From 5c17de7c222254b380d1b646ec6f7fa838f7068d Mon Sep 17 00:00:00 2001 From: Skye Gill Date: Tue, 14 Mar 2023 15:29:29 +0000 Subject: [PATCH 1/5] feat: client side support Signed-off-by: Skye Gill --- PROJECT | 9 + .../v1alpha1/clientsideconfiguration_types.go | 70 +++ .../v1alpha1/flagsourceconfiguration_types.go | 4 +- apis/core/v1alpha1/zz_generated.deepcopy.go | 89 ++++ ...nfeature.dev_clientsideconfigurations.yaml | 75 +++ config/crd/kustomization.yaml | 3 + ...tion_in_core_clientsideconfigurations.yaml | 7 + ...hook_in_core_clientsideconfigurations.yaml | 16 + config/manager/kustomization.yaml | 4 +- ...e_clientsideconfiguration_editor_role.yaml | 31 ++ ...e_clientsideconfiguration_viewer_role.yaml | 27 ++ config/rbac/role.yaml | 62 +++ config/samples/dev.yaml | 128 +++++ .../clientsideconfiguration_controller.go | 442 ++++++++++++++++++ go.mod | 14 +- go.sum | 255 +--------- main.go | 22 +- test/e2e/kind-cluster.yml | 7 - 18 files changed, 986 insertions(+), 279 deletions(-) create mode 100644 apis/core/v1alpha1/clientsideconfiguration_types.go create mode 100644 config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml create mode 100644 config/crd/patches/cainjection_in_core_clientsideconfigurations.yaml create mode 100644 config/crd/patches/webhook_in_core_clientsideconfigurations.yaml create mode 100644 config/rbac/core_clientsideconfiguration_editor_role.yaml create mode 100644 config/rbac/core_clientsideconfiguration_viewer_role.yaml create mode 100644 config/samples/dev.yaml create mode 100644 controllers/clientsideconfiguration_controller.go diff --git a/PROJECT b/PROJECT index aaaa4457a..3fa47897a 100644 --- a/PROJECT +++ b/PROJECT @@ -43,4 +43,13 @@ resources: kind: FlagSourceConfiguration path: github.com/open-feature/open-feature-operator/apis/core/v1alpha3 version: v1alpha3 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: openfeature.dev + group: core + kind: ClientSideConfiguration + path: github.com/open-feature/open-feature-operator/apis/core/v1alpha1 + version: v1alpha1 version: "3" diff --git a/apis/core/v1alpha1/clientsideconfiguration_types.go b/apis/core/v1alpha1/clientsideconfiguration_types.go new file mode 100644 index 000000000..b09a8f231 --- /dev/null +++ b/apis/core/v1alpha1/clientsideconfiguration_types.go @@ -0,0 +1,70 @@ +/* +Copyright 2022. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// ClientSideConfigurationSpec defines the desired state of ClientSideConfiguration +type ClientSideConfigurationSpec struct { + // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + // Important: Run "make" to regenerate code after modifying this file + + ServiceAccountName string `json:"serviceAccountName"` + GatewayName string `json:"gatewayName"` + HTTPRouteHostname string `json:"httpRouteHostname"` + HTTPRouteName string `json:"httpRouteName"` + HTTPRoutePort int32 `json:"httpRoutePort"` + FlagSourceConfiguration string `json:"flagSourceConfiguration"` + GatewayClassName string `json:"gatewayClassName"` + CorsAllowOrigin string `json:"corsAllowOrigin"` +} + +// ClientSideConfigurationStatus defines the observed state of ClientSideConfiguration +type ClientSideConfigurationStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// ClientSideConfiguration is the Schema for the clientsideconfigurations API +type ClientSideConfiguration struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec ClientSideConfigurationSpec `json:"spec,omitempty"` + Status ClientSideConfigurationStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// ClientSideConfigurationList contains a list of ClientSideConfiguration +type ClientSideConfigurationList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []ClientSideConfiguration `json:"items"` +} + +func init() { + SchemeBuilder.Register(&ClientSideConfiguration{}, &ClientSideConfigurationList{}) +} diff --git a/apis/core/v1alpha1/flagsourceconfiguration_types.go b/apis/core/v1alpha1/flagsourceconfiguration_types.go index a28cb83ce..01578ec9f 100644 --- a/apis/core/v1alpha1/flagsourceconfiguration_types.go +++ b/apis/core/v1alpha1/flagsourceconfiguration_types.go @@ -47,8 +47,8 @@ const ( defaultSocketPath string = "" defaultEvaluator string = "json" defaultImage string = "ghcr.io/open-feature/flagd" - // INPUT_FLAGD_VERSION` is replaced in the `update-flagd` Makefile target - defaultTag string = "INPUT_FLAGD_VERSION" + // v0.4.1` is replaced in the `update-flagd` Makefile target + defaultTag string = "v0.4.1" defaultLogFormat string = "json" defaultProbesEnabled bool = true SyncProviderKubernetes SyncProviderType = "kubernetes" diff --git a/apis/core/v1alpha1/zz_generated.deepcopy.go b/apis/core/v1alpha1/zz_generated.deepcopy.go index 846ecb72f..26fea3058 100644 --- a/apis/core/v1alpha1/zz_generated.deepcopy.go +++ b/apis/core/v1alpha1/zz_generated.deepcopy.go @@ -26,6 +26,95 @@ import ( runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientSideConfiguration) DeepCopyInto(out *ClientSideConfiguration) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSideConfiguration. +func (in *ClientSideConfiguration) DeepCopy() *ClientSideConfiguration { + if in == nil { + return nil + } + out := new(ClientSideConfiguration) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClientSideConfiguration) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientSideConfigurationList) DeepCopyInto(out *ClientSideConfigurationList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ClientSideConfiguration, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSideConfigurationList. +func (in *ClientSideConfigurationList) DeepCopy() *ClientSideConfigurationList { + if in == nil { + return nil + } + out := new(ClientSideConfigurationList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClientSideConfigurationList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientSideConfigurationSpec) DeepCopyInto(out *ClientSideConfigurationSpec) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSideConfigurationSpec. +func (in *ClientSideConfigurationSpec) DeepCopy() *ClientSideConfigurationSpec { + if in == nil { + return nil + } + out := new(ClientSideConfigurationSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClientSideConfigurationStatus) DeepCopyInto(out *ClientSideConfigurationStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSideConfigurationStatus. +func (in *ClientSideConfigurationStatus) DeepCopy() *ClientSideConfigurationStatus { + if in == nil { + return nil + } + out := new(ClientSideConfigurationStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FeatureFlagConfiguration) DeepCopyInto(out *FeatureFlagConfiguration) { *out = *in diff --git a/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml b/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml new file mode 100644 index 000000000..e411ecb4c --- /dev/null +++ b/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml @@ -0,0 +1,75 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.10.0 + creationTimestamp: null + name: clientsideconfigurations.core.openfeature.dev +spec: + group: core.openfeature.dev + names: + kind: ClientSideConfiguration + listKind: ClientSideConfigurationList + plural: clientsideconfigurations + singular: clientsideconfiguration + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: ClientSideConfiguration is the Schema for the clientsideconfigurations + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ClientSideConfigurationSpec defines the desired state of + ClientSideConfiguration + properties: + corsAllowOrigin: + type: string + flagSourceConfiguration: + type: string + gatewayClassName: + type: string + gatewayName: + type: string + httpRouteHostname: + type: string + httpRouteName: + type: string + httpRoutePort: + format: int32 + type: integer + serviceAccountName: + type: string + required: + - corsAllowOrigin + - flagSourceConfiguration + - gatewayClassName + - gatewayName + - httpRouteHostname + - httpRouteName + - httpRoutePort + - serviceAccountName + type: object + status: + description: ClientSideConfigurationStatus defines the observed state + of ClientSideConfiguration + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 267d52874..0ed1da349 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -4,6 +4,7 @@ resources: - bases/core.openfeature.dev_featureflagconfigurations.yaml - bases/core.openfeature.dev_flagsourceconfigurations.yaml +- bases/core.openfeature.dev_clientsideconfigurations.yaml #+kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: @@ -11,12 +12,14 @@ patchesStrategicMerge: # patches here are for enabling the conversion webhook for each CRD - patches/webhook_in_featureflagconfigurations.yaml - patches/webhook_in_flagsourceconfigurations.yaml +#- patches/webhook_in_clientsideconfigurations.yaml #+kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD - patches/cainjection_in_featureflagconfigurations.yaml - patches/cainjection_in_flagsourceconfigurations.yaml +#- patches/cainjection_in_clientsideconfigurations.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # the following config is for teaching kustomize how to do kustomization for CRDs. diff --git a/config/crd/patches/cainjection_in_core_clientsideconfigurations.yaml b/config/crd/patches/cainjection_in_core_clientsideconfigurations.yaml new file mode 100644 index 000000000..d3f9c4448 --- /dev/null +++ b/config/crd/patches/cainjection_in_core_clientsideconfigurations.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: clientsideconfigurations.core.openfeature.dev diff --git a/config/crd/patches/webhook_in_core_clientsideconfigurations.yaml b/config/crd/patches/webhook_in_core_clientsideconfigurations.yaml new file mode 100644 index 000000000..de4779716 --- /dev/null +++ b/config/crd/patches/webhook_in_core_clientsideconfigurations.yaml @@ -0,0 +1,16 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clientsideconfigurations.core.openfeature.dev +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert + conversionReviewVersions: + - v1 diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index 5e793dd19..3f994595e 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -12,5 +12,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization images: - name: controller - newName: controller - newTag: latest + newName: ghcr.io/open-feature/open-feature-operator + newTag: local diff --git a/config/rbac/core_clientsideconfiguration_editor_role.yaml b/config/rbac/core_clientsideconfiguration_editor_role.yaml new file mode 100644 index 000000000..5a1cbf239 --- /dev/null +++ b/config/rbac/core_clientsideconfiguration_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit clientsideconfigurations. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: clientsideconfiguration-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: open-feature-operator + app.kubernetes.io/part-of: open-feature-operator + app.kubernetes.io/managed-by: kustomize + name: clientsideconfiguration-editor-role +rules: +- apiGroups: + - core.openfeature.dev + resources: + - clientsideconfigurations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - core.openfeature.dev + resources: + - clientsideconfigurations/status + verbs: + - get diff --git a/config/rbac/core_clientsideconfiguration_viewer_role.yaml b/config/rbac/core_clientsideconfiguration_viewer_role.yaml new file mode 100644 index 000000000..ff1a5057d --- /dev/null +++ b/config/rbac/core_clientsideconfiguration_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view clientsideconfigurations. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: clientsideconfiguration-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: open-feature-operator + app.kubernetes.io/part-of: open-feature-operator + app.kubernetes.io/managed-by: kustomize + name: clientsideconfiguration-viewer-role +rules: +- apiGroups: + - core.openfeature.dev + resources: + - clientsideconfigurations + verbs: + - get + - list + - watch +- apiGroups: + - core.openfeature.dev + resources: + - clientsideconfigurations/status + verbs: + - get diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index f03776569..ce174ce2f 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -37,6 +37,18 @@ rules: - get - list - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - apps resources: @@ -49,6 +61,32 @@ rules: - patch - update - watch +- apiGroups: + - core.openfeature.dev + resources: + - clientsideconfigurations + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - core.openfeature.dev + resources: + - clientsideconfigurations/finalizers + verbs: + - update +- apiGroups: + - core.openfeature.dev + resources: + - clientsideconfigurations/status + verbs: + - get + - patch + - update - apiGroups: - core.openfeature.dev resources: @@ -101,6 +139,30 @@ rules: - get - patch - update +- apiGroups: + - gateway.networking.k8s.io + resources: + - gateways + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - gateway.networking.k8s.io + resources: + - httproutes + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - rbac.authorization.k8s.io resources: diff --git a/config/samples/dev.yaml b/config/samples/dev.yaml new file mode 100644 index 000000000..5323c72bf --- /dev/null +++ b/config/samples/dev.yaml @@ -0,0 +1,128 @@ +--- +apiVersion: core.openfeature.dev/v1alpha2 +kind: FeatureFlagConfiguration +metadata: + name: end-to-end +spec: + featureFlagSpec: + flags: + new-welcome-message: + state: ENABLED + variants: + "on": true + "off": false + defaultVariant: "on" + hex-color: + state: ENABLED + variants: + red: "#CC0000" + green: "#00CC00" + blue: "#0000CC" + yellow: yellow + defaultVariant: blue + fib-algo: + state: ENABLED + variants: + recursive: recursive + memo: memo + loop: loop + binet: binet + defaultVariant: recursive + "targeting": { + "if": [ + { + "in": [ "@faas.com", { + "var": [ "email" ] + } ] + }, "binet", null + ] + } +--- +apiVersion: core.openfeature.dev/v1alpha3 +kind: FlagSourceConfiguration +metadata: + name: end-to-end +spec: + sources: + - source: default/end-to-end + provider: kubernetes +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ofoclientapp +spec: + replicas: 1 + selector: + matchLabels: + app: ofoclientapp + template: + metadata: + labels: + app: ofoclientapp + spec: + serviceAccountName: default + containers: + - image: ofo-client-app + imagePullPolicy: IfNotPresent + name: ofoclientapp + ports: + - containerPort: 3000 +--- +apiVersion: v1 +kind: Service +metadata: + name: ofoclientapp + labels: + app: ofoclientapp + service: ofoclientappservice +spec: + ports: + - name: http + port: 8000 + targetPort: 3000 + selector: + app: ofoclientapp +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: clientsidegateway +spec: + gatewayClassName: istio + listeners: + - name: ofoclientapp + hostname: "ofoclientapp.com" + port: 80 + protocol: HTTP + allowedRoutes: + namespaces: + from: All +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: HTTPRoute +metadata: + name: ofo-client-app +spec: + parentRefs: + - name: clientsidegateway + hostnames: ["ofoclientapp.com"] + rules: + - backendRefs: + - name: ofoclientapp + port: 8000 +--- +apiVersion: core.openfeature.dev/v1alpha1 +kind: ClientSideConfiguration +metadata: + name: open-feature-dev-clientsideconfiguration +spec: + flagSourceConfiguration: end-to-end + gatewayName: clientsidegateway + gatewayClassName: istio + httpRouteName: clientsidegatewayhttproute + httpRouteHostname: flagd.ofoclientapp.com + serviceAccountName: default + httpRoutePort: 80 + corsAllowOrigin: "http://ofoclientapp.com:8080" +--- diff --git a/controllers/clientsideconfiguration_controller.go b/controllers/clientsideconfiguration_controller.go new file mode 100644 index 000000000..49add2d35 --- /dev/null +++ b/controllers/clientsideconfiguration_controller.go @@ -0,0 +1,442 @@ +/* +Copyright 2022. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "fmt" + "github.com/go-logr/logr" + corev1alpha1 "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" + appsV1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/util/intstr" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/controller-runtime/pkg/predicate" + gatewayv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + "strings" +) + +const ( + clientSideConfigurationCRDName = "ClientSideConfiguration" + clientSideDeploymentName = "clientsidedeployment" + clientSideServiceName = "clientsideservice" + clientSideAppName = "clientsideapp" + clientSideGatewayListenerName = "clientsidegatewaylistener" + clientSideServicePort int32 = 80 + clusterRoleBindingName string = "open-feature-operator-flagd-kubernetes-sync" +) + +// ClientSideConfigurationReconciler reconciles a ClientSideConfiguration object +type ClientSideConfigurationReconciler struct { + client.Client + Scheme *runtime.Scheme + Log logr.Logger +} + +//+kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=gateways,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=httproutes,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=core.openfeature.dev,resources=clientsideconfigurations,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=core.openfeature.dev,resources=clientsideconfigurations/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=core.openfeature.dev,resources=clientsideconfigurations/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the ClientSideConfiguration object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.13.0/pkg/reconcile +func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + r.Log = log.FromContext(ctx) + r.Log.Info("Reconciling " + clientSideConfigurationCRDName) + + csconf := &corev1alpha1.ClientSideConfiguration{} + if err := r.Client.Get(ctx, req.NamespacedName, csconf); err != nil { + if errors.IsNotFound(err) { + // taking down all associated K8s resources is handled by K8s + r.Log.Info(clientSideConfigurationCRDName + " resource not found. Ignoring since object must be deleted") + return r.finishReconcile(nil, false) + } + r.Log.Error(err, "Failed to get the "+clientSideConfigurationCRDName) + return r.finishReconcile(err, false) + } + ns := csconf.Namespace + + // check for existing client side deployment + deployment := &appsV1.Deployment{} + if err := r.Client.Get( + ctx, client.ObjectKey{Namespace: ns, Name: clientSideDeploymentName}, deployment, + ); err != nil { + if !errors.IsNotFound(err) { + r.Log.Error(err, + fmt.Sprintf("Failed to get the deployment %s/%s", ns, clientSideDeploymentName)) + return r.finishReconcile(err, false) + } else { + deployment.Name = clientSideDeploymentName + deployment.Namespace = ns + } + } else { + // TODO: delete deployment + deployment.Name = clientSideDeploymentName + deployment.Namespace = ns + } + + fsConfigSpec, err := corev1alpha1.NewFlagSourceConfigurationSpec() + if err != nil { + r.Log.Error(err, "unable to parse env var configuration") + return r.finishReconcile(nil, false) + } + + // fetch the FlagSourceConfiguration + fsConfig := &corev1alpha1.FlagSourceConfiguration{} + if err := r.Client.Get(ctx, + client.ObjectKey{Namespace: ns, Name: csconf.Spec.FlagSourceConfiguration}, fsConfig, // TODO: use namespace from spec + ); err != nil { + if errors.IsNotFound(err) { + // taking down all associated K8s resources is handled by K8s + r.Log.Error(fmt.Errorf("%s/%s not found", ns, csconf.Spec.FlagSourceConfiguration), "FlagSourceConfiguration not found") + return r.finishReconcile(nil, false) + } + r.Log.Error(err, fmt.Sprintf("Failed to get FlagSourceConfiguration %s/%s", ns, csconf.Spec.FlagSourceConfiguration)) + return r.finishReconcile(err, false) + } + + fsConfigSpec.Merge(&fsConfig.Spec) + + // create service if it doesn't exist, update if it does + svc := &corev1.Service{} + if err := r.Client.Get( + ctx, client.ObjectKey{Namespace: ns, Name: clientSideServiceName}, svc, + ); err != nil { + if !errors.IsNotFound(err) { + r.Log.Error(err, + fmt.Sprintf("Failed to get the service %s/%s", ns, clientSideServiceName)) + return r.finishReconcile(err, false) + } else { + svc.Name = clientSideServiceName + svc.Namespace = ns + svc.Spec.Selector = map[string]string{ + "app": clientSideAppName, + } + svc.Spec.Type = corev1.ServiceTypeClusterIP + svc.Spec.Ports = []corev1.ServicePort{ + { + Protocol: corev1.ProtocolTCP, + Port: clientSideServicePort, + TargetPort: intstr.FromInt(int(fsConfigSpec.Port)), + }, + } + + if err := r.Client.Create(ctx, svc); err != nil { + r.Log.Error(err, "Failed to create service") + return r.finishReconcile(nil, false) + } + } + } else { + svc.Spec.Ports = []corev1.ServicePort{ + { + Protocol: corev1.ProtocolTCP, + Port: clientSideServicePort, + TargetPort: intstr.FromInt(int(fsConfigSpec.Port)), + }, + } + + if err := r.Client.Update(ctx, svc); err != nil { + r.Log.Error(err, "Failed to update service") + return r.finishReconcile(nil, false) + } + } + + // create gateway if it doesn't exist, update if it does + namespacesFromSame := gatewayv1beta1.NamespacesFromSame + hostname := gatewayv1beta1.Hostname(csconf.Spec.HTTPRouteHostname) + gateway := &gatewayv1beta1.Gateway{} + if err := r.Client.Get( + ctx, client.ObjectKey{Namespace: ns, Name: csconf.Spec.GatewayName}, gateway, + ); err != nil { + if !errors.IsNotFound(err) { + r.Log.Error(err, + fmt.Sprintf("Failed to get the gateway %s/%s", ns, csconf.Spec.GatewayName)) + return r.finishReconcile(err, false) + } + gateway.Name = csconf.Spec.GatewayName + gateway.Namespace = ns + gateway.Spec.GatewayClassName = gatewayv1beta1.ObjectName(csconf.Spec.GatewayClassName) + gateway.Spec.Listeners = []gatewayv1beta1.Listener{ + { + Name: clientSideGatewayListenerName, + Hostname: &hostname, + Protocol: gatewayv1beta1.HTTPProtocolType, + Port: gatewayv1beta1.PortNumber(csconf.Spec.HTTPRoutePort), + AllowedRoutes: &gatewayv1beta1.AllowedRoutes{ + Namespaces: &gatewayv1beta1.RouteNamespaces{ + From: &namespacesFromSame, + }, + }, + }, + } + + if err := r.Client.Create(ctx, gateway); err != nil { + r.Log.Error(err, "Failed to create gateway") + return r.finishReconcile(nil, false) + } + } else { + gateway.Spec.GatewayClassName = gatewayv1beta1.ObjectName(csconf.Spec.GatewayClassName) + listener := gatewayv1beta1.Listener{ + Name: clientSideGatewayListenerName, + Hostname: &hostname, + Protocol: gatewayv1beta1.HTTPProtocolType, + Port: gatewayv1beta1.PortNumber(csconf.Spec.HTTPRoutePort), + AllowedRoutes: &gatewayv1beta1.AllowedRoutes{ + Namespaces: &gatewayv1beta1.RouteNamespaces{ + From: &namespacesFromSame, + }, + }, + } + + listenerExists := false + for i := 0; i < len(gateway.Spec.Listeners); i++ { + if gateway.Spec.Listeners[i].Name == clientSideGatewayListenerName { + gateway.Spec.Listeners[i] = listener + listenerExists = true + break + } + } + + if !listenerExists { + gateway.Spec.Listeners = append(gateway.Spec.Listeners, listener) + } + + if err := r.Client.Update(ctx, gateway); err != nil { + r.Log.Error(err, "Failed to update gateway") + return r.finishReconcile(nil, false) + } + } + + // create gateway http route if it doesn't exist + httpRoute := &gatewayv1beta1.HTTPRoute{} + httpRoutePort := gatewayv1beta1.PortNumber(clientSideServicePort) + httpRouteSectionName := gatewayv1beta1.SectionName(clientSideGatewayListenerName) + httpRouteHostname := gatewayv1beta1.Hostname(csconf.Spec.HTTPRouteHostname) + if err := r.Client.Get( + ctx, client.ObjectKey{Namespace: ns, Name: csconf.Spec.HTTPRouteName}, httpRoute, + ); err != nil { + if !errors.IsNotFound(err) { + r.Log.Error(err, + fmt.Sprintf("Failed to get the gateway http route %s/%s", ns, csconf.Spec.HTTPRouteName)) + return r.finishReconcile(nil, false) + } else { + httpRoute.Name = csconf.Spec.HTTPRouteName + httpRoute.Namespace = ns + httpRoute.Spec.ParentRefs = []gatewayv1beta1.ParentReference{ + { + Name: gatewayv1beta1.ObjectName(csconf.Spec.GatewayName), + SectionName: &httpRouteSectionName, + }, + } + httpRoute.Spec.Hostnames = []gatewayv1beta1.Hostname{httpRouteHostname} + httpRoute.Spec.Rules = []gatewayv1beta1.HTTPRouteRule{ + { + BackendRefs: []gatewayv1beta1.HTTPBackendRef{ + { + BackendRef: gatewayv1beta1.BackendRef{ + BackendObjectReference: gatewayv1beta1.BackendObjectReference{ + Name: clientSideServiceName, + Port: &httpRoutePort, + }, + }, + }, + }, + }, + } + + if err := r.Client.Create(ctx, httpRoute); err != nil { + r.Log.Error(err, "Failed to create gateway http route") + return r.finishReconcile(nil, false) + } + } + } + + flagdContainer := corev1.Container{ + Name: "flagd", + Image: fmt.Sprintf("%s:%s", fsConfigSpec.Image, fsConfigSpec.Tag), + Args: []string{ + "start", + "--cors-origin=" + csconf.Spec.CorsAllowOrigin, + }, + ImagePullPolicy: corev1.PullAlways, // TODO: configurable + VolumeMounts: []corev1.VolumeMount{}, + Env: []corev1.EnvVar{}, + Ports: []corev1.ContainerPort{ + { + Name: "metrics", + ContainerPort: fsConfigSpec.MetricsPort, + }, + }, + SecurityContext: nil, // TODO + // TODO resource limits + } + + for _, source := range fsConfigSpec.Sources { + if source.Provider == "" { + source.Provider = fsConfigSpec.DefaultSyncProvider + } + switch { + case source.Provider.IsKubernetes(): + if err := r.handleKubernetesProvider(ctx, ns, csconf.Spec.ServiceAccountName, &flagdContainer, source); err != nil { + r.Log.Error(err, "Failed to handle kubernetes provider") + return r.finishReconcile(nil, false) + } + default: + r.Log.Error(fmt.Errorf("%s", source.Provider), "Unsupported source") + return r.finishReconcile(nil, false) + } + } + + deployment.Spec.Template.Spec.ServiceAccountName = csconf.Spec.ServiceAccountName + labels := map[string]string{ + "app": clientSideAppName, + } + deployment.Labels = labels + deployment.Spec.Template.Labels = labels + deployment.Spec.Selector = &metav1.LabelSelector{MatchLabels: labels} + deployment.Spec.Template.Spec.Containers = []corev1.Container{flagdContainer} + + if err := r.Client.Create(ctx, deployment); err != nil { + r.Log.Error(err, "Failed to create deployment") + return r.finishReconcile(nil, false) + } + + return r.finishReconcile(nil, false) +} + +func (r *ClientSideConfigurationReconciler) enableClusterRoleBinding(ctx context.Context, namespace, serviceAccountName string) error { + serviceAccount := client.ObjectKey{ + Name: serviceAccountName, + Namespace: namespace, + } + if serviceAccountName == "" { + serviceAccount.Name = "default" + } + // Check if the service account exists + r.Log.V(1).Info(fmt.Sprintf("Fetching serviceAccount: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) + sa := corev1.ServiceAccount{} + if err := r.Client.Get(ctx, serviceAccount, &sa); err != nil { + r.Log.V(1).Info(fmt.Sprintf("ServiceAccount not found: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) + return err + } + r.Log.V(1).Info(fmt.Sprintf("Fetching clusterrolebinding: %s", clusterRoleBindingName)) + // Fetch service account if it exists + crb := rbacv1.ClusterRoleBinding{} + if err := r.Client.Get(ctx, client.ObjectKey{Name: clusterRoleBindingName}, &crb); errors.IsNotFound(err) { + r.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding not found: %s", clusterRoleBindingName)) + return err + } + found := false + for _, subject := range crb.Subjects { + if subject.Kind == "ServiceAccount" && subject.Name == serviceAccount.Name && subject.Namespace == serviceAccount.Namespace { + r.