter(gzipWriter)
- empty := true
- called := false
- btoken := bearerToken(ctx)
- addr.SetContainer(*containerID)
-
- errIter := resSearch.Iterate(func(id oid.ID) bool {
- called = true
-
- if empty {
- bufZip = make([]byte, 3<<20) // the same as for upload
+ defer func() {
+ if err := tarWriter.Close(); err != nil {
+ h.reqLogger(ctx).Error(logs.CloseTarWriter, zap.Error(err), logs.TagField(logs.TagDatapath))
}
- empty = false
-
- addr.SetObject(id)
- if err = h.zipObject(ctx, zipWriter, addr, btoken, bufZip); err != nil {
- log.Error(logs.FailedToAddObjectToArchive, zap.String("oid", id.EncodeToString()), zap.Error(err))
+ if err := gzipWriter.Close(); err != nil {
+ h.reqLogger(ctx).Error(logs.CloseGzipWriter, zap.Error(err), logs.TagField(logs.TagDatapath))
}
+ }()
- return false
- })
+ var objectsWritten int
+ buf := make([]byte, 3<<20) // the same as for upload
+
+ errIter := resSearch.Iterate(h.putObjectToArchive(ctx, bktInfo.CID, buf,
+ func(obj *object.Object) (io.Writer, error) {
+ objectsWritten++
+ return h.createTarFile(tarWriter, obj)
+ }),
+ )
if errIter != nil {
- log.Error(logs.IteratingOverSelectedObjectsFailed, zap.Error(errIter))
- } else if !called {
- log.Error(logs.ObjectsNotFound)
+ h.reqLogger(ctx).Error(logs.IteratingOverSelectedObjectsFailed, zap.Error(errIter), logs.TagField(logs.TagDatapath))
+ } else if objectsWritten == 0 {
+ h.reqLogger(ctx).Warn(logs.ObjectsNotFound, logs.TagField(logs.TagDatapath))
}
+ }
+}
- if err = zipWriter.Close(); err != nil {
- log.Error(logs.CloseZipWriter, zap.Error(err))
- }
+func (h *Handler) createTarFile(tw *tar.Writer, obj *object.Object) (io.Writer, error) {
+ filePath := getFilePath(obj)
+ if len(filePath) == 0 || filePath[len(filePath)-1] == '/' {
+ return nil, fmt.Errorf("invalid filepath '%s'", filePath)
+ }
+
+ return tw, tw.WriteHeader(&tar.Header{
+ Name: filePath,
+ Mode: 0655,
+ Size: int64(obj.PayloadSize()),
})
}
-func (h *Handler) zipObject(ctx context.Context, zipWriter *zip.Writer, addr oid.Address, btoken *bearer.Token, bufZip []byte) error {
- var prm pool.PrmObjectGet
- prm.SetAddress(addr)
- if btoken != nil {
- prm.UseBearer(*btoken)
- }
+func (h *Handler) putObjectToArchive(ctx context.Context, cnrID cid.ID, buf []byte, createArchiveHeader func(obj *object.Object) (io.Writer, error)) func(id oid.ID) bool {
+ return func(id oid.ID) bool {
+ logger := h.reqLogger(ctx).With(zap.String("oid", id.EncodeToString()))
- resGet, err := h.pool.GetObject(ctx, prm)
+ prm := PrmObjectGet{
+ PrmAuth: PrmAuth{
+ BearerToken: bearerToken(ctx),
+ },
+ Address: newAddress(cnrID, id),
+ }
+
+ resGet, err := h.frostfs.GetObject(ctx, prm)
+ if err != nil {
+ logger.Error(logs.FailedToGetObject, zap.Error(err), logs.TagField(logs.TagExternalStorage))
+ return false
+ }
+
+ fileWriter, err := createArchiveHeader(&resGet.Header)
+ if err != nil {
+ logger.Error(logs.FailedToAddObjectToArchive, zap.Error(err), logs.TagField(logs.TagDatapath))
+ return false
+ }
+
+ if err = writeToArchive(resGet, fileWriter, buf); err != nil {
+ logger.Error(logs.FailedToAddObjectToArchive, zap.Error(err), logs.TagField(logs.TagDatapath))
+ return false
+ }
+
+ return false
+ }
+}
+
+func (h *Handler) searchObjectsByPrefix(ctx context.Context, cnrID cid.ID, prefix string) (ResObjectSearch, error) {
+ prefix, err := url.QueryUnescape(prefix)
if err != nil {
- return fmt.Errorf("get FrostFS object: %v", err)
+ return nil, fmt.Errorf("unescape prefix: %w", err)
}
- objWriter, err := h.addObjectToZip(zipWriter, &resGet.Header)
+ resSearch, err := h.search(ctx, cnrID, object.AttributeFilePath, prefix, object.MatchCommonPrefix)
if err != nil {
- return fmt.Errorf("zip create header: %v", err)
+ return nil, fmt.Errorf("search objects by prefix: %w", err)
}
- if _, err = io.CopyBuffer(objWriter, resGet.Payload, bufZip); err != nil {
+ return resSearch, nil
+}
+
+func writeToArchive(resGet *Object, objWriter io.Writer, buf []byte) error {
+ var err error
+ if _, err = io.CopyBuffer(objWriter, resGet.Payload, buf); err != nil {
return fmt.Errorf("copy object payload to zip file: %v", err)
}
@@ -192,14 +443,10 @@ func (h *Handler) zipObject(ctx context.Context, zipWriter *zip.Writer, addr oid
return fmt.Errorf("object body close error: %w", err)
}
- if err = zipWriter.Flush(); err != nil {
- return fmt.Errorf("flush zip writer: %v", err)
- }
-
return nil
}
-func getZipFilePath(obj *object.Object) string {
+func getFilePath(obj *object.Object) string {
for _, attr := range obj.Attributes() {
if attr.Key() == object.AttributeFilePath {
return attr.Value()
diff --git a/internal/handler/filter.go b/internal/handler/filter.go
index 745718a8..da99db7d 100644
--- a/internal/handler/filter.go
+++ b/internal/handler/filter.go
@@ -50,7 +50,8 @@ func filterHeaders(l *zap.Logger, header *fasthttp.RequestHeader) (map[string]st
l.Debug(logs.AddAttributeToResultObject,
zap.String("key", k),
- zap.String("val", v))
+ zap.String("val", v),
+ logs.TagField(logs.TagDatapath))
})
return result, err
diff --git a/internal/handler/frostfs_mock.go b/internal/handler/frostfs_mock.go
new file mode 100644
index 00000000..540697fd
--- /dev/null
+++ b/internal/handler/frostfs_mock.go
@@ -0,0 +1,289 @@
+package handler
+
+import (
+ "bytes"
+ "context"
+ "crypto/rand"
+ "crypto/sha256"
+ "fmt"
+ "io"
+ "strings"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/checksum"
+ apistatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
+ oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+ "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
+)
+
+type TestFrostFS struct {
+ objects map[string]*object.Object
+ containers map[string]*container.Container
+ accessList map[string]bool
+ key *keys.PrivateKey
+}
+
+func NewTestFrostFS(key *keys.PrivateKey) *TestFrostFS {
+ return &TestFrostFS{
+ objects: make(map[string]*object.Object),
+ containers: make(map[string]*container.Container),
+ accessList: make(map[string]bool),
+ key: key,
+ }
+}
+
+func (t *TestFrostFS) ContainerID(name string) (*cid.ID, error) {
+ for id, cnr := range t.containers {
+ if container.Name(*cnr) == name {
+ var cnrID cid.ID
+ return &cnrID, cnrID.DecodeString(id)
+ }
+ }
+ return nil, fmt.Errorf("not found")
+}
+
+func (t *TestFrostFS) SetContainer(cnrID cid.ID, cnr *container.Container) {
+ t.containers[cnrID.EncodeToString()] = cnr
+}
+
+func (t *TestFrostFS) SetObject(addr oid.Address, obj *object.Object) {
+ t.objects[addr.EncodeToString()] = obj
+}
+
+// AllowUserOperation grants access to object operations.
+// Empty userID and objID means any user and object respectively.
+func (t *TestFrostFS) AllowUserOperation(cnrID cid.ID, userID user.ID, op acl.Op, objID oid.ID) {
+ t.accessList[fmt.Sprintf("%s/%s/%s/%s", cnrID, userID, op, objID)] = true
+}
+
+func (t *TestFrostFS) Container(_ context.Context, prm PrmContainer) (*container.Container, error) {
+ for k, v := range t.containers {
+ if k == prm.ContainerID.EncodeToString() {
+ return v, nil
+ }
+ }
+
+ return nil, fmt.Errorf("container not found %s", prm.ContainerID)
+}
+
+func (t *TestFrostFS) requestOwner(btoken *bearer.Token) user.ID {
+ if btoken != nil {
+ return bearer.ResolveIssuer(*btoken)
+ }
+
+ var owner user.ID
+ user.IDFromKey(&owner, t.key.PrivateKey.PublicKey)
+ return owner
+}
+
+func (t *TestFrostFS) retrieveObject(addr oid.Address, btoken *bearer.Token) (*object.Object, error) {
+ sAddr := addr.EncodeToString()
+
+ if obj, ok := t.objects[sAddr]; ok {
+ owner := t.requestOwner(btoken)
+
+ if !t.isAllowed(addr.Container(), owner, acl.OpObjectGet, addr.Object()) {
+ return nil, ErrAccessDenied
+ }
+
+ return obj, nil
+ }
+
+ return nil, fmt.Errorf("%w: %s", &apistatus.ObjectNotFound{}, addr)
+}
+
+func (t *TestFrostFS) HeadObject(_ context.Context, prm PrmObjectHead) (*object.Object, error) {
+ return t.retrieveObject(prm.Address, prm.BearerToken)
+}
+
+func (t *TestFrostFS) GetObject(_ context.Context, prm PrmObjectGet) (*Object, error) {
+ obj, err := t.retrieveObject(prm.Address, prm.BearerToken)
+ if err != nil {
+ return nil, err
+ }
+
+ return &Object{
+ Header: *obj,
+ Payload: io.NopCloser(bytes.NewReader(obj.Payload())),
+ }, nil
+}
+
+func (t *TestFrostFS) RangeObject(_ context.Context, prm PrmObjectRange) (io.ReadCloser, error) {
+ obj, err := t.retrieveObject(prm.Address, prm.BearerToken)
+ if err != nil {
+ return nil, err
+ }
+
+ off := prm.PayloadRange[0]
+ payload := obj.Payload()[off : off+prm.PayloadRange[1]]
+ return io.NopCloser(bytes.NewReader(payload)), nil
+}
+
+func (t *TestFrostFS) CreateObject(_ context.Context, prm PrmObjectCreate) (oid.ID, error) {
+ b := make([]byte, 32)
+ if _, err := io.ReadFull(rand.Reader, b); err != nil {
+ return oid.ID{}, err
+ }
+ var id oid.ID
+ id.SetSHA256(sha256.Sum256(b))
+ prm.Object.SetID(id)
+
+ attrs := prm.Object.Attributes()
+ if prm.ClientCut {
+ a := object.NewAttribute()
+ a.SetKey("s3-client-cut")
+ a.SetValue("true")
+ attrs = append(attrs, *a)
+ }
+
+ prm.Object.SetAttributes(attrs...)
+
+ if prm.Payload != nil {
+ all, err := io.ReadAll(prm.Payload)
+ if err != nil {
+ return oid.ID{}, err
+ }
+ prm.Object.SetPayload(all)
+ prm.Object.SetPayloadSize(uint64(len(all)))
+ var hash checksum.Checksum
+ checksum.Calculate(&hash, checksum.SHA256, all)
+ prm.Object.SetPayloadChecksum(hash)
+ }
+
+ cnrID, _ := prm.Object.ContainerID()
+ objID, _ := prm.Object.ID()
+
+ owner := t.requestOwner(prm.BearerToken)
+
+ if !t.isAllowed(cnrID, owner, acl.OpObjectPut, objID) {
+ return oid.ID{}, ErrAccessDenied
+ }
+
+ addr := newAddress(cnrID, objID)
+ t.objects[addr.EncodeToString()] = prm.Object
+ return objID, nil
+}
+
+type resObjectSearchMock struct {
+ res []oid.ID
+}
+
+func (r *resObjectSearchMock) Read(buf []oid.ID) (int, error) {
+ for i := range buf {
+ if i > len(r.res)-1 {
+ return len(r.res), io.EOF
+ }
+ buf[i] = r.res[i]
+ }
+
+ r.res = r.res[len(buf):]
+
+ return len(buf), nil
+}
+
+func (r *resObjectSearchMock) Iterate(f func(oid.ID) bool) error {
+ for _, id := range r.res {
+ if f(id) {
+ return nil
+ }
+ }
+
+ return nil
+}
+
+func (r *resObjectSearchMock) Close() {}
+
+func (t *TestFrostFS) SearchObjects(_ context.Context, prm PrmObjectSearch) (ResObjectSearch, error) {
+ if !t.isAllowed(prm.Container, t.requestOwner(prm.BearerToken), acl.OpObjectSearch, oid.ID{}) {
+ return nil, ErrAccessDenied
+ }
+
+ cidStr := prm.Container.EncodeToString()
+ var res []oid.ID
+
+ if len(prm.Filters) == 1 { // match root filter
+ for k, v := range t.objects {
+ if strings.Contains(k, cidStr) {
+ id, _ := v.ID()
+ res = append(res, id)
+ }
+ }
+ return &resObjectSearchMock{res: res}, nil
+ }
+
+ filter := prm.Filters[1]
+ if len(prm.Filters) != 2 ||
+ filter.Operation() != object.MatchCommonPrefix && filter.Operation() != object.MatchStringEqual {
+ return nil, fmt.Errorf("usupported filters")
+ }
+
+ for k, v := range t.objects {
+ if strings.Contains(k, cidStr) && isMatched(v.Attributes(), filter) {
+ id, _ := v.ID()
+ res = append(res, id)
+ }
+ }
+
+ return &resObjectSearchMock{res: res}, nil
+}
+
+func (t *TestFrostFS) GetContainerByID(cid cid.ID) (*container.Container, error) {
+ for k, v := range t.containers {
+ if k == cid.EncodeToString() {
+ return v, nil
+ }
+ }
+
+ return nil, fmt.Errorf("container does not exist %s", cid)
+}
+
+func (t *TestFrostFS) InitMultiObjectReader(context.Context, PrmInitMultiObjectReader) (io.Reader, error) {
+ return nil, nil
+}
+
+func isMatched(attributes []object.Attribute, filter object.SearchFilter) bool {
+ for _, attr := range attributes {
+ if attr.Key() == filter.Header() {
+ switch filter.Operation() {
+ case object.MatchStringEqual:
+ return attr.Value() == filter.Value()
+ case object.MatchCommonPrefix:
+ return strings.HasPrefix(attr.Value(), filter.Value())
+ default:
+ return false
+ }
+ }
+ }
+
+ return false
+}
+
+func (t *TestFrostFS) GetEpochDurations(context.Context) (*utils.EpochDurations, error) {
+ return &utils.EpochDurations{
+ CurrentEpoch: 10,
+ MsPerBlock: 1000,
+ BlockPerEpoch: 100,
+ }, nil
+}
+
+func (t *TestFrostFS) isAllowed(cnrID cid.ID, userID user.ID, op acl.Op, objID oid.ID) bool {
+ keysToCheck := []string{
+ fmt.Sprintf("%s/%s/%s/%s", cnrID, userID, op, objID),
+ fmt.Sprintf("%s/%s/%s/%s", cnrID, userID, op, oid.ID{}),
+ fmt.Sprintf("%s/%s/%s/%s", cnrID, user.ID{}, op, objID),
+ fmt.Sprintf("%s/%s/%s/%s", cnrID, user.ID{}, op, oid.ID{}),
+ }
+
+ for _, key := range keysToCheck {
+ if t.accessList[key] {
+ return true
+ }
+ }
+ return false
+}
diff --git a/internal/handler/handler.go b/internal/handler/handler.go
index d462280e..2efd71d7 100644
--- a/internal/handler/handler.go
+++ b/internal/handler/handler.go
@@ -3,191 +3,346 @@ package handler
import (
"context"
"errors"
+ "fmt"
"io"
"net/url"
- "sync/atomic"
+ "strings"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/cache"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler/middleware"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/tree"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
+ "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/bearer"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+ "github.com/panjf2000/ants/v2"
"github.com/valyala/fasthttp"
"go.uber.org/zap"
)
+type Config interface {
+ DefaultTimestamp() bool
+ ArchiveCompression() bool
+ ClientCut() bool
+ IndexPageEnabled() bool
+ IndexPageTemplate() string
+ BufferMaxSizeForPut() uint64
+ NamespaceHeader() string
+ EnableFilepathFallback() bool
+ EnableFilepathSlashFallback() bool
+ FormContainerZone(string) string
+ CORS() *data.CORSRule
+}
+
+// PrmContainer groups parameters of FrostFS.Container operation.
+type PrmContainer struct {
+ // Container identifier.
+ ContainerID cid.ID
+}
+
+// PrmAuth groups authentication parameters for the FrostFS operation.
+type PrmAuth struct {
+ // Bearer token to be used for the operation. Overlaps PrivateKey. Optional.
