From 2f6f2533c8b5384c1d00d9cfc40f39d5041ef7e2 Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sat, 30 Sep 2023 13:41:00 -0600 Subject: [PATCH 1/8] step 1: move to OSS, update imports Signed-off-by: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> --- Dockerfile.dev | 2 - README.md | 6 +- cmd/serve.go | 14 ++-- cmd/sync.go | 2 +- cmd/sync_groups.go | 6 +- cmd/sync_members.go | 6 +- cmd/sync_users.go | 6 +- go.mod | 51 ++++++------ go.sum | 102 ++++++++++++----------- internal/reconciler/eventlog.go | 4 +- internal/reconciler/group_memberships.go | 4 +- internal/reconciler/groups.go | 4 +- internal/reconciler/groups_test.go | 2 +- internal/reconciler/reconciler.go | 10 +-- internal/reconciler/reconciler_test.go | 2 +- internal/reconciler/users.go | 6 +- internal/reconciler/users_test.go | 2 +- internal/srv/msg_handlers.go | 4 +- internal/srv/nats_test.go | 2 +- internal/srv/server.go | 2 +- main.go | 2 +- 21 files changed, 123 insertions(+), 116 deletions(-) diff --git a/Dockerfile.dev b/Dockerfile.dev index 9a93c03..ebbc444 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -6,8 +6,6 @@ WORKDIR /app # Setup dependencies to auth inside docker ARG ACTIONS_BOT_GITHUB_PAT ENV ACTIONS_BOT_GITHUB_PAT=${ACTIONS_BOT_GITHUB_PAT} -RUN git config --global url."https://${ACTIONS_BOT_GITHUB_PAT}:x-oauth-basic@github.com/equinixmetal".insteadOf "https://github.com/equinixmetal" -ENV GOPRIVATE=github.com/equinixmetal/*,go.equinixmetal.net # Retrieve application dependencies using go modules. # Allows container builds to reuse downloaded dependencies. diff --git a/README.md b/README.md index 0bb5890..90059aa 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ accordingly in Okta. `gov-okta-addon` subscribes to the Governor event stream where change events are published. The events published by Governor contain the group and/or user id that changed and the type of action. Events are published on NATS subjects -dedicated to the resource type ie. `equinixmetal.governor.events.groups` for group events. When `gov-okta-addon` receives +dedicated to the resource type ie. `governor.events.groups` for group events. When `gov-okta-addon` receives an event, it reacts by requesting information from Governor about the included resource IDs and making the required changes in Okta. @@ -62,7 +62,7 @@ be removed from the group. The groups and users must already exist in governor o ### Prereq to running locally with governor-api devcontainer -Follow the directions [here](https://github.com/equinixmetal/governor/blob/main/README.md#running-governor-locally) for starting the governor-api devcontainer. +Follow the directions [here](https://github.com/metal-toolbox/governor-api#running-governor-api-locally) for starting the governor-api devcontainer. The **first time** you'll need to create a local hydra client for `gov-okta-addon-governor` and copy the nats creds file. After that you can just export the env variables. @@ -102,7 +102,7 @@ Export the following in the terminal where you will run gov-okta-addon: ```sh export GOA_NATS_URL="nats://127.0.0.1:4222" export GOA_OKTA_NOCACHE=true -export GOA_OKTA_URL="https://equinixmetal.oktapreview.com" +export GOA_OKTA_URL="https://example.oktapreview.com" export GOA_GOVERNOR_URL="http://127.0.0.1:3001" export GOA_GOVERNOR_AUDIENCE="http://api:3001/" export GOA_GOVERNOR_TOKEN_URL="http://127.0.0.1:4444/oauth2/token" diff --git a/cmd/serve.go b/cmd/serve.go index c4b1797..146f522 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -10,17 +10,17 @@ import ( "time" "github.com/equinixmetal/addonx/natslock" + "github.com/equinixmetal/gov-okta-addon/internal/okta" + "github.com/equinixmetal/gov-okta-addon/internal/reconciler" + "github.com/equinixmetal/gov-okta-addon/internal/srv" "github.com/metal-toolbox/auditevent" audithelpers "github.com/metal-toolbox/auditevent/helpers" "github.com/nats-io/nats.go" "github.com/spf13/cobra" "github.com/spf13/viper" - "go.equinixmetal.net/gov-okta-addon/internal/okta" - "go.equinixmetal.net/gov-okta-addon/internal/reconciler" - "go.equinixmetal.net/gov-okta-addon/internal/srv" "golang.org/x/oauth2/clientcredentials" - governor "go.equinixmetal.net/governor-api/pkg/client" + governor "github.com/metal-toolbox/governor-api/pkg/client" ) const ( @@ -52,9 +52,9 @@ func init() { viperBindFlag("nats.url", serveCmd.Flags().Lookup("nats-url")) serveCmd.PersistentFlags().String("nats-creds-file", "", "Path to the file containing the NATS credentials file") viperBindFlag("nats.creds-file", serveCmd.PersistentFlags().Lookup("nats-creds-file")) - serveCmd.Flags().String("nats-subject-prefix", "equinixmetal.governor.events", "prefix for NATS subjects") + serveCmd.Flags().String("nats-subject-prefix", "governor.events", "prefix for NATS subjects") viperBindFlag("nats.subject-prefix", serveCmd.Flags().Lookup("nats-subject-prefix")) - serveCmd.Flags().String("nats-queue-group", "equinixmetal.governor.addons.gov-okta-addon", "queue group for load balancing messages across NATS consumers") + serveCmd.Flags().String("nats-queue-group", "governor.addons.gov-okta-addon", "queue