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding already exists for service account: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) + found = true + } + } + if !found { + r.Log.V(1).Info(fmt.Sprintf("Updating ClusterRoleBinding %s for service account: %s/%s", crb.Name, + serviceAccount.Namespace, serviceAccount.Name)) + crb.Subjects = append(crb.Subjects, rbacv1.Subject{ + Kind: "ServiceAccount", + Name: serviceAccount.Name, + Namespace: serviceAccount.Namespace, + }) + if err := r.Client.Update(ctx, &crb); err != nil { + r.Log.V(1).Info(fmt.Sprintf("Failed to update ClusterRoleBinding: %s", err.Error())) + return err + } + } + r.Log.V(1).Info(fmt.Sprintf("Updated ClusterRoleBinding: %s", crb.Name)) + + return nil +} + +func (r *ClientSideConfigurationReconciler) handleKubernetesProvider(ctx context.Context, namespace, serviceAccountName string, container *corev1.Container, source corev1alpha1.Source) error { + ns, n := parseAnnotation(source.Source, namespace) + // ensure that the FeatureFlagConfiguration exists + ff := r.getFeatureFlag(ctx, ns, n) + if ff.Name == "" { + return fmt.Errorf("feature flag configuration %s/%s not found", ns, n) + } + if err := r.enableClusterRoleBinding(ctx, namespace, serviceAccountName); err != nil { + return fmt.Errorf("enableClusterRoleBinding: %w", err) + } + // append args + container.Args = append( + container.Args, + "--uri", + fmt.Sprintf( + "core.openfeature.dev/%s/%s", + ns, + n, + ), + ) + return nil +} + +func (r *ClientSideConfigurationReconciler) getFeatureFlag(ctx context.Context, namespace string, name string) corev1alpha1.FeatureFlagConfiguration { + ffConfig := corev1alpha1.FeatureFlagConfiguration{} + if err := r.Client.Get(ctx, client.ObjectKey{Name: name, Namespace: namespace}, &ffConfig); errors.IsNotFound(err) { + return corev1alpha1.FeatureFlagConfiguration{} + } + return ffConfig +} + +func parseAnnotation(s string, defaultNs string) (string, string) { + ss := strings.Split(s, "/") + if len(ss) == 2 { + return ss[0], ss[1] + } + return defaultNs, s +} + +// SetupWithManager sets up the controller with the Manager. +func (r *ClientSideConfigurationReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&corev1alpha1.ClientSideConfiguration{}). + // we are only interested in update events for this reconciliation loop + WithEventFilter(predicate.GenerationChangedPredicate{}). + Complete(r) +} + +func (r *ClientSideConfigurationReconciler) finishReconcile(err error, requeueImmediate bool) (ctrl.Result, error) { + if err != nil { + interval := reconcileErrorInterval + if requeueImmediate { + interval = 0 + } + r.Log.Error(err, "Finished Reconciling "+clientSideConfigurationCRDName) + return ctrl.Result{Requeue: true, RequeueAfter: interval}, err + } + r.Log.Info("Finished Reconciling " + clientSideConfigurationCRDName) + return ctrl.Result{Requeue: false}, nil +} diff --git a/go.mod b/go.mod index cc603f881..4385a4de7 100644 --- a/go.mod +++ b/go.mod @@ -7,25 +7,17 @@ require ( github.com/onsi/ginkgo/v2 v2.8.1 github.com/onsi/gomega v1.27.1 github.com/open-feature/schemas v0.2.8 - github.com/stretchr/testify v1.8.0 + github.com/stretchr/testify v1.8.1 github.com/xeipuuv/gojsonschema v1.2.0 go.uber.org/zap v1.24.0 k8s.io/api v0.26.1 k8s.io/apimachinery v0.26.1 k8s.io/client-go v0.26.1 sigs.k8s.io/controller-runtime v0.14.5 + sigs.k8s.io/gateway-api v0.6.1 ) require ( - cloud.google.com/go/compute v1.5.0 // indirect - github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest v0.11.27 // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect - github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect - github.com/Azure/go-autorest/logger v0.2.1 // indirect - github.com/Azure/go-autorest/tracing v0.6.0 // indirect - github.com/PuerkitoBio/purell v1.1.1 // indirect - github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect @@ -37,7 +29,6 @@ require ( github.com/go-openapi/jsonreference v0.20.0 // indirect github.com/go-openapi/swag v0.19.14 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v4 v4.2.0 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect @@ -63,7 +54,6 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect go.uber.org/atomic v1.10.0 // indirect go.uber.org/multierr v1.8.0 // indirect - golang.org/x/crypto v0.1.0 // indirect golang.org/x/net v0.7.0 // indirect golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect golang.org/x/sys v0.5.0 // indirect diff --git a/go.sum b/go.sum index 00a4ecad4..747a171ba 100644 --- a/go.sum +++ b/go.sum @@ -13,30 +13,12 @@ cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKV cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs= cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc= cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= -cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= -cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= -cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= -cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= -cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= -cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= -cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= -cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= -cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= -cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= -cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= -cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= -cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow= -cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM= -cloud.google.com/go/compute v1.5.0 h1:b1zWmYuuHz7gO9kDcM/EpHGr06UgsYNRpNJzI2kFiLM= -cloud.google.com/go/compute v1.5.0/go.mod h1:9SMHyhJlzhlkJqrPAc839t2BZFTSk6Jdj6mkzQJeu0M= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= @@ -49,35 +31,13 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= -github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.27 h1:F3R3q42aWytozkV8ihzcgMO4OA4cuqr3bNlsEuF6//A= -github.com/Azure/go-autorest/autorest v0.11.27/go.mod h1:7l8ybrIdUmGqZMTD0sRtAr8NvbHjfofbf8RSP2q7w7U= -github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/adal v0.9.20 h1:gJ3E98kMpFB1MFqQCvA1yFab8vthOeD4VlFRQULxahg= -github.com/Azure/go-autorest/autorest/adal v0.9.20/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= -github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= -github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= -github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= -github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -85,7 +45,6 @@ github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+Ce github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -94,40 +53,23 @@ github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5P github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= -github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= -github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= -github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/emicklei/go-restful/v3 v3.8.0 h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw= -github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= -github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= -github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= -github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= -github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= -github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -139,7 +81,6 @@ github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= -github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= @@ -149,8 +90,6 @@ github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonreference v0.19.5 h1:1WJP/wi4OjB4iV8KVbH73rQaoialJrqv8gitZLxGLtM= -github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= @@ -160,9 +99,6 @@ github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/me github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU= -github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -176,8 +112,6 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= -github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= -github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -193,10 +127,8 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/gnostic v0.5.7-v3refs h1:FhTMOKj2VhjpouxvWJAV1TL304uMlb9zcDqkl6cEI54= @@ -208,12 +140,8 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -221,8 +149,6 @@ github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= -github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= @@ -230,26 +156,14 @@ github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= -github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= -github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= @@ -281,8 +195,6 @@ github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN github.com/mailru/easyjson v0.7.6 h1:8yTIVnZgCoiM1TgqoeTl+LfU5Jg6/xL3QhGQnimLYnA= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= -github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/matttproud/golang_protobuf_extensions v1.0.2 h1:hAHbPm5IJGijwng3PWk09JkG9WeqChjprR5s9bBZ+OM= github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -298,8 +210,6 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= -github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo/v2 v2.8.1 h1:xFTEVwOFa1D/Ty24Ws1npBWkDYEV9BqZrsDxVrVkrrU= github.com/onsi/ginkgo/v2 v2.8.1/go.mod h1:N1/NbDngAFcSLdyZ+/aYTYGSlq9qMCS/cNKGJjy+csc= github.com/onsi/gomega v1.27.1 h1:rfztXRbg6nv/5f+Raen9RcGoSecHIFgBBLQK3Wdj754= @@ -317,14 +227,11 @@ github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5Fsn github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.13.0 h1:b71QUfeo5M8gq2+evJdTPfZhYMAU0uKPkyPJ7TPsloU= -github.com/prometheus/client_golang v1.13.0/go.mod h1:vTeo+zgvILHsnnj/39Ou/1fPN5nJFOEMgftOUOmlvYQ= github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= @@ -341,19 +248,17 @@ github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -361,8 +266,9 @@ github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= @@ -373,21 +279,17 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= -go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= -go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= +go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8= go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak= @@ -399,10 +301,6 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0 h1:a5Yg6ylndHHYJqIPrdq0AhvR6KTvDTAvgBtaidhEevY= -golang.org/x/crypto v0.0.0-20220919173607-35f4265a4bc0/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -425,8 +323,6 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs= golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= -golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= @@ -435,9 +331,6 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= @@ -446,17 +339,7 @@ golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 h1:OSnWWcOd/CtWQC2cYSBgbTSJv3ciqd8r54ySIW2y3RE= golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= @@ -470,7 +353,6 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -494,7 +376,6 @@ golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -503,31 +384,11 @@ golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= @@ -540,17 +401,12 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 h1:ftMN5LMiBFjbzleLqtoBZk7KdJwhuybIU+FckUHgoyQ= -golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -595,18 +451,7 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= -golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= -golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= -golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -630,23 +475,6 @@ google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0M google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE= google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM= google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc= -google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg= -google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE= -google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= -google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= -google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= -google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= -google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= -google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= -google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= -google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= -google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= -google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= -google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= -google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo= -google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g= -google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -678,48 +506,13 @@ google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= -google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= -google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= -google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= -google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= -google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= -google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= -google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= -google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= -google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= -google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -732,22 +525,6 @@ google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKa google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= -google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= -google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8= -google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= -google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= -google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= -google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= -google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -760,7 +537,6 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= @@ -772,10 +548,8 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -794,46 +568,29 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.25.4 h1:3YO8J4RtmG7elEgaWMb4HgmpS2CfY1QlaOz9nwB+ZSs= -k8s.io/api v0.25.4/go.mod h1:IG2+RzyPQLllQxnhzD8KQNEu4c4YvyDTpSMztf4A0OQ= k8s.io/api v0.26.1 h1:f+SWYiPd/GsiWwVRz+NbFyCgvv75Pk9NK6dlkZgpCRQ= k8s.io/api v0.26.1/go.mod h1:xd/GBNgR0f707+ATNyPmQ1oyKSgndzXij81FzWGsejg= -k8s.io/apiextensions-apiserver v0.25.1 h1:HEIKlxj6oHaDwHgotEIX/Ld5K/RGuOFwN/TWMiQ5s5s= -k8s.io/apiextensions-apiserver v0.25.1/go.mod h1:67sgnMs2yIO2iV4DpCdS91vlP+pdnVIsG/mz60qRn44= k8s.io/apiextensions-apiserver v0.26.1 h1:cB8h1SRk6e/+i3NOrQgSFij1B2S0Y0wDoNl66bn8RMI= k8s.io/apiextensions-apiserver v0.26.1/go.mod h1:AptjOSXDGuE0JICx/Em15PaoO7buLwTs0dGleIHixSM= -k8s.io/apimachinery v0.25.4 h1:CtXsuaitMESSu339tfhVXhQrPET+EiWnIY1rcurKnAc= -k8s.io/apimachinery v0.25.4/go.mod h1:jaF9C/iPNM1FuLl7Zuy5b9v+n35HGSh6AQ4HYRkCqwo= k8s.io/apimachinery v0.26.1 h1:8EZ/eGJL+hY/MYCNwhmDzVqq2lPl3N3Bo8rvweJwXUQ= k8s.io/apimachinery v0.26.1/go.mod h1:tnPmbONNJ7ByJNz9+n9kMjNP8ON+1qoAIIC70lztu74= -k8s.io/client-go v0.25.4 h1:3RNRDffAkNU56M/a7gUfXaEzdhZlYhoW8dgViGy5fn8= -k8s.io/client-go v0.25.4/go.mod h1:8trHCAC83XKY0wsBIpbirZU4NTUpbuhc2JnI7OruGZw= k8s.io/client-go v0.26.1 h1:87CXzYJnAMGaa/IDDfRdhTzxk/wzGZ+/HUQpqgVSZXU= k8s.io/client-go v0.26.1/go.mod