+ BearerToken *bearer.Token
+}
+
+// PrmObjectHead groups parameters of FrostFS.HeadObject operation.
+type PrmObjectHead struct {
+ // Authentication parameters.
+ PrmAuth
+
+ // Address to read the object header from.
+ Address oid.Address
+}
+
+// PrmObjectGet groups parameters of FrostFS.GetObject operation.
+type PrmObjectGet struct {
+ // Authentication parameters.
+ PrmAuth
+
+ // Address to read the object header from.
+ Address oid.Address
+}
+
+// PrmObjectRange groups parameters of FrostFS.RangeObject operation.
+type PrmObjectRange struct {
+ // Authentication parameters.
+ PrmAuth
+
+ // Address to read the object header from.
+ Address oid.Address
+
+ // Offset-length range of the object payload to be read.
+ PayloadRange [2]uint64
+}
+
+// Object represents FrostFS object.
+type Object struct {
+ // Object header (doesn't contain payload).
+ Header object.Object
+
+ // Object payload part encapsulated in io.Reader primitive.
+ // Returns ErrAccessDenied on read access violation.
+ Payload io.ReadCloser
+}
+
+// PrmObjectCreate groups parameters of FrostFS.CreateObject operation.
+type PrmObjectCreate struct {
+ // Authentication parameters.
+ PrmAuth
+
+ Object *object.Object
+
+ // Object payload encapsulated in io.Reader primitive.
+ Payload io.Reader
+
+ // Enables client side object preparing.
+ ClientCut bool
+
+ // Disables using Tillich-Zémor hash for payload.
+ WithoutHomomorphicHash bool
+
+ // Sets max buffer size to read payload.
+ BufferMaxSize uint64
+}
+
+// PrmObjectSearch groups parameters of FrostFS.sear SearchObjects operation.
+type PrmObjectSearch struct {
+ // Authentication parameters.
+ PrmAuth
+
+ // Container to select the objects from.
+ Container cid.ID
+
+ Filters object.SearchFilters
+}
+
+type PrmInitMultiObjectReader struct {
+ // payload range
+ Off, Ln uint64
+
+ Addr oid.Address
+ Bearer *bearer.Token
+}
+
+type ResObjectSearch interface {
+ Read(buf []oid.ID) (int, error)
+ Iterate(f func(oid.ID) bool) error
+ Close()
+}
+
+var (
+ // ErrAccessDenied is returned from FrostFS in case of access violation.
+ ErrAccessDenied = errors.New("access denied")
+ // ErrGatewayTimeout is returned from FrostFS in case of timeout, deadline exceeded etc.
+ ErrGatewayTimeout = errors.New("gateway timeout")
+ // ErrQuotaLimitReached is returned from FrostFS in case of quota exceeded.
+ ErrQuotaLimitReached = errors.New("quota limit reached")
+ // ErrContainerNotFound is returned from FrostFS in case of container was not found.
+ ErrContainerNotFound = errors.New("container not found")
+ // ErrObjectNotFound is returned from FrostFS in case of object was not found.
+ ErrObjectNotFound = errors.New("object not found")
+)
+
+// FrostFS represents virtual connection to FrostFS network.
+type FrostFS interface {
+ Container(context.Context, PrmContainer) (*container.Container, error)
+ HeadObject(context.Context, PrmObjectHead) (*object.Object, error)
+ GetObject(context.Context, PrmObjectGet) (*Object, error)
+ RangeObject(context.Context, PrmObjectRange) (io.ReadCloser, error)
+ CreateObject(context.Context, PrmObjectCreate) (oid.ID, error)
+ SearchObjects(context.Context, PrmObjectSearch) (ResObjectSearch, error)
+ InitMultiObjectReader(ctx context.Context, p PrmInitMultiObjectReader) (io.Reader, error)
+
+ utils.EpochInfoFetcher
+}
+
+type ContainerResolver interface {
+ Resolve(ctx context.Context, zone, name string) (*cid.ID, error)
+}
+
+type ContainerContract interface {
+ // GetContainerByID reads a container from contract by ID.
+ GetContainerByID(cid.ID) (*container.Container, error)
+}
+
type Handler struct {
log *zap.Logger
- pool *pool.Pool
+ frostfs FrostFS
ownerID *user.ID
- settings *Settings
- containerResolver *resolver.ContainerResolver
+ config Config
+ containerResolver ContainerResolver
+ cnrContract ContainerContract
tree *tree.Tree
+ cache *cache.BucketCache
+ workerPool *ants.Pool
+ corsCnrID cid.ID
+ corsCache *cache.CORSCache
}
-// Settings stores reloading parameters, so it has to provide atomic getters and setters.
-type Settings struct {
- defaultTimestamp atomic.Bool
- zipCompression atomic.Bool
+type AppParams struct {
+ Logger *zap.Logger
+ FrostFS FrostFS
+ Owner *user.ID
+ Resolver ContainerResolver
+ Cache *cache.BucketCache
+ CORSCnrID cid.ID
+ CORSCache *cache.CORSCache
}
-func (s *Settings) DefaultTimestamp() bool {
- return s.defaultTimestamp.Load()
-}
-
-func (s *Settings) SetDefaultTimestamp(val bool) {
- s.defaultTimestamp.Store(val)
-}
-
-func (s *Settings) ZipCompression() bool {
- return s.zipCompression.Load()
-}
-
-func (s *Settings) SetZipCompression(val bool) {
- s.zipCompression.Store(val)
-}
-
-func New(params *utils.AppParams, settings *Settings, tree *tree.Tree) *Handler {
+func New(params *AppParams, config Config, tree *tree.Tree, rpcCli ContainerContract, workerPool *ants.Pool) *Handler {
return &Handler{
log: params.Logger,
- pool: params.Pool,
+ frostfs: params.FrostFS,
ownerID: params.Owner,
- settings: settings,
+ config: config,
containerResolver: params.Resolver,
tree: tree,
+ cache: params.Cache,
+ workerPool: workerPool,
+ corsCnrID: params.CORSCnrID,
+ corsCache: params.CORSCache,
+ cnrContract: rpcCli,
}
}
-// getContainerID decode container id, if it's not a valid container id
-// then trey to resolve name using provided resolver.
-func (h *Handler) getContainerID(ctx context.Context, containerID string) (*cid.ID, error) {
- cnrID := new(cid.ID)
- err := cnrID.DecodeString(containerID)
+// byAttribute is a wrapper similar to byNativeAddress.
+func (h *Handler) byAttribute(ctx context.Context, req *fasthttp.RequestCtx, handler func(context.Context, *fasthttp.RequestCtx, oid.Address)) {
+ cidParam, _ := req.UserValue("cid").(string)
+ key, _ := req.UserValue("attr_key").(string)
+ val, _ := req.UserValue("attr_val").(string)
+
+ key, err := url.QueryUnescape(key)
if err != nil {
- cnrID, err = h.containerResolver.Resolve(ctx, containerID)
- }
- return cnrID, err
-}
-
-// byAddress is a wrapper for function (e.g. request.headObject, request.receiveFile) that
-// prepares request and object address to it.
-func (h *Handler) byAddress(c *fasthttp.RequestCtx, f func(context.Context, request, oid.Address)) {
- var (
- idCnr, _ = c.UserValue("cid").(string)
- idObj, _ = c.UserValue("oid").(string)
- log = h.log.With(zap.String("cid", idCnr), zap.String("oid", idObj))
- )
-
- ctx := utils.GetContextFromRequest(c)
-
- cnrID, err := h.getContainerID(ctx, idCnr)
- if err != nil {
- log.Error(logs.WrongContainerID, zap.Error(err))
- response.Error(c, "wrong container id", fasthttp.StatusBadRequest)
+ h.logAndSendError(ctx, req, logs.FailedToUnescapeQuery, err, zap.String("cid", cidParam), zap.String("attr_key", key))
return
}
- objID := new(oid.ID)
- if err = objID.DecodeString(idObj); err != nil {
- log.Error(logs.WrongObjectID, zap.Error(err))
- response.Error(c, "wrong object id", fasthttp.StatusBadRequest)
+ val, err = url.QueryUnescape(val)
+ if err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToUnescapeQuery, err, zap.String("cid", cidParam), zap.String("attr_val", key))
+ return
+ }
+
+ ctx = utils.SetReqLog(ctx, h.reqLogger(ctx).With(zap.String("cid", cidParam),
+ zap.String("attr_key", key), zap.String("attr_val", val)))
+
+ bktInfo, err := h.getBucketInfo(ctx, cidParam)
+ if err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToGetBucketInfo, err)
+ return
+ }
+
+ objID, err := h.findObjectByAttribute(ctx, bktInfo.CID, key, val)
+ if err != nil {
+ if errors.Is(err, io.EOF) {
+ err = fmt.Errorf("%w: %s", ErrObjectNotFound, err.Error())
+ }
+ h.logAndSendError(ctx, req, logs.FailedToFindObjectByAttribute, err)
return
}
var addr oid.Address
- addr.SetContainer(*cnrID)
- addr.SetObject(*objID)
+ addr.SetContainer(bktInfo.CID)
+ addr.SetObject(objID)
- f(ctx, *h.newRequest(c, log), addr)
+ handler(ctx, req, addr)
}
-// byBucketname is a wrapper for function (e.g. request.headObject, request.receiveFile) that
-// prepares request and object address to it.
-func (h *Handler) byBucketname(req *fasthttp.RequestCtx, f func(context.Context, request, oid.Address)) {
- var (
- bucketname = req.UserValue("cid").(string)
- key = req.UserValue("oid").(string)
- log = h.log.With(zap.String("bucketname", bucketname), zap.String("key", key))
- )
-
- ctx := utils.GetContextFromRequest(req)
-
- cnrID, err := h.getContainerID(ctx, bucketname)
+func (h *Handler) findObjectByAttribute(ctx context.Context, cnrID cid.ID, attrKey, attrVal string) (oid.ID, error) {
+ res, err := h.search(ctx, cnrID, attrKey, attrVal, object.MatchStringEqual)
if err != nil {
- log.Error(logs.WrongContainerID, zap.Error(err))
- response.Error(req, "wrong container id", fasthttp.StatusBadRequest)
- return
+ return oid.ID{}, fmt.Errorf("search objects: %w", err)
}
-
- foundOid, err := h.tree.GetLatestVersion(ctx, cnrID, key)
- if err != nil {
- log.Error(logs.ObjectWasntFound, zap.Error(err))
- response.Error(req, "object wasn't found", fasthttp.StatusNotFound)
- return
- }
- if foundOid.DeleteMarker {
- log.Error(logs.ObjectWasDeleted)
- response.Error(req, "object deleted", fasthttp.StatusNotFound)
- return
- }
-
- var addr oid.Address
- addr.SetContainer(*cnrID)
- addr.SetObject(foundOid.OID)
-
- f(ctx, *h.newRequest(req, log), addr)
-}
-
-// byAttribute is a wrapper similar to byAddress.
-func (h *Handler) byAttribute(c *fasthttp.RequestCtx, f func(context.Context, request, oid.Address)) {
- var (
- scid, _ = c.UserValue("cid").(string)
- key, _ = url.QueryUnescape(c.UserValue("attr_key").(string))
- val, _ = url.QueryUnescape(c.UserValue("attr_val").(string))
- log = h.log.With(zap.String("cid", scid), zap.String("attr_key", key), zap.String("attr_val", val))
- )
-
- ctx := utils.GetContextFromRequest(c)
-
- containerID, err := h.getContainerID(ctx, scid)
- if err != nil {
- log.Error(logs.WrongContainerID, zap.Error(err))
- response.Error(c, "wrong container id", fasthttp.StatusBadRequest)
- return
- }
-
- res, err := h.search(ctx, containerID, key, val, object.MatchStringEqual)
- if err != nil {
- log.Error(logs.CouldNotSearchForObjects, zap.Error(err))
- response.Error(c, "could not search for objects: "+err.Error(), fasthttp.StatusBadRequest)
- return
- }
-
defer res.Close()
buf := make([]oid.ID, 1)
n, err := res.Read(buf)
if n == 0 {
- if errors.Is(err, io.EOF) {
- log.Error(logs.ObjectNotFound, zap.Error(err))
- response.Error(c, "object not found", fasthttp.StatusNotFound)
- return
+ switch {
+ case errors.Is(err, io.EOF):
+ h.reqLogger(ctx).Error(logs.ObjectNotFound, zap.Error(err), logs.TagField(logs.TagExternalStorage))
+ return oid.ID{}, fmt.Errorf("object not found: %w", err)
+ default:
+ h.reqLogger(ctx).Error(logs.ReadObjectListFailed, zap.Error(err), logs.TagField(logs.TagExternalStorage))
+ return oid.ID{}, fmt.Errorf("read object list failed: %w", err)
}
-
- log.Error(logs.ReadObjectListFailed, zap.Error(err))
- response.Error(c, "read object list failed: "+err.Error(), fasthttp.StatusBadRequest)
- return
}
- var addrObj oid.Address
- addrObj.SetContainer(*containerID)
- addrObj.SetObject(buf[0])
-
- f(ctx, *h.newRequest(c, log), addrObj)
+ return buf[0], nil
+}
+
+// resolveContainer decode container id, if it's not a valid container id
+// then trey to resolve name using provided resolver.