group for load balancing messages across NATS consumers") viperBindFlag("nats.queue-group", serveCmd.Flags().Lookup("nats-queue-group")) serveCmd.Flags().Int("nats-queue-size", defaultNATSQueueSize, "queue size for load balancing messages across NATS consumers") viperBindFlag("nats.queue-size", serveCmd.Flags().Lookup("nats-queue-size")) @@ -73,7 +73,7 @@ func init() { viperBindFlag("audit.log-path", serveCmd.Flags().Lookup("audit-log-path")) // Okta related flags - serveCmd.Flags().String("okta-url", "https://equinixmetal.okta.com", "url for Okta client calls") + serveCmd.Flags().String("okta-url", "https://example.okta.com", "url for Okta client calls") viperBindFlag("okta.url", serveCmd.Flags().Lookup("okta-url")) serveCmd.Flags().String("okta-token", "", "token for access to the Okta API") viperBindFlag("okta.token", serveCmd.Flags().Lookup("okta-token")) diff --git a/cmd/sync.go b/cmd/sync.go index 01af4c3..2d59bcc 100644 --- a/cmd/sync.go +++ b/cmd/sync.go @@ -17,7 +17,7 @@ func init() { viperBindFlag("sync.dryrun", syncCmd.PersistentFlags().Lookup("dry-run")) // Okta related flags - syncCmd.PersistentFlags().String("okta-url", "https://equinixmetal.okta.com", "url for Okta client calls") + syncCmd.PersistentFlags().String("okta-url", "https://example.okta.com", "url for Okta client calls") viperBindFlag("okta.url", syncCmd.PersistentFlags().Lookup("okta-url")) syncCmd.PersistentFlags().String("okta-token", "", "token for access to the Okta API") viperBindFlag("okta.token", syncCmd.PersistentFlags().Lookup("okta-token")) diff --git a/cmd/sync_groups.go b/cmd/sync_groups.go index 50f7b0e..a666d3d 100644 --- a/cmd/sync_groups.go +++ b/cmd/sync_groups.go @@ -6,14 +6,14 @@ import ( "net/url" "strings" + "github.com/equinixmetal/gov-okta-addon/internal/okta" "github.com/gosimple/slug" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" + governor "github.com/metal-toolbox/governor-api/pkg/client" okt "github.com/okta/okta-sdk-golang/v2/okta" "github.com/okta/okta-sdk-golang/v2/okta/query" "github.com/spf13/cobra" "github.com/spf13/viper" - "go.equinixmetal.net/gov-okta-addon/internal/okta" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" - governor "go.equinixmetal.net/governor-api/pkg/client" "go.uber.org/zap" "golang.org/x/oauth2/clientcredentials" ) diff --git a/cmd/sync_members.go b/cmd/sync_members.go index f719b65..e582704 100644 --- a/cmd/sync_members.go +++ b/cmd/sync_members.go @@ -6,12 +6,12 @@ import ( "fmt" "net/url" + "github.com/equinixmetal/gov-okta-addon/internal/okta" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" + governor "github.com/metal-toolbox/governor-api/pkg/client" okt "github.com/okta/okta-sdk-golang/v2/okta" "github.com/spf13/cobra" "github.com/spf13/viper" - "go.equinixmetal.net/gov-okta-addon/internal/okta" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" - governor "go.equinixmetal.net/governor-api/pkg/client" "go.uber.org/zap" "golang.org/x/oauth2/clientcredentials" diff --git a/cmd/sync_users.go b/cmd/sync_users.go index 34c663c..39591f9 100644 --- a/cmd/sync_users.go +++ b/cmd/sync_users.go @@ -5,13 +5,13 @@ import ( "fmt" "net/url" + "github.com/equinixmetal/gov-okta-addon/internal/okta" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" + governor "github.com/metal-toolbox/governor-api/pkg/client" okt "github.com/okta/okta-sdk-golang/v2/okta" "github.com/okta/okta-sdk-golang/v2/okta/query" "github.com/spf13/cobra" "github.com/spf13/viper" - "go.equinixmetal.net/gov-okta-addon/internal/okta" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" - governor "go.equinixmetal.net/governor-api/pkg/client" "go.uber.org/zap" "golang.org/x/oauth2/clientcredentials" ) diff --git a/go.mod b/go.mod index 4c68288..727d3d0 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module go.equinixmetal.net/gov-okta-addon +module github.com/equinixmetal/gov-okta-addon go 1.19 @@ -10,8 +10,9 @@ require ( github.com/gofrs/uuid v4.4.0+incompatible github.com/gosimple/slug v1.13.1 github.com/metal-toolbox/auditevent v0.8.0 + github.com/metal-toolbox/governor-api v0.1.7 github.com/mitchellh/go-homedir v1.1.0 - github.com/nats-io/nats.go v1.27.1 + github.com/nats-io/nats.go v1.28.0 github.com/okta/okta-sdk-golang/v2 v2.19.0 github.com/prometheus/client_golang v1.16.0 github.com/spf13/cobra v1.7.0 @@ -20,23 +21,23 @@ require ( github.com/stretchr/testify v1.8.4 github.com/volatiletech/null/v8 v8.1.2 github.com/zsais/go-gin-prometheus v0.1.0 - go.equinixmetal.net/governor-api v0.24.0 go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin v0.42.0 - go.opentelemetry.io/otel v1.16.0 + go.opentelemetry.io/otel v1.17.0 go.opentelemetry.io/otel/exporters/jaeger v1.16.0 - go.opentelemetry.io/otel/sdk v1.16.0 + go.opentelemetry.io/otel/sdk v1.17.0 go.uber.org/zap v1.24.0 - golang.org/x/oauth2 v0.9.0 + golang.org/x/oauth2 v0.10.0 ) require ( github.com/BurntSushi/toml v1.3.2 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/bytedance/sonic v1.9.1 // indirect + github.com/bytedance/sonic v1.10.0-rc3 // indirect github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect - github.com/cockroachdb/cockroach-go/v2 v2.3.4 // indirect + github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d // indirect + github.com/chenzhuoyu/iasm v0.9.0 // indirect + github.com/cockroachdb/cockroach-go/v2 v2.3.5 // indirect github.com/coreos/go-oidc/v3 v3.6.