From b102b1c55774848949cf27cff3f7a873ee678346 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Fri, 30 Oct 2020 12:13:18 -0400 Subject: [PATCH 1/7] Authentikos: Refactor Token/Secret creators to interfaces. This allows for other token types to be created while reusing the same common creation / reconcilation components. As an example for how this can be extended, adds a GitHub App token creator as an alternative to the existing Google OAuth implementation. Also changes secret updates to patches of just the data to fix an issue dicovered during testing where the reconciler would overwrite any user-added labels/annotations. --- WORKSPACE | 1 + authentikos/BUILD.bazel | 8 +- authentikos/authentikos.go | 389 +-- authentikos/go.mod | 6 + authentikos/go.sum | 23 + authentikos/pkg/plugins/github/BUILD.bazel | 25 + authentikos/pkg/plugins/github/github.go | 70 + authentikos/pkg/plugins/github/github_test.go | 45 + authentikos/pkg/plugins/google/BUILD.bazel | 32 + authentikos/pkg/plugins/google/google.go | 304 ++ .../plugins/google/google_test.go} | 2 +- repos.bzl | 2579 +++++++++-------- 12 files changed, 1870 insertions(+), 1614 deletions(-) mode change 100755 => 100644 authentikos/authentikos.go create mode 100644 authentikos/pkg/plugins/github/BUILD.bazel create mode 100644 authentikos/pkg/plugins/github/github.go create mode 100644 authentikos/pkg/plugins/github/github_test.go create mode 100644 authentikos/pkg/plugins/google/BUILD.bazel create mode 100644 authentikos/pkg/plugins/google/google.go rename authentikos/{authentikos_test.go => pkg/plugins/google/google_test.go} (99%) mode change 100755 => 100644 diff --git a/WORKSPACE b/WORKSPACE index cca301ee00..6fa919a006 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -129,4 +129,5 @@ _go_image_repos() load("@//:repos.bzl", "go_repositories") +# gazelle:repository_macro repos.bzl%go_repositories go_repositories() diff --git a/authentikos/BUILD.bazel b/authentikos/BUILD.bazel index 962249ef35..2c47d89237 100644 --- a/authentikos/BUILD.bazel +++ b/authentikos/BUILD.bazel @@ -6,16 +6,14 @@ go_library( importpath = "istio.io/test-infra/authentikos", visibility = ["//visibility:private"], deps = [ - "@com_github_spf13_pflag//:go_default_library", - "@io_k8s_api//core/v1:go_default_library", + "//authentikos/pkg/authentikos:go_default_library", + "//authentikos/pkg/plugins/google:go_default_library", "@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library", "@io_k8s_client_go//kubernetes:go_default_library", - "@io_k8s_client_go//kubernetes/typed/core/v1:go_default_library", "@io_k8s_client_go//plugin/pkg/client/auth:go_default_library", "@io_k8s_client_go//rest:go_default_library", "@io_k8s_client_go//tools/clientcmd:go_default_library", - "@org_golang_google_api//option:go_default_library", - "@org_golang_google_api//transport:go_default_library", + "@io_k8s_klog//:go_default_library", ], ) diff --git a/authentikos/authentikos.go b/authentikos/authentikos.go old mode 100755 new mode 100644 index c3c250794c..1c116323b0 --- a/authentikos/authentikos.go +++ b/authentikos/authentikos.go @@ -17,246 +17,28 @@ limitations under the License. package main import ( - "bytes" "context" - "errors" - "fmt" - "html/template" - "io/ioutil" - "log" - "math" - "os" - "path/filepath" - "strings" + "flag" "time" - "github.com/Masterminds/sprig" - flag "github.com/spf13/pflag" - "golang.org/x/oauth2" - "golang.org/x/oauth2/google" - "google.golang.org/api/option" - "google.golang.org/api/transport" - corev1 "k8s.io/api/core/v1" + "istio.io/test-infra/authentikos/pkg/authentikos" + "istio.io/test-infra/authentikos/pkg/plugins/google" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" - v1 "k8s.io/client-go/kubernetes/typed/core/v1" _ "k8s.io/client-go/plugin/pkg/client/auth" // Enable all auth provider plugins "k8s.io/client-go/rest" "k8s.io/client-go/tools/clientcmd" + "k8s.io/klog" ) // Command-line options. const ( - defaultKey = "token" // defaultKey is the kubernetes secret data key. - defaultSecret = "authentikos-token" // defaultSecret is the default kubernetes secret name. - defaultTemplate = "{{.Token}}" // defaultTemplate is the default token