+func (h *Handler) resolveContainer(ctx context.Context, containerID string) (*cid.ID, error) {
+ cnrID := new(cid.ID)
+ err := cnrID.DecodeString(containerID)
+ if err != nil {
+ var namespace string
+ namespace, err = middleware.GetNamespace(ctx)
+ if err != nil {
+ return nil, err
+ }
+
+ zone := h.config.FormContainerZone(namespace)
+ cnrID, err = h.containerResolver.Resolve(ctx, zone, containerID)
+ if err != nil && strings.Contains(err.Error(), "not found") {
+ err = fmt.Errorf("%w: %s", ErrContainerNotFound, err.Error())
+ }
+ }
+ return cnrID, err
+}
+
+func (h *Handler) getBucketInfo(ctx context.Context, containerName string) (*data.BucketInfo, error) {
+ ns, err := middleware.GetNamespace(ctx)
+ if err != nil {
+ return nil, err
+ }
+
+ if bktInfo := h.cache.Get(ns, containerName); bktInfo != nil {
+ return bktInfo, nil
+ }
+
+ cnrID, err := h.resolveContainer(ctx, containerName)
+ if err != nil {
+ return nil, fmt.Errorf("resolve container: %w", err)
+ }
+
+ return h.containerInfo(ctx, *cnrID)
+}
+
+type ListFunc func(ctx context.Context, bucketInfo *data.BucketInfo, prefix string) (*GetObjectsResponse, error)
+
+func (h *Handler) browseIndexMiddleware(fn ListFunc) MiddlewareFunc {
+ return func(prm MiddlewareParam) bool {
+ ctx, span := tracing.StartSpanFromContext(prm.Context, "handler.browseIndex")
+ defer span.End()
+
+ ctx = utils.SetReqLog(ctx, h.reqLogger(ctx).With(
+ zap.String("bucket", prm.BktInfo.Name),
+ zap.String("container", prm.BktInfo.CID.EncodeToString()),
+ zap.String("prefix", prm.Path),
+ ))
+
+ objects, err := fn(ctx, prm.BktInfo, prm.Path)
+ if err != nil {
+ h.logAndSendError(ctx, prm.Request, logs.FailedToListObjects, err)
+ return false
+ }
+
+ h.browseObjects(ctx, prm.Request, browseParams{
+ bucketInfo: prm.BktInfo,
+ prefix: prm.Path,
+ objects: objects,
+ })
+
+ return false
+ }
}
diff --git a/internal/handler/handler_fuzz_test.go b/internal/handler/handler_fuzz_test.go
new file mode 100644
index 00000000..ff38b119
--- /dev/null
+++ b/internal/handler/handler_fuzz_test.go
@@ -0,0 +1,581 @@
+//go:build gofuzz
+// +build gofuzz
+
+package handler
+
+import (
+ "bytes"
+ "context"
+ "encoding/json"
+ "errors"
+ "io"
+ "mime/multipart"
+ "net/http"
+ "testing"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler/middleware"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
+ go_fuzz_utils "github.com/trailofbits/go-fuzz-utils"
+ "github.com/valyala/fasthttp"
+ "go.uber.org/zap"
+)
+
+const (
+ fuzzSuccessExitCode = 0
+ fuzzFailExitCode = -1
+)
+
+func prepareStrings(tp *go_fuzz_utils.TypeProvider, count int) ([]string, error) {
+ array := make([]string, count)
+ var err error
+
+ for i := 0; i < count; i++ {
+ err = tp.Reset()
+ if err != nil {
+ return nil, err
+ }
+
+ array[i], err = tp.GetString()
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return array, nil
+}
+
+func prepareBools(tp *go_fuzz_utils.TypeProvider, count int) ([]bool, error) {
+ array := make([]bool, count)
+ var err error
+
+ for i := 0; i < count; i++ {
+ err = tp.Reset()
+ if err != nil {
+ return nil, err
+ }
+
+ array[i], err = tp.GetBool()
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return array, nil
+}
+
+func getRandomDeterministicPositiveIntInRange(tp *go_fuzz_utils.TypeProvider, max int) (int, error) {
+ count, err := tp.GetInt()
+ if err != nil {
+ return -1, err
+ }
+ count = count % max
+ if count < 0 {
+ count += max
+ }
+ return count, nil
+}
+
+func generateHeaders(tp *go_fuzz_utils.TypeProvider, r *fasthttp.Request, params []string) error {
+ count, err := tp.GetInt()
+ if err != nil {
+ return err
+ }
+ count = count % len(params)
+ if count < 0 {
+ count += len(params)
+ }
+
+ for i := 0; i < count; i++ {
+ position, err := tp.GetInt()
+ if err != nil {
+ return err
+ }
+ position = position % len(params)
+ if position < 0 {
+ position += len(params)
+ }
+
+ v, err := tp.GetString()
+ if err != nil {
+ return err
+ }
+
+ r.Header.Set(params[position], v)
+
+ }
+
+ return nil
+}
+
+func maybeFillRandom(tp *go_fuzz_utils.TypeProvider, initValue string) (string, error) {
+ rnd, err := tp.GetBool()
+ if err != nil {
+ return "", err
+ }
+ if rnd == true {
+ initValue, err = tp.GetString()
+ if err != nil {
+ return "", err
+ }
+ }
+ return initValue, nil
+}
+
+func upload(tp *go_fuzz_utils.TypeProvider) (context.Context, *handlerContext, cid.ID, *fasthttp.RequestCtx, string, string, string, error) {
+ hc, err := prepareHandlerContextBase(zap.NewExample())
+ if err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+
+ aclList := []acl.Basic{
+ acl.Private,
+ acl.PrivateExtended,
+ acl.PublicRO,
+ acl.PublicROExtended,
+ acl.PublicRW,
+ acl.PublicRWExtended,
+ acl.PublicAppend,
+ acl.PublicAppendExtended,
+ }
+
+ pos, err := getRandomDeterministicPositiveIntInRange(tp, len(aclList))
+ if err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+ acl := aclList[pos]
+
+ strings, err := prepareStrings(tp, 6)
+ if err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+ bktName := strings[0]
+ objFileName := strings[1]
+ valAttr := strings[2]
+ keyAttr := strings[3]
+
+ if len(bktName) == 0 {
+ return nil, nil, cid.ID{}, nil, "", "", "", errors.New("not enought buckets")
+ }
+
+ cnrID, cnr, err := hc.prepareContainer(bktName, acl)
+ if err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+
+ hc.frostfs.SetContainer(cnrID, cnr)
+
+ ctx := context.Background()
+ ctx = middleware.SetNamespace(ctx, "")
+
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", cnrID.EncodeToString())
+
+ attributes := map[string]string{
+ object.AttributeFileName: objFileName,
+ keyAttr: valAttr,
+ }
+
+ var buff bytes.Buffer
+ w := multipart.NewWriter(&buff)
+ fw, err := w.CreateFormFile("file", attributes[object.AttributeFileName])
+ if err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+
+ content, err := tp.GetBytes()
+ if err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+
+ if _, err = io.Copy(fw, bytes.NewReader(content)); err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+
+ if err = w.Close(); err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+
+ r.Request.SetBodyStream(&buff, buff.Len())
+ r.Request.Header.Set("Content-Type", w.FormDataContentType())
+ r.Request.Header.Set("X-Attribute-"+keyAttr, valAttr)
+
+ err = generateHeaders(tp, &r.Request, []string{"X-Attribute-", "X-Attribute-DupKey", "X-Attribute-MyAttribute", "X-Attribute-System-DupKey", "X-Attribute-System-Expiration-Epoch1", "X-Attribute-SYSTEM-Expiration-Epoch2", "X-Attribute-system-Expiration-Epoch3", "X-Attribute-User-Attribute", "X-Attribute-", "X-Attribute-FileName", "X-Attribute-FROSTFS", "X-Attribute-neofs", "X-Attribute-SYSTEM", "X-Attribute-System-Expiration-Duration", "X-Attribute-System-Expiration-Epoch", "X-Attribute-System-Expiration-RFC3339", "X-Attribute-System-Expiration-Timestamp", "X-Attribute-Timestamp", "X-Attribute-" + strings[4], "X-Attribute-System-" + strings[5]})
+ if err != nil {
+ return nil, nil, cid.ID{}, nil, "", "", "", err
+ }
+
+ hc.Handler().Upload(r)
+
+ if r.Response.StatusCode() != http.StatusOK {
+ return nil, nil, cid.ID{}, nil, "", "", "", errors.New("error on upload")
+ }
+
+ return ctx, hc, cnrID, r, objFileName, keyAttr, valAttr, nil
+}
+
+func InitFuzzUpload() {
+
+}
+
+func DoFuzzUpload(input []byte) int {
+ // FUZZER INIT
+ if len(input) < 100 {
+ return fuzzFailExitCode
+ }
+
+ tp, err := go_fuzz_utils.NewTypeProvider(input)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ _, _, _, _, _, _, _, err = upload(tp)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ return fuzzSuccessExitCode
+}
+
+func FuzzUpload(f *testing.F) {
+ f.Fuzz(func(t *testing.T, data []byte) {
+ DoFuzzUpload(data)
+ })
+}
+
+func downloadOrHead(tp *go_fuzz_utils.TypeProvider, ctx context.Context, hc *handlerContext, cnrID cid.ID, resp *fasthttp.RequestCtx, filename string) (*fasthttp.RequestCtx, error) {
+
+ var putRes putResponse
+
+ defer func() {
+ if r := recover(); r != nil {
+ panic(resp)
+ }
+ }()
+
+ data := resp.Response.Body()
+ err := json.Unmarshal(data, &putRes)
+
+ if err != nil {
+ return nil, err
+ }
+
+ obj := hc.frostfs.objects[putRes.ContainerID+"/"+putRes.ObjectID]
+ attr := object.NewAttribute()
+ attr.SetKey(object.AttributeFilePath)
+
+ filename, err = maybeFillRandom(tp, filename)
+ if err != nil {
+ return nil, err
+ }
+
+ attr.SetValue(filename)
+ obj.SetAttributes(append(obj.Attributes(), *attr)...)
+
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+
+ cid := cnrID.EncodeToString()
+ cid, err = maybeFillRandom(tp, cid)
+ if err != nil {
+ return nil, err
+ }
+ oid := putRes.ObjectID
+ oid, err = maybeFillRandom(tp, oid)
+ if err != nil {
+ return nil, err
+ }
+ r.SetUserValue("cid", cid)
+ r.SetUserValue("oid", oid)
+
+ rnd, err := tp.GetBool()
+ if err != nil {
+ return nil, err
+ }
+ if rnd == true {
+ r.SetUserValue("download", "true")
+ }
+
+ return r, nil
+}
+
+func InitFuzzGet() {
+
+}
+
+func DoFuzzGet(input []byte) int {
+ // FUZZER INIT
+ if len(input) < 100 {
+ return fuzzFailExitCode
+ }
+
+ tp, err := go_fuzz_utils.NewTypeProvider(input)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ ctx, hc, cnrID, resp, filename, _, _, err := upload(tp)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ r, err := downloadOrHead(tp, ctx, hc, cnrID, resp, filename)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ hc.Handler().DownloadByAddressOrBucketName(r)
+
+ return fuzzSuccessExitCode
+}
+
+func FuzzGet(f *testing.F) {
+ f.Fuzz(func(t *testing.T, data []byte) {
+ DoFuzzUpload(data)
+ })
+}
+
+func InitFuzzHead() {
+
+}
+
+func DoFuzzHead(input []byte) int {
+ // FUZZER INIT
+ if len(input) < 100 {
+ return fuzzFailExitCode
+ }
+
+ tp, err := go_fuzz_utils.NewTypeProvider(input)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ ctx, hc, cnrID, resp, filename, _, _, err := upload(tp)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ r, err := downloadOrHead(tp, ctx, hc, cnrID, resp, filename)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ hc.Handler().HeadByAddressOrBucketName(r)
+
+ return fuzzSuccessExitCode
+}
+
+func FuzzHead(f *testing.F) {
+ f.Fuzz(func(t *testing.T, data []byte) {
+ DoFuzzHead(data)
+ })
+}
+
+func InitFuzzDownloadByAttribute() {
+
+}
+
+func DoFuzzDownloadByAttribute(input []byte) int {
+ // FUZZER INIT
+ if len(input) < 100 {
+ return fuzzFailExitCode
+ }
+
+ tp, err := go_fuzz_utils.NewTypeProvider(input)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ ctx, hc, cnrID, _, _, attrKey, attrVal, err := upload(tp)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ cid := cnrID.EncodeToString()
+ cid, err = maybeFillRandom(tp, cid)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ attrKey, err = maybeFillRandom(tp, attrKey)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ attrVal, err = maybeFillRandom(tp, attrVal)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", cid)
+ r.SetUserValue("attr_key", attrKey)
+ r.SetUserValue("attr_val", attrVal)
+
+ hc.Handler().DownloadByAttribute(r)
+
+ return fuzzSuccessExitCode
+}
+
+func FuzzDownloadByAttribute(f *testing.F) {
+ f.Fuzz(func(t *testing.T, data []byte) {
+ DoFuzzDownloadByAttribute(data)
+ })
+}
+
+func InitFuzzHeadByAttribute() {
+
+}
+
+func DoFuzzHeadByAttribute(input []byte) int {
+ // FUZZER INIT
+ if len(input) < 100 {
+ return fuzzFailExitCode
+ }
+
+ tp, err := go_fuzz_utils.NewTypeProvider(input)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ ctx, hc, cnrID, _, _, attrKey, attrVal, err := upload(tp)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ cid := cnrID.EncodeToString()
+ cid, err = maybeFillRandom(tp, cid)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ attrKey, err = maybeFillRandom(tp, attrKey)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ attrVal, err = maybeFillRandom(tp, attrVal)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", cid)
+ r.SetUserValue("attr_key", attrKey)
+ r.SetUserValue("attr_val", attrVal)
+
+ hc.Handler().HeadByAttribute(r)
+
+ return fuzzSuccessExitCode
+}
+
+func FuzzHeadByAttribute(f *testing.F) {
+ f.Fuzz(func(t *testing.T, data []byte) {
+ DoFuzzHeadByAttribute(data)
+ })
+}
+
+func InitFuzzDownloadZipped() {
+
+}
+
+func DoFuzzDownloadZipped(input []byte) int {
+ // FUZZER INIT
+ if len(input) < 100 {
+ return fuzzFailExitCode
+ }
+
+ tp, err := go_fuzz_utils.NewTypeProvider(input)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ ctx, hc, cnrID, _, _, _, _, err := upload(tp)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ cid := cnrID.EncodeToString()
+ cid, err = maybeFillRandom(tp, cid)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ prefix := ""
+ prefix, err = maybeFillRandom(tp, prefix)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", cid)
+ r.SetUserValue("prefix", prefix)
+
+ hc.Handler().DownloadZip(r)
+
+ return fuzzSuccessExitCode
+}
+
+func FuzzDownloadZipped(f *testing.F) {
+ f.Fuzz(func(t *testing.T, data []byte) {
+ DoFuzzDownloadZipped(data)
+ })
+}
+
+func InitFuzzStoreBearerTokenAppCtx() {
+
+}
+
+func DoFuzzStoreBearerTokenAppCtx(input []byte) int {
+ // FUZZER INIT
+ if len(input) < 100 {
+ return fuzzFailExitCode
+ }
+
+ tp, err := go_fuzz_utils.NewTypeProvider(input)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ prefix := ""
+ prefix, err = maybeFillRandom(tp, prefix)
+ if err != nil {
+ return fuzzFailExitCode
+ }
+
+ ctx := context.Background()
+ ctx = middleware.SetNamespace(ctx, "")
+
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+
+ strings, err := prepareStrings(tp, 3)
+
+ rand, err := prepareBools(tp, 2)
+
+ if rand[0] == true {
+ r.Request.Header.Set(fasthttp.HeaderAuthorization, "Bearer"+strings[0])
+ } else if rand[1] == true {
+ r.Request.Header.SetCookie(fasthttp.HeaderAuthorization, "Bearer"+strings[1])
+ } else {
+ r.Request.Header.Set(fasthttp.HeaderAuthorization, "Bearer"+strings[0])
+ r.Request.Header.SetCookie(fasthttp.HeaderAuthorization, "Bearer"+strings[1])
+ }
+
+ tokens.StoreBearerTokenAppCtx(ctx, r)
+
+ return fuzzSuccessExitCode
+}
+
+func FuzzStoreBearerTokenAppCtx(f *testing.F) {
+ f.Fuzz(func(t *testing.T, data []byte) {
+ DoFuzzStoreBearerTokenAppCtx(data)
+ })
+}
diff --git a/internal/handler/handler_test.go b/internal/handler/handler_test.go
new file mode 100644
index 00000000..6c715fe2
--- /dev/null
+++ b/internal/handler/handler_test.go
@@ -0,0 +1,695 @@
+package handler
+
+import (
+ "archive/zip"
+ "bytes"
+ "context"
+ "encoding/json"
+ "io"
+ "mime/multipart"
+ "net/http"
+ "testing"
+ "time"
+
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/cache"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler/middleware"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/templates"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tokens"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tree"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
+ v2container "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/acl"
+ cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
+ cidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id/test"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/netmap"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
+ oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+ oidtest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id/test"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
+ "github.com/nspcc-dev/neo-go/pkg/crypto/keys"
+ "github.com/panjf2000/ants/v2"
+ "github.com/stretchr/testify/require"
+ "github.com/valyala/fasthttp"
+ "go.uber.org/zap"
+ "go.uber.org/zap/zaptest"
+)
+
+type configMock struct {
+ additionalFilenameSearch bool
+ additionalSlashSearch bool
+ indexEnabled bool
+ cors *data.CORSRule
+}
+
+func (c *configMock) DefaultTimestamp() bool {
+ return false
+}
+
+func (c *configMock) ArchiveCompression() bool {
+ return false
+}
+
+func (c *configMock) IndexPageEnabled() bool {
+ return c.indexEnabled
+}
+
+func (c *configMock) IndexPageTemplate() string {
+ return templates.DefaultIndexTemplate
+}
+
+func (c *configMock) IndexPageNativeTemplate() string {
+ return ""
+}
+
+func (c *configMock) ClientCut() bool {
+ return false
+}
+
+func (c *configMock) BufferMaxSizeForPut() uint64 {
+ return 0
+}
+
+func (c *configMock) NamespaceHeader() string {
+ return ""
+}
+
+func (c *configMock) EnableFilepathFallback() bool {
+ return c.additionalFilenameSearch
+}
+
+func (c *configMock) EnableFilepathSlashFallback() bool {
+ return c.additionalSlashSearch
+}
+
+func (c *configMock) FormContainerZone(string) string {
+ return v2container.SysAttributeZoneDefault
+}
+
+func (c *configMock) CORS() *data.CORSRule {
+ return c.cors
+}
+
+type handlerContext struct {
+ key *keys.PrivateKey
+ owner user.ID
+ corsCnr cid.ID
+
+ h *Handler
+ frostfs *TestFrostFS
+ tree *treeServiceClientMock
+ cfg *configMock
+}
+
+func (hc *handlerContext) Handler() *Handler {
+ return hc.h
+}
+
+func prepareHandlerContext(t *testing.T) *handlerContext {
+ hc, err := prepareHandlerContextBase(zaptest.NewLogger(t))
+ require.NoError(t, err)
+ return hc
+}
+
+func prepareHandlerContextBase(logger *zap.Logger) (*handlerContext, error) {
+ key, err := keys.NewPrivateKey()
+ if err != nil {
+ return nil, err
+ }
+
+ var owner user.ID
+ user.IDFromKey(&owner, key.PrivateKey.PublicKey)
+
+ testFrostFS := NewTestFrostFS(key)
+
+ testResolver := &resolver.Resolver{Name: "test_resolver"}
+ testResolver.SetResolveFunc(func(_ context.Context, _, name string) (*cid.ID, error) {
+ return testFrostFS.ContainerID(name)
+ })
+
+ cnrID := createCORSContainer(owner, testFrostFS)
+
+ params := &AppParams{
+ Logger: logger,
+ FrostFS: testFrostFS,
+ Owner: &owner,
+ Resolver: testResolver,
+ Cache: cache.NewBucketCache(&cache.Config{
+ Size: 1,
+ Lifetime: 1,
+ Logger: logger,
+ }, false),
+ CORSCnrID: cnrID,
+ CORSCache: cache.NewCORSCache(&cache.Config{
+ Size: 1,
+ Lifetime: 1,
+ Logger: logger,
+ }),
+ }
+
+ treeMock := newTreeServiceClientMock()
+ cfgMock := &configMock{}
+
+ workerPool, err := ants.NewPool(1)
+ if err != nil {
+ return nil, err
+ }
+ handler := New(params, cfgMock, tree.NewTree(treeMock, logger), testFrostFS, workerPool)
+
+ return &handlerContext{
+ key: key,
+ owner: owner,
+ corsCnr: cnrID,
+ h: handler,
+ frostfs: testFrostFS,
+ tree: treeMock,
+ cfg: cfgMock,
+ }, nil
+}
+
+func createCORSContainer(owner user.ID, frostfs *TestFrostFS) cid.ID {
+ var cnr container.Container
+ cnr.Init()
+ cnr.SetOwner(owner)
+
+ cnrID := cidtest.ID()
+ frostfs.SetContainer(cnrID, &cnr)
+ frostfs.AllowUserOperation(cnrID, owner, acl.OpObjectSearch, oid.ID{})
+ frostfs.AllowUserOperation(cnrID, owner, acl.OpObjectHead, oid.ID{})
+ frostfs.AllowUserOperation(cnrID, owner, acl.OpObjectGet, oid.ID{})
+
+ return cnrID
+}
+
+func (hc *handlerContext) prepareContainer(name string, basicACL acl.Basic) (cid.ID, *container.Container, error) {
+ var pp netmap.PlacementPolicy
+ err := pp.DecodeString("REP 1")
+ if err != nil {
+ return cid.ID{}, nil, err
+ }
+
+ var cnr container.Container
+ cnr.Init()
+ cnr.SetOwner(hc.owner)
+ cnr.SetPlacementPolicy(pp)
+ cnr.SetBasicACL(basicACL)
+
+ var domain container.Domain
+ domain.SetName(name)
+ container.WriteDomain(&cnr, domain)
+ container.SetName(&cnr, name)
+ container.SetCreationTime(&cnr, time.Now())
+
+ cnrID := cidtest.ID()
+
+ for op := acl.OpObjectGet; op < acl.OpObjectHash; op++ {
+ hc.frostfs.AllowUserOperation(cnrID, hc.owner, op, oid.ID{})
+ if basicACL.IsOpAllowed(op, acl.RoleOthers) {
+ hc.frostfs.AllowUserOperation(cnrID, user.ID{}, op, oid.ID{})
+ }
+ }
+
+ return cnrID, &cnr, nil
+}
+
+func TestBasic(t *testing.T) {
+ hc := prepareHandlerContext(t)
+
+ bktName := "bucket"
+ cnrID, cnr, err := hc.prepareContainer(bktName, acl.PublicRWExtended)
+ require.NoError(t, err)
+ hc.frostfs.SetContainer(cnrID, cnr)
+
+ ctx := context.Background()
+ ctx = middleware.SetNamespace(ctx, "")
+
+ content := "hello"
+ r, err := prepareUploadRequest(ctx, cnrID.EncodeToString(), content)
+ require.NoError(t, err)
+
+ hc.Handler().Upload(r)
+ require.Equal(t, r.Response.StatusCode(), http.StatusOK)
+
+ var putRes putResponse
+ err = json.Unmarshal(r.Response.Body(), &putRes)
+ require.NoError(t, err)
+
+ hc.cfg.additionalFilenameSearch = true
+ obj := hc.frostfs.objects[putRes.ContainerID+"/"+putRes.ObjectID]
+ fileName := prepareObjectAttributes(object.AttributeFileName, objFileName)
+ filePath := prepareObjectAttributes(object.AttributeFilePath, objFilePath)
+ obj.SetAttributes(append(obj.Attributes(), fileName)...)