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/ericlagergren/decimal v0.0.0-20221120152707-495c53812d05 // indirect @@ -54,12 +55,12 @@ require ( github.com/go-sql-driver/mysql v1.7.1 // indirect github.com/goccy/go-json v0.10.2 // indirect github.com/golang/protobuf v1.5.3 // indirect - github.com/google/uuid v1.3.0 // indirect + github.com/google/uuid v1.3.1 // indirect github.com/gosimple/unidecode v1.0.1 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jackc/chunkreader/v2 v2.0.1 // indirect - github.com/jackc/pgconn v1.14.0 // indirect + github.com/jackc/pgconn v1.14.1 // indirect github.com/jackc/pgio v1.0.0 // indirect github.com/jackc/pgpassfile v1.0.0 // indirect github.com/jackc/pgproto3/v2 v2.3.2 // indirect @@ -69,7 +70,7 @@ require ( github.com/jmoiron/sqlx v1.3.5 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/kelseyhightower/envconfig v1.4.0 // indirect - github.com/klauspost/compress v1.16.5 // indirect + github.com/klauspost/compress v1.16.7 // indirect github.com/klauspost/cpuid/v2 v2.2.5 // indirect github.com/leodido/go-urn v1.2.4 // indirect github.com/lib/pq v1.10.9 // indirect @@ -82,11 +83,11 @@ require ( github.com/nats-io/nkeys v0.4.4 // indirect github.com/nats-io/nuid v1.0.1 // indirect github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627 // indirect - github.com/pelletier/go-toml/v2 v2.0.8 // indirect + github.com/pelletier/go-toml/v2 v2.0.9 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.4.0 // indirect github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/prometheus/procfs v0.11.1 // indirect github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/afero v1.9.5 // indirect github.com/spf13/cast v1.5.1 // indirect @@ -96,21 +97,21 @@ require ( github.com/ugorji/go/codec v1.2.11 // indirect github.com/volatiletech/inflect v0.0.1 // indirect github.com/volatiletech/randomize v0.0.1 // indirect - github.com/volatiletech/sqlboiler/v4 v4.14.2 // indirect - github.com/volatiletech/strmangle v0.0.4 // indirect - go.hollow.sh/toolbox v0.6.0 // indirect - go.opentelemetry.io/otel/metric v1.16.0 // indirect - go.opentelemetry.io/otel/trace v1.16.0 // indirect + github.com/volatiletech/sqlboiler/v4 v4.15.0 // indirect + github.com/volatiletech/strmangle v0.0.5 // indirect + go.hollow.sh/toolbox v0.6.1 // indirect + go.opentelemetry.io/otel/metric v1.17.0 // indirect + go.opentelemetry.io/otel/trace v1.17.0 // indirect go.uber.org/atomic v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/arch v0.3.0 // indirect - golang.org/x/crypto v0.10.0 // indirect - golang.org/x/net v0.11.0 // indirect - golang.org/x/sys v0.9.0 // indirect - golang.org/x/text v0.10.0 // indirect + golang.org/x/arch v0.4.0 // indirect + golang.org/x/crypto v0.11.0 // indirect + golang.org/x/net v0.12.0 // indirect + golang.org/x/sys v0.11.0 // indirect + golang.org/x/text v0.11.0 // indirect golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.30.0 // indirect + google.golang.org/protobuf v1.31.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index e2178bb..2953b5a 100644 --- a/go.sum +++ b/go.sum @@ -89,8 +89,9 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM= -github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= -github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= +github.com/bytedance/sonic v1.10.0-rc/go.mod h1:ElCzW+ufi8qKqNW0FY314xriJhyJhuoJ3gFZdAHF7NM= +github.com/bytedance/sonic v1.10.0-rc3 h1:uNSnscRapXTwUgTyOF0GVljYD08p9X/Lbr9MweSV3V0= +github.com/bytedance/sonic v1.10.0-rc3/go.mod h1:iZcSUejdk5aukTND/Eu/ivjQuEL0Cu9/rf50Hi0u/g4= github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -99,8 +100,11 @@ github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY= -github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams= github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk= +github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d h1:77cEq6EriyTZ0g/qfRdp61a3Uu/AWrgIq2s0ClJV1g0= +github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d/go.mod h1:8EPpVsBuRksnlj1mLy4AWzRNQYxauNi62uWcE3to6eA= +github.com/chenzhuoyu/iasm v0.9.0 h1:9fhXjVzq5hUy2gkhhgHl95zG2cEAhw9OSGs8toWWAwo= +github.com/chenzhuoyu/iasm v0.9.0/go.mod h1:Xjy2NpN3h7aUqeqM+woSuuvxmIe6+DDsiNLIrkAmYog= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -118,8 +122,8 @@ github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I= github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= -github.com/cockroachdb/cockroach-go/v2 v2.3.4 h1:dm6K7p7VOldWbgUllY4D/1Qtqv/D0UKm6OLhpF53aJU= -github.com/cockroachdb/cockroach-go/v2 v2.3.4/go.mod h1:1wNJ45eSXW9AnOc3skntW9ZUZz6gxrQK3cOj3rK+BC8= +github.com/cockroachdb/cockroach-go/v2 v2.3.5 h1:Khtm8K6fTTz/ZCWPzU9Ne3aOW9VyAnj4qIPCJgKtwK0= +github.com/cockroachdb/cockroach-go/v2 v2.3.5/go.mod