template string. - defaultNamespace = metav1.NamespaceDefault // defaultNamespace is the default kubernetes namespace. - defaultInterval = 30 * time.Minute // defaultInterval is the default tick interval. - minInterval = 1 * time.Minute // minInterval is the minimum tick interval (inclusive). - maxInterval = tokenExpiration - expiryDelta*2 // maxInterval is the maximum tick interval (exclusive). + defaultKey = "token" // defaultKey is the kubernetes secret data key. + defaultSecret = "authentikos-token" // defaultSecret is the default kubernetes secret name. + defaultNamespace = metav1.NamespaceDefault // defaultNamespace is the default kubernetes namespace. + defaultInterval = 30 * time.Minute // defaultInterval is the default tick interval. ) -// OAuth2 scopes. -const ( - userinfoEmailScope = "https://www.googleapis.com/auth/userinfo.email" // View your email address - cloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" // View and manage your data across Google Cloud Platform services - openIDScope = "openid" // Authenticate using OpenID Connect -) - -var ( - defaultScopes = []string{userinfoEmailScope, cloudPlatformScope, openIDScope} // defaultScopes is the default OAuth2 scopes. -) - -// Token expiration parameters. -const ( - tokenExpiration = 60 * time.Minute // tokenExpiration is the oauth token expiration. - maxTries = 5 // maxTries is the maximum number of consecutive attempts to force refresh a token. - expiryDelta = 5 * time.Minute // expiryDelta is how early a token is be considered expired before its actual expiration time. -) - -var timeNow = time.Now - -// tokenCreator is a function that creates an oauth token. -type tokenCreator func(forceRefresh bool, tries int) ([]byte, error) - -// secretCreator is a function that creates a kubernetes secret. -type secretCreator func() ([]*corev1.Secret, namespacedErrors) - -// namespacedError is a custom error type which stores a message and a kubernetes namespace. -type namespacedError struct { - namespace string - message string -} - -// namespacedError returns the string representation of the error. -func (err namespacedError) Error() string { - return fmt.Sprintf("%v:%v", err.namespace, err.message) -} - -// namespacedError is a list of custom namespaced errors. -type namespacedErrors []*namespacedError - -// namespacedErrors returns the string representation of the error(s). -func (errs namespacedErrors) Errors() string { - var errMsgs []string - - for _, err := range errs { - errMsgs = append(errMsgs, err.Error()) - } - - return strings.Join(errMsgs, ", ") -} - -// tokenTemplate is the template data structure. -type tokenTemplate struct { - Token string -} - -// options are the available command-line flags. -type options struct { - forceRefresh bool - verbose bool - interval time.Duration - creds string - key string - secret string - template string - templateFile string - namespace []string - scopes []string -} - -// parseFlags parses the command-line flags. -func (o *options) parseFlags() { - flag.BoolVarP(&o.forceRefresh, "force-refresh", "r", false, "Force a token refresh. Otherwise, the token will only refresh when necessary.") - flag.BoolVarP(&o.verbose, "verbose", "v", false, "Print verbose output.") - flag.DurationVarP(&o.interval, "interval", "i", defaultInterval, fmt.Sprintf("Token refresh interval [%v - %v).", minInterval, maxInterval)) - flag.StringVarP(&o.creds, "creds", "c", "", "Path to a JSON credentials file.") - flag.StringVarP(&o.secret, "secret", "o", defaultSecret, "Name of secret to create.") - flag.StringVarP(&o.key, "key", "k", defaultKey, "Name of secret data key.") - flag.StringVarP(&o.template, "template", "t", "", "Template string for the token.") - flag.StringVarP(&o.templateFile, "template-file", "f", "", "Path to a template string for the token.") - flag.StringSliceVarP(&o.namespace, "namespace", "n", []string{defaultNamespace}, "Namespace(s) to create the secret in.") - flag.StringSliceVarP(&o.scopes, "scopes", "s", []string{}, "Oauth scope(s) to request for token (see: https://developers.google.com/identity/protocols/oauth2/scopes).") - - flag.Parse() -} - -// validateFlags validates the command-line