h1:IWNSglg+rQ3OcvDkhY6+QLeasV4OYHDjdqeWkDQZwGE= -k8s.io/component-base v0.25.1 h1:Wmj33QwddVwsJFJWmXlf24Nu8do2bGHLabXHrKz7Org= -k8s.io/component-base v0.25.1/go.mod h1:j78+TFdsKM8RXHfM88oeAdZu2v9qMZdQZOfg0LGW+q4= k8s.io/component-base v0.26.1 h1:4ahudpeQXHZL5kko+iDHqLj/FSGAEUnSVO0EBbgDd+4= k8s.io/component-base v0.26.1/go.mod h1:VHrLR0b58oC035w6YQiBSbtsf0ThuSwXP+p5dD/kAWU= -k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= -k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ= -k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20220803164354-a70c9af30aea h1:3QOH5+2fGsY8e1qf+GIFpg+zw/JGNrgyZRQR7/m6uWg= -k8s.io/kube-openapi v0.0.0-20220803164354-a70c9af30aea/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E= k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= -k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4= -k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y= k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/controller-runtime v0.13.1 h1:tUsRCSJVM1QQOOeViGeX3GMT3dQF1eePPw6sEE3xSlg= -sigs.k8s.io/controller-runtime v0.13.1/go.mod h1:Zbz+el8Yg31jubvAEyglRZGdLAjplZl+PgtYNI6WNTI= sigs.k8s.io/controller-runtime v0.14.5 h1:6xaWFqzT5KuAQ9ufgUaj1G/+C4Y1GRkhrxl+BJ9i+5s= sigs.k8s.io/controller-runtime v0.14.5/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0= +sigs.k8s.io/gateway-api v0.6.1 h1:d/nIkhtbU0zVoFsriKi8lXwBYKNopz3EGeSwDqxeTRs= +sigs.k8s.io/gateway-api v0.6.1/go.mod h1:EYJT+jlPWTeNskjV0JTki/03WX1cyAnBhwBJfYHpV/0= sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= diff --git a/main.go b/main.go index f4d7f7d5d..e4bba09eb 100644 --- a/main.go +++ b/main.go @@ -25,9 +25,15 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" + corev1alpha1 "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" + corev1alpha2 "github.com/open-feature/open-feature-operator/apis/core/v1alpha2" + corev1alpha3 "github.com/open-feature/open-feature-operator/apis/core/v1alpha3" + "github.com/open-feature/open-feature-operator/controllers" + webhooks "github.com/open-feature/open-feature-operator/webhooks" // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. "go.uber.org/zap/zapcore" + appsV1 "k8s.io/api/apps/v1" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" @@ -36,13 +42,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" "sigs.k8s.io/controller-runtime/pkg/webhook" - - corev1alpha1 "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" - corev1alpha2 "github.com/open-feature/open-feature-operator/apis/core/v1alpha2" - corev1alpha3 "github.com/open-feature/open-feature-operator/apis/core/v1alpha3" - "github.com/open-feature/open-feature-operator/controllers" - webhooks "github.com/open-feature/open-feature-operator/webhooks" - appsV1 "k8s.io/api/apps/v1" + gatewayv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" //+kubebuilder:scaffold:imports ) @@ -83,6 +83,7 @@ func init() { utilruntime.Must(corev1alpha2.AddToScheme(scheme)) utilruntime.Must(corev1alpha3.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme + utilruntime.Must(gatewayv1beta1.AddToScheme(scheme)) } func main() { @@ -234,6 +235,13 @@ func main() { os.Exit(1) } + if err = (&controllers.ClientSideConfigurationReconciler{ + Client: mgr.GetClient(), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "ClientSideConfiguration") + os.Exit(1) + } //+kubebuilder:scaffold:builder hookServer := mgr.GetWebhookServer() podMutator := &webhooks.PodMutator{ diff --git a/test/e2e/kind-cluster.yml b/test/e2e/kind-cluster.yml index 990c5273c..5328286e4 100644 --- a/test/e2e/kind-cluster.yml +++ b/test/e2e/kind-cluster.yml @@ -2,11 +2,4 @@ apiVersion: kind.x-k8s.io/v1alpha4 kind: Cluster nodes: - role: control-plane - extraPortMappings: - - containerPort: 30000 - hostPort: 30000 - listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0" - protocol: tcp # Optional, defaults to tcp - - role: worker - - role: worker - role: worker From 7ef6c2d2e1d5529c4b34417f16c83c7a650c333d Mon Sep 17 00:00:00 2001 From: Skye Gill Date: Tue, 14 Mar 2023 16:35:53 +0000 Subject: [PATCH 2/5] naming change Signed-off-by: Skye Gill --- apis/core/v1alpha1/clientsideconfiguration_types.go | 2 +- .../core.openfeature.dev_clientsideconfigurations.yaml | 8 ++++---- config/samples/dev.yaml | 2 +- controllers/clientsideconfiguration_controller.go | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/apis/core/v1alpha1/clientsideconfiguration_types.go b/apis/core/v1alpha1/clientsideconfiguration_types.go index b09a8f231..0773b7aca 100644 --- a/apis/core/v1alpha1/clientsideconfiguration_types.go +++ b/apis/core/v1alpha1/clientsideconfiguration_types.go @@ -32,7 +32,7 @@ type ClientSideConfigurationSpec struct { GatewayName string `json:"gatewayName"` HTTPRouteHostname string `json:"httpRouteHostname"` HTTPRouteName string `json:"httpRouteName"` - HTTPRoutePort int32 `json:"httpRoutePort"` + GatewayListenerPort int32 `json:"gatewayListenerPort"` FlagSourceConfiguration string `json:"flagSourceConfiguration"` GatewayClassName string `json:"gatewayClassName"` CorsAllowOrigin string `json:"corsAllowOrigin"` diff --git a/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml b/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml index e411ecb4c..9b8a8354d 100644 --- a/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml +++ b/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml @@ -43,25 +43,25 @@ spec: type: string gatewayClassName: type: string + gatewayListenerPort: + format: int32 + type: integer gatewayName: type: string httpRouteHostname: type: string httpRouteName: type: string - httpRoutePort: - format: int32 - type: integer serviceAccountName: type: string required: - corsAllowOrigin - flagSourceConfiguration - gatewayClassName + - gatewayListenerPort - gatewayName - httpRouteHostname - httpRouteName - - httpRoutePort - serviceAccountName type: object status: diff --git a/config/samples/dev.yaml b/config/samples/dev.yaml index 5323c72bf..ef0a2e8c6 100644 --- a/config/samples/dev.yaml +++ b/config/samples/dev.yaml @@ -123,6 +123,6 @@ spec: httpRouteName: clientsidegatewayhttproute httpRouteHostname: flagd.ofoclientapp.com serviceAccountName: default - httpRoutePort: 80 + gatewayListenerPort: 80 corsAllowOrigin: "http://ofoclientapp.com:8080" --- diff --git a/controllers/clientsideconfiguration_controller.go b/controllers/clientsideconfiguration_controller.go index 49add2d35..e7044bf24 100644 --- a/controllers/clientsideconfiguration_controller.go +++ b/controllers/clientsideconfiguration_controller.go @@ -190,7 +190,7 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c Name: clientSideGatewayListenerName, Hostname: &hostname, Protocol: gatewayv1beta1.HTTPProtocolType, - Port: gatewayv1beta1.PortNumber(csconf.Spec.HTTPRoutePort), + Port: gatewayv1beta1.PortNumber(csconf.Spec.GatewayListenerPort), AllowedRoutes: &gatewayv1beta1.AllowedRoutes{ Namespaces: &gatewayv1beta1.RouteNamespaces{ From: &namespacesFromSame, @@ -209,7 +209,7 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c Name: clientSideGatewayListenerName, Hostname: &hostname, Protocol: gatewayv1beta1.HTTPProtocolType, - Port: gatewayv1beta1.PortNumber(csconf.Spec.HTTPRoutePort), + Port: gatewayv1beta1.PortNumber(csconf.Spec.GatewayListenerPort), AllowedRoutes: &gatewayv1beta1.AllowedRoutes{ Namespaces: &gatewayv1beta1.RouteNamespaces{ From: &namespacesFromSame, From d561b58dfa5af4a6ab9a8066891d997c3fcb0a1c Mon Sep 17 00:00:00 2001 From: Skye Gill Date: Wed, 15 Mar 2023 10:36:35 +0000 Subject: [PATCH 3/5] use published image Signed-off-by: Skye Gill --- config/samples/dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/samples/dev.yaml b/config/samples/dev.yaml index ef0a2e8c6..3db19619b 100644 --- a/config/samples/dev.yaml +++ b/config/samples/dev.yaml @@ -63,7 +63,7 @@ spec: spec: serviceAccountName: default containers: - - image: ofo-client-app + - image: ghcr.io/skyerus/ofo-client-app:latest imagePullPolicy: IfNotPresent name: ofoclientapp ports: From ea9cd96f4d461b21ff97c36d2572f1ca270b241f Mon Sep 17 00:00:00 2001 From: Skye Gill Date: Fri, 17 Mar 2023 10:28:01 +0000 Subject: [PATCH 4/5] refactor to share funcs Signed-off-by: Skye Gill --- .../v1alpha1/flagsourceconfiguration_types.go | 4 +- .../clientsideconfiguration_controller.go | 162 ++++-------- controllers/configmap.go | 30 +++ controllers/featureflag.go | 16 ++ controllers/owner.go | 17 ++ controllers/parse.go | 11 + controllers/provider.go | 144 +++++++++++ controllers/role.go | 60 +++++ webhooks/pod_webhook.go | 235 ++---------------- 9 files changed, 344 insertions(+), 335 deletions(-) create mode 100644 controllers/configmap.go create mode 100644 controllers/featureflag.go create mode 100644 controllers/owner.go create mode 100644 controllers/parse.go create mode 100644 controllers/provider.go create mode 100644 controllers/role.go diff --git a/apis/core/v1alpha1/flagsourceconfiguration_types.go b/apis/core/v1alpha1/flagsourceconfiguration_types.go index 01578ec9f..a28cb83ce 100644 --- a/apis/core/v1alpha1/flagsourceconfiguration_types.go +++ b/apis/core/v1alpha1/flagsourceconfiguration_types.go @@ -47,8 +47,8 @@ const ( defaultSocketPath string = "" defaultEvaluator string = "json" defaultImage string = "ghcr.io/open-feature/flagd" - // v0.4.1` is replaced in the `update-flagd` Makefile target - defaultTag string = "v0.4.1" + // INPUT_FLAGD_VERSION` is replaced in the `update-flagd` Makefile target + defaultTag string = "INPUT_FLAGD_VERSION" defaultLogFormat string = "json" defaultProbesEnabled bool = true SyncProviderKubernetes SyncProviderType = "kubernetes" diff --git a/controllers/clientsideconfiguration_controller.go b/controllers/clientsideconfiguration_controller.go index e7044bf24..718512b84 100644 --- a/controllers/clientsideconfiguration_controller.go +++ b/controllers/clientsideconfiguration_controller.go @@ -21,9 +21,9 @@ import ( "fmt" "github.com/go-logr/logr" corev1alpha1 "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" + "github.com/open-feature/open-feature-operator/pkg/utils" appsV1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" - rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -84,6 +84,14 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c return r.finishReconcile(err, false) } ns := csconf.Namespace + csconfOwnerReferences := []metav1.OwnerReference{ + { + Kind: csconf.Kind, + Name: csconf.Name, + UID: csconf.UID, + Controller: utils.FalseVal(), + }, + } // check for existing client side deployment deployment := &appsV1.Deployment{} @@ -138,6 +146,7 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c } else { svc.Name = clientSideServiceName svc.Namespace = ns + svc.OwnerReferences = csconfOwnerReferences svc.Spec.Selector = map[string]string{ "app": clientSideAppName, } @@ -170,70 +179,47 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c } } - // create gateway if it doesn't exist, update if it does + // update existing gateway namespacesFromSame := gatewayv1beta1.NamespacesFromSame hostname := gatewayv1beta1.Hostname(csconf.Spec.HTTPRouteHostname) gateway := &gatewayv1beta1.Gateway{} if err := r.Client.Get( ctx, client.ObjectKey{Namespace: ns, Name: csconf.Spec.GatewayName}, gateway, ); err != nil { - if !errors.IsNotFound(err) { - r.Log.Error(err, - fmt.Sprintf("Failed to get the gateway %s/%s", ns, csconf.Spec.GatewayName)) - return r.finishReconcile(err, false) - } - gateway.Name = csconf.Spec.GatewayName - gateway.Namespace = ns - gateway.Spec.GatewayClassName = gatewayv1beta1.ObjectName(csconf.Spec.GatewayClassName) - gateway.Spec.Listeners = []gatewayv1beta1.Listener{ - { - Name: clientSideGatewayListenerName, - Hostname: &hostname, - Protocol: gatewayv1beta1.HTTPProtocolType, - Port: gatewayv1beta1.PortNumber(csconf.Spec.GatewayListenerPort), - AllowedRoutes: &gatewayv1beta1.AllowedRoutes{ - Namespaces: &gatewayv1beta1.RouteNamespaces{ - From: &namespacesFromSame, - }, - }, - }, - } + r.Log.Error(err, + fmt.Sprintf("Failed to get the gateway %s/%s", ns, csconf.Spec.GatewayName)) + return r.finishReconcile(err, false) + } - if err := r.Client.Create(ctx, gateway); err != nil { - r.Log.Error(err, "Failed to create gateway") - return r.finishReconcile(nil, false) - } - } else { - gateway.Spec.GatewayClassName = gatewayv1beta1.ObjectName(csconf.Spec.GatewayClassName) - listener := gatewayv1beta1.Listener{ - Name: clientSideGatewayListenerName, - Hostname: &hostname, - Protocol: gatewayv1beta1.HTTPProtocolType, - Port: gatewayv1beta1.PortNumber(csconf.Spec.GatewayListenerPort), - AllowedRoutes: &gatewayv1beta1.AllowedRoutes{ - Namespaces: &gatewayv1beta1.RouteNamespaces{ - From: &namespacesFromSame, - }, + gateway.Spec.GatewayClassName = gatewayv1beta1.ObjectName(csconf.Spec.GatewayClassName) + listener := gatewayv1beta1.Listener{ + Name: clientSideGatewayListenerName, + Hostname: &hostname, + Protocol: gatewayv1beta1.HTTPProtocolType, + Port: gatewayv1beta1.PortNumber(csconf.Spec.GatewayListenerPort), + AllowedRoutes: &gatewayv1beta1.AllowedRoutes{ + Namespaces: &gatewayv1beta1.RouteNamespaces{ + From: &namespacesFromSame, }, - } + }, + } - listenerExists := false - for i := 0; i < len(gateway.Spec.Listeners); i++ { - if gateway.Spec.Listeners[i].Name == clientSideGatewayListenerName { - gateway.Spec.Listeners[i] = listener - listenerExists = true - break - } + listenerExists := false + for i := 0; i < len(gateway.Spec.Listeners); i++ { + if gateway.Spec.Listeners[i].Name == clientSideGatewayListenerName { + gateway.Spec.Listeners[i] = listener + listenerExists = true + break } + } - if !listenerExists { - gateway.Spec.Listeners = append(gateway.Spec.Listeners, listener) - } + if !listenerExists { + gateway.Spec.Listeners = append(gateway.Spec.Listeners, listener) + } - if err := r.Client.Update(ctx, gateway); err != nil { - r.Log.Error(err, "Failed to update gateway") - return r.finishReconcile(nil, false) - } + if err := r.Client.Update(ctx, gateway); err != nil { + r.Log.Error(err, "Failed to update gateway") + return r.finishReconcile(nil, false) } // create gateway http route if it doesn't exist @@ -251,6 +237,7 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c } else { httpRoute.Name = csconf.Spec.HTTPRouteName httpRoute.Namespace = ns + httpRoute.OwnerReferences = csconfOwnerReferences httpRoute.Spec.ParentRefs = []gatewayv1beta1.ParentReference{ { Name: gatewayv1beta1.ObjectName(csconf.Spec.GatewayName), @@ -300,22 +287,14 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c // TODO resource limits } - for _, source := range fsConfigSpec.Sources { - if source.Provider == "" { - source.Provider = fsConfigSpec.DefaultSyncProvider - } - switch { - case source.Provider.IsKubernetes(): - if err := r.handleKubernetesProvider(ctx, ns, csconf.Spec.ServiceAccountName, &flagdContainer, source); err != nil { - r.Log.Error(err, "Failed to handle kubernetes provider") - return r.finishReconcile(nil, false) - } - default: - r.Log.Error(fmt.Errorf("%s", source.Provider), "Unsupported source") - return r.finishReconcile(nil, false) - } + if err := HandleSourcesProviders(ctx, r.Log, r.Client, fsConfigSpec, ns, csconf.Spec.ServiceAccountName, + csconfOwnerReferences, &deployment.Spec.Template.Spec, deployment.Spec.Template.ObjectMeta, &flagdContainer, + ); err != nil { + r.Log.Error(err, "handle source providers") + return r.finishReconcile(nil, false) } + deployment.OwnerReferences = csconfOwnerReferences deployment.Spec.Template.Spec.ServiceAccountName = csconf.Spec.ServiceAccountName labels := map[string]string{ "app": clientSideAppName, @@ -333,53 +312,6 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c return r.finishReconcile(nil, false) } -func (r *ClientSideConfigurationReconciler) enableClusterRoleBinding(ctx context.Context, namespace, serviceAccountName string) error { - serviceAccount := client.ObjectKey{ - Name: serviceAccountName, - Namespace: namespace, - } - if serviceAccountName == "" { - serviceAccount.Name = "default" - } - // Check if the service account exists - r.Log.V(1).Info(fmt.Sprintf("Fetching serviceAccount: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) - sa := corev1.ServiceAccount{} - if err := r.Client.Get(ctx, serviceAccount, &sa); err != nil { - r.Log.V(1).Info(fmt.Sprintf("ServiceAccount not found: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) - return err - } - r.Log.V(1).Info(fmt.Sprintf("Fetching clusterrolebinding: %s", clusterRoleBindingName)) - // Fetch service account if it exists - crb := rbacv1.ClusterRoleBinding{} - if err := r.Client.Get(ctx, client.ObjectKey{Name: clusterRoleBindingName}, &crb); errors.IsNotFound(err) { - r.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding not found: %s", clusterRoleBindingName)) - return err - } - found := false - for _, subject := range crb.Subjects { - if subject.Kind == "ServiceAccount" && subject.Name == serviceAccount.Name && subject.Namespace == serviceAccount.Namespace { - r.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding already exists for service account: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) - found = true - } - } - if !found { - r.Log.V(1).Info(fmt.Sprintf("Updating ClusterRoleBinding %s for service account: %s/%s", crb.Name, - serviceAccount.Namespace, serviceAccount.Name)) - crb.Subjects = append(crb.Subjects, rbacv1.Subject{ - Kind: "ServiceAccount", - Name: serviceAccount.Name, - Namespace: serviceAccount.Namespace, - }) - if err := r.Client.Update(ctx, &crb); err != nil { - r.Log.V(1).Info(fmt.Sprintf("Failed to update ClusterRoleBinding: %s", err.Error())) - return err - } - } - r.Log.V(1).Info(fmt.Sprintf("Updated ClusterRoleBinding: %s", crb.Name)) - - return nil -} - func (r *ClientSideConfigurationReconciler) handleKubernetesProvider(ctx context.Context, namespace, serviceAccountName string, container *corev1.Container, source corev1alpha1.Source) error { ns, n := parseAnnotation(source.Source, namespace) // ensure that the FeatureFlagConfiguration exists @@ -387,7 +319,7 @@ func (r *ClientSideConfigurationReconciler) handleKubernetesProvider(ctx context if ff.Name == "" { return fmt.Errorf("feature flag configuration %s/%s not found", ns, n) } - if err := r.enableClusterRoleBinding(ctx, namespace, serviceAccountName); err != nil { + if err := EnableClusterRoleBinding(ctx, r.Log, r.Client, namespace, serviceAccountName); err != nil { return fmt.Errorf("enableClusterRoleBinding: %w", err) } // append args diff --git a/controllers/configmap.go b/controllers/configmap.go new file mode 100644 index 000000000..7cfcdf1c3 --- /dev/null +++ b/controllers/configmap.go @@ -0,0 +1,30 @@ +package controllers + +import ( + "context" + "fmt" + "github.com/go-logr/logr" + "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" + "github.com/open-feature/open-feature-operator/pkg/utils" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +func CreateConfigMap( + ctx context.Context, log logr.Logger, c client.Client, namespace string, name string, ownerReferences []metav1.OwnerReference, +) error { + log.V(1).Info(fmt.Sprintf("Creating configmap %s", name)) + references := []metav1.OwnerReference{ + ownerReferences[0], + } + references[0].Controller = utils.FalseVal() + ff := FeatureFlag(ctx, c, namespace, name) + if ff.Name == "" { + return fmt.Errorf("feature flag configuration %s/%s not found", namespace, name) + } + references = append(references, v1alpha1.GetFfReference(&ff)) + + cm := v1alpha1.GenerateFfConfigMap(name, namespace, references, ff.Spec) + + return c.Create(ctx, &cm) +} diff --git a/controllers/featureflag.go b/controllers/featureflag.go new file mode 100644 index 000000000..5bbb68cec --- /dev/null +++ b/controllers/featureflag.go @@ -0,0 +1,16 @@ +package controllers + +import ( + "context" + "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +func FeatureFlag(ctx context.Context, c client.Client, namespace string, name string) v1alpha1.FeatureFlagConfiguration { + ffConfig := v1alpha1.FeatureFlagConfiguration{} + if err := c.Get(ctx, client.ObjectKey{Name: name, Namespace: namespace}, &ffConfig); errors.IsNotFound(err) { + return v1alpha1.FeatureFlagConfiguration{} + } + return ffConfig +} diff --git a/controllers/owner.go b/controllers/owner.go new file mode 100644 index 000000000..15c5e1943 --- /dev/null +++ b/controllers/owner.go @@ -0,0 +1,17 @@ +package controllers + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// SharedOwnership returns true if any of the owner references match in the given slices +func SharedOwnership(ownerReferences1, ownerReferences2 []metav1.OwnerReference) bool { + for _, owner1 := range ownerReferences1 { + for _, owner2 := range ownerReferences2 { + if owner1.UID == owner2.UID { + return true + } + } + } + return false +} diff --git a/controllers/parse.go b/controllers/parse.go new file mode 100644 index 000000000..c9d141725 --- /dev/null +++ b/controllers/parse.go @@ -0,0 +1,11 @@ +package controllers + +import "strings" + +func ParseAnnotation(s string, defaultNs string) (string, string) { + ss := strings.Split(s, "/") + if len(ss) == 2 { + return ss[0], ss[1] + } + return defaultNs, s +} diff --git a/controllers/provider.go b/controllers/provider.go new file mode 100644 index 000000000..5fd6df09e --- /dev/null +++ b/controllers/provider.go @@ -0,0 +1,144 @@ +package controllers + +import ( + "context" + "fmt" + "github.com/go-logr/logr" + "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" + "github.com/open-feature/open-feature-operator/pkg/utils" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +const ( + rootFileSyncMountPath string = "/etc/flagd" + AllowKubernetesSyncAnnotation = "allowkubernetessync" + OpenFeatureAnnotationPrefix = "openfeature.dev" +) + +func HandleSourcesProviders( + ctx context.Context, log logr.Logger, c client.Client, flagSourceConfig *v1alpha1.FlagSourceConfigurationSpec, ns, serviceAccountName string, + ownerReferences []metav1.OwnerReference, podSpec *corev1.PodSpec, meta metav1.ObjectMeta, sidecar *corev1.Container, +) error { + for _, source := range flagSourceConfig.Sources { + if source.Provider == "" { + source.Provider = flagSourceConfig.DefaultSyncProvider + } + switch { + case source.Provider.IsFilepath(): + if err := handleFilepathProvider(ctx, log, c, ns, ownerReferences, podSpec, sidecar, source); err != nil { + return fmt.Errorf("handleFilepathProvider: %w", err) + } + case source.Provider.IsKubernetes(): + if err := handleKubernetesProvider(ctx, log, c, ns, serviceAccountName, meta, sidecar, source); err != nil { + return fmt.Errorf("handleKubernetesProvider: %w", err) + } + case source.Provider.IsHttp(): + handleHttpProvider(sidecar, source) + default: + return fmt.Errorf("unrecognized sync provider in config: %s", source.Provider) + } + } + + return nil +} + +func handleFilepathProvider( + ctx context.Context, log logr.Logger, c client.Client, ns string, ownerReferences []metav1.OwnerReference, + podSpec *corev1.PodSpec, sidecar *corev1.Container, source v1alpha1.Source, +) error { + // create config map + ns, n := ParseAnnotation(source.Source, ns) + cm := corev1.ConfigMap{} + if err := c.Get(ctx, client.ObjectKey{Name: n, Namespace: ns}, &cm); errors.IsNotFound(err) { + err := CreateConfigMap(ctx, log, c, ns, n, ownerReferences) + if err != nil { + log.Error(err, "create config map %s") + return err + } + } + + // Add reference of the owner + if !SharedOwnership(ownerReferences, cm.OwnerReferences) { + reference := ownerReferences[0] + reference.Controller = utils.FalseVal() + cm.OwnerReferences = append(cm.OwnerReferences, reference) + err := c.Update(ctx, &cm) + if err != nil { + log.Error(err, "update owner reference for %s") + } + } + // mount configmap + podSpec.Volumes = append(podSpec.Volumes, corev1.Volume{ + Name: n, + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: n, + }, + }, + }, + }) + mountPath := fmt.Sprintf("%s/%s", rootFileSyncMountPath, v1alpha1.FeatureFlagConfigurationId(ns, n)) + sidecar.VolumeMounts = append(sidecar.VolumeMounts, corev1.VolumeMount{ + Name: n, + // create a directory mount per featureFlag spec + // file mounts will not work + MountPath: mountPath, + }) + sidecar.Args = append( + sidecar.Args, + "--uri", + fmt.Sprintf("file:%s/%s", + mountPath, + v1alpha1.FeatureFlagConfigurationConfigMapKey(ns, n), + ), + ) + return nil +} + +func handleKubernetesProvider( + ctx context.Context, log logr.Logger, c client.Client, ns, serviceAccountName string, meta metav1.ObjectMeta, sidecar *corev1.Container, source v1alpha1.Source, +) error { + ns, n := ParseAnnotation(source.Source, ns) + // ensure that the FeatureFlagConfiguration exists + ff := FeatureFlag(ctx, c, ns, n) + if ff.Name == "" { + return fmt.Errorf("feature flag configuration %s/%s not found", ns, n) + } + // add permissions to pod + if err := EnableClusterRoleBinding(ctx, log, c, ns, serviceAccountName); err != nil { + return err + } + // mark with annotation (required to backfill permissions if they are dropped) + meta.Annotations[fmt.Sprintf("%s/%s", OpenFeatureAnnotationPrefix, AllowKubernetesSyncAnnotation)] = "true" + // append args + sidecar.Args = append( + sidecar.Args, + "--uri", + fmt.Sprintf( + "core.openfeature.dev/%s/%s", + ns, + n, + ), + ) + return nil +} + +func handleHttpProvider(sidecar *corev1.Container, source v1alpha1.Source) { + // append args + sidecar.Args = append( + sidecar.Args, + "--uri", + source.Source, + ) + if source.HttpSyncBearerToken != "" { + sidecar.Args = append( + sidecar.Args, + "--bearer-token", + source.HttpSyncBearerToken, + ) + } +} diff --git a/controllers/role.go b/controllers/role.go new file mode 100644 index 000000000..4f5e0d6d2 --- /dev/null +++ b/controllers/role.go @@ -0,0 +1,60 @@ +package controllers + +import ( + "context" + "fmt" + "github.com/go-logr/logr" + corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" + "k8s.io/apimachinery/pkg/api/errors" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +// EnableClusterRoleBinding enables the open-feature-operator-flagd-kubernetes-sync cluster role binding for the given +// service account under the given namespace (required for kubernetes sync provider) +func EnableClusterRoleBinding(ctx context.Context, log logr.Logger, c client.Client, namespace, serviceAccountName string) error { + serviceAccount := client.ObjectKey{ + Name: serviceAccountName, + Namespace: namespace, + } + if serviceAccountName == "" { + serviceAccount.Name = "default" + } + // Check if the service account exists + log.V(1).Info(fmt.Sprintf("Fetching serviceAccount: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) + sa := corev1.ServiceAccount{} + if err := c.Get(ctx, serviceAccount, &sa); err != nil { + log.V(1).Info(fmt.Sprintf("ServiceAccount not found: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) + return err + } + log.V(1).Info(fmt.Sprintf("Fetching clusterrolebinding: %s", clusterRoleBindingName)) + // Fetch service account if it exists + crb := rbacv1.ClusterRoleBinding{} + if err := c.Get(ctx, client.ObjectKey{Name: clusterRoleBindingName}, &crb); errors.IsNotFound(err) { + log.V(1).Info(fmt.Sprintf("ClusterRoleBinding not found: %s", clusterRoleBindingName)) + return err + } + found := false + for _, subject := range crb.Subjects { + if subject.Kind == "ServiceAccount" && subject.Name == serviceAccount.Name && subject.Namespace == serviceAccount.Namespace { + log.V(1).Info(fmt.Sprintf("ClusterRoleBinding already exists for service account: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) + found = true + } + } + if !found { + log.V(1).Info(fmt.Sprintf("Updating ClusterRoleBinding %s for service account: %s/%s", crb.Name, + serviceAccount.Namespace, serviceAccount.Name)) + crb.Subjects = append(crb.Subjects, rbacv1.Subject{ + Kind: "ServiceAccount", + Name: serviceAccount.Name, + Namespace: serviceAccount.Namespace, + }) + if err := c.Update(ctx, &crb); err != nil { + log.V(1).Info(fmt.Sprintf("Failed to update ClusterRoleBinding: %s", err.Error())) + return err + } + } + log.V(1).Info(fmt.Sprintf("Updated ClusterRoleBinding: %s", crb.Name)) + + return nil +} diff --git a/webhooks/pod_webhook.go b/webhooks/pod_webhook.go index c9d30d8cc..5c5a5a641 100644 --- a/webhooks/pod_webhook.go +++ b/webhooks/pod_webhook.go @@ -4,7 +4,6 @@ import ( "context" "encoding/json" "fmt" - "k8s.io/apimachinery/pkg/util/intstr" "net/http" "reflect" "strings" @@ -12,13 +11,13 @@ import ( goErr "errors" + "github.com/open-feature/open-feature-operator/controllers" + "k8s.io/apimachinery/pkg/util/intstr" "github.com/go-logr/logr" "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" "github.com/open-feature/open-feature-operator/pkg/utils" corev1 "k8s.io/api/core/v1" - v1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/cache" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" @@ -31,8 +30,6 @@ const ( flagdMetricPortEnvVar string = "FLAGD_METRICS_PORT" rootFileSyncMountPath string = "/etc/flagd" OpenFeatureAnnotationPath = "metadata.annotations.openfeature.dev/openfeature.dev" - OpenFeatureAnnotationPrefix = "openfeature.dev" - AllowKubernetesSyncAnnotation = "allowkubernetessync" FlagSourceConfigurationAnnotation = "flagsourceconfiguration" FeatureFlagConfigurationAnnotation = "featureflagconfiguration" EnabledAnnotation = "enabled" @@ -81,7 +78,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio // Check enablement enabled := false - val, ok := pod.GetAnnotations()[OpenFeatureAnnotationPrefix] + val, ok := pod.GetAnnotations()[controllers.OpenFeatureAnnotationPrefix] if ok { m.Log.V(1).Info("DEPRECATED: The openfeature.dev annotation has been superseded by the openfeature.dev/enabled annotation. " + "Docs: https://github.com/open-feature/open-feature-operator/blob/main/docs/annotations.md") @@ -89,7 +86,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio enabled = true } } - val, ok = pod.GetAnnotations()[fmt.Sprintf("%s/%s", OpenFeatureAnnotationPrefix, EnabledAnnotation)] + val, ok = pod.GetAnnotations()[fmt.Sprintf("%s/%s", controllers.OpenFeatureAnnotationPrefix, EnabledAnnotation)] if ok { if val == "true" { enabled = true @@ -103,7 +100,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio // Check configuration fscNames := []string{} - val, ok = pod.GetAnnotations()[fmt.Sprintf("%s/%s", OpenFeatureAnnotationPrefix, FlagSourceConfigurationAnnotation)] + val, ok = pod.GetAnnotations()[fmt.Sprintf("%s/%s", controllers.OpenFeatureAnnotationPrefix, FlagSourceConfigurationAnnotation)] if ok { fscNames = parseList(val) } @@ -113,7 +110,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio } // Check for the correct clusterrolebinding for the pod - if err := m.enableClusterRoleBinding(ctx, pod); err != nil { + if err := controllers.EnableClusterRoleBinding(ctx, m.Log, m.Client, pod.Namespace, pod.Spec.ServiceAccountName); err != nil { return admission.Denied(err.Error()) } @@ -125,7 +122,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio } for _, fscName := range fscNames { - ns, name := parseAnnotation(fscName, req.Namespace) + ns, name := controllers.ParseAnnotation(fscName, req.Namespace) if err != nil { m.Log.V(1).Info(fmt.Sprintf("failed to parse annotation %s error: %s", fscName, err.Error())) return admission.Errored(http.StatusBadRequest, err) @@ -139,7 +136,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio } // maintain backwards compatibility of the openfeature.dev/featureflagconfiguration annotation - ffConfigAnnotation, ffConfigAnnotationOk := pod.GetAnnotations()[fmt.Sprintf("%s/%s", OpenFeatureAnnotationPrefix, FeatureFlagConfigurationAnnotation)] + ffConfigAnnotation, ffConfigAnnotationOk := pod.GetAnnotations()[fmt.Sprintf("%s/%s", controllers.OpenFeatureAnnotationPrefix, FeatureFlagConfigurationAnnotation)] if ffConfigAnnotationOk { m.Log.V(1).Info("DEPRECATED: The openfeature.dev/featureflagconfiguration annotation has been superseded by the openfeature.dev/flagsourceconfiguration annotation. " + "Docs: https://github.com/open-feature/open-feature-operator/blob/main/docs/annotations.md") @@ -188,24 +185,10 @@ func (m *PodMutator) injectSidecar( sidecar.ReadinessProbe = buildProbe(ProbeReadiness, int(flagSourceConfig.MetricsPort)) } - for _, source := range flagSourceConfig.Sources { - if source.Provider == "" { - source.Provider = flagSourceConfig.DefaultSyncProvider - } - switch { - case source.Provider.IsFilepath(): - if err := m.handleFilepathProvider(ctx, pod, &sidecar, source); err != nil { - return nil, err - } - case source.Provider.IsKubernetes(): - if err := m.handleKubernetesProvider(ctx, pod, &sidecar, source); err != nil { - return nil, err - } - case source.Provider.IsHttp(): - m.handleHttpProvider(&sidecar, source) - default: - return nil, fmt.Errorf("unrecognized sync provider in config: %s", source.Provider) - } + if err := controllers.HandleSourcesProviders(ctx, m.Log, m.Client, flagSourceConfig, pod.Namespace, + pod.Spec.ServiceAccountName, pod.OwnerReferences, &pod.Spec, pod.ObjectMeta, &sidecar, + ); err != nil { + return nil, err } sidecar.Env = append(sidecar.Env, flagSourceConfig.ToEnvVars()...) @@ -230,109 +213,16 @@ func (m *PodMutator) injectSidecar( return json.Marshal(pod) } -func (m *PodMutator) handleHttpProvider(sidecar *corev1.Container, source v1alpha1.Source) { - // append args - sidecar.Args = append( - sidecar.Args, - "--uri", - source.Source, - ) - if source.HttpSyncBearerToken != "" { - sidecar.Args = append( - sidecar.Args, - "--bearer-token", - source.HttpSyncBearerToken, - ) - } -} - -func (m *PodMutator) handleKubernetesProvider(ctx context.Context, pod *corev1.Pod, sidecar *corev1.Container, source v1alpha1.Source) error { - ns, n := parseAnnotation(source.Source, pod.Namespace) - // ensure that the FeatureFlagConfiguration exists - ff := m.getFeatureFlag(ctx, ns, n) - if ff.Name == "" { - return fmt.Errorf("feature flag configuration %s/%s not found", ns, n) - } - // add permissions to pod - if err := m.enableClusterRoleBinding(ctx, pod); err != nil { - return err - } - // mark pod with annotation (required to backfill permissions if they are dropped) - pod.Annotations[fmt.Sprintf("%s/%s", OpenFeatureAnnotationPrefix, AllowKubernetesSyncAnnotation)] = "true" - // append args - sidecar.Args = append( - sidecar.Args, - "--uri", - fmt.Sprintf( - "core.openfeature.dev/%s/%s", - ns, - n, - ), - ) - return nil -} - -func (m *PodMutator) handleFilepathProvider(ctx context.Context, pod *corev1.Pod, sidecar *corev1.Container, source v1alpha1.Source) error { - // create config map - ns, n := parseAnnotation(source.Source, pod.Namespace) - cm := corev1.ConfigMap{} - if err := m.Client.Get(ctx, client.ObjectKey{Name: n, Namespace: ns}, &cm); errors.IsNotFound(err) { - err := m.createConfigMap(ctx, ns, n, pod) - if err != nil { - m.Log.V(1).Info(fmt.Sprintf("failed to create config map %s error: %s", n, err.Error())) - return err - } - } - - // Add owner reference of the pod's owner - if !podOwnerIsOwner(pod, cm) { - reference := pod.OwnerReferences[0] - reference.Controller = utils.FalseVal() - cm.OwnerReferences = append(cm.OwnerReferences, reference) - err := m.Client.Update(ctx, &cm) - if err != nil { - m.Log.V(1).Info(fmt.Sprintf("failed to update owner reference for %s error: %s", n, err.Error())) - } - } - // mount configmap - pod.Spec.Volumes = append(pod.Spec.Volumes, corev1.Volume{ - Name: n, - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: n, - }, - }, - }, - }) - mountPath := fmt.Sprintf("%s/%s", rootFileSyncMountPath, v1alpha1.FeatureFlagConfigurationId(ns, n)) - sidecar.VolumeMounts = append(sidecar.VolumeMounts, corev1.VolumeMount{ - Name: n, - // create a directory mount per featureFlag spec - // file mounts will not work - MountPath: mountPath, - }) - sidecar.Args = append( - sidecar.Args, - "--uri", - fmt.Sprintf("file:%s/%s", - mountPath, - v1alpha1.FeatureFlagConfigurationConfigMapKey(ns, n), - ), - ) - return nil -} - // BackfillPermissions recovers the state of the flagd-kubernetes-sync role binding in the event of upgrade func (m *PodMutator) BackfillPermissions(ctx context.Context) error { defer func() { m.ready = true }() for i := 0; i < 5; i++ { - // fetch all pods with the fmt.Sprintf("%s/%s", OpenFeatureAnnotationPrefix, EnabledAnnotation) annotation set to "true" + // fetch all pods with the fmt.Sprintf("%s/%s", controllers.OpenFeatureAnnotationPrefix, EnabledAnnotation) annotation set to "true" podList := &corev1.PodList{} err := m.Client.List(ctx, podList, client.MatchingFields{ - fmt.Sprintf("%s/%s", OpenFeatureAnnotationPath, AllowKubernetesSyncAnnotation): "true", + fmt.Sprintf("%s/%s", OpenFeatureAnnotationPath, controllers.AllowKubernetesSyncAnnotation): "true", }) if err != nil { if !goErr.Is(err, &cache.ErrCacheNotStarted{}) { @@ -345,12 +235,12 @@ func (m *PodMutator) BackfillPermissions(ctx context.Context) error { // add each new service account to the flagd-kubernetes-sync role binding for _, pod := range podList.Items { m.Log.V(1).Info(fmt.Sprintf("backfilling permissions for pod %s/%s", pod.Namespace, pod.Name)) - if err := m.enableClusterRoleBinding(ctx, &pod); err != nil { + if err := controllers.EnableClusterRoleBinding(ctx, m.Log, m.Client, pod.Namespace, pod.Spec.ServiceAccountName); err != nil { m.Log.Error( err, fmt.Sprintf("unable backfill permissions for pod %s/%s", pod.Namespace, pod.Name), "webhook", - fmt.Sprintf("%s/%s", OpenFeatureAnnotationPath, AllowKubernetesSyncAnnotation), + fmt.Sprintf("%s/%s", OpenFeatureAnnotationPath, controllers.AllowKubernetesSyncAnnotation), ) } } @@ -368,14 +258,6 @@ func parseList(s string) []string { return out } -func parseAnnotation(s string, defaultNs string) (string, string) { - ss := strings.Split(s, "/") - if len(ss) == 2 { - return ss[0], ss[1] - } - return defaultNs, s -} - // PodMutator implements admission.DecoderInjector. // A decoder will be automatically injected. @@ -385,89 +267,6 @@ func (m *PodMutator) InjectDecoder(d *admission.Decoder) error { return nil } -func podOwnerIsOwner(pod *corev1.Pod, cm corev1.ConfigMap) bool { - for _, cmOwner := range cm.OwnerReferences { - for _, podOwner := range pod.OwnerReferences { - if cmOwner.UID == podOwner.UID { - return true - } - } - } - return false -} - -func (m *PodMutator) enableClusterRoleBinding(ctx context.Context, pod *corev1.Pod) error { - serviceAccount := client.ObjectKey{ - Name: pod.Spec.ServiceAccountName, - Namespace: pod.Namespace, - } - if pod.Spec.ServiceAccountName == "" { - serviceAccount.Name = "default" - } - // Check if the service account exists - m.Log.V(1).Info(fmt.Sprintf("Fetching serviceAccount: %s/%s", pod.Namespace, pod.Spec.ServiceAccountName)) - sa := corev1.ServiceAccount{} - if err := m.Client.Get(ctx, serviceAccount, &sa); err != nil { - m.Log.V(1).Info(fmt.Sprintf("ServiceAccount not found: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) - return err - } - m.Log.V(1).Info(fmt.Sprintf("Fetching clusterrolebinding: %s", clusterRoleBindingName)) - // Fetch service account if it exists - crb := v1.ClusterRoleBinding{} - if err := m.Client.Get(ctx, client.ObjectKey{Name: clusterRoleBindingName}, &crb); errors.IsNotFound(err) { - m.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding not found: %s", clusterRoleBindingName)) - return err - } - found := false - for _, subject := range crb.Subjects { - if subject.Kind == "ServiceAccount" && subject.Name == serviceAccount.Name && subject.Namespace == serviceAccount.Namespace { - m.Log.V(1).Info(fmt.Sprintf("ClusterRoleBinding already exists for service account: %s/%s", serviceAccount.Namespace, serviceAccount.Name)) - found = true - } - } - if !found { - m.Log.V(1).Info(fmt.Sprintf("Updating ClusterRoleBinding %s for service account: %s/%s", crb.Name, - serviceAccount.Namespace, serviceAccount.Name)) - crb.Subjects = append(crb.Subjects, v1.Subject{ - Kind: "ServiceAccount", - Name: serviceAccount.Name, - Namespace: serviceAccount.Namespace, - }) - if err := m.Client.Update(ctx, &crb); err != nil { - m.Log.V(1).Info(fmt.Sprintf("Failed to update ClusterRoleBinding: %s", err.Error())) - return err - } - } - m.Log.V(1).Info(fmt.Sprintf("Updated ClusterRoleBinding: %s", crb.Name)) - - return nil -} - -func (m *PodMutator) createConfigMap(ctx context.Context, namespace string, name string, pod *corev1.Pod) error { - m.Log.V(1).Info(fmt.Sprintf("Creating configmap %s", name)) - references := []metav1.OwnerReference{ - pod.OwnerReferences[0], - } - references[0].Controller = utils.FalseVal() - ff := m.getFeatureFlag(ctx, namespace, name) - if ff.Name == "" { - return fmt.Errorf("feature flag configuration %s/%s not found", namespace, name) - } - references = append(references, v1alpha1.GetFfReference(&ff)) - - cm := v1alpha1.GenerateFfConfigMap(name, namespace, references, ff.Spec) - - return m.Client.Create(ctx, &cm) -} - -func (m *PodMutator) getFeatureFlag(ctx context.Context, namespace string, name string) v1alpha1.FeatureFlagConfiguration { - ffConfig := v1alpha1.FeatureFlagConfiguration{} - if err := m.Client.Get(ctx, client.ObjectKey{Name: name, Namespace: namespace}, &ffConfig); errors.IsNotFound(err) { - return v1alpha1.FeatureFlagConfiguration{} - } - return ffConfig -} - func (m *PodMutator) getFlagSourceConfiguration(ctx context.Context, namespace string, name string) v1alpha1.FlagSourceConfiguration { fcConfig := v1alpha1.FlagSourceConfiguration{} if err := m.Client.Get(ctx, client.ObjectKey{Name: name, Namespace: namespace}, &fcConfig); errors.IsNotFound(err) { @@ -509,7 +308,7 @@ func OpenFeatureEnabledAnnotationIndex(o client.Object) []string { "false", } } - val, ok := pod.ObjectMeta.Annotations[fmt.Sprintf("openfeature.dev/%s", AllowKubernetesSyncAnnotation)] + val, ok := pod.ObjectMeta.Annotations[fmt.Sprintf("openfeature.dev/%s", controllers.AllowKubernetesSyncAnnotation)] if ok && val == "true" { return []string{ "true", From 0b5b289fba9d816c42fdc720a62c348ed7d13119 Mon Sep 17 00:00:00 2001 From: Skye Gill Date: Fri, 17 Mar 2023 13:42:31 +0000 Subject: [PATCH 5/5] refactor fixes Signed-off-by: Skye Gill --- .../v1alpha1/clientsideconfiguration_types.go | 19 +- apis/core/v1alpha1/zz_generated.deepcopy.go | 17 +- ...nfeature.dev_clientsideconfigurations.yaml | 657 ++++++++++++++++++ .../clientsideconfiguration_controller.go | 4 + controllers/provider.go | 3 + main.go | 4 +- webhooks/pod_webhook_deprecated.go | 5 +- 7 files changed, 696 insertions(+), 13 deletions(-) diff --git a/apis/core/v1alpha1/clientsideconfiguration_types.go b/apis/core/v1alpha1/clientsideconfiguration_types.go index 0773b7aca..368377861 100644 --- a/apis/core/v1alpha1/clientsideconfiguration_types.go +++ b/apis/core/v1alpha1/clientsideconfiguration_types.go @@ -18,6 +18,7 @@ package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gatewayv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! @@ -28,14 +29,16 @@ type ClientSideConfigurationSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file - ServiceAccountName string `json:"serviceAccountName"` - GatewayName string `json:"gatewayName"` - HTTPRouteHostname