h1:1wNJ45eSXW9AnOc3skntW9ZUZz6gxrQK3cOj3rK+BC8= github.com/coreos/go-oidc/v3 v3.6.0 h1:AKVxfYw1Gmkn/w96z0DbT/B/xFnzTd3MkZvWLjF4n/o= github.com/coreos/go-oidc/v3 v3.6.0/go.mod h1:ZpHUsHBucTUj6WOkrP4E20UPynbLZzhTQ1XKCXkxyPc= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -147,7 +151,7 @@ github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go. github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/equinixmetal/addonx v0.0.0-20230523132059-270030f9805c h1:VB+0o16ZatttvXai6Z5rvuExQT4iEAeIffsv1K7GFvA= github.com/equinixmetal/addonx v0.0.0-20230523132059-270030f9805c/go.mod h1:3EaUVjTnce+LqN8TVfeRuPqcy/95tZp9sOfkBbPh7Io= -github.com/ericlagergren/decimal v0.0.0-20211103172832-aca2edc11f73/go.mod h1:5sruVSMrZCk0U4hwRaGD0D8wIMFVsBWQqG74jQDFg4k= +github.com/ericlagergren/decimal v0.0.0-20190420051523-6335edbaa640/go.mod h1:mdYyfAkzn9kyJ/kMk/7WE9ufl9lflh+2NvecQ5mAghs= github.com/ericlagergren/decimal v0.0.0-20221120152707-495c53812d05 h1:S92OBrGuLLZsyM5ybUzgc/mPjIYk2AZqufieooe98uw= github.com/ericlagergren/decimal v0.0.0-20221120152707-495c53812d05/go.mod h1:M9R1FoZ3y//hwwnJtO51ypFGwm8ZfpxPT/ZLtO1mcgQ= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= @@ -298,8 +302,9 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLe github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= +github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= @@ -363,8 +368,9 @@ github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsU github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o= github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY= github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI= -github.com/jackc/pgconn v1.14.0 h1:vrbA9Ud87g6JdFWkHTJXppVce58qPIdP7N8y0Ml/A7Q= github.com/jackc/pgconn v1.14.0/go.mod h1:9mBNlny0UvkgJdCDvdVHYSjI+8tD2rnKK69Wz8ti++E= +github.com/jackc/pgconn v1.14.1 h1:smbxIaZA08n6YuxEX1sDyjV/qkbtUtkH20qLkR9MUR4= +github.com/jackc/pgconn v1.14.1/go.mod h1:9mBNlny0UvkgJdCDvdVHYSjI+8tD2rnKK69Wz8ti++E= github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE= github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8= github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE= @@ -420,11 +426,12 @@ github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dv github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.16.5 h1:IFV2oUNUzZaz+XyusxpLzpzS8Pt5rh0Z16For/djlyI= -github.com/klauspost/compress v1.16.5/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= +github.com/klauspost/compress v1.16.7 h1:2mk3MPGNzKyxErAw8YaohYh69+pa4sIQSC0fPGCFR9I= +github.com/klauspost/compress v1.16.7/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -479,6 +486,8 @@ github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zk github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/metal-toolbox/auditevent v0.8.0 h1:uKEwwYnxAEgvFNpleZzIblLymCDK44WwpsKi36mznVQ= github.com/metal-toolbox/auditevent v0.8.0/go.mod h1:yladFT4ayNx+4wrNczvUjYFsg7Qvq+G8YBIDvjeeiLw= +github.com/metal-toolbox/governor-api v0.1.7 h1:xJHyiLc1ttJluOQ9klbdhOULZ0xU0BBf/AfNXjjeM8s= +github.com/metal-toolbox/governor-api v0.1.7/go.mod h1:CuxGckaQX5hh6IdMnxJVIEf+/e+YWLHvHEURryHQAEM= github.com/microsoft/go-mssqldb v0.17.0/go.mod h1:OkoNGhGEs8EZqchVTtochlXruEhEOaO4S0d2sB5aeGQ= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= @@ -509,8 +518,8 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nats-io/jwt/v2 v2.4.1 h1:Y35W1dgbbz2SQUYDPCaclXcuqleVmpbRa7646Jf2EX4= github.com/nats-io/nats-server/v2 v2.9.17 h1:gFpUQ3hqIDJrnqog+Bl5vaXg+RhhYEZIElasEuRn2tw= -github.com/nats-io/nats.go v1.27.1 h1:OuYnal9aKVSnOzLQIzf7554OXMCG7KbaTkCSBHRcSoo= -github.com/nats-io/nats.go v1.27.1/go.mod h1:XpbWUlOElGwTYbMR7imivs7jJj9GtK7ypv321Wp6pjc= +github.com/nats-io/nats.go v1.28.0 h1:Th4G6zdsz2d0OqXdfzKLClo6bOfoI/b1kInhRtFIy5c= +github.com/nats-io/nats.go v1.28.0/go.mod h1:XpbWUlOElGwTYbMR7imivs7jJj9GtK7ypv321Wp6pjc= github.com/nats-io/nkeys v0.4.4 h1:xvBJ8d69TznjcQl9t6//Q5xXuVhyYiSos6RPtvQNTwA= github.com/nats-io/nkeys v0.4.4/go.mod h1:XUkxdLPTufzlihbamfzQ7mw/VGx6ObUs+0bN5sNvt64= github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw= @@ -524,8 +533,8 @@ github.com/patrickmn/go-cache v0.0.0-20180815053127-5633e0862627/go.mod h1:3Qf8k github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo= github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= -github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ= -github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4= +github.com/pelletier/go-toml/v2 v2.0.9 h1:uH2qQXheeefCCkuBBSLi7jCiSmj3VRh2+Goq2N7Xxu0= +github.com/pelletier/go-toml/v2 v2.0.9/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/pkg/browser v0.0.0-20210115035449-ce105d075bb4/go.mod h1:N6UoU20jOqggOuDwUaBQpluzLNDqif3kq9z2wpdYEfQ= github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= @@ -538,6 +547,7 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= +github.com/pressly/goose/v3 v3.14.0 h1:gNrFLLDF+fujdq394rcdYK3WPxp3VKWifTajlZwInJM= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.4.0/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= @@ -562,8 +572,8 