flags. -func (o *options) validateFlags() error { - var err error - - // Ensure both `template` and `templateFile` are not set. - if len(o.template) > 0 && len(o.templateFile) > 0 { - return errors.New("-t, --template and -f, --template-file are mutually exclusive options") - } - - // Default to `defaultTemplate` if a template is not specified. - if len(o.template) == 0 && len(o.templateFile) == 0 { - o.template = defaultTemplate - } - - // Read in `templateFile` as template if both set and valid. - if len(o.templateFile) > 0 { - data, err := ioutil.ReadFile(o.templateFile) - if err != nil { - return fmt.Errorf("-f, --template-file option invalid: %v", o.templateFile) - } - o.template = string(data) - } - - if len(o.scopes) == 0 { - o.scopes = defaultScopes - } - - // Secrets must have a name, so if unset then default to `defaultSecret`. - if len(o.secret) == 0 { - o.secret = defaultSecret - } - - // Secrets must have a key, so if unset then default to `defaultKey`. - if len(o.key) == 0 { - o.key = defaultKey - } - - // Secrets must have a namespace, so if unset then default to `defaultNamespace`. - if len(o.namespace) == 0 { - o.namespace = []string{defaultNamespace} - } - - // Tick interval must be [1m - 50m), where 60m is the oauth token expiration, 5m is the token expiry delta, and another 5m for processing delta. - if o.interval < minInterval || o.interval >= maxInterval { - return fmt.Errorf("-i, --interval option must be in range [%v, %v): %v", minInterval, maxInterval, o.interval) - } - - if len(o.creds) > 0 { - if o.creds, err = filepath.Abs(o.creds); err != nil || !fileExists(o.creds) { - return fmt.Errorf("-c, --creds option invalid: %v", o.creds) - } - } - - return nil -} - -// printErrAndExit prints an error message to stderr and exits with a status code. -func printErrAndExit(err error, code int) { - _, _ = fmt.Fprintln(os.Stderr, err.Error()) - os.Exit(code) -} - -// printVerbose prints output based on verbosity level. -func printVerbose(formatString string, verbose bool) { - if verbose { - log.Print(formatString) - } -} - -// fileExists checks if a path exists and is a regular file. -func fileExists(path string) bool { - info, err := os.Stat(path) - if os.IsNotExist(err) { - return false - } - return info.Mode().IsRegular() -} - -// isExpired determines if a token is expired and needs to be refreshed. -func isExpired(o options, token *oauth2.Token) bool { - nextRec := timeNow().Add(o.interval) - expiry := token.Expiry.Add(-expiryDelta) - isExpired := expiry.Before(nextRec) - printVerbose(fmt.Sprintf("expired: %t; token expiry (minus delta): %v; next reconcile: %v\n", isExpired, expiry, nextRec), o.verbose) - return isExpired -} - -// getBackoffTime returns a backoff time calculated using formula: `{backoff factor} * 2 ^ {# of retries}`. -func getBackoffTime(factor float64, retry int) time.Duration { - return time.Duration(math.Max(factor*math.Exp2(float64(retry)), 0)) * time.Second -} - -// withBackoff waits with a backoff and runs a function. -func withBackoff(factor float64, retry int, f interface{}) interface{} { - time.Sleep(getBackoffTime(factor, retry)) - return f -} - -func generateTokenData(o options, data []byte) ([]byte, error) { - var b bytes.Buffer - - tmpl, err := template.New("TokenData").Funcs(sprig.FuncMap()).Parse(o.template) - if err != nil { - return nil, err - } - - err = tmpl.Execute(&b, &tokenTemplate{Token: string(data)}) - if err != nil { - return nil, err - } - - return b.Bytes(), nil - -} - // createClusterConfig creates kubernetes cluster configuration. func createClusterConfig() (*rest.Config, error) { return clientcmd.NewNonInteractiveDeferredLoadingClientConfig( @@ -276,161 +58,26 @@ func loadClusterConfig() (*rest.Config, error) { } } -// getOauthTokenCreator returns a function that creates/refreshes an oauth token. -func getOauthTokenCreator(o options) (tokenCreator, error) { - var create tokenCreator - - clientOpts := []option.ClientOption{option.WithScopes(o.scopes...)