string `json:"httpRouteHostname"` - HTTPRouteName string `json:"httpRouteName"` - GatewayListenerPort int32 `json:"gatewayListenerPort"` - FlagSourceConfiguration string `json:"flagSourceConfiguration"` - GatewayClassName string `json:"gatewayClassName"` - CorsAllowOrigin string `json:"corsAllowOrigin"` + ServiceAccountName string `json:"serviceAccountName"` + GatewayName string `json:"gatewayName"` + HTTPRouteHostname string `json:"httpRouteHostname"` + HTTPRouteName string `json:"httpRouteName"` + HTTPRouteMatches []gatewayv1beta1.HTTPRouteMatch `json:"httpRouteMatches,omitempty"` + HTTPRouteFilters []gatewayv1beta1.HTTPRouteFilter `json:"httpRouteFilters,omitempty"` + GatewayListenerPort int32 `json:"gatewayListenerPort"` + FlagSourceConfiguration string `json:"flagSourceConfiguration"` + GatewayClassName string `json:"gatewayClassName"` + CorsAllowOrigin string `json:"corsAllowOrigin"` } // ClientSideConfigurationStatus defines the observed state of ClientSideConfiguration diff --git a/apis/core/v1alpha1/zz_generated.deepcopy.go b/apis/core/v1alpha1/zz_generated.deepcopy.go index 26fea3058..051f1f40d 100644 --- a/apis/core/v1alpha1/zz_generated.deepcopy.go +++ b/apis/core/v1alpha1/zz_generated.deepcopy.go @@ -24,6 +24,7 @@ package v1alpha1 import ( "k8s.io/api/core/v1" runtime "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/gateway-api/apis/v1beta1" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -31,7 +32,7 @@ func (in *ClientSideConfiguration) DeepCopyInto(out *ClientSideConfiguration) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - out.Spec = in.Spec + in.Spec.DeepCopyInto(&out.Spec) out.Status = in.Status } @@ -88,6 +89,20 @@ func (in *ClientSideConfigurationList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClientSideConfigurationSpec) DeepCopyInto(out *ClientSideConfigurationSpec) { *out = *in + if in.HTTPRouteMatches != nil { + in, out := &in.HTTPRouteMatches, &out.HTTPRouteMatches + *out = make([]v1beta1.HTTPRouteMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.HTTPRouteFilters != nil { + in, out := &in.HTTPRouteFilters, &out.HTTPRouteFilters + *out = make([]v1beta1.HTTPRouteFilter, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSideConfigurationSpec. diff --git a/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml b/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml index 9b8a8354d..0293c9330 100644 --- a/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml +++ b/config/crd/bases/core.openfeature.dev_clientsideconfigurations.yaml @@ -48,8 +48,665 @@ spec: type: integer gatewayName: type: string + httpRouteFilters: + items: + description: HTTPRouteFilter defines processing steps that must + be completed during the request or response lifecycle. HTTPRouteFilters + are meant as an extension point to express processing that may + be done in Gateway implementations. Some examples include request + or response modification, implementing authentication strategies, + rate-limiting, and traffic shaping. API guarantee/conformance + is defined based on the type of the filter. + properties: + extensionRef: + description: "ExtensionRef is an optional, implementation-specific + extension to the \"filter\" behavior. For example, resource + \"myroutefilter\" in group \"networking.example.net\"). ExtensionRef + MUST NOT be used for core and extended filters. \n Support: + Implementation-specific" + properties: + group: + description: Group is the group of the referent. For example, + "gateway.networking.k8s.io". When unspecified or empty + string, core API group is inferred. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + description: Kind is kind of the referent. For example "HTTPRoute" + or "Service". + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the referent. + maxLength: 253 + minLength: 1 + type: string + required: + - group + - kind + - name + type: object + requestHeaderModifier: + description: "RequestHeaderModifier defines a schema for a filter + that modifies request headers. \n Support: Core" + properties: + add: + description: "Add adds the given header(s) (name, value) + to the request before the action. It appends to any existing + values associated with the header name. \n Input: GET + /foo HTTP/1.1 my-header: foo \n Config: add: - name: \"my-header\" + value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: + foo,bar,baz" + items: + description: HTTPHeader represents an HTTP Header name + and value as defined by RFC 7230. + properties: + name: + description: "Name is the name of the HTTP Header + to be matched. Name matching MUST be case insensitive. + (See https://tools.ietf.org/html/rfc7230#section-3.2). + \n If multiple entries specify equivalent header + names, the first entry with an equivalent name MUST + be considered for a match. Subsequent entries with + an equivalent header name MUST be ignored. Due to + the case-insensitivity of header names, \"foo\" + and \"Foo\" are considered equivalent." + maxLength: 256 + minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ + type: string + value: + description: Value is the value of HTTP Header to + be matched. + maxLength: 4096 + minLength: 1 + type: string + required: + - name + - value + type: object + maxItems: 16 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + remove: + description: "Remove the given header(s) from the HTTP request + before the action. The value of Remove is a list of HTTP + header names. Note that the header names are case-insensitive + (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). + \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: + bar my-header3: baz \n Config: remove: [\"my-header1\", + \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: + bar" + items: + type: string + maxItems: 16 + type: array + set: + description: "Set overwrites the request with the given + header (name, value) before the action. \n Input: GET + /foo HTTP/1.1 my-header: foo \n Config: set: - name: \"my-header\" + value: \"bar\" \n Output: GET /foo HTTP/1.1 my-header: + bar" + items: + description: HTTPHeader represents an HTTP Header name + and value as defined by RFC 7230. + properties: + name: + description: "Name is the name of the HTTP Header + to be matched. Name matching MUST be case insensitive. + (See https://tools.ietf.org/html/rfc7230#section-3.2). + \n If multiple entries specify equivalent header + names, the first entry with an equivalent name MUST + be considered for a match. Subsequent entries with + an equivalent header name MUST be ignored. Due to + the case-insensitivity of header names, \"foo\" + and \"Foo\" are considered equivalent." + maxLength: 256 + minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ + type: string + value: + description: Value is the value of HTTP Header to + be matched. + maxLength: 4096 + minLength: 1 + type: string + required: + - name + - value + type: object + maxItems: 16 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + requestMirror: + description: "RequestMirror defines a schema for a filter that + mirrors requests. Requests are sent to the specified destination, + but responses from that destination are ignored. \n Support: + Extended" + properties: + backendRef: + description: "BackendRef references a resource where mirrored + requests are sent. \n If the referent cannot be found, + this BackendRef is invalid and must be dropped from the + Gateway. The controller must ensure the \"ResolvedRefs\" + condition on the Route status is set to `status: False` + and not configure this backend in the underlying implementation. + \n If there is a cross-namespace reference to an *existing* + object that is not allowed by a ReferenceGrant, the controller + must ensure the \"ResolvedRefs\" condition on the Route + is set to `status: False`, with the \"RefNotPermitted\" + reason and not configure this backend in the underlying + implementation. \n In either error case, the Message of + the `ResolvedRefs` Condition should be used to provide + more detail about the problem. \n Support: Extended for + Kubernetes Service \n Support: Implementation-specific + for any other resource" + properties: + group: + default: "" + description: Group is the group of the referent. For + example, "gateway.networking.k8s.io". When unspecified + or empty string, core API group is inferred. + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + default: Service + description: Kind is kind of the referent. For example + "HTTPRoute" or "Service". Defaults to "Service" when + not specified. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: "Namespace is the namespace of the backend. + When unspecified, the local namespace is inferred. + \n Note that when a namespace is specified, a ReferenceGrant + object is required in the referent namespace to allow + that namespace's owner to accept the reference. See + the ReferenceGrant documentation for details. \n Support: + Core" + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + port: + description: Port specifies the destination port number + to use for this resource. Port is required when the + referent is a Kubernetes Service. In this case, the + port number is the service port number, not the target + port. For other resources, destination port might + be derived from the referent resource or this field. + format: int32 + maximum: 65535 + minimum: 1 + type: integer + required: + - name + type: object + required: + - backendRef + type: object + requestRedirect: + description: "RequestRedirect defines a schema for a filter + that responds to the request with an HTTP redirection. \n + Support: Core" + properties: + hostname: + description: "Hostname is the hostname to be used in the + value of the `Location` header in the response. When empty, + the hostname of the request is used. \n Support: Core" + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + path: + description: "Path defines parameters used to modify the + path of the incoming request. The modified path is then + used to construct the `Location` header. When empty, the + request path is used as-is. \n Support: Extended \n " + properties: + replaceFullPath: + description: "ReplaceFullPath specifies the value with + which to replace the full path of a request during + a rewrite or redirect. \n " + maxLength: 1024 + type: string + replacePrefixMatch: + description: "ReplacePrefixMatch specifies the value + with which to replace the prefix match of a request + during a rewrite or redirect. For example, a request + to \"/foo/bar\" with a prefix match of \"/foo\" would + be modified to \"/bar\". \n Note that this matches + the behavior of the PathPrefix match type. This matches + full path elements. A path element refers to the list + of labels in the path split by the `/` separator. + When specified, a trailing `/` is ignored. For example, + the paths `/abc`, `/abc/`, and `/abc/def` would all + match the prefix `/abc`, but the path `/abcd` would + not. \n " + maxLength: 1024 + type: string + type: + description: "Type defines the type of path modifier. + Additional types may be added in a future release + of the API. \n Note that values may be added to this + enum, implementations must ensure that unknown values + will not cause a crash. \n Unknown values here must + result in the implementation setting the Accepted + Condition for the Route to `status: False`, with a + Reason of `UnsupportedValue`. \n " + enum: + - ReplaceFullPath + - ReplacePrefixMatch + type: string + required: + - type + type: object + port: + description: "Port is the port to be used in the value of + the `Location` header in the response. When empty, port + (if specified) of the request is used. \n Support: Extended" + format: int32 + maximum: 65535 + minimum: 1 + type: integer + scheme: + description: "Scheme is the scheme to be used in the value + of the `Location` header in the response. When empty, + the scheme of the request is used. \n Note that values + may be added to this enum, implementations must ensure + that unknown values will not cause a crash. \n Unknown + values here must result in the implementation setting + the Accepted Condition for the Route to `status: False`, + with a Reason of `UnsupportedValue`. \n Support: Extended" + enum: + - http + - https + type: string + statusCode: + default: 302 + description: "StatusCode is the HTTP status code to be used + in response. \n Note that values may be added to this + enum, implementations must ensure that unknown values + will not cause a crash. \n Unknown values here must result + in the implementation setting the Accepted Condition for + the Route to `status: False`, with a Reason of `UnsupportedValue`. + \n Support: Core" + enum: + - 301 + - 302 + type: integer + type: object + responseHeaderModifier: + description: "ResponseHeaderModifier defines a schema for a + filter that modifies response headers. \n Support: Extended + \n " + properties: + add: + description: "Add adds the given header(s) (name, value) + to the request before the action. It appends to any existing + values associated with the header name. \n Input: GET + /foo HTTP/1.1 my-header: foo \n Config: add: - name: \"my-header\" + value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: + foo,bar,baz" + items: + description: HTTPHeader represents an HTTP Header name + and value as defined by RFC 7230. + properties: + name: + description: "Name is the name of the HTTP Header + to be matched. Name matching MUST be case insensitive. + (See https://tools.ietf.org/html/rfc7230#section-3.2). + \n If multiple entries specify equivalent header + names, the first entry with an equivalent name MUST + be considered for a match. Subsequent entries with + an equivalent header name MUST be ignored. Due to + the case-insensitivity of header names, \"foo\" + and \"Foo\" are considered equivalent." + maxLength: 256 + minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ + type: string + value: + description: Value is the value of HTTP Header to + be matched. + maxLength: 4096 + minLength: 1 + type: string + required: + - name + - value + type: object + maxItems: 16 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + remove: + description: "Remove the given header(s) from the HTTP request + before the action. The value of Remove is