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= +github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI= +github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= @@ -624,7 +634,6 @@ github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/subosito/gotenv v1.3.0/go.mod h1:YzJjq/33h7nrwdY+iHMhEOEEbW0ovIz0tB6t6PwAXzs= @@ -644,11 +653,11 @@ github.com/volatiletech/null/v8 v8.1.2 h1:kiTiX1PpwvuugKwfvUNX/SU/5A2KGZMXfGD0DU github.com/volatiletech/null/v8 v8.1.2/go.mod h1:98DbwNoKEpRrYtGjWFctievIfm4n4MxG0A6EBUcoS5g= github.com/volatiletech/randomize v0.0.1 h1:eE5yajattWqTB2/eN8df4dw+8jwAzBtbdo5sbWC4nMk= github.com/volatiletech/randomize v0.0.1/go.mod h1:GN3U0QYqfZ9FOJ67bzax1cqZ5q2xuj2mXrXBjWaRTlY= -github.com/volatiletech/sqlboiler/v4 v4.14.2 h1:j5QnlR5/wYDmGDDTutI3BO+4oPBiqYoVrfReVr7VSxA= -github.com/volatiletech/sqlboiler/v4 v4.14.2/go.mod h1:65288sb8jBLnTynTumBK6eU8C2JwWsiPjoPihEfC0/A= +github.com/volatiletech/sqlboiler/v4 v4.15.0 h1:+twm3mA34SaUF6wB9U6QkXxkK8AKkV5EfgMSvcKWeY4= +github.com/volatiletech/sqlboiler/v4 v4.15.0/go.mod h1:s643wqYyCQ7Ak2hMVxH7kTS0+lFPNlj+gHKUIukJ0YA= github.com/volatiletech/strmangle v0.0.1/go.mod h1:F6RA6IkB5vq0yTG4GQ0UsbbRcl3ni9P76i+JrTBKFFg= -github.com/volatiletech/strmangle v0.0.4 h1:CxrEPhobZL/PCZOTDSH1aq7s4Kv76hQpRoTVVlUOim4= -github.com/volatiletech/strmangle v0.0.4/go.mod h1:ycDvbDkjDvhC0NUU8w3fWwl5JEMTV56vTKXzR3GeR+0= +github.com/volatiletech/strmangle v0.0.5 h1:CompJPy+lAi9h+YU/IzBR4X2RDRuAuEIP+kjFdyZXcU= +github.com/volatiletech/strmangle v0.0.5/go.mod h1:ycDvbDkjDvhC0NUU8w3fWwl5JEMTV56vTKXzR3GeR+0= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -658,14 +667,12 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= github.com/zsais/go-gin-prometheus v0.1.0 h1:bkLv1XCdzqVgQ36ScgRi09MA2UC1t3tAB6nsfErsGO4= github.com/zsais/go-gin-prometheus v0.1.0/go.mod h1:Slirjzuz8uM8Cw0jmPNqbneoqcUtY2GGjn2bEd4NRLY= -go.equinixmetal.net/governor-api v0.24.0 h1:dPgB/06PISNDhCp2sC0gnjrvpVSS9tR77yQE/9dTGoc= -go.equinixmetal.net/governor-api v0.24.0/go.mod h1:6478oyqfT9nhHvlastLicngm0z1Sb4S9Yjn5kZbCXWU= go.etcd.io/etcd/api/v3 v3.5.4/go.mod h1:5GB2vv4A4AOn3yk7MftYGHkUfGtDHnEraIjym4dYz5A= go.etcd.io/etcd/client/pkg/v3 v3.5.4/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/v2 v2.305.4/go.mod h1:Ud+VUwIi9/uQHOMA+4ekToJ12lTxlv0zB/+DHwTGEbU= go.etcd.io/etcd/client/v3 v3.5.4/go.mod h1:ZaRkVgBZC+L+dLCjTcF1hRXpgZXQPOvnA/Ak/gq3kiY= -go.hollow.sh/toolbox v0.6.0 h1:4HTzh4gVPjJO1Q2FhNn2r4T+EaufTdJj49rUdasl3pA= -go.hollow.sh/toolbox v0.6.0/go.mod h1:imcLT0oRHkDSlA5ENoXWDihQCOQitsP8zZrPSezFyig= +go.hollow.sh/toolbox v0.6.1 h1:3E6JofImSCe63XayczbGfDxIXUjmBziMBBmbwook8WA= +go.hollow.sh/toolbox v0.6.1/go.mod h1:nl+5RDDyYY/+wukOUzHHX2mOyWKRjlTOXUcGxny+tns= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -677,17 +684,17 @@ go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin v0. go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin v0.42.0/go.mod h1:Ep4uoO2ijR0f49Pr7jAqyTjSCyS1SRL18wwttKfwqXA= go.opentelemetry.io/contrib/propagators/b3 v1.17.0 h1:ImOVvHnku8jijXqkwCSyYKRDt2YrnGXD4BbhcpfbfJo= go.opentelemetry.io/otel v1.10.0/go.mod h1:NbvWjCthWHKBEUMpf0/v8ZRZlni86PpGFEMA9pnQSnQ= -go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= -go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= +go.opentelemetry.io/otel v1.17.0 h1:MW+phZ6WZ5/uk2nd93ANk/6yJ+dVrvNWUjGhnnFU5jM= +go.opentelemetry.io/otel v1.17.0/go.mod h1:I2vmBGtFaODIVMBSTPVDlJSzBDNf93k60E6Ft0nyjo0= go.opentelemetry.io/otel/exporters/jaeger v1.16.0 h1:YhxxmXZ011C0aDZKoNw+juVWAmEfv/0W2XBOv9aHTaA= go.opentelemetry.io/otel/exporters/jaeger v1.16.0/go.mod h1:grYbBo/5afWlPpdPZYhyn78Bk04hnvxn2+hvxQhKIQM= -go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= -go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= -go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiMWgE= -go.opentelemetry.io/otel/sdk v1.16.0/go.mod h1:tMsIuKXuuIWPBAOrH+eHtvhTL+SntFtXF9QD68aP6p4= +go.opentelemetry.io/otel/metric v1.17.0 h1:iG6LGVz5Gh+IuO0jmgvpTB6YVrCGngi8QGm+pMd8Pdc= +go.opentelemetry.io/otel/metric v1.17.0/go.mod h1:h4skoxdZI17AxwITdmdZjjYJQH5nzijUUjm+wtPph5o= +go.opentelemetry.io/otel/sdk v1.17.0 h1:FLN2X66Ke/k5Sg3V623Q7h7nt3cHXaW1FOvKKrW0IpE= +go.opentelemetry.io/otel/sdk v1.17.0/go.mod h1:U87sE0f5vQB7hwUoW98pW5Rz4ZDuCFBZFNUBlSgmDFQ= go.opentelemetry.io/otel/trace v1.10.0/go.mod h1:Sij3YYczqAdz+EhmGhE6TpTxUO5/F/AzrK+kxfGqySM= -go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= -go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= +go.opentelemetry.io/otel/trace v1.17.0 h1:/SWhSRHmDPOImIAetP1QAeMnZYiQXrTy4fMMYOdSKWQ= +go.opentelemetry.io/otel/trace v1.17.0/go.mod h1:I/4vKTgFclIsXRVucpH25X0mpFSczM7aHeaz0ZBLWjY= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= @@ -713,8 +720,8 @@ go.uber.org/zap v1.23.0/go.mod h1:D+nX8jyLsMHMYrln8A0rJjFt/T/9/bGgIhAqxv5URuY= go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= -golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k= -golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= +golang.org/x/arch v0.4.0 h1:A8WCeEWhLwPBKNbFi5Wv5UTCBx5zzubnXDlMOFAzFMc= +golang.org/x/arch v0.4.