} - - if len(o.creds) > 0 { - clientOpts = append(clientOpts, option.WithCredentialsFile(o.creds)) - } - - // Reusing the client leverages the token source cache. - client, err := transport.Creds(context.Background(), clientOpts...) - - clientCreator := func(forceRefresh bool) (*google.Credentials, error) { - if forceRefresh { - // Recreating the client invalidates the token source cache. - client, err = transport.Creds(context.Background(), clientOpts...) - printVerbose("force refreshing token\n", o.verbose) - } - - return client, err - } - - create = func(forceRefresh bool, tries int) ([]byte, error) { - if tries <= 0 { - return nil, fmt.Errorf("maximum tries: %d exceeded to force refresh token", maxTries) - } - - client, err := clientCreator(forceRefresh) - if err != nil { - return withBackoff(1, maxTries-tries, create).(tokenCreator)(forceRefresh, tries-1) - } - - token, err := client.TokenSource.Token() - if err != nil { - return withBackoff(1, maxTries-tries, create).(tokenCreator)(forceRefresh, tries-1) - } - - if isExpired(o, token) { - // Force recreate the token if it will expire before the next reconciliation. - return withBackoff(1, maxTries-tries, create).(tokenCreator)(true, tries-1) - } - - return []byte(token.AccessToken), nil - } - - return create, nil -} +// main entry point. +func main() { + flag.Parse() -// createOrUpdateSecret creates or updates a kubernetes secrets. -func createOrUpdateSecret(o options, client v1.SecretsGetter, ns string, secretData []byte) (*corev1.Secret, error) { - data, err := generateTokenData(o, secretData) + g, err := google.NewSecretGenerator() if err != nil { - return nil, err + klog.Exit(err) } - req := &corev1.Secret{ - ObjectMeta: metav1.ObjectMeta{ - Name: o.secret, - Namespace: ns, - }, - Data: map[string][]byte{o.key: data}, - } - - if secret, err := client.Secrets(ns).Create(req); err == nil { - printVerbose(fmt.Sprintf("creating secret: %v in namespace: %v\n", o.secret, ns), o.verbose) - return secret, nil - } else if secret, err := client.Secrets(ns).Update(req); err == nil { - printVerbose(fmt.Sprintf("updating secret: %v in namespace: %v\n", o.secret, ns), o.verbose) - return secret, nil - } else { - return nil, err - } -} - -// getSecretCreator returns a function that creates a kubernetes secret(s). -func getSecretCreator(o options, create tokenCreator) (secretCreator, error) { config, err := loadClusterConfig() if err != nil { - return nil, err + klog.Exit(err) } - clientset, err := kubernetes.NewForConfig(config) if err != nil { - return nil, err - } - - client := clientset.CoreV1() - - return func() ([]*corev1.Secret, namespacedErrors) { - var ( - secrets []*corev1.Secret - errs namespacedErrors - ) - - for _, ns := range o.namespace { - if secretData, err := create(o.forceRefresh, maxTries); err != nil { - errs = append(errs, &namespacedError{ns, err.Error()}) - } else if secret, err := createOrUpdateSecret(o, client, ns, secretData); err != nil { - errs = append(errs, &namespacedError{ns, err.Error()}) - } else { - secrets = append(secrets, secret) - } - } - - return secrets, errs - - }, nil -} - -// reconcile runs a reconciliation loop in order to achieve desired secret state. -func reconcile(o options, create secretCreator) { - ticker := time.NewTicker(o.interval) - - work := func() { - secrets, errs := create() - - printVerbose(fmt.Sprintf( - "%v: reconcile complete; secrets: %v; errors: %v; next reconcile: %vm\n", - timeNow().Format(time.RFC3339), - len(secrets), - len(errs), - o.interval.Minutes(), - ), true) - - if len(errs) > 0 { - printVerbose(fmt.Sprintf("errors: %v\n", errs.Errors()), o.verbose) - } - - } - - for ; true; <-ticker.C { - work() - } -} - -// main entry point. -func main() { - var o options - - o.parseFlags() - - if err := o.validateFlags(); err != nil { - printErrAndExit(err, 1) - } - - tokenCreator, err := getOauthTokenCreator(o) - if err != nil { - printErrAndExit(err, 1) + klog.Exit(err) } - secretCreator, err := getSecretCreator(o, tokenCreator) - if err != nil { - printErrAndExit(err, 1) - } + client := authentikos.NewSecretCreator(clientset.CoreV1(), g) - reconcile(o, secretCreator) + ctx := context.Background() + authentikos.Reconcile(ctx, client, defaultInterval, defaultSecret, defaultNamespace) } diff --git a/authentikos/go.mod b/authentikos/go.mod index a3804594cb..4600c7df94 