+ obj.SetAttributes(append(obj.Attributes(), filePath)...)
+
+ t.Run("get", func(t *testing.T) {
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), putRes.ObjectID)
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, content, string(r.Response.Body()))
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), objFilePath)
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, content, string(r.Response.Body()))
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), objFileName)
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, content, string(r.Response.Body()))
+ })
+
+ t.Run("head", func(t *testing.T) {
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), putRes.ObjectID)
+ hc.Handler().HeadByAddressOrBucketName(r)
+ require.Equal(t, putRes.ObjectID, string(r.Response.Header.Peek(hdrObjectID)))
+ require.Equal(t, putRes.ContainerID, string(r.Response.Header.Peek(hdrContainerID)))
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), objFilePath)
+ hc.Handler().HeadByAddressOrBucketName(r)
+ require.Equal(t, putRes.ObjectID, string(r.Response.Header.Peek(hdrObjectID)))
+ require.Equal(t, putRes.ContainerID, string(r.Response.Header.Peek(hdrContainerID)))
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), objFileName)
+ hc.Handler().HeadByAddressOrBucketName(r)
+ require.Equal(t, putRes.ObjectID, string(r.Response.Header.Peek(hdrObjectID)))
+ require.Equal(t, putRes.ContainerID, string(r.Response.Header.Peek(hdrContainerID)))
+ })
+
+ t.Run("get by attribute", func(t *testing.T) {
+ r = prepareGetByAttributeRequest(ctx, bktName, keyAttr, valAttr)
+ hc.Handler().DownloadByAttribute(r)
+ require.Equal(t, content, string(r.Response.Body()))
+
+ r = prepareGetByAttributeRequest(ctx, bktName, attrFileName, objFilePath)
+ hc.Handler().DownloadByAttribute(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ r = prepareGetByAttributeRequest(ctx, bktName, attrFilePath, objFileName)
+ hc.Handler().DownloadByAttribute(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+ })
+
+ t.Run("head by attribute", func(t *testing.T) {
+ r = prepareGetByAttributeRequest(ctx, bktName, keyAttr, valAttr)
+ hc.Handler().HeadByAttribute(r)
+ require.Equal(t, putRes.ObjectID, string(r.Response.Header.Peek(hdrObjectID)))
+ require.Equal(t, putRes.ContainerID, string(r.Response.Header.Peek(hdrContainerID)))
+
+ r = prepareGetByAttributeRequest(ctx, bktName, attrFileName, objFilePath)
+ hc.Handler().HeadByAttribute(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ r = prepareGetByAttributeRequest(ctx, bktName, attrFilePath, objFileName)
+ hc.Handler().HeadByAttribute(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+ })
+
+ t.Run("zip", func(t *testing.T) {
+ r = prepareGetZipped(ctx, bktName, "")
+ hc.Handler().DownloadZip(r)
+
+ readerAt := bytes.NewReader(r.Response.Body())
+ zipReader, err := zip.NewReader(readerAt, int64(len(r.Response.Body())))
+ require.NoError(t, err)
+ require.Len(t, zipReader.File, 1)
+ require.Equal(t, objFilePath, zipReader.File[0].Name)
+ f, err := zipReader.File[0].Open()
+ require.NoError(t, err)
+ defer func() {
+ inErr := f.Close()
+ require.NoError(t, inErr)
+ }()
+ data, err := io.ReadAll(f)
+ require.NoError(t, err)
+ require.Equal(t, content, string(data))
+ })
+}
+
+func prepareHandlerAndBucket(t *testing.T) (*handlerContext, cid.ID) {
+ hc := prepareHandlerContext(t)
+
+ bktName := "bucket"
+ cnrID, cnr, err := hc.prepareContainer(bktName, acl.PublicRWExtended)
+ require.NoError(t, err)
+ hc.frostfs.SetContainer(cnrID, cnr)
+
+ return hc, cnrID
+}
+
+func TestGetObjectWithFallback(t *testing.T) {
+ ctx := middleware.SetNamespace(context.Background(), "")
+
+ t.Run("by oid", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), obj1ID.String())
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+ })
+
+ t.Run("by filepath as it is", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFilePath, "filepath/obj1"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ obj2ID := oidtest.ID()
+ obj2 := object.New()
+ obj2.SetID(obj2ID)
+ obj2.SetPayload([]byte("obj2"))
+ obj2.SetAttributes(prepareObjectAttributes(object.AttributeFilePath, "/filepath/obj2"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj2ID.String()] = obj2
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "filepath/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "/filepath/obj2")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj2.Payload()), string(r.Response.Body()))
+ })
+
+ t.Run("by filepath slash fallback", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFilePath, "filepath/obj1"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "/filepath/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.additionalSlashSearch = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "/filepath/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+ })
+
+ t.Run("by filename fallback", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFileName, "filename/obj1"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "filename/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.additionalFilenameSearch = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "filename/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+ })
+
+ t.Run("by filename and slash fallback", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFileName, "filename/obj1"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "/filename/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.additionalFilenameSearch = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "/filename/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.additionalSlashSearch = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "/filename/obj1")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+ })
+
+ t.Run("index fallback", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFilePath, "filepath/index.html"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "filepath/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "filepath")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.indexEnabled = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "filepath")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "filepath/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+ })
+
+ t.Run("index filename fallback", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFileName, "filename/index.html"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "filename/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "filename")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.indexEnabled = true
+ hc.cfg.additionalFilenameSearch = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "filename")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "filename/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, string(obj1.Payload()), string(r.Response.Body()))
+ })
+}
+
+func TestIndex(t *testing.T) {
+ ctx := middleware.SetNamespace(context.Background(), "")
+
+ t.Run("s3", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFilePath, "prefix/obj1"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ hc.tree.containers[cnrID.String()] = containerInfo{
+ trees: map[string]map[string]nodeResponse{
+ "system": {"bucket-settings": nodeResponse{nodeID: 1}},
+ "version": {
+ "": nodeResponse{}, //root
+ "prefix": nodeResponse{
+ nodeID: 1,
+ meta: []nodeMeta{{key: tree.FileNameKey, value: []byte("prefix")}}},
+ "obj1": nodeResponse{
+ parentID: 1,
+ nodeID: 2,
+ meta: []nodeMeta{
+ {key: tree.FileNameKey, value: []byte("obj1")},
+ {key: "OID", value: []byte(obj1ID.String())},
+ },
+ },
+ },
+ },
+ }
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.indexEnabled = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Contains(t, string(r.Response.Body()), "Index of s3://bucket/prefix")
+ require.Contains(t, string(r.Response.Body()), obj1ID.String())
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Contains(t, string(r.Response.Body()), "Index of s3://bucket/prefix")
+ require.Contains(t, string(r.Response.Body()), obj1ID.String())
+
+ r = prepareGetRequest(ctx, "bucket", "dummy")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Contains(t, string(r.Response.Body()), "Index of s3://bucket/dummy")
+ })
+
+ t.Run("native", func(t *testing.T) {
+ hc, cnrID := prepareHandlerAndBucket(t)
+
+ obj1ID := oidtest.ID()
+ obj1 := object.New()
+ obj1.SetID(obj1ID)
+ obj1.SetPayload([]byte("obj1"))
+ obj1.SetAttributes(prepareObjectAttributes(object.AttributeFilePath, "prefix/obj1"))
+ hc.frostfs.objects[cnrID.String()+"/"+obj1ID.String()] = obj1
+
+ r := prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Equal(t, fasthttp.StatusNotFound, r.Response.StatusCode())
+
+ hc.cfg.indexEnabled = true
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Contains(t, string(r.Response.Body()), "Index of frostfs://"+cnrID.String()+"/prefix")
+ require.Contains(t, string(r.Response.Body()), obj1ID.String())
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "prefix/")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Contains(t, string(r.Response.Body()), "Index of frostfs://"+cnrID.String()+"/prefix")
+ require.Contains(t, string(r.Response.Body()), obj1ID.String())
+
+ r = prepareGetRequest(ctx, cnrID.EncodeToString(), "dummy")
+ hc.Handler().DownloadByAddressOrBucketName(r)
+ require.Contains(t, string(r.Response.Body()), "Index of frostfs://"+cnrID.String()+"/dummy")
+ })
+}
+
+func prepareUploadRequest(ctx context.Context, bucket, content string) (*fasthttp.RequestCtx, error) {
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", bucket)
+ return r, fillMultipartBody(r, content)
+}
+
+func prepareGetRequest(ctx context.Context, bucket, objID string) *fasthttp.RequestCtx {
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", bucket)
+ r.SetUserValue("oid", objID)
+ return r
+}
+
+func prepareCORSRequest(t *testing.T, bucket string, headers map[string]string) *fasthttp.RequestCtx {
+ ctx := context.Background()
+ ctx = middleware.SetNamespace(ctx, "")
+
+ r := new(fasthttp.RequestCtx)
+ r.SetUserValue("cid", bucket)
+
+ for k, v := range headers {
+ r.Request.Header.Set(k, v)
+ }
+
+ ctx, err := tokens.StoreBearerTokenAppCtx(ctx, r)
+ require.NoError(t, err)
+
+ utils.SetContextToRequest(ctx, r)
+
+ return r
+}
+
+func prepareGetByAttributeRequest(ctx context.Context, bucket, attrKey, attrVal string) *fasthttp.RequestCtx {
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", bucket)
+ r.SetUserValue("attr_key", attrKey)
+ r.SetUserValue("attr_val", attrVal)
+ return r
+}
+
+func prepareGetZipped(ctx context.Context, bucket, prefix string) *fasthttp.RequestCtx {
+ r := new(fasthttp.RequestCtx)
+ utils.SetContextToRequest(ctx, r)
+ r.SetUserValue("cid", bucket)
+ r.SetUserValue("prefix", prefix)
+ return r
+}
+
+func prepareObjectAttributes(attrKey, attrValue string) object.Attribute {
+ attr := object.NewAttribute()
+ attr.SetKey(attrKey)
+ attr.SetValue(attrValue)
+ return *attr
+}
+
+const (
+ keyAttr = "User-Attribute"
+ valAttr = "user value"
+ objFileName = "newFile.txt"
+ objFilePath = "/newFile.txt"
+)
+
+func fillMultipartBody(r *fasthttp.RequestCtx, content string) error {
+ attributes := map[string]string{
+ object.AttributeFileName: objFileName,
+ keyAttr: valAttr,
+ }
+
+ var buff bytes.Buffer
+ w := multipart.NewWriter(&buff)
+ fw, err := w.CreateFormFile("file", attributes[object.AttributeFileName])
+ if err != nil {
+ return err
+ }
+
+ if _, err = io.Copy(fw, bytes.NewBufferString(content)); err != nil {
+ return err
+ }
+
+ if err = w.Close(); err != nil {
+ return err
+ }
+
+ r.Request.SetBodyStream(&buff, buff.Len())
+ r.Request.Header.Set("Content-Type", w.FormDataContentType())
+ r.Request.Header.Set("X-Attribute-"+keyAttr, valAttr)
+
+ return nil
+}
diff --git a/internal/handler/head.go b/internal/handler/head.go
index f7478f1b..508dc37c 100644
--- a/internal/handler/head.go
+++ b/internal/handler/head.go
@@ -2,16 +2,19 @@ package handler
import (
"context"
+ "errors"
"io"
"net/http"
+ "net/url"
"strconv"
"time"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/tree"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
+ "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
"github.com/valyala/fasthttp"
"go.uber.org/zap"
)
@@ -25,25 +28,30 @@ const (
hdrContainerID = "X-Container-Id"
)
-func (h *Handler) headObject(ctx context.Context, req request, objectAddress oid.Address) {
+func (h *Handler) headObject(ctx context.Context, req *fasthttp.RequestCtx, objectAddress oid.Address) {
var start = time.Now()
btoken := bearerToken(ctx)
- var prm pool.PrmObjectHead
- prm.SetAddress(objectAddress)
- if btoken != nil {
- prm.UseBearer(*btoken)
+ prm := PrmObjectHead{
+ PrmAuth: PrmAuth{
+ BearerToken: btoken,
+ },
+ Address: objectAddress,
}
- obj, err := h.pool.HeadObject(ctx, prm)
+ obj, err := h.frostfs.HeadObject(ctx, prm)
if err != nil {
- req.handleFrostFSErr(err, start)
+ h.logAndSendError(ctx, req, logs.FailedToHeadObject, err, zap.Stringer("elapsed", time.Since(start)))
return
}
req.Response.Header.Set(fasthttp.HeaderContentLength, strconv.FormatUint(obj.PayloadSize(), 10))
- var contentType string
+ var (
+ contentType string
+ filename string
+ filepath string
+ )
for _, attr := range obj.Attributes() {
key := attr.Key()
val := attr.Value()
@@ -58,37 +66,42 @@ func (h *Handler) headObject(ctx context.Context, req request, objectAddress oid
case object.AttributeTimestamp:
value, err := strconv.ParseInt(val, 10, 64)
if err != nil {
- req.log.Info(logs.CouldntParseCreationDate,
+ h.reqLogger(ctx).Info(logs.CouldntParseCreationDate,
zap.String("key", key),
zap.String("val", val),
- zap.Error(err))
+ zap.Error(err),
+ logs.TagField(logs.TagDatapath))
continue
}
req.Response.Header.Set(fasthttp.HeaderLastModified, time.Unix(value, 0).UTC().Format(http.TimeFormat))
case object.AttributeContentType:
contentType = val
+ case object.AttributeFilePath:
+ filepath = val
+ case object.AttributeFileName:
+ filename = val
}
}
+ if filename == "" {
+ filename = filepath
+ }
- idsToResponse(&req.Response, &obj)
+ idsToResponse(&req.Response, obj)
if len(contentType) == 0 {
contentType, _, err = readContentType(obj.PayloadSize(), func(sz uint64) (io.Reader, error) {
- var prmRange pool.PrmObjectRange
- prmRange.SetAddress(objectAddress)
- prmRange.SetLength(sz)
- if btoken != nil {
- prmRange.UseBearer(*btoken)
+ prmRange := PrmObjectRange{
+ PrmAuth: PrmAuth{
+ BearerToken: btoken,
+ },
+ Address: objectAddress,
+ PayloadRange: [2]uint64{0, sz},
}
- resObj, err := h.pool.ObjectRange(ctx, prmRange)
- if err != nil {
- return nil, err
- }
- return &resObj, nil
- })
+ return h.frostfs.RangeObject(ctx, prmRange)
+ }, filename)
if err != nil && err != io.EOF {
- req.handleFrostFSErr(err, start)
+ h.logAndSendError(ctx, req, logs.FailedToDetectContentTypeFromPayload, err, zap.Stringer("elapsed", time.Since(start)))
return
}
}
@@ -104,19 +117,77 @@ func idsToResponse(resp *fasthttp.Response, obj *object.Object) {
}
// HeadByAddressOrBucketName handles head requests using simple cid/oid or bucketname/key format.