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE= @@ -737,8 +744,8 @@ golang.org/x/crypto v0.0.0-20220511200225-c6db032c6c88/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM= -golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I= +golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA= +golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -826,8 +833,8 @@ golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU= -golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ= +golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50= +golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -848,8 +855,8 @@ golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.9.0 h1:BPpt2kU7oMRq3kCHAA1tbSEshXRw1LpG2ztgDwrzuAs= -golang.org/x/oauth2 v0.9.0/go.mod h1:qYgFZaFiu6Wg24azG8bdV52QJXJGbZzIIsRCdVKzbLw= +golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= +golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -952,8 +959,8 @@ golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= -golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= +golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -968,8 +975,8 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58= -golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4= +golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1217,8 +1224,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1288,6 +1295,7 @@ modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= +nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= diff --git a/internal/reconciler/eventlog.go b/internal/reconciler/eventlog.go index c3a63be..5a435c4 100644 --- a/internal/reconciler/eventlog.go +++ b/internal/reconciler/eventlog.go @@ -7,8 +7,8 @@ import ( "go.uber.org/zap" - okt "go.equinixmetal.net/gov-okta-addon/internal/okta" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" + okt "github.com/equinixmetal/gov-okta-addon/internal/okta" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" "github.com/okta/okta-sdk-golang/v2/okta" "github.com/okta/okta-sdk-golang/v2/okta/query" diff --git a/internal/reconciler/group_memberships.go b/internal/reconciler/group_memberships.go index b286b6f..4218e07 100644 --- a/internal/reconciler/group_memberships.go +++ b/internal/reconciler/group_memberships.go @@ -3,8 +3,8 @@ package reconciler import ( "context" - "go.equinixmetal.net/gov-okta-addon/internal/auctx" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" + "github.com/equinixmetal/gov-okta-addon/internal/auctx" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" "go.uber.org/zap" ) diff --git a/internal/reconciler/groups.go b/internal/reconciler/groups.go index 0eec954..53e5b2e 100644 --- a/internal/reconciler/groups.go +++ b/internal/reconciler/groups.go @@ -3,8 +3,8 @@ package reconciler import ( "context" - "go.equinixmetal.net/gov-okta-addon/internal/auctx" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" + "github.com/equinixmetal/gov-okta-addon/internal/auctx" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" "go.uber.org/zap" ) diff --git a/internal/reconciler/groups_test.go b/internal/reconciler/groups_test.go index 77675b5..d607296 100644 --- a/internal/reconciler/groups_test.go +++ b/internal/reconciler/groups_test.go @@ -4,8 +4,8 @@ import ( "encoding/json" "testing" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" "github.com/stretchr/testify/assert" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" ) var testOrganizationsList = []byte(` diff --git a/internal/reconciler/reconciler.go b/internal/reconciler/reconciler.go index ae35ba5..de09ded 100644 --- a/internal/reconciler/reconciler.go +++ b/internal/reconciler/reconciler.go @@ -6,13 +6,13 @@ import ( "time" "github.com/equinixmetal/addonx/natslock" + "github.com/equinixmetal/gov-okta-addon/internal/auctx" + "github.com/equinixmetal/gov-okta-addon/internal/okta" "github.com/gofrs/uuid" "github.com/metal-toolbox/auditevent" - "go.equinixmetal.net/gov-okta-addon/internal/auctx" - "go.equinixmetal.net/gov-okta-addon/internal/okta" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" - "go.equinixmetal.net/governor-api/pkg/api/v1beta1" - governor "go.equinixmetal.net/governor-api/pkg/client" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" + "github.com/metal-toolbox/governor-api/pkg/api/v1beta1" + governor "github.com/metal-toolbox/governor-api/pkg/client" "go.uber.org/zap" ) diff --git a/internal/reconciler/reconciler_test.go b/internal/reconciler/reconciler_test.go index 4ae8810..5137317 100644 --- a/internal/reconciler/reconciler_test.go +++ b/internal/reconciler/reconciler_test.go @@ -3,8 +3,8 @@ package reconciler import ( "testing" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" "github.com/stretchr/testify/assert" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" ) func Test_contains(t *testing.T) { diff --git a/internal/reconciler/users.go b/internal/reconciler/users.go index 8050df2..8a2b438 100644 --- a/internal/reconciler/users.go +++ b/internal/reconciler/users.go @@ -4,9 +4,9 @@ import ( "context" "time" - "go.equinixmetal.net/gov-okta-addon/internal/auctx" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" - "go.equinixmetal.net/governor-api/pkg/api/v1beta1" + "github.com/equinixmetal/gov-okta-addon/internal/auctx" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" + "github.com/metal-toolbox/governor-api/pkg/api/v1beta1" "go.uber.org/zap" ) diff --git a/internal/reconciler/users_test.go b/internal/reconciler/users_test.go index dda6862..8308b5d 100644 --- a/internal/reconciler/users_test.go +++ b/internal/reconciler/users_test.go @@ -5,8 +5,8 @@ import ( "testing" "time" + "github.com/metal-toolbox/governor-api/pkg/api/v1alpha1" "github.com/volatiletech/null/v8" - "go.equinixmetal.net/governor-api/pkg/api/v1alpha1" ) func Test_userDeleted(t *testing.T) { diff --git a/internal/srv/msg_handlers.go b/internal/srv/msg_handlers.go index 46c7062..2915b95 100644 --- a/internal/srv/msg_handlers.go +++ b/internal/srv/msg_handlers.go @@ -8,8 +8,8 @@ import ( "github.com/nats-io/nats.go" "go.uber.org/zap" - "go.equinixmetal.net/gov-okta-addon/internal/auctx" - "go.equinixmetal.net/governor-api/pkg/events/v1alpha1" + "github.com/equinixmetal/gov-okta-addon/internal/auctx" + "github.com/metal-toolbox/governor-api/pkg/events/v1alpha1" ) // groupsMessageHandler handles messages for governor group events diff --git a/internal/srv/nats_test.go b/internal/srv/nats_test.go index 321b0d3..9efc15b 100644 --- a/internal/srv/nats_test.go +++ b/internal/srv/nats_test.go @@ -7,7 +7,7 @@ import ( "github.com/stretchr/testify/assert" "go.uber.org/zap" - "go.equinixmetal.net/governor-api/pkg/events/v1alpha1" + "github.com/metal-toolbox/governor-api/pkg/events/v1alpha1" ) func TestServer_unmarshalPayload(t *testing.T) { diff --git a/internal/srv/server.go b/internal/srv/server.go index fc441ed..5c130ed 100644 --- a/internal/srv/server.go +++ b/internal/srv/server.go @@ -17,7 +17,7 @@ import ( "go.opentelemetry.io/otel" "go.uber.org/zap" - "go.equinixmetal.net/gov-okta-addon/internal/reconciler" + "github.com/equinixmetal/gov-okta-addon/internal/reconciler" ) // Server implements the HTTP Server diff --git a/main.go b/main.go index fef381a..fa57a6b 100644 --- a/main.go +++ b/main.go @@ -1,7 +1,7 @@ // main package main -import "go.equinixmetal.net/gov-okta-addon/cmd" +import "github.com/equinixmetal/gov-okta-addon/cmd" func main() { cmd.Execute() From 1af9ff7b8c42b772751eab1ea088727a800c1f76 Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sun, 1 Oct 2023 11:08:23 -0600 Subject: [PATCH 2/8] move trivy to buildkite, dockerifle.dev not needed --- .buildkite/pipeline.yml | 36 ++++++++++++++++++---------- .github/workflows/scan-trivy.yml | 41 -------------------------------- Dockerfile.dev | 30 ----------------------- 3 files changed, 23 insertions(+), 84 deletions(-) delete mode 100644 .github/workflows/scan-trivy.yml delete mode 100644 Dockerfile.dev diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index c0497aa..b50d302 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -1,7 +1,7 @@ env: ARTIFACT_NAME: gov-okta-addon GOPRIVATE: github.com/equinixmetal/*,go.equinixmetal.net - QUAY_REPO: quay.io/equinixmetal/gov-okta-addon + IMAGE_REPO: quay.io/equinixmetal/gov-okta-addon IMAGE_TAG: ${BUILDKITE_BUILD_NUMBER}-${BUILDKITE_COMMIT:0:8} DEPLOYMENT_REPO: k8s-gov-okta-addon @@ -49,23 +49,33 @@ steps: - label: ":docker: docker build and publish" key: "build" depends_on: ["lint", "test", "gobuild"] + env: + BUILDKITE_PLUGINS_ALWAYS_CLONE_FRESH: "true" commands: | #!/bin/bash echo --- Retrieve Artifacts - buildkite-agent artifact download "${ARTIFACT_NAME}-bin" . - - # work around buildkite stripping the path if the artifact is the same name as the build - echo -- Rename artifact - mv ${ARTIFACT_NAME}-bin ${ARTIFACT_NAME} + buildkite-agent artifact download "bin/${APP_NAME}" . # make sure it is executable - chmod +x ${ARTIFACT_NAME} - - echo --- Build Docker Image - docker build . -t "$QUAY_REPO:$IMAGE_TAG" - - echo --- Push Docker Image - docker push "$QUAY_REPO:$IMAGE_TAG" + chmod +x bin/${APP_NAME} + plugins: + # - docker-login#v2.1.0: + # username: metal-buildkite + # password-env: SECRET_GHCR_PUBLISH_TOKEN + # server: ghcr.io + - equinixmetal-buildkite/docker-metadata#v1.0.0: + images: + - "${IMAGE_REPO}" + extra_tags: + - "${IMAGE_TAG}" + - equinixmetal-buildkite/docker-build#v1.1.0: + push: true + build-args: + - NAME=${APP_NAME} + - equinixmetal-buildkite/trivy#v1.18.2: + severity: CRITICAL,HIGH + ignore-unfixed: true + security-checks: config,secret,vuln # For main commits, pull-requests will be created to bump the image in the deployment manifest - label: "Bump image tag for main branch builds" diff --git a/.github/workflows/scan-trivy.yml b/.github/workflows/scan-trivy.yml deleted file mode 100644 index 08eadc1..0000000 --- a/.github/workflows/scan-trivy.yml +++ /dev/null @@ -1,41 +0,0 @@ ---- -name: test - -# Run for all pushes to main and pull requests when Go or YAML files change -on: - push: - branches: - - main - schedule: - - cron: '23 20 * * 2' - pull_request: - -jobs: - scan-trivy-1: - name: sec-scan-trivy-1 - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Build - uses: docker/build-push-action@v4 - with: - context: . - file: ./Dockerfile.dev - push: false - load: true - tags: localbuild/sec-scan-trivy:latest - build-args: | - ACTIONS_BOT_GITHUB_PAT=${{ secrets.ACTIONS_BOT_GITHUB_PAT }} - - - name: Scan image - uses: aquasecurity/trivy-action@master - with: - image-ref: localbuild/sec-scan-trivy:latest - format: 'table' - exit-code: '1' - ignore-unfixed: true - vuln-type: 'os,library' - severity: 'CRITICAL,HIGH' - diff --git a/Dockerfile.dev b/Dockerfile.dev deleted file mode 100644 index ebbc444..0000000 --- a/Dockerfile.dev +++ /dev/null @@ -1,30 +0,0 @@ -FROM golang:1.21 as builder - -# Create and change to the app directory. -WORKDIR /app - -# Setup dependencies to auth inside docker -ARG ACTIONS_BOT_GITHUB_PAT -ENV ACTIONS_BOT_GITHUB_PAT=${ACTIONS_BOT_GITHUB_PAT} - -# Retrieve application dependencies using go modules. -# Allows container builds to reuse downloaded dependencies. -COPY go.* ./ -RUN go mod download - -# Copy local code to the container image. -COPY . ./ - -# Build the binary. -# -mod=readonly ensures immutable go.mod and go.sum in container builds. -RUN CGO_ENABLED=0 GOOS=linux go build -mod=readonly -v -o addon - -# https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds -FROM gcr.io/distroless/static - -# Copy the binary to the production image from the builder stage. -COPY --from=builder /app/addon /addon - -# Run the web service on container startup. -ENTRYPOINT ["/addon"] -CMD ["serve"] \ No newline at end of file From 5edf7950e354a7610c2e143223c8f607887ba827 Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sun, 1 Oct 2023 11:11:33 -0600 Subject: [PATCH 3/8] APP_NAME --- .buildkite/pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index b50d302..31a7260 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -1,5 +1,5 @@ env: - ARTIFACT_NAME: gov-okta-addon + APP_NAME: gov-okta-addon GOPRIVATE: github.com/equinixmetal/*,go.equinixmetal.net IMAGE_REPO: quay.io/equinixmetal/gov-okta-addon IMAGE_TAG: ${BUILDKITE_BUILD_NUMBER}-${BUILDKITE_COMMIT:0:8} From 20e6b8add7abcd64d23e4bd6a2eab980339975fe Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sun, 1 Oct 2023 11:17:00 -0600 Subject: [PATCH 4/8] APP_NAME --- .buildkite/pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index 31a7260..7577a76 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -31,7 +31,7 @@ steps: - label: ":golang: build" key: "gobuild" - artifact_paths: "${ARTIFACT_NAME}-bin" + artifact_paths: "${APP_NAME}-bin" plugins: - ssh://git@github.com/packethost/ssm-buildkite-plugin#v1.0.4: parameters: From c6fc9dd90e89deeb699a203a69c076bf7d409a62 Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sun, 1 Oct 2023 11:24:03 -0600 Subject: [PATCH 5/8] fixup --- .buildkite/pipeline.yml | 2 +- Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index 7577a76..524230b 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -31,7 +31,7 @@ steps: - label: ":golang: build" key: "gobuild" - artifact_paths: "${APP_NAME}-bin" + artifact_paths: "bin/${APP_NAME}" plugins: - ssh://git@github.com/packethost/ssm-buildkite-plugin#v1.0.4: parameters: diff --git a/Dockerfile b/Dockerfile index 7abaae7..7d5dd96 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM gcr.io/distroless/static -COPY ./gov-okta-addon /addon +COPY ./bin/gov-okta-addon /addon # Run the web service on container startup. ENTRYPOINT ["/addon"] From 62eb39b7df4b4cb8a6fb805706cba2740a4d3cb6 Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sun, 1 Oct 2023 11:28:18 -0600 Subject: [PATCH 6/8] moar fixes --- .buildkite/pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index 524230b..bc8bb65 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -44,7 +44,7 @@ steps: - CGO_ENABLED=0 - GOOS=linux entrypoint: ./scripts/ci_entrypoint.sh - command: ["go", "build", "-buildvcs=false", "-mod=mod", "-a", "-o", "gov-okta-addon-bin"] + command: ["go", "build", "-buildvcs=false", "-mod=mod", "-a", "-o", "bin/$APP_NAME"] - label: ":docker: docker build and publish" key: "build" From 6f0ae8068fa2c85cad5bb82152e2ccd3b98647d7 Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sun, 1 Oct 2023 11:32:22 -0600 Subject: [PATCH 7/8] bump trivy version --- .buildkite/pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index bc8bb65..c6d7cba 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -72,7 +72,7 @@ steps: push: true build-args: - NAME=${APP_NAME} - - equinixmetal-buildkite/trivy#v1.18.2: + - equinixmetal-buildkite/trivy#v1.18.3: severity: CRITICAL,HIGH ignore-unfixed: true security-checks: config,secret,vuln From e40bbcc9c0a2a39397ebabbe2159a437e23dc9cd Mon Sep 17 00:00:00 2001 From: Sarah Funkhouser <11655165+sfunkhouser@users.noreply.github.com> Date: Sun, 1 Oct 2023 11:34:57 -0600 Subject: [PATCH 8/8] use non-root user --- Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 7d5dd96..3984f27 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,7 @@ -FROM gcr.io/distroless/static +FROM gcr.io/distroless/static:nonroot + +# `nonroot` coming from distroless +USER 65532:65532 COPY ./bin/gov-okta-addon /addon