100644 --- a/authentikos/go.mod +++ b/authentikos/go.mod @@ -6,8 +6,13 @@ require ( github.com/Masterminds/goutils v1.1.0 // indirect github.com/Masterminds/semver v1.5.0 // indirect github.com/Masterminds/sprig v2.22.0+incompatible + github.com/bradleyfalzon/ghinstallation v1.1.1 + github.com/evanphx/json-patch v4.5.0+incompatible // indirect + github.com/google/go-cmp v0.3.1 github.com/huandu/xstrings v1.3.0 // indirect + github.com/mattbaird/jsonpatch v0.0.0-20200820163806-098863c1fc24 github.com/mitchellh/copystructure v1.0.0 // indirect + github.com/pkg/errors v0.8.1 // indirect github.com/spf13/pflag v1.0.3 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 // indirect golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 @@ -16,4 +21,5 @@ require ( k8s.io/api v0.0.0-20191005115622-2e41325d9e4b k8s.io/apimachinery v0.0.0-20191006235458-f9f2f3f8ab02 k8s.io/client-go v0.0.0-20191008115822-1210218b4a26 + k8s.io/klog v1.0.0 ) diff --git a/authentikos/go.sum b/authentikos/go.sum index 93bf7131dd..9cac58e37f 100644 --- a/authentikos/go.sum +++ b/authentikos/go.sum @@ -25,6 +25,8 @@ github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuN github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/bradleyfalzon/ghinstallation v1.1.1 h1:pmBXkxgM1WeF8QYvDLT5kuQiHMcmf+X015GI0KM/E3I= +github.com/bradleyfalzon/ghinstallation v1.1.1/go.mod h1:vyCmHTciHx/uuyN82Zc3rXN3X2KTK8nUTCrTMwAhcug= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -36,6 +38,9 @@ github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZ github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v4.5.0+incompatible h1:ouOWdg56aJriqS0huScTkVXPC5IcNrDCXZ6OoTAWu7M= +github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= @@ -54,10 +59,18 @@ github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg= +github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/go-github/v29 v29.0.2 h1:opYN6Wc7DOz7Ku3Oh4l7prmkOMwEcQxpFtxdU8N8Pts= +github.com/google/go-github/v29 v29.0.2/go.mod h1:CHKiKKPHJ0REzfwc14QMklvtHwCveD0PxlMjLlzAM5E= +github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk= +github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -74,6 +87,7 @@ github.com/gregjones/httpcache v0.0.0-20170728041850-787624de3eb7/go.mod h1:Fecb github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1 h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huandu/xstrings v1.3.0 h1:gvV6jG9dTgFEncxo+AF7PH6MZXi/vZl25owA/8Dg8Wo= github.com/huandu/xstrings v1.3.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= @@ -91,6 +105,8 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mattbaird/jsonpatch v0.0.0-20200820163806-098863c1fc24 h1:uYuGXJBAi1umT+ZS4oQJUgKtfXCAYTR+n9zw1ViT0vA= +github.com/mattbaird/jsonpatch v0.0.0-20200820163806-098863c1fc24/go.mod h1:M1qoD/MqPgTZIk0EWKB38wE28ACRfVcn+cU08jyArI0= github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= @@ -106,10 +122,14 @@ github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8m github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.10.1 h1:q/mM8GF/n0shIN8SaAZ0V+jnLPzen6WIVZdiwrRlMlo= github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -187,9 +207,11 @@ google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZi gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.0 h1:3zYtXIO92bvsdS3ggAdA8Gb4Azj0YU+TVY1uGYNFA8o= gopkg.in/inf.v0 v0.9.0/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -209,6 +231,7 @@ k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUc k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= +k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf h1:EYm5AW/UUDbnmnI+gK0TJDVK9qPLhM+sRHYanNKw0EQ= k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= k8s.io/utils v0.0.0-20190920012459-5008bf6f8cd6 h1:rfepARh/ECp66dk9TTmT//1PBkHffjnxhdOrgH4m+eA= k8s.io/utils v0.0.0-20190920012459-5008bf6f8cd6/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= diff --git a/authentikos/pkg/plugins/github/BUILD.bazel b/authentikos/pkg/plugins/github/BUILD.bazel new file mode 100644 index 0000000000..caebeca44c --- /dev/null +++ b/authentikos/pkg/plugins/github/BUILD.bazel @@ -0,0 +1,25 