-func (h *Handler) HeadByAddressOrBucketName(c *fasthttp.RequestCtx) {
- test, _ := c.UserValue("oid").(string)
- var id oid.ID
+func (h *Handler) HeadByAddressOrBucketName(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.HeadByAddressOrBucketName")
+ defer span.End()
- err := id.DecodeString(test)
+ cidParam, _ := req.UserValue("cid").(string)
+ oidParam, _ := req.UserValue("oid").(string)
+
+ ctx = utils.SetReqLog(ctx, h.reqLogger(ctx).With(
+ zap.String("cid", cidParam),
+ zap.String("oid", oidParam),
+ ))
+
+ path, err := url.QueryUnescape(oidParam)
if err != nil {
- h.byBucketname(c, h.headObject)
+ h.logAndSendError(ctx, req, logs.FailedToUnescapePath, err)
+ return
+ }
+
+ bktInfo, err := h.getBucketInfo(ctx, cidParam)
+ if err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToGetBucketInfo, err)
+ return
+ }
+
+ checkS3Err := h.tree.CheckSettingsNodeExists(ctx, bktInfo)
+ if checkS3Err != nil && !errors.Is(checkS3Err, tree.ErrNodeNotFound) {
+ h.logAndSendError(ctx, req, logs.FailedToCheckIfSettingsNodeExist, checkS3Err)
+ return
+ }
+
+ prm := MiddlewareParam{
+ Context: ctx,
+ Request: req,
+ BktInfo: bktInfo,
+ Path: path,
+ }
+
+ indexPageEnabled := h.config.IndexPageEnabled()
+
+ if checkS3Err == nil {
+ run(prm, h.errorMiddleware(logs.ObjectNotFound, tree.ErrNodeNotFound),
+ Middleware{Func: h.byS3PathMiddleware(h.headObject, noopFormer), Enabled: true},
+ Middleware{Func: h.byS3PathMiddleware(h.headObject, indexFormer), Enabled: indexPageEnabled},
+ )
} else {
- h.byAddress(c, h.headObject)
+ slashFallbackEnabled := h.config.EnableFilepathSlashFallback()
+ fileNameFallbackEnabled := h.config.EnableFilepathFallback()
+
+ run(prm, h.errorMiddleware(logs.ObjectNotFound, ErrObjectNotFound),
+ Middleware{Func: h.byAddressMiddleware(h.headObject), Enabled: true},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.headObject, object.AttributeFilePath, noopFormer), Enabled: true},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.headObject, object.AttributeFilePath, reverseLeadingSlash), Enabled: slashFallbackEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.headObject, object.AttributeFileName, noopFormer), Enabled: fileNameFallbackEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.headObject, object.AttributeFileName, reverseLeadingSlash), Enabled: fileNameFallbackEnabled && slashFallbackEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.headObject, object.AttributeFilePath, indexFormer), Enabled: indexPageEnabled},
+ Middleware{Func: h.byAttributeSearchMiddleware(h.headObject, object.AttributeFileName, indexFormer), Enabled: fileNameFallbackEnabled && indexPageEnabled},
+ )
}
}
// HeadByAttribute handles attribute-based head requests.
-func (h *Handler) HeadByAttribute(c *fasthttp.RequestCtx) {
- h.byAttribute(c, h.headObject)
+func (h *Handler) HeadByAttribute(req *fasthttp.RequestCtx) {
+ ctx, span := tracing.StartSpanFromContext(utils.GetContextFromRequest(req), "handler.HeadByAttribute")
+ defer span.End()
+
+ h.byAttribute(ctx, req, h.headObject)
+}
+
+func (h *Handler) errorMiddleware(msg string, err error) MiddlewareFunc {
+ return func(prm MiddlewareParam) bool {
+ h.logAndSendError(prm.Context, prm.Request, msg, err)
+ return false
+ }
}
diff --git a/internal/handler/middleware/util.go b/internal/handler/middleware/util.go
new file mode 100644
index 00000000..284513a1
--- /dev/null
+++ b/internal/handler/middleware/util.go
@@ -0,0 +1,26 @@
+package middleware
+
+import (
+ "context"
+ "fmt"
+)
+
+// keyWrapper is wrapper for context keys.
+type keyWrapper string
+
+const nsKey = keyWrapper("namespace")
+
+// GetNamespace extract namespace from context.
+func GetNamespace(ctx context.Context) (string, error) {
+ ns, ok := ctx.Value(nsKey).(string)
+ if !ok {
+ return "", fmt.Errorf("couldn't get namespace from context")
+ }
+
+ return ns, nil
+}
+
+// SetNamespace sets namespace in the context.
+func SetNamespace(ctx context.Context, ns string) context.Context {
+ return context.WithValue(ctx, nsKey, ns)
+}
diff --git a/internal/handler/multipart.go b/internal/handler/multipart.go
index de9242f2..5b06882e 100644
--- a/internal/handler/multipart.go
+++ b/internal/handler/multipart.go
@@ -1,13 +1,18 @@
package handler
import (
+ "context"
+ "errors"
"io"
+ "strconv"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/handler/multipart"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
"go.uber.org/zap"
)
+const attributeMultipartObjectSize = "S3-Multipart-Object-Size"
+
// MultipartFile provides standard ReadCloser interface and also allows one to
// get file name, it's used for multipart uploads.
type MultipartFile interface {
@@ -29,7 +34,7 @@ func fetchMultipartFile(l *zap.Logger, r io.Reader, boundary string) (MultipartF
name := part.FormName()
if name == "" {
- l.Debug(logs.IgnorePartEmptyFormName)
+ l.Debug(logs.IgnorePartEmptyFormName, logs.TagField(logs.TagDatapath))
continue
}
@@ -37,11 +42,39 @@ func fetchMultipartFile(l *zap.Logger, r io.Reader, boundary string) (MultipartF
// ignore multipart/form-data values
if filename == "" {
- l.Debug(logs.IgnorePartEmptyFilename, zap.String("form", name))
-
+ l.Debug(logs.IgnorePartEmptyFilename, zap.String("form", name), logs.TagField(logs.TagDatapath))
+ if err = part.Close(); err != nil {
+ l.Warn(logs.FailedToCloseReader, zap.Error(err), logs.TagField(logs.TagDatapath))
+ }
continue
}
return part, nil
}
}
+
+// getPayload returns initial payload if object is not multipart else composes new reader with parts data.
+func (h *Handler) getPayload(ctx context.Context, p getMultiobjectBodyParams) (io.ReadCloser, uint64, error) {
+ cid, ok := p.obj.Header.ContainerID()
+ if !ok {
+ return nil, 0, errors.New("no container id set")
+ }
+ oid, ok := p.obj.Header.ID()
+ if !ok {
+ return nil, 0, errors.New("no object id set")
+ }
+ size, err := strconv.ParseUint(p.strSize, 10, 64)
+ if err != nil {
+ return nil, 0, err
+ }
+ params := PrmInitMultiObjectReader{
+ Addr: newAddress(cid, oid),
+ Bearer: bearerToken(ctx),
+ }
+ payload, err := h.frostfs.InitMultiObjectReader(ctx, params)
+ if err != nil {
+ return nil, 0, err
+ }
+
+ return io.NopCloser(payload), size, nil
+}
diff --git a/internal/handler/multipart_test.go b/internal/handler/multipart_test.go
index 2c50a87d..d7f52f46 100644
--- a/internal/handler/multipart_test.go
+++ b/internal/handler/multipart_test.go
@@ -60,12 +60,7 @@ func BenchmarkAll(b *testing.B) {
func defaultMultipart(filename string) error {
r, bound := multipartFile(filename)
- logger, err := zap.NewProduction()
- if err != nil {
- return err
- }
-
- file, err := fetchMultipartFileDefault(logger, r, bound)
+ file, err := fetchMultipartFileDefault(zap.NewNop(), r, bound)
if err != nil {
return err
}
@@ -87,12 +82,7 @@ func TestName(t *testing.T) {
func customMultipart(filename string) error {
r, bound := multipartFile(filename)
- logger, err := zap.NewProduction()
- if err != nil {
- return err
- }
-
- file, err := fetchMultipartFile(logger, r, bound)
+ file, err := fetchMultipartFile(zap.NewNop(), r, bound)
if err != nil {
return err
}
@@ -112,7 +102,7 @@ func fetchMultipartFileDefault(l *zap.Logger, r io.Reader, boundary string) (Mul
name := part.FormName()
if name == "" {
- l.Debug(logs.IgnorePartEmptyFormName)
+ l.Debug(logs.IgnorePartEmptyFormName, logs.TagField(logs.TagDatapath))
continue
}
@@ -120,8 +110,7 @@ func fetchMultipartFileDefault(l *zap.Logger, r io.Reader, boundary string) (Mul
// ignore multipart/form-data values
if filename == "" {
- l.Debug(logs.IgnorePartEmptyFilename, zap.String("form", name))
-
+ l.Debug(logs.IgnorePartEmptyFilename, zap.String("form", name), logs.TagField(logs.TagDatapath))
continue
}
diff --git a/internal/handler/reader.go b/internal/handler/reader.go
index 76801f7e..711bfd26 100644
--- a/internal/handler/reader.go
+++ b/internal/handler/reader.go
@@ -4,17 +4,17 @@ import (
"bytes"
"context"
"io"
+ "mime"
"net/http"
"path"
"strconv"
+ "strings"
"time"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/response"
"git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
"github.com/valyala/fasthttp"
"go.uber.org/zap"
)
@@ -26,7 +26,7 @@ type readCloser struct {
// initializes io.Reader with the limited size and detects Content-Type from it.
// Returns r's error directly. Also returns the processed data.
-func readContentType(maxSize uint64, rInit func(uint64) (io.Reader, error)) (string, []byte, error) {
+func readContentType(maxSize uint64, rInit func(uint64) (io.Reader, error), filename string) (string, []byte, error) {
if maxSize > sizeToDetectType {
maxSize = sizeToDetectType
}
@@ -45,39 +45,53 @@ func readContentType(maxSize uint64, rInit func(uint64) (io.Reader, error)) (str
buf = buf[:n]
- return http.DetectContentType(buf), buf, err // to not lose io.EOF
-}
+ contentType := http.DetectContentType(buf)
-func (h *Handler) receiveFile(ctx context.Context, req request, objectAddress oid.Address) {
- var (
- err error
- dis = "inline"
- start = time.Now()
- filename string
- )
-
- var prm pool.PrmObjectGet
- prm.SetAddress(objectAddress)
- if btoken := bearerToken(ctx); btoken != nil {
- prm.UseBearer(*btoken)
+ // Since the detector detects the "text/plain" content type for various types of text files,
+ // including CSS, JavaScript, and CSV files,
+ // we'll determine the final content type based on the file's extension.
+ if strings.HasPrefix(contentType, "text/plain") {
+ ext := path.Ext(filename)
+ // If the file doesn't have a file extension, we'll keep the content type as is.
+ if len(ext) > 0 {
+ contentType = mime.TypeByExtension(ext)
+ }
}
- rObj, err := h.pool.GetObject(ctx, prm)
+ return contentType, buf, err // to not lose io.EOF
+}
+
+type getMultiobjectBodyParams struct {
+ obj *Object
+ strSize string
+}
+
+func (h *Handler) receiveFile(ctx context.Context, req *fasthttp.RequestCtx, objAddress oid.Address) {
+ var (
+ shouldDownload = req.QueryArgs().GetBool("download")
+ start = time.Now()
+ filename string
+ filepath string
+ contentType string
+ )
+
+ prm := PrmObjectGet{
+ PrmAuth: PrmAuth{
+ BearerToken: bearerToken(ctx),
+ },
+ Address: objAddress,
+ }
+
+ rObj, err := h.frostfs.GetObject(ctx, prm)
if err != nil {
- req.handleFrostFSErr(err, start)
+ h.logAndSendError(ctx, req, logs.FailedToGetObject, err, zap.Stringer("elapsed", time.Since(start)))
return
}
// we can't close reader in this function, so how to do it?
-
- if req.Request.URI().QueryArgs().GetBool("download") {
- dis = "attachment"
- }
-
+ setIDs(req, rObj.Header)
+ payload := rObj.Payload
payloadSize := rObj.Header.PayloadSize()
-
- req.Response.Header.Set(fasthttp.HeaderContentLength, strconv.FormatUint(payloadSize, 10))
- var contentType string
for _, attr := range rObj.Header.Attributes() {
key := attr.Key()
val := attr.Value()
@@ -92,33 +106,44 @@ func (h *Handler) receiveFile(ctx context.Context, req request, objectAddress oi
case object.AttributeFileName:
filename = val
case object.AttributeTimestamp:
- value, err := strconv.ParseInt(val, 10, 64)
- if err != nil {
- req.log.Info(logs.CouldntParseCreationDate,
- zap.String("key", key),
+ if err = setTimestamp(req, val); err != nil {
+ h.reqLogger(ctx).Error(logs.CouldntParseCreationDate,
zap.String("val", val),
- zap.Error(err))
- continue
+ zap.Error(err),
+ logs.TagField(logs.TagDatapath))
}
- req.Response.Header.Set(fasthttp.HeaderLastModified,
- time.Unix(value, 0).UTC().Format(http.TimeFormat))
case object.AttributeContentType:
contentType = val
+ case object.AttributeFilePath:
+ filepath = val
+ case attributeMultipartObjectSize:
+ payload, payloadSize, err = h.getPayload(ctx, getMultiobjectBodyParams{
+ obj: rObj,
+ strSize: val,
+ })
+ if err != nil {
+ h.logAndSendError(ctx, req, logs.FailedToGetObjectPayload, err, zap.Stringer("elapsed", time.Since(start)))
+ return
+ }
}
}
+ if filename == "" {
+ filename = filepath
+ }
- idsToResponse(&req.Response, &rObj.Header)
+ setDisposition(req, shouldDownload, filename)
+
+ req.Response.Header.Set(fasthttp.HeaderContentLength, strconv.FormatUint(payloadSize, 10))
if len(contentType) == 0 {
// determine the Content-Type from the payload head
var payloadHead []byte
contentType, payloadHead, err = readContentType(payloadSize, func(uint64) (io.Reader, error) {
- return rObj.Payload, nil
- })
+ return payload, nil
+ }, filename)
if err != nil && err != io.EOF {
- req.log.Error(logs.CouldNotDetectContentTypeFromPayload, zap.Error(err))
- response.Error(req.RequestCtx, "could not detect Content-Type from payload: "+err.Error(), fasthttp.StatusBadRequest)
+ h.logAndSendError(ctx, req, logs.FailedToDetectContentTypeFromPayload, err, zap.Stringer("elapsed", time.Since(start)))
return
}
@@ -126,16 +151,46 @@ func (h *Handler) receiveFile(ctx context.Context, req request, objectAddress oi
var headReader io.Reader = bytes.NewReader(payloadHead)
if err != io.EOF { // otherwise, we've already read full payload
- headReader = io.MultiReader(headReader, rObj.Payload)
+ headReader = io.MultiReader(headReader, payload)
}
// note: we could do with io.Reader, but SetBodyStream below closes body stream
// if it implements io.Closer and that's useful for us.