a list of HTTP + header names. Note that the header names are case-insensitive + (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). + \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: + bar my-header3: baz \n Config: remove: [\"my-header1\", + \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: + bar" + items: + type: string + maxItems: 16 + type: array + set: + description: "Set overwrites the request with the given + header (name, value) before the action. \n Input: GET + /foo HTTP/1.1 my-header: foo \n Config: set: - name: \"my-header\" + value: \"bar\" \n Output: GET /foo HTTP/1.1 my-header: + bar" + items: + description: HTTPHeader represents an HTTP Header name + and value as defined by RFC 7230. + properties: + name: + description: "Name is the name of the HTTP Header + to be matched. Name matching MUST be case insensitive. + (See https://tools.ietf.org/html/rfc7230#section-3.2). + \n If multiple entries specify equivalent header + names, the first entry with an equivalent name MUST + be considered for a match. Subsequent entries with + an equivalent header name MUST be ignored. Due to + the case-insensitivity of header names, \"foo\" + and \"Foo\" are considered equivalent." + maxLength: 256 + minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ + type: string + value: + description: Value is the value of HTTP Header to + be matched. + maxLength: 4096 + minLength: 1 + type: string + required: + - name + - value + type: object + maxItems: 16 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: + description: "Type identifies the type of filter to apply. As + with other API fields, types are classified into three conformance + levels: \n - Core: Filter types and their corresponding configuration + defined by \"Support: Core\" in this package, e.g. \"RequestHeaderModifier\". + All implementations must support core filters. \n - Extended: + Filter types and their corresponding configuration defined + by \"Support: Extended\" in this package, e.g. \"RequestMirror\". + Implementers are encouraged to support extended filters. \n + - Implementation-specific: Filters that are defined and supported + by specific vendors. In the future, filters showing convergence + in behavior across multiple implementations will be considered + for inclusion in extended or core conformance levels. Filter-specific + configuration for such filters is specified using the ExtensionRef + field. `Type` should be set to \"ExtensionRef\" for custom + filters. \n Implementers are encouraged to define custom implementation + types to extend the core API with implementation-specific + behavior. \n If a reference to a custom filter type cannot + be resolved, the filter MUST NOT be skipped. Instead, requests + that would have been processed by that filter MUST receive + a HTTP error response. \n Note that values may be added to + this enum, implementations must ensure that unknown values + will not cause a crash. \n Unknown values here must result + in the implementation setting the Accepted Condition for the + Route to `status: False`, with a Reason of `UnsupportedValue`. + \n " + enum: + - RequestHeaderModifier + - RequestMirror + - RequestRedirect + - ExtensionRef + type: string + urlRewrite: + description: "URLRewrite defines a schema for a filter that + modifies a request during forwarding. \n Support: Extended + \n " + properties: + hostname: + description: "Hostname is the value to be used to replace + the Host header value during forwarding. \n Support: Extended + \n " + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + path: + description: "Path defines a path rewrite. \n Support: Extended + \n " + properties: + replaceFullPath: + description: "ReplaceFullPath specifies the value with + which to replace the full path of a request during + a rewrite or redirect. \n " + maxLength: 1024 + type: string + replacePrefixMatch: + description: "ReplacePrefixMatch specifies the value + with which to replace the prefix match of a request + during a rewrite or redirect. For example, a request + to \"/foo/bar\" with a prefix match of \"/foo\" would + be modified to \"/bar\". \n Note that this matches + the behavior of the PathPrefix match type. This matches + full path elements. A path element refers to the list + of labels in the path split by the `/` separator. + When specified, a trailing `/` is ignored. For example, + the paths `/abc`, `/abc/`, and `/abc/def` would all + match the prefix `/abc`, but the path `/abcd` would + not. \n " + maxLength: 1024 + type: string + type: + description: "Type defines the type of path modifier. + Additional types may be added in a future release + of the API. \n Note that values may be added to this + enum, implementations must ensure that unknown values + will not cause a crash. \n Unknown values here must + result in the implementation setting the Accepted + Condition for the Route to `status: False`, with a + Reason of `UnsupportedValue`. \n " + enum: + - ReplaceFullPath + - ReplacePrefixMatch + type: string + required: + - type + type: object + type: object + required: + - type + type: object + type: array httpRouteHostname: type: string + httpRouteMatches: + items: + description: "HTTPRouteMatch defines the predicate used to match + requests to a given action. Multiple match types are ANDed together, + i.e. the match will evaluate to true only if all conditions are + satisfied. \n For example, the match below will match a HTTP request + only if its path starts with `/foo` AND it contains the `version: + v1` header: \n ``` match: \n path: value: \"/foo\" headers: - + name: \"version\" value \"v1\" \n ```" + properties: + headers: + description: Headers specifies HTTP request header matchers. + Multiple match values are ANDed together, meaning, a request + must match all the specified headers to select the route. + items: + description: HTTPHeaderMatch describes how to select a HTTP + route by matching HTTP request headers. + properties: + name: + description: "Name is the name of the HTTP Header to be + matched. Name matching MUST be case insensitive. (See + https://tools.ietf.org/html/rfc7230#section-3.2). \n + If multiple entries specify equivalent header names, + only the first entry with an equivalent name MUST be + considered for a match. Subsequent entries with an equivalent + header name MUST be ignored. Due to the case-insensitivity + of header names, \"foo\" and \"Foo\" are considered + equivalent. \n When a header is repeated in an HTTP + request, it is implementation-specific behavior as to + how this is represented. Generally, proxies should follow + the guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 + regarding processing a repeated header, with special + handling for \"Set-Cookie\"." + maxLength: 256 + minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ + type: string + type: + default: Exact + description: "Type specifies how to match against the + value of the header. \n Support: Core (Exact) \n Support: + Implementation-specific (RegularExpression) \n Since + RegularExpression HeaderMatchType has implementation-specific + conformance, implementations can support POSIX, PCRE + or any other dialects of regular expressions. Please + read the implementation's documentation to determine + the supported dialect." + enum: + - Exact + - RegularExpression + type: string + value: + description: Value is the value of HTTP Header to be matched. + maxLength: 4096 + minLength: 1 + type: string + required: + - name + - value + type: object + maxItems: 16 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + method: + description: "Method specifies HTTP method matcher. When specified, + this route will be matched only if the request has the specified + method. \n Support: Extended" + enum: + - GET + - HEAD + - POST + - PUT + - DELETE + - CONNECT + - OPTIONS + - TRACE + - PATCH + type: string + path: + default: + type: PathPrefix + value: / + description: Path specifies a HTTP request path matcher. If + this field is not specified, a default prefix match on the + "/" path is provided. + properties: + type: + default: PathPrefix + description: "Type specifies how to match against the path + Value. \n Support: Core (Exact, PathPrefix) \n Support: + Implementation-specific (RegularExpression)" + enum: + - Exact + - PathPrefix + - RegularExpression + type: string + value: + default: / + description: Value of the HTTP path to match against. + maxLength: 1024 + type: string + type: object + queryParams: + description: "QueryParams specifies HTTP query parameter matchers. + Multiple match values are ANDed together, meaning, a request + must match all the specified query parameters to select the + route. \n Support: Extended" + items: + description: HTTPQueryParamMatch describes how to select a + HTTP route by matching HTTP query parameters. + properties: + name: + description: "Name is the name of the HTTP query param + to be matched. This must be an exact string match. (See + https://tools.ietf.org/html/rfc7230#section-2.7.3). + \n If multiple entries specify equivalent query param + names, only the first entry with an equivalent name + MUST be considered for a match. Subsequent entries with + an equivalent query param name MUST be ignored. \n If + a query param is repeated in an HTTP request, the behavior + is purposely left undefined, since different data planes + have different capabilities. However, it is *recommended* + that implementations should match against the first + value of the param if the data plane supports it, as + this behavior is expected in other load balancing contexts + outside of the Gateway API. \n Users SHOULD NOT route + traffic based on repeated query params to guard themselves + against potential differences in the implementations." + maxLength: 256 + minLength: 1 + type: string + type: + default: Exact + description: "Type specifies how to match against the + value of the query parameter. \n Support: Extended (Exact) + \n Support: Implementation-specific (RegularExpression) + \n Since RegularExpression QueryParamMatchType has Implementation-specific + conformance, implementations can support POSIX, PCRE + or any other dialects of regular expressions. Please + read the implementation's documentation to determine + the supported dialect." + enum: + - Exact + - RegularExpression + type: string + value: + description: Value is the value of HTTP query param to + be matched. + maxLength: 1024 + minLength: 1 + type: string + required: + - name + - value + type: object + maxItems: 16 + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + type: object + type: array httpRouteName: type: string serviceAccountName: diff --git a/controllers/clientsideconfiguration_controller.go b/controllers/clientsideconfiguration_controller.go index 718512b84..a6e816cac 100644 --- a/controllers/clientsideconfiguration_controller.go +++ b/controllers/clientsideconfiguration_controller.go @@ -86,6 +86,7 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c ns := csconf.Namespace csconfOwnerReferences := []metav1.OwnerReference{ { + APIVersion: csconf.APIVersion, Kind: csconf.Kind, Name: csconf.Name, UID: csconf.UID, @@ -247,6 +248,8 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c httpRoute.Spec.Hostnames = []gatewayv1beta1.Hostname{httpRouteHostname} httpRoute.Spec.Rules = []gatewayv1beta1.HTTPRouteRule{ { + Matches: csconf.Spec.HTTPRouteMatches, + Filters: csconf.Spec.HTTPRouteFilters, BackendRefs: []gatewayv1beta1.HTTPBackendRef{ { BackendRef: gatewayv1beta1.BackendRef{ @@ -287,6 +290,7 @@ func (r *ClientSideConfigurationReconciler) Reconcile(ctx context.Context, req c // TODO resource limits } + deployment.Spec.Template.ObjectMeta.Annotations = make(map[string]string) if err := HandleSourcesProviders(ctx, r.Log, r.Client, fsConfigSpec, ns, csconf.Spec.ServiceAccountName, csconfOwnerReferences, &deployment.Spec.Template.Spec, deployment.Spec.Template.ObjectMeta, &flagdContainer, ); err != nil { diff --git a/controllers/provider.go b/controllers/provider.go index 5fd6df09e..e62cc8b17 100644 --- a/controllers/provider.go +++ b/controllers/provider.go @@ -113,6 +113,9 @@ func handleKubernetesProvider( return err } // mark with annotation (required to backfill permissions if they are dropped) + if meta.Annotations == nil { + return fmt.Errorf("meta annotations is nil") + } meta.Annotations[fmt.Sprintf("%s/%s", OpenFeatureAnnotationPrefix, AllowKubernetesSyncAnnotation)] = "true" // append args sidecar.Args = append( diff --git a/main.go b/main.go index e4bba09eb..c9e3ccfce 100644 --- a/main.go +++ b/main.go @@ -182,14 +182,14 @@ func main() { if err := mgr.GetFieldIndexer().IndexField( context.Background(), &corev1.Pod{}, - fmt.Sprintf("%s/%s", webhooks.OpenFeatureAnnotationPath, webhooks.AllowKubernetesSyncAnnotation), + fmt.Sprintf("%s/%s", webhooks.OpenFeatureAnnotationPath, controllers.AllowKubernetesSyncAnnotation), webhooks.OpenFeatureEnabledAnnotationIndex, ); err != nil { setupLog.Error( err, "unable to create indexer", "webhook", - fmt.Sprintf("%s/%s", webhooks.OpenFeatureAnnotationPath, webhooks.AllowKubernetesSyncAnnotation), + fmt.Sprintf("%s/%s", webhooks.OpenFeatureAnnotationPath, controllers.AllowKubernetesSyncAnnotation), ) os.Exit(1) } diff --git a/webhooks/pod_webhook_deprecated.go b/webhooks/pod_webhook_deprecated.go index 939b64e54..03b54844d 100644 --- a/webhooks/pod_webhook_deprecated.go +++ b/webhooks/pod_webhook_deprecated.go @@ -3,6 +3,7 @@ package webhooks import ( "context" "fmt" + "github.com/open-feature/open-feature-operator/controllers" "reflect" v1alpha1 "github.com/open-feature/open-feature-operator/apis/core/v1alpha1" @@ -10,8 +11,8 @@ import ( func (m *PodMutator) handleFeatureFlagConfigurationAnnotation(ctx context.Context, fcConfig *v1alpha1.FlagSourceConfigurationSpec, ffconfigAnnotation string, defaultNamespace string) error { for _, ffName := range parseList(ffconfigAnnotation) { - ns, name := parseAnnotation(ffName, defaultNamespace) - fsConfig := m.getFeatureFlag(ctx, ns, name) + ns, name := controllers.ParseAnnotation(ffName, defaultNamespace) + fsConfig := controllers.FeatureFlag(ctx, m.Client, ns, name) if reflect.DeepEqual(fsConfig, v1alpha1.FeatureFlagConfiguration{}) { return fmt.Errorf("FeatureFlagConfiguration %s not found", ffName) }