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["github.go"], + importpath = "istio.io/test-infra/authentikos/pkg/plugins/github", + visibility = ["//visibility:public"], + deps = [ + "@com_github_bradleyfalzon_ghinstallation//:go_default_library", + "@io_k8s_api//core/v1:go_default_library", + "@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library", + "@io_k8s_klog//:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["github_test.go"], + embed = [":go_default_library"], + deps = [ + "@com_github_google_go_cmp//cmp:go_default_library", + "@io_k8s_api//core/v1:go_default_library", + "@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library", + ], +) diff --git a/authentikos/pkg/plugins/github/github.go b/authentikos/pkg/plugins/github/github.go new file mode 100644 index 0000000000..af3c9d89ff --- /dev/null +++ b/authentikos/pkg/plugins/github/github.go @@ -0,0 +1,70 @@ +package github + +import ( + "context" + + "github.com/bradleyfalzon/ghinstallation" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/klog" +) + +const ( + maxAttempts = 3 +) + +// GitHubApp is a SecretGenerator for populating GitHub App Installation +// access tokens in secrets. This generator creates a BasicAuth secret +// so that it may be used for general API operations, as well as HTTP +// based git clones. +type GitHubApp struct { + tr tokenizer +} + +// tokenizer creates new GitHub App installation tokens. This is primarily used +// for ease of testing so we don't have to use a real Installation transport. +type tokenizer interface { + Token(ctx context.Context) (string, error) +} + +// NewSecretGenerator returns a new GitHub App SecretGenerator +// for the given GitHub App installation transport. +func NewSecretGenerator(tr *ghinstallation.Transport) *GitHubApp { + return &GitHubApp{ + tr: tr, + } +} + +func (a *GitHubApp) token(ctx context.Context) ([]byte, error) { + var token string + var err error + for i := 0; i < maxAttempts; i++ { + token, err = a.tr.Token(ctx) + if err == nil { + break + } + klog.Warning(err) + } + return []byte(token), err +} + +// Secret generates a new Secret for the GitHub App installation. +func (a *GitHubApp) Secret(ctx context.Context, namespace, name string) (*corev1.Secret, error) { + data, err := a.token(ctx) + if err != nil { + return nil, err + } + return &corev1.Secret{ + Type: corev1.SecretTypeBasicAuth, + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + // See https://developer.github.com/apps/building-github-apps/authenticating-with-github-apps/#http-based-git-access-by-an-installation + // for username/password format. + Data: map[string][]byte{ + "username": []byte("x-access-token"), + "password": data, + }, + }, nil +} diff --git a/authentikos/pkg/plugins/github/github_test.go b/authentikos/pkg/plugins/github/github_test.go new file mode 100644 index 0000000000..2f4a232990 --- /dev/null +++ b/authentikos/pkg/plugins/github/github_test.go @@ -0,0 +1,45 @@ +package github + +import ( + "context" + "testing" + + "github.com/google/go-cmp/cmp" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const ( + token = "hunter2" +) + +type fakeToken struct{} + +func (fakeToken) Token(ctx context.Context) (string, error) { + return token, nil +} + +func TestGitHubApp(t *testing.T) { + ctx := context.Background() + gh := &GitHubApp{tr: fakeToken{}} + + want := &corev1.Secret{ + Type: corev1.SecretTypeBasicAuth, + ObjectMeta: metav1.ObjectMeta{ + Name: "secret", + Namespace: "default", + }, + Data: map[string][]byte{ + "username": []byte("x-access-token"), + "password": []byte(token), + }, + } + + s, err := gh.Secret(ctx, want.GetNamespace(), want.GetName()) + if err != nil { + t.Fatal(err) + } + if diff := cmp.Diff(want, s); diff != "" { + t.Error(diff) + } +} diff --git a/authentikos/pkg/plugins/google/BUILD.bazel b/authentikos/pkg/plugins/google/BUILD.bazel new file mode 100644 index 0000000000..258247060f --- /dev/null +++ b/authentikos/pkg/plugins/google/BUILD.bazel @@ -0,0 +1,32 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["google.go"], + importpath = "istio.io/test-infra/authentikos/pkg/plugins/google", + visibility = ["//visibility:public"], + deps = [ + "@com_github_masterminds_