- rObj.Payload = readCloser{headReader, rObj.Payload}
+ payload = readCloser{headReader, payload}
}
req.SetContentType(contentType)
-
- req.Response.Header.Set(fasthttp.HeaderContentDisposition, dis+"; filename="+path.Base(filename))
-
- req.Response.SetBodyStream(rObj.Payload, int(payloadSize))
+ req.Response.SetBodyStream(payload, int(payloadSize))
+}
+
+func setIDs(r *fasthttp.RequestCtx, obj object.Object) {
+ objID, _ := obj.ID()
+ cnrID, _ := obj.ContainerID()
+ r.Response.Header.Set(hdrObjectID, objID.String())
+ r.Response.Header.Set(hdrOwnerID, obj.OwnerID().String())
+ r.Response.Header.Set(hdrContainerID, cnrID.String())
+}
+
+func setDisposition(r *fasthttp.RequestCtx, shouldDownload bool, filename string) {
+ const (
+ inlineDisposition = "inline"
+ attachmentDisposition = "attachment"
+ )
+
+ dis := inlineDisposition
+ if shouldDownload {
+ dis = attachmentDisposition
+ }
+
+ r.Response.Header.Set(fasthttp.HeaderContentDisposition, dis+"; filename="+path.Base(filename))
+}
+
+func setTimestamp(r *fasthttp.RequestCtx, timestamp string) error {
+ value, err := strconv.ParseInt(timestamp, 10, 64)
+ if err != nil {
+ return err
+ }
+ r.Response.Header.Set(fasthttp.HeaderLastModified,
+ time.Unix(value, 0).UTC().Format(http.TimeFormat))
+
+ return nil
}
diff --git a/internal/handler/reader_test.go b/internal/handler/reader_test.go
index 73899ca8..f8676779 100644
--- a/internal/handler/reader_test.go
+++ b/internal/handler/reader_test.go
@@ -10,39 +10,80 @@ import (
"github.com/stretchr/testify/require"
)
+const (
+ txtContentType = "text/plain; charset=utf-8"
+ cssContentType = "text/css; charset=utf-8"
+ htmlContentType = "text/html; charset=utf-8"
+ javascriptContentType = "text/javascript; charset=utf-8"
+
+ htmlBody = "Index of {{.Protocol}}://{{$container}}/{{.Prefix}}
+{{ if .HasErrors }}
+
+ Errors occurred while processing the request. Perhaps some objects are missing
+
+{{ end }}
+
+
+
+
+
diff --git a/internal/templates/template.go b/internal/templates/template.go
new file mode 100644
index 00000000..b9885e62
--- /dev/null
+++ b/internal/templates/template.go
@@ -0,0 +1,6 @@
+package templates
+
+import _ "embed"
+
+//go:embed index.gotmpl
+var DefaultIndexTemplate string
diff --git a/metrics/desc.go b/metrics/desc.go
index e10050c3..a00ab3e8 100644
--- a/metrics/desc.go
+++ b/metrics/desc.go
@@ -76,6 +76,15 @@ var appMetricsDesc = map[string]map[string]Description{
VariableLabels: []string{"endpoint"},
},
},
+ statisticSubsystem: {
+ droppedLogs: Description{
+ Type: dto.MetricType_COUNTER,
+ Namespace: namespace,
+ Subsystem: statisticSubsystem,
+ Name: droppedLogs,
+ Help: "Dropped logs (by sampling) count",
+ },
+ },
}
type Description struct {
@@ -148,3 +157,12 @@ func mustNewGaugeVec(description Description) *prometheus.GaugeVec {
description.VariableLabels,
)
}
+
+func mustNewCounter(description Description) prometheus.Counter {
+ if description.Type != dto.MetricType_COUNTER {
+ panic("invalid metric type")
+ }
+ return prometheus.NewCounter(
+ prometheus.CounterOpts(newOpts(description)),
+ )
+}
diff --git a/metrics/metrics.go b/metrics/metrics.go
index bfb66eec..1c06868a 100644
--- a/metrics/metrics.go
+++ b/metrics/metrics.go
@@ -10,15 +10,17 @@ import (
)
const (
- namespace = "frostfs_http_gw"
- stateSubsystem = "state"
- poolSubsystem = "pool"
- serverSubsystem = "server"
+ namespace = "frostfs_http_gw"
+ stateSubsystem = "state"
+ poolSubsystem = "pool"
+ serverSubsystem = "server"
+ statisticSubsystem = "statistic"
)
const (
healthMetric = "health"
versionInfoMetric = "version_info"
+ droppedLogs = "dropped_logs"
)
const (
@@ -30,21 +32,19 @@ const (
)
const (
- methodGetBalance = "get_balance"
- methodPutContainer = "put_container"
- methodGetContainer = "get_container"
- methodListContainer = "list_container"
- methodDeleteContainer = "delete_container"
- methodGetContainerEacl = "get_container_eacl"
- methodSetContainerEacl = "set_container_eacl"
- methodEndpointInfo = "endpoint_info"
- methodNetworkInfo = "network_info"
- methodPutObject = "put_object"
- methodDeleteObject = "delete_object"
- methodGetObject = "get_object"
- methodHeadObject = "head_object"
- methodRangeObject = "range_object"
- methodCreateSession = "create_session"
+ methodGetBalance = "get_balance"
+ methodPutContainer = "put_container"
+ methodGetContainer = "get_container"
+ methodListContainer = "list_container"
+ methodDeleteContainer = "delete_container"
+ methodEndpointInfo = "endpoint_info"
+ methodNetworkInfo = "network_info"
+ methodPutObject = "put_object"
+ methodDeleteObject = "delete_object"
+ methodGetObject = "get_object"
+ methodHeadObject = "head_object"
+ methodRangeObject = "range_object"
+ methodCreateSession = "create_session"
)
// HealthStatus of the gate application.
@@ -69,6 +69,7 @@ type GateMetrics struct {
stateMetrics
poolMetricsCollector
serverMetrics
+ statisticMetrics
}
type stateMetrics struct {
@@ -76,6 +77,10 @@ type stateMetrics struct {
versionInfo *prometheus.GaugeVec
}
+type statisticMetrics struct {
+ droppedLogs prometheus.Counter
+}
+
type poolMetricsCollector struct {
scraper StatisticScraper
overallErrors prometheus.Gauge
@@ -96,10 +101,14 @@ func NewGateMetrics(p StatisticScraper) *GateMetrics {
serverMetric := newServerMetrics()
serverMetric.register()
+ statsMetric := newStatisticMetrics()
+ statsMetric.register()
+
return &GateMetrics{
stateMetrics: *stateMetric,
poolMetricsCollector: *poolMetric,
serverMetrics: *serverMetric,
+ statisticMetrics: *statsMetric,
}
}
@@ -107,6 +116,7 @@ func (g *GateMetrics) Unregister() {
g.stateMetrics.unregister()
prometheus.Unregister(&g.poolMetricsCollector)
g.serverMetrics.unregister()
+ g.statisticMetrics.unregister()
}
func newStateMetrics() *stateMetrics {
@@ -116,6 +126,20 @@ func newStateMetrics() *stateMetrics {
}
}
+func newStatisticMetrics() *statisticMetrics {
+ return &statisticMetrics{
+ droppedLogs: mustNewCounter(appMetricsDesc[statisticSubsystem][droppedLogs]),
+ }
+}
+
+func (s *statisticMetrics) register() {
+ prometheus.MustRegister(s.droppedLogs)
+}
+
+func (s *statisticMetrics) unregister() {
+ prometheus.Unregister(s.droppedLogs)
+}
+
func (m stateMetrics) register() {
prometheus.MustRegister(m.healthCheck)
prometheus.MustRegister(m.versionInfo)
@@ -134,6 +158,13 @@ func (m stateMetrics) SetVersion(ver string) {
m.versionInfo.WithLabelValues(ver).Set(1)
}
+func (s *statisticMetrics) DroppedLogsInc() {
+ if s == nil {
+ return
+ }
+ s.droppedLogs.Inc()
+}
+
func newPoolMetricsCollector(p StatisticScraper) *poolMetricsCollector {
return &poolMetricsCollector{
scraper: p,
@@ -191,8 +222,6 @@ func (m *poolMetricsCollector) updateRequestsDuration(node pool.NodeStatistic) {
m.requestDuration.WithLabelValues(node.Address(), methodGetContainer).Set(float64(node.AverageGetContainer().Milliseconds()))
m.requestDuration.WithLabelValues(node.Address(), methodListContainer).Set(float64(node.AverageListContainer().Milliseconds()))
m.requestDuration.WithLabelValues(node.Address(), methodDeleteContainer).Set(float64(node.AverageDeleteContainer().Milliseconds()))
- m.requestDuration.WithLabelValues(node.Address(), methodGetContainerEacl).Set(float64(node.AverageGetContainerEACL().Milliseconds()))
- m.requestDuration.WithLabelValues(node.Address(), methodSetContainerEacl).Set(float64(node.AverageSetContainerEACL().Milliseconds()))
m.requestDuration.WithLabelValues(node.Address(), methodEndpointInfo).Set(float64(node.AverageEndpointInfo().Milliseconds()))
m.requestDuration.WithLabelValues(node.Address(), methodNetworkInfo).Set(float64(node.AverageNetworkInfo().Milliseconds()))
m.requestDuration.WithLabelValues(node.Address(), methodPutObject).Set(float64(node.AveragePutObject().Milliseconds()))
diff --git a/metrics/service.go b/metrics/service.go
index c025f066..e6b803b4 100644
--- a/metrics/service.go
+++ b/metrics/service.go
@@ -25,21 +25,24 @@ type Config struct {
// Start runs http service with the exposed endpoint on the configured port.
func (ms *Service) Start() {
if ms.enabled {
- ms.log.Info(logs.ServiceIsRunning, zap.String("endpoint", ms.Addr))
+ ms.log.Info(logs.ServiceIsRunning, zap.String("endpoint", ms.Addr), logs.TagField(logs.TagApp))
err := ms.ListenAndServe()
if err != nil && err != http.ErrServerClosed {
- ms.log.Warn(logs.ServiceCouldntStartOnConfiguredPort)
+ ms.log.Warn(logs.ServiceCouldntStartOnConfiguredPort, logs.TagField(logs.TagApp))
}
} else {
- ms.log.Info(logs.ServiceHasntStartedSinceItsDisabled)
+ ms.log.Info(logs.ServiceHasntStartedSinceItsDisabled, logs.TagField(logs.TagApp))
}
}
// ShutDown stops the service.
func (ms *Service) ShutDown(ctx context.Context) {
- ms.log.Info(logs.ShuttingDownService, zap.String("endpoint", ms.Addr))
+ ms.log.Info(logs.ShuttingDownService, zap.String("endpoint", ms.Addr), logs.TagField(logs.TagApp))
err := ms.Shutdown(ctx)
if err != nil {
- ms.log.Panic(logs.CantShutDownService)
+ ms.log.Error(logs.CantGracefullyShutDownService, zap.Error(err), logs.TagField(logs.TagApp))
+ if err = ms.Close(); err != nil {
+ ms.log.Panic(logs.CantShutDownService, zap.Error(err), logs.TagField(logs.TagApp))
+ }
}
}
diff --git a/resolver/frostfs.go b/resolver/frostfs.go
deleted file mode 100644
index aa7a7517..00000000
--- a/resolver/frostfs.go
+++ /dev/null
@@ -1,35 +0,0 @@
-package resolver
-
-import (
- "context"
- "errors"
- "fmt"
-
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
-)
-
-// FrostFSResolver represents virtual connection to the FrostFS network.
-// It implements resolver.FrostFS.
-type FrostFSResolver struct {
- pool *pool.Pool
-}
-
-// NewFrostFSResolver creates new FrostFSResolver using provided pool.Pool.
-func NewFrostFSResolver(p *pool.Pool) *FrostFSResolver {
- return &FrostFSResolver{pool: p}
-}
-
-// SystemDNS implements resolver.FrostFS interface method.
-func (x *FrostFSResolver) SystemDNS(ctx context.Context) (string, error) {
- networkInfo, err := x.pool.NetworkInfo(ctx)
- if err != nil {
- return "", fmt.Errorf("read network info via client: %w", err)
- }
-
- domain := networkInfo.RawNetworkParameter("SystemDNS")
- if domain == nil {
- return "", errors.New("system DNS parameter not found or empty")
- }
-
- return string(domain), nil
-}
diff --git a/resolver/resolver.go b/resolver/resolver.go
index e6707e23..6d7c5d59 100644
--- a/resolver/resolver.go
+++ b/resolver/resolver.go
@@ -6,6 +6,7 @@ import (
"fmt"
"sync"
+ v2container "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/container"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/ns"
@@ -40,15 +41,15 @@ type ContainerResolver struct {
type Resolver struct {
Name string
- resolve func(context.Context, string) (*cid.ID, error)
+ resolve func(context.Context, string, string) (*cid.ID, error)
}
-func (r *Resolver) SetResolveFunc(fn func(context.Context, string) (*cid.ID, error)) {
+func (r *Resolver) SetResolveFunc(fn func(context.Context, string, string) (*cid.ID, error)) {
r.resolve = fn
}
-func (r *Resolver) Resolve(ctx context.Context, name string) (*cid.ID, error) {
- return r.resolve(ctx, name)
+func (r *Resolver) Resolve(ctx context.Context, zone, name string) (*cid.ID, error) {
+ return r.resolve(ctx, zone, name)
}
func NewContainerResolver(resolverNames []string, cfg *Config) (*ContainerResolver, error) {
@@ -75,13 +76,13 @@ func createResolvers(resolverNames []string, cfg *Config) ([]*Resolver, error) {
return resolvers, nil
}
-func (r *ContainerResolver) Resolve(ctx context.Context, cnrName string) (*cid.ID, error) {
+func (r *ContainerResolver) Resolve(ctx context.Context, cnrZone, cnrName string) (*cid.ID, error) {
r.mu.RLock()
defer r.mu.RUnlock()
var err error
for _, resolver := range r.resolvers {
- cnrID, resolverErr := resolver.Resolve(ctx, cnrName)
+ cnrID, resolverErr := resolver.Resolve(ctx, cnrZone, cnrName)
if resolverErr != nil {
resolverErr = fmt.Errorf("%s: %w", resolver.Name, resolverErr)
if err == nil {
@@ -150,14 +151,19 @@ func NewDNSResolver(frostFS FrostFS) (*Resolver, error) {
var dns ns.DNS
- resolveFunc := func(ctx context.Context, name string) (*cid.ID, error) {
- domain, err := frostFS.SystemDNS(ctx)
- if err != nil {
- return nil, fmt.Errorf("read system DNS parameter of the FrostFS: %w", err)
+ resolveFunc := func(ctx context.Context, zone, name string) (*cid.ID, error) {
+ var err error
+
+ if zone == v2container.SysAttributeZoneDefault {
+ zone, err = frostFS.SystemDNS(ctx)
+ if err != nil {
+ return nil, fmt.Errorf("read system DNS parameter of the FrostFS: %w", err)
+ }
}
- domain = name + "." + domain
+ domain := name + "." + zone
cnrID, err := dns.ResolveContainerName(domain)
+
if err != nil {
return nil, fmt.Errorf("couldn't resolve container '%s' as '%s': %w", name, domain, err)
}
@@ -171,15 +177,20 @@ func NewDNSResolver(frostFS FrostFS) (*Resolver, error) {
}
func NewNNSResolver(rpcAddress string) (*Resolver, error) {
+ if rpcAddress == "" {
+ return nil, fmt.Errorf("rpc address must not be empty for NNS resolver")
+ }
+
var nns ns.NNS
if err := nns.Dial(rpcAddress); err != nil {
return nil, fmt.Errorf("could not dial nns: %w", err)
}
- resolveFunc := func(_ context.Context, name string) (*cid.ID, error) {
+ resolveFunc := func(_ context.Context, zone, name string) (*cid.ID, error) {
var d container.Domain
d.SetName(name)
+ d.SetZone(zone)
cnrID, err := nns.ResolveContainerDomain(d)
if err != nil {
diff --git a/response/utils.go b/response/utils.go
deleted file mode 100644
index f233943b..00000000
--- a/response/utils.go
+++ /dev/null
@@ -1,41 +0,0 @@
-package response
-
-import (
- "errors"
- "fmt"
-
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client"
- sdkstatus "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/client/status"
- "github.com/valyala/fasthttp"
- "go.uber.org/zap"
-)
-
-func Error(r *fasthttp.RequestCtx, msg string, code int) {
- r.Error(msg+"\n", code)
-}
-
-func FormErrorResponse(message string, err error) (int, string, []zap.Field) {
- var (
- msg string
- statusCode int
- logFields []zap.Field
- )
-
- st := new(sdkstatus.ObjectAccessDenied)
-
- switch {
- case errors.As(err, &st):
- statusCode = fasthttp.StatusForbidden
- reason := st.Reason()
- msg = fmt.Sprintf("%s: %v: %s", message, err, reason)
- logFields = append(logFields, zap.String("error_detail", reason))
- case client.IsErrObjectNotFound(err) || client.IsErrContainerNotFound(err):
- statusCode = fasthttp.StatusNotFound
- msg = "Not Found"
- default:
- statusCode = fasthttp.StatusBadRequest
- msg = fmt.Sprintf("%s: %v", message, err)
- }
-
- return statusCode, msg, logFields
-}
diff --git a/tokens/bearer-token.go b/tokens/bearer-token.go
index b01860d2..24ffcbe7 100644
--- a/tokens/bearer-token.go
+++ b/tokens/bearer-token.go
@@ -52,8 +52,8 @@ func BearerTokenFromCookie(h *fasthttp.RequestHeader) []byte {
// StoreBearerTokenAppCtx extracts a bearer token from the header or cookie and stores
// it in the application context.
-func StoreBearerTokenAppCtx(ctx context.Context, req *fasthttp.RequestCtx) (context.Context, error) {
- tkn, err := fetchBearerToken(req)
+func StoreBearerTokenAppCtx(ctx context.Context, c *fasthttp.RequestCtx) (context.Context, error) {
+ tkn, err := fetchBearerToken(c)
if err != nil {
return nil, err
}
@@ -82,14 +82,22 @@ func fetchBearerToken(ctx *fasthttp.RequestCtx) (*bearer.Token, error) {
tkn = new(bearer.Token)
)
for _, parse := range []fromHandler{BearerTokenFromHeader, BearerTokenFromCookie} {
- if buf = parse(&ctx.Request.Header); buf == nil {
+ buf = parse(&ctx.Request.Header)
+ if buf == nil {
continue
- } else if data, err := base64.StdEncoding.DecodeString(string(buf)); err != nil {
+ }
+
+ data, err := base64.StdEncoding.DecodeString(string(buf))
+ if err != nil {
lastErr = fmt.Errorf("can't base64-decode bearer token: %w", err)
continue
- } else if err = tkn.Unmarshal(data); err != nil {
- lastErr = fmt.Errorf("can't unmarshal bearer token: %w", err)
- continue
+ }
+
+ if err = tkn.Unmarshal(data); err != nil {
+ if err = tkn.UnmarshalJSON(data); err != nil {
+ lastErr = fmt.Errorf("can't unmarshal bearer token: %w", err)
+ continue
+ }
}
return tkn, nil
diff --git a/tokens/bearer-token_test.go b/tokens/bearer-token_test.go
index cc54e74c..60e9ea2e 100644
--- a/tokens/bearer-token_test.go
+++ b/tokens/bearer-token_test.go
@@ -23,19 +23,29 @@ func makeTestCookie(value []byte) *fasthttp.RequestHeader {
func makeTestHeader(value []byte) *fasthttp.RequestHeader {
header := new(fasthttp.RequestHeader)
if value != nil {
- header.Set(fasthttp.HeaderAuthorization, bearerTokenHdr+" "+string(value))
+ header.Set(fasthttp.HeaderAuthorization, string(value))
}
return header
}
-func Test_fromCookie(t *testing.T) {
+func makeBearer(value string) string {
+ return bearerTokenHdr + " " + value
+}
+
+func TestBearerTokenFromCookie(t *testing.T) {
cases := []struct {
name string
actual []byte
expect []byte
}{
- {name: "empty"},
- {name: "normal", actual: []byte("TOKEN"), expect: []byte("TOKEN")},
+ {
+ name: "empty",
+ },
+ {
+ name: "normal",
+ actual: []byte("TOKEN"),
+ expect: []byte("TOKEN"),
+ },
}
for _, tt := range cases {
@@ -45,14 +55,31 @@ func Test_fromCookie(t *testing.T) {
}
}
-func Test_fromHeader(t *testing.T) {
+func TestBearerTokenFromHeader(t *testing.T) {
+ validToken := "token"
+ tokenWithoutPrefix := "invalid-token"
+
cases := []struct {
name string
actual []byte
expect []byte
}{
- {name: "empty"},
- {name: "normal", actual: []byte("TOKEN"), expect: []byte("TOKEN")},
+ {
+ name: "empty",
+ },
+ {
+ name: "token without the bearer prefix",
+ actual: []byte(tokenWithoutPrefix),
+ },
+ {
+ name: "token without payload",
+ actual: []byte(makeBearer("")),
+ },
+ {
+ name: "normal",
+ actual: []byte(makeBearer(validToken)),
+ expect: []byte(validToken),
+ },
}
for _, tt := range cases {
@@ -62,7 +89,7 @@ func Test_fromHeader(t *testing.T) {
}
}
-func Test_fetchBearerToken(t *testing.T) {
+func TestFetchBearerToken(t *testing.T) {
key, err := keys.NewPrivateKey()
require.NoError(t, err)
var uid user.ID
@@ -71,47 +98,109 @@ func Test_fetchBearerToken(t *testing.T) {
tkn := new(bearer.Token)
tkn.ForUser(uid)
- t64 := base64.StdEncoding.EncodeToString(tkn.Marshal())
- require.NotEmpty(t, t64)
+ jsonToken, err := tkn.MarshalJSON()
+ require.NoError(t, err)
+
+ jsonTokenBase64 := base64.StdEncoding.EncodeToString(jsonToken)
+ binaryTokenBase64 := base64.StdEncoding.EncodeToString(tkn.Marshal())
+
+ require.NotEmpty(t, jsonTokenBase64)
+ require.NotEmpty(t, binaryTokenBase64)
cases := []struct {
- name string
-
+ name string
cookie string
header string
-
error string
+ nilCtx bool
expect *bearer.Token
}{
- {name: "empty"},
-
- {name: "bad base64 header", header: "WRONG BASE64", error: "can't base64-decode bearer token"},
- {name: "bad base64 cookie", cookie: "WRONG BASE64", error: "can't base64-decode bearer token"},
-
- {name: "header token unmarshal error", header: "dGVzdAo=", error: "can't unmarshal bearer token"},
- {name: "cookie token unmarshal error", cookie: "dGVzdAo=", error: "can't unmarshal bearer token"},
-
+ {
+ name: "empty",
+ },
+ {
+ name: "nil context",
+ nilCtx: true,
+ },
+ {
+ name: "bad base64 header",
+ header: "WRONG BASE64",
+ error: "can't base64-decode bearer token",
+ },
+ {
+ name: "bad base64 cookie",
+ cookie: "WRONG BASE64",
+ error: "can't base64-decode bearer token",
+ },
+ {
+ name: "header token unmarshal error",
+ header: "dGVzdAo=",
+ error: "can't unmarshal bearer token",
+ },
+ {
+ name: "cookie token unmarshal error",
+ cookie: "dGVzdAo=",
+ error: "can't unmarshal bearer token",
+ },
{
name: "bad header and cookie",
header: "WRONG BASE64",
cookie: "dGVzdAo=",
error: "can't unmarshal bearer token",
},
-
{
- name: "bad header, but good cookie",
+ name: "bad header, but good cookie with binary token",
header: "dGVzdAo=",
- cookie: t64,
+ cookie: binaryTokenBase64,
+ expect: tkn,
+ },
+ {
+ name: "bad cookie, but good header with binary token",
+ header: binaryTokenBase64,
+ cookie: "dGVzdAo=",
+ expect: tkn,
+ },
+ {
+ name: "bad header, but good cookie with json token",
+ header: "dGVzdAo=",
+ cookie: jsonTokenBase64,
+ expect: tkn,
+ },
+ {
+ name: "bad cookie, but good header with json token",
+ header: jsonTokenBase64,
+ cookie: "dGVzdAo=",
+ expect: tkn,
+ },
+ {
+ name: "ok for header with binary token",
+ header: binaryTokenBase64,
+ expect: tkn,
+ },
+ {
+ name: "ok for cookie with binary token",
+ cookie: binaryTokenBase64,
+ expect: tkn,
+ },
+ {
+ name: "ok for header with json token",
+ header: jsonTokenBase64,
+ expect: tkn,
+ },
+ {
+ name: "ok for cookie with json token",
+ cookie: jsonTokenBase64,
expect: tkn,
},
-
- {name: "ok for header", header: t64, expect: tkn},
- {name: "ok for cookie", cookie: t64, expect: tkn},
}
for _, tt := range cases {
t.Run(tt.name, func(t *testing.T) {
- ctx := makeTestRequest(tt.cookie, tt.header)
+ var ctx *fasthttp.RequestCtx
+ if !tt.nilCtx {
+ ctx = makeTestRequest(tt.cookie, tt.header)
+ }
+
actual, err := fetchBearerToken(ctx)
if tt.error == "" {
@@ -139,7 +228,7 @@ func makeTestRequest(cookie, header string) *fasthttp.RequestCtx {
return ctx
}
-func Test_checkAndPropagateBearerToken(t *testing.T) {
+func TestCheckAndPropagateBearerToken(t *testing.T) {
key, err := keys.NewPrivateKey()
require.NoError(t, err)
var uid user.ID
@@ -162,3 +251,85 @@ func Test_checkAndPropagateBearerToken(t *testing.T) {
require.NoError(t, err)
require.Equal(t, tkn, actual)
}
+
+func TestLoadBearerToken(t *testing.T) {
+ ctx := context.Background()
+ token := new(bearer.Token)
+
+ cases := []struct {
+ name string
+ appCtx context.Context
+ error string
+ }{
+ {
+ name: "token is missing in the context",
+ appCtx: ctx,
+ error: "found empty bearer token",
+ },
+ {
+ name: "normal",
+ appCtx: context.WithValue(ctx, bearerTokenKey, token),
+ },
+ }
+
+ for _, tt := range cases {
+ t.Run(tt.name, func(t *testing.T) {
+ tkn, err := LoadBearerToken(tt.appCtx)
+
+ if tt.error == "" {
+ require.NoError(t, err)
+ require.Equal(t, token, tkn)
+
+ return
+ }
+
+ require.Contains(t, err.Error(), tt.error)
+ })
+ }
+}
+
+func TestStoreBearerTokenAppCtx(t *testing.T) {
+ key, err := keys.NewPrivateKey()
+ require.NoError(t, err)
+ var uid user.ID
+ user.IDFromKey(&uid, key.PrivateKey.PublicKey)
+
+ tkn := new(bearer.Token)
+ tkn.ForUser(uid)
+
+ t64 := base64.StdEncoding.EncodeToString(tkn.Marshal())
+ require.NotEmpty(t, t64)
+
+ cases := []struct {
+ name string
+ req *fasthttp.RequestCtx
+ error string
+ }{
+ {
+ name: "invalid token",
+ req: makeTestRequest("dGVzdAo=", ""),
+ error: "can't unmarshal bearer token",
+ },
+ {
+ name: "normal",
+ req: makeTestRequest(t64, ""),
+ },
+ }
+
+ for _, tt := range cases {
+ t.Run(tt.name, func(t *testing.T) {
+ ctx, err := StoreBearerTokenAppCtx(context.Background(), tt.req)
+
+ if tt.error == "" {
+ require.NoError(t, err)
+ actualToken, ok := ctx.Value(bearerTokenKey).(*bearer.Token)
+ require.True(t, ok)
+ require.Equal(t, tkn, actualToken)
+
+ return
+ }
+
+ require.Contains(t, err.Error(), tt.error)
+ })
+ }
+}
diff --git a/tree/tree.go b/tree/tree.go
index 3a673b30..d99e24bf 100644
--- a/tree/tree.go
+++ b/tree/tree.go
@@ -2,24 +2,30 @@ package tree
import (
"context"
+ "errors"
"fmt"
"strings"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/api"
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/api/layer"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/data"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/internal/logs"
+ "git.frostfs.info/TrueCloudLab/frostfs-http-gw/utils"
+ "git.frostfs.info/TrueCloudLab/frostfs-observability/tracing"
cid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/container/id"
oid "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object/id"
+ "go.uber.org/zap"
)
type (
Tree struct {
service ServiceClient
+ log *zap.Logger
}
// ServiceClient is a client to interact with tree service.
// Each method must return ErrNodeNotFound or ErrNodeAccessDenied if relevant.
ServiceClient interface {
GetNodes(ctx context.Context, p *GetNodesParams) ([]NodeResponse, error)
+ GetSubTree(ctx context.Context, bktInfo *data.BucketInfo, treeID string, rootID []uint64, depth uint32, sort bool) ([]NodeResponse, error)
}
treeNode struct {
@@ -27,8 +33,14 @@ type (
Meta map[string]string
}
+ multiSystemNode struct {
+ // the first element is latest
+ nodes []*treeNode
+ }
+
GetNodesParams struct {
CnrID cid.ID
+ BktInfo *data.BucketInfo
TreeID string
Path []string
Meta []string
@@ -39,31 +51,33 @@ type (
var (
// ErrNodeNotFound is returned from ServiceClient in case of not found error.
- ErrNodeNotFound = layer.ErrNodeNotFound
+ ErrNodeNotFound = errors.New("not found")
// ErrNodeAccessDenied is returned from ServiceClient service in case of access denied error.
- ErrNodeAccessDenied = layer.ErrNodeAccessDenied
+ ErrNodeAccessDenied = errors.New("access denied")
)
const (
- FileNameKey = "FileName"
-)
+ FileNameKey = "FileName"
+ settingsFileName = "bucket-settings"
-const (
- oidKV = "OID"
+ oidKV = "OID"
+ uploadIDKV = "UploadId"
+ sizeKV = "Size"
// keys for delete marker nodes.
isDeleteMarkerKV = "IsDeleteMarker"
// versionTree -- ID of a tree with object versions.
versionTree = "version"
+ systemTree = "system"
separator = "/"
)
// NewTree creates instance of Tree using provided address and create grpc connection.
-func NewTree(service ServiceClient) *Tree {
- return &Tree{service: service}
+func NewTree(service ServiceClient, log *zap.Logger) *Tree {
+ return &Tree{service: service, log: log}
}
type Meta interface {
@@ -73,25 +87,28 @@ type Meta interface {
type NodeResponse interface {
GetMeta() []Meta
+ GetTimestamp() []uint64
+ GetNodeID() []uint64
+ GetParentID() []uint64
}
func newTreeNode(nodeInfo NodeResponse) (*treeNode, error) {
- treeNode := &treeNode{
+ tNode := &treeNode{
Meta: make(map[string]string, len(nodeInfo.GetMeta())),
}
for _, kv := range nodeInfo.GetMeta() {
switch kv.GetKey() {
case oidKV:
- if err := treeNode.ObjID.DecodeString(string(kv.GetValue())); err != nil {
+ if err := tNode.ObjID.DecodeString(string(kv.GetValue())); err != nil {
return nil, err
}
default:
- treeNode.Meta[kv.GetKey()] = string(kv.GetValue())
+ tNode.Meta[kv.GetKey()] = string(kv.GetValue())
}
}
- return treeNode, nil
+ return tNode, nil
}
func (n *treeNode) Get(key string) (string, bool) {
@@ -104,30 +121,100 @@ func (n *treeNode) FileName() (string, bool) {
return value, ok
}
-func newNodeVersion(node NodeResponse) (*api.NodeVersion, error) {
- treeNode, err := newTreeNode(node)
+func newNodeVersion(node NodeResponse) (*data.NodeVersion, error) {
+ tNode, err := newTreeNode(node)
if err != nil {
return nil, fmt.Errorf("invalid tree node: %w", err)
}
- return newNodeVersionFromTreeNode(treeNode), nil
+ return newNodeVersionFromTreeNode(tNode), nil
}
-func newNodeVersionFromTreeNode(treeNode *treeNode) *api.NodeVersion {
+func newNodeVersionFromTreeNode(treeNode *treeNode) *data.NodeVersion {
_, isDeleteMarker := treeNode.Get(isDeleteMarkerKV)
-
- version := &api.NodeVersion{
- BaseNodeVersion: api.BaseNodeVersion{
- OID: treeNode.ObjID,
+ version := &data.NodeVersion{
+ BaseNodeVersion: data.BaseNodeVersion{
+ OID: treeNode.ObjID,
+ IsDeleteMarker: isDeleteMarker,
},
- DeleteMarker: isDeleteMarker,
}
return version
}
-func (c *Tree) GetLatestVersion(ctx context.Context, cnrID *cid.ID, objectName string) (*api.NodeVersion, error) {
- meta := []string{oidKV, isDeleteMarkerKV}
+func newNodeInfo(node NodeResponse) data.NodeInfo {
+ nodeMeta := node.GetMeta()
+ nodeInfo := data.NodeInfo{
+ Meta: make([]data.NodeMeta, 0, len(nodeMeta)),
+ }
+ for _, meta := range nodeMeta {
+ nodeInfo.Meta = append(nodeInfo.Meta, meta)
+ }
+
+ return nodeInfo
+}
+
+func newMultiNode(nodes []NodeResponse) (*multiSystemNode, error) {
+ var (
+ err error
+ index int
+ maxTimestamp uint64
+ )
+
+ if len(nodes) == 0 {
+ return nil, errors.New("multi node must have at least one node")
+ }
+
+ treeNodes := make([]*treeNode, len(nodes))
+
+ for i, node := range nodes {
+ if treeNodes[i], err = newTreeNode(node); err != nil {
+ return nil, fmt.Errorf("parse system node response: %w", err)
+ }
+
+ if timestamp := getMaxTimestamp(node); timestamp > maxTimestamp {
+ index = i
+ maxTimestamp = timestamp
+ }
+ }
+
+ treeNodes[0], treeNodes[index] = treeNodes[index], treeNodes[0]
+
+ return &multiSystemNode{
+ nodes: treeNodes,
+ }, nil
+}
+
+func (m *multiSystemNode) Latest() *treeNode {
+ return m.nodes[0]
+}
+
+func (m *multiSystemNode) Old() []*treeNode {
+ return m.nodes[1:]
+}
+
+func (c *Tree) GetLatestVersion(ctx context.Context, cnrID *cid.ID, objectName string) (*data.NodeVersion, error) {
+ ctx, span := tracing.StartSpanFromContext(ctx, "tree.GetLatestVersion")
+ defer span.End()
+
+ nodes, err := c.GetVersions(ctx, cnrID, objectName)
+ if err != nil {
+ return nil, err
+ }
+
+ latestNode, err := getLatestVersionNode(nodes)
+ if err != nil {
+ return nil, err
+ }
+
+ return newNodeVersion(latestNode)
+}
+
+func (c *Tree) GetVersions(ctx context.Context, cnrID *cid.ID, objectName string) ([]NodeResponse, error) {
+ ctx, span := tracing.StartSpanFromContext(ctx, "tree.GetVersions")
+ defer span.End()
+
+ meta := []string{oidKV, isDeleteMarkerKV, sizeKV}
path := pathFromName(objectName)
p := &GetNodesParams{
@@ -135,22 +222,244 @@ func (c *Tree) GetLatestVersion(ctx context.Context, cnrID *cid.ID, objectName s
TreeID: versionTree,
Path: path,
Meta: meta,
- LatestOnly: true,
+ LatestOnly: false,
AllAttrs: false,
}
+
+ return c.service.GetNodes(ctx, p)
+}
+
+func (c *Tree) CheckSettingsNodeExists(ctx context.Context, bktInfo *data.BucketInfo) error {
+ ctx, span := tracing.StartSpanFromContext(ctx, "tree.CheckSettingsNodeExists")
+ defer span.End()
+
+ _, err := c.getSystemNode(ctx, bktInfo, settingsFileName)
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (c *Tree) getSystemNode(ctx context.Context, bktInfo *data.BucketInfo, name string) (*multiSystemNode, error) {
+ p := &GetNodesParams{
+ CnrID: bktInfo.CID,
+ BktInfo: bktInfo,
+ TreeID: systemTree,
+ Path: []string{name},
+ LatestOnly: false,
+ AllAttrs: true,
+ }
nodes, err := c.service.GetNodes(ctx, p)
if err != nil {
return nil, err
}
+ nodes = filterMultipartNodes(nodes)
+
if len(nodes) == 0 {
- return nil, layer.ErrNodeNotFound
+ return nil, ErrNodeNotFound
+ }
+ if len(nodes) != 1 {
+ c.reqLogger(ctx).Warn(logs.FoundSeveralSystemTreeNodes, zap.String("name", name), logs.TagField(logs.TagExternalStorageTree))
}
- return newNodeVersion(nodes[0])
+ return newMultiNode(nodes)
+}
+
+func filterMultipartNodes(nodes []NodeResponse) []NodeResponse {
+ res := make([]NodeResponse, 0, len(nodes))
+
+LOOP:
+ for _, node := range nodes {
+ for _, meta := range node.GetMeta() {
+ if meta.GetKey() == uploadIDKV {
+ continue LOOP
+ }
+ }
+
+ res = append(res, node)
+ }
+
+ return res
+}
+
+func getLatestVersionNode(nodes []NodeResponse) (NodeResponse, error) {
+ var (
+ maxCreationTime uint64
+ targetIndexNode = -1
+ )
+
+ for i, node := range nodes {
+ if !checkExistOID(node.GetMeta()) {
+ continue
+ }
+
+ if currentCreationTime := getMaxTimestamp(node); currentCreationTime > maxCreationTime {
+ targetIndexNode = i
+ maxCreationTime = currentCreationTime
+ }
+ }
+
+ if targetIndexNode == -1 {
+ return nil, fmt.Errorf("latest version: %w", ErrNodeNotFound)
+ }
+
+ return nodes[targetIndexNode], nil
+}
+
+func checkExistOID(meta []Meta) bool {
+ for _, kv := range meta {
+ if kv.GetKey() == "OID" {
+ return true
+ }
+ }
+
+ return false
}
// pathFromName splits name by '/'.
func pathFromName(objectName string) []string {
return strings.Split(objectName, separator)
}
+
+func (c *Tree) GetSubTreeByPrefix(ctx context.Context, bktInfo *data.BucketInfo, prefix string, latestOnly bool) ([]data.NodeInfo, error) {
+ ctx, span := tracing.StartSpanFromContext(ctx, "tree.GetSubTreeByPrefix")
+ defer span.End()
+
+ rootID, err := c.getPrefixNodeID(ctx, bktInfo, versionTree, strings.Split(prefix, separator))
+ if err != nil {
+ if errors.Is(err, ErrNodeNotFound) {
+ return nil, nil
+ }
+ return nil, err
+ }
+ subTree, err := c.service.GetSubTree(ctx, bktInfo, versionTree, rootID, 2, false)
+ if err != nil {
+ if errors.Is(err, ErrNodeNotFound) {
+ return nil, nil
+ }
+ return nil, err
+ }
+
+ nodesMap := make(map[string][]NodeResponse, len(subTree))
+ for _, node := range subTree {
+ if MultiID(rootID).Equal(node.GetNodeID()) {
+ continue
+ }
+
+ fileName := GetFilename(node)
+ nodes := nodesMap[fileName]
+
+ // Add all nodes if flag latestOnly is false.
+ // Add all intermediate nodes
+ // and only latest leaf (object) nodes. To do this store and replace last leaf (object) node in nodes[0]
+ if len(nodes) == 0 {
+ nodes = []NodeResponse{node}
+ } else if !latestOnly || isIntermediate(node) {
+ nodes = append(nodes, node)
+ } else if isIntermediate(nodes[0]) {
+ nodes = append([]NodeResponse{node}, nodes...)
+ } else if getMaxTimestamp(node) > getMaxTimestamp(nodes[0]) {
+ nodes[0] = node
+ }
+
+ nodesMap[fileName] = nodes
+ }
+
+ result := make([]data.NodeInfo, 0, len(subTree))
+ for _, nodes := range nodesMap {
+ result = append(result, nodeResponseToNodeInfo(nodes)...)
+ }
+
+ return result, nil
+}
+
+func nodeResponseToNodeInfo(nodes []NodeResponse) []data.NodeInfo {
+ nodesInfo := make([]data.NodeInfo, 0, len(nodes))
+ for _, node := range nodes {
+ nodesInfo = append(nodesInfo, newNodeInfo(node))
+ }
+
+ return nodesInfo
+}
+
+func (c *Tree) getPrefixNodeID(ctx context.Context, bktInfo *data.BucketInfo, treeID string, prefixPath []string) ([]uint64, error) {
+ p := &GetNodesParams{
+ CnrID: bktInfo.CID,
+ BktInfo: bktInfo,
+ TreeID: treeID,
+ Path: prefixPath,
+ LatestOnly: false,
+ AllAttrs: true,
+ }
+ nodes, err := c.service.GetNodes(ctx, p)
+ if err != nil {
+ return nil, err
+ }
+
+ var intermediateNodes []uint64
+ for _, node := range nodes {
+ if isIntermediate(node) {
+ intermediateNodes = append(intermediateNodes, node.GetNodeID()...)
+ }
+ }
+
+ if len(intermediateNodes) == 0 {
+ return nil, ErrNodeNotFound
+ }
+
+ return intermediateNodes, nil
+}
+
+func (c *Tree) reqLogger(ctx context.Context) *zap.Logger {
+ return utils.GetReqLogOrDefault(ctx, c.log)
+}
+
+func GetFilename(node NodeResponse) string {
+ for _, kv := range node.GetMeta() {
+ if kv.GetKey() == FileNameKey {
+ return string(kv.GetValue())
+ }
+ }
+
+ return ""
+}
+
+func isIntermediate(node NodeResponse) bool {
+ if len(node.GetMeta()) != 1 {
+ return false
+ }
+
+ return node.GetMeta()[0].GetKey() == FileNameKey
+}
+
+func getMaxTimestamp(node NodeResponse) uint64 {
+ var maxTimestamp uint64
+
+ for _, timestamp := range node.GetTimestamp() {
+ if timestamp > maxTimestamp {
+ maxTimestamp = timestamp
+ }
+ }
+
+ return maxTimestamp
+}
+
+type MultiID []uint64
+
+func (m MultiID) Equal(id MultiID) bool {
+ seen := make(map[uint64]struct{}, len(m))
+
+ for i := range m {
+ seen[m[i]] = struct{}{}
+ }
+
+ for i := range id {
+ if _, ok := seen[id[i]]; !ok {
+ return false
+ }
+ }
+
+ return true
+}
diff --git a/tree/tree_test.go b/tree/tree_test.go
new file mode 100644
index 00000000..62f99142
--- /dev/null
+++ b/tree/tree_test.go
@@ -0,0 +1,150 @@
+package tree
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/require"
+)
+
+type nodeMeta struct {
+ key string
+ value []byte
+}
+
+func (m nodeMeta) GetKey() string {
+ return m.key
+}
+
+func (m nodeMeta) GetValue() []byte {
+ return m.value
+}
+
+type nodeResponse struct {
+ meta []nodeMeta
+ timestamp []uint64
+}
+
+func (n nodeResponse) GetTimestamp() []uint64 {
+ return n.timestamp
+}
+
+func (n nodeResponse) GetMeta() []Meta {
+ res := make([]Meta, len(n.meta))
+ for i, value := range n.meta {
+ res[i] = value
+ }
+ return res
+}
+
+func (n nodeResponse) GetNodeID() []uint64 {
+ return nil
+}
+func (n nodeResponse) GetParentID() []uint64 {
+ return nil
+}
+
+func TestGetLatestNode(t *testing.T) {
+ for _, tc := range []struct {
+ name string
+ nodes []NodeResponse
+ exceptedOID string
+ error bool
+ }{
+ {
+ name: "empty",
+ nodes: []NodeResponse{},
+ error: true,
+ },
+ {
+ name: "one node of the object version",
+ nodes: []NodeResponse{
+ nodeResponse{
+ timestamp: []uint64{1},
+ meta: []nodeMeta{
+ {
+ key: oidKV,
+ value: []byte("oid1"),
+ },
+ },
+ },
+ },
+ exceptedOID: "oid1",
+ },
+ {
+ name: "one node of the object version and one node of the secondary object",
+ nodes: []NodeResponse{
+ nodeResponse{
+ timestamp: []uint64{3},
+ meta: []nodeMeta{},
+ },
+ nodeResponse{
+ timestamp: []uint64{1},
+ meta: []nodeMeta{
+ {
+ key: oidKV,
+ value: []byte("oid1"),
+ },
+ },
+ },
+ },
+ exceptedOID: "oid1",
+ },
+ {
+ name: "all nodes represent a secondary object",
+ nodes: []NodeResponse{
+ nodeResponse{
+ timestamp: []uint64{3},
+ meta: []nodeMeta{},
+ },
+ nodeResponse{
+ timestamp: []uint64{5},
+ meta: []nodeMeta{},
+ },
+ },
+ error: true,
+ },
+ {
+ name: "several nodes of different types and with different timestamp",
+ nodes: []NodeResponse{
+ nodeResponse{
+ timestamp: []uint64{1},
+ meta: []nodeMeta{
+ {
+ key: oidKV,
+ value: []byte("oid1"),
+ },
+ },
+ },
+ nodeResponse{
+ timestamp: []uint64{3},
+ meta: []nodeMeta{},
+ },
+ nodeResponse{
+ timestamp: []uint64{4},
+ meta: []nodeMeta{
+ {
+ key: oidKV,
+ value: []byte("oid2"),
+ },
+ },
+ },
+ nodeResponse{
+ timestamp: []uint64{6},
+ meta: []nodeMeta{},
+ },
+ },
+ exceptedOID: "oid2",
+ },
+ } {
+ t.Run(tc.name, func(t *testing.T) {
+ actualNode, err := getLatestVersionNode(tc.nodes)
+ if tc.error {
+ require.Error(t, err)
+ return
+ }
+
+ require.NoError(t, err)
+ require.Equal(t, tc.exceptedOID, string(actualNode.GetMeta()[0].GetValue()))
+ })
+ }
+}
diff --git a/utils/attributes.go b/utils/attributes.go
index cfa3e3a9..55fadaa2 100644
--- a/utils/attributes.go
+++ b/utils/attributes.go
@@ -12,9 +12,19 @@ import (
"unicode"
"unicode/utf8"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
+ "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/object"
)
+type EpochDurations struct {
+ CurrentEpoch uint64
+ MsPerBlock int64
+ BlockPerEpoch uint64
+}
+
+type EpochInfoFetcher interface {
+ GetEpochDurations(context.Context) (*EpochDurations, error)
+}
+
const (
UserAttributeHeaderPrefix = "X-Attribute-"
)
@@ -151,7 +161,7 @@ func title(str string) string {
return string(r0) + str[size:]
}
-func PrepareExpirationHeader(ctx context.Context, p *pool.Pool, headers map[string]string, now time.Time) error {
+func PrepareExpirationHeader(ctx context.Context, epochFetcher EpochInfoFetcher, headers map[string]string, now time.Time) error {
formatsNum := 0
index := -1
for i, transformer := range transformers {
@@ -165,7 +175,7 @@ func PrepareExpirationHeader(ctx context.Context, p *pool.Pool, headers map[stri
case 0:
return nil
case 1:
- epochDuration, err := GetEpochDurations(ctx, p)
+ epochDuration, err := epochFetcher.GetEpochDurations(ctx)
if err != nil {
return fmt.Errorf("couldn't get epoch durations from network info: %w", err)
}
@@ -248,3 +258,12 @@ func (t systemTransformer) updateExpirationHeader(headers map[string]string, dur
headers[t.expirationEpochAttr()] = strconv.FormatUint(expirationEpoch, 10)
}
+
+func GetAttributeValue(attrs []object.Attribute, key string) string {
+ for _, attr := range attrs {
+ if attr.Key() == key {
+ return attr.Value()
+ }
+ }
+ return ""
+}
diff --git a/utils/params.go b/utils/params.go
deleted file mode 100644
index a6fe59b7..00000000
--- a/utils/params.go
+++ /dev/null
@@ -1,15 +0,0 @@
-package utils
-
-import (
- "git.frostfs.info/TrueCloudLab/frostfs-http-gw/resolver"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
- "go.uber.org/zap"
-)
-
-type AppParams struct {
- Logger *zap.Logger
- Pool *pool.Pool
- Owner *user.ID
- Resolver *resolver.ContainerResolver
-}
diff --git a/utils/tracing.go b/utils/tracing.go
index 14c059ad..c8e467dd 100644
--- a/utils/tracing.go
+++ b/utils/tracing.go
@@ -30,12 +30,12 @@ func (c *httpCarrier) Set(key string, value string) {
func (c *httpCarrier) Keys() []string {
dict := make(map[string]interface{})
c.r.Request.Header.VisitAll(
- func(key, value []byte) {
+ func(key, _ []byte) {
dict[string(key)] = true
},
)
c.r.Response.Header.VisitAll(
- func(key, value []byte) {
+ func(key, _ []byte) {
dict[string(key)] = true
},
)
diff --git a/utils/util.go b/utils/util.go
index a3287694..b7f5e394 100644
--- a/utils/util.go
+++ b/utils/util.go
@@ -2,36 +2,11 @@ package utils
import (
"context"
- "fmt"
- "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/pool"
"github.com/valyala/fasthttp"
+ "go.uber.org/zap"
)
-type EpochDurations struct {
- CurrentEpoch uint64
- MsPerBlock int64
- BlockPerEpoch uint64
-}
-
-func GetEpochDurations(ctx context.Context, p *pool.Pool) (*EpochDurations, error) {
- networkInfo, err := p.NetworkInfo(ctx)
- if err != nil {
- return nil, err
- }
-
- res := &EpochDurations{
- CurrentEpoch: networkInfo.CurrentEpoch(),
- MsPerBlock: networkInfo.MsPerBlock(),
- BlockPerEpoch: networkInfo.EpochDuration(),
- }
-
- if res.BlockPerEpoch == 0 {
- return nil, fmt.Errorf("EpochDuration is empty")
- }
- return res, nil
-}
-
// SetContextToRequest adds new context to fasthttp request.
func SetContextToRequest(ctx context.Context, c *fasthttp.RequestCtx) {
c.SetUserValue("context", ctx)
@@ -41,3 +16,34 @@ func SetContextToRequest(ctx context.Context, c *fasthttp.RequestCtx) {
func GetContextFromRequest(c *fasthttp.RequestCtx) context.Context {
return c.UserValue("context").(context.Context)
}
+
+type ctxReqLoggerKeyType struct{}
+
+// SetReqLog sets child zap.Logger in the context.
+func SetReqLog(ctx context.Context, log *zap.Logger) context.Context {
+ if ctx == nil {
+ return nil
+ }
+ return context.WithValue(ctx, ctxReqLoggerKeyType{}, log)
+}
+
+// GetReqLog returns log if set.
+// If zap.Logger isn't set returns nil.
+func GetReqLog(ctx context.Context) *zap.Logger {
+ if ctx == nil {
+ return nil
+ } else if r, ok := ctx.Value(ctxReqLoggerKeyType{}).(*zap.Logger); ok {
+ return r
+ }
+ return nil
+}
+
+// GetReqLogOrDefault returns log from context, if it exists.
+// If the log is missing from the context, the default logger is returned.
+func GetReqLogOrDefault(ctx context.Context, defaultLog *zap.Logger) *zap.Logger {
+ log := GetReqLog(ctx)
+ if log == nil {
+ log = defaultLog
+ }
+ return log
+}
+
+
+
+ {{ $parentPrefix := getParent .Prefix }}
+ {{if $parentPrefix }}
+ Filename
+ OID
+ Size
+ Created
+ Download
+
+
+ {{else}}
+
+ ⮐..
+
+
+
+
+
+
+
+ {{end}}
+ {{range .Objects}}
+
+ ⮐..
+
+
+
+
+
+
+
+ {{end}}
+
+
+ {{if .IsDir}}
+ 🗀
+
+ {{.FileName}}/
+
+ {{else}}
+ 🗎
+
+ {{.FileName}}
+
+ {{end}}
+
+ {{.OID}}
+ {{if not .IsDir}}{{ formatSize .Size }}{{end}}
+ {{ .Created }}
+
+ {{ if .OID }}
+
+ Link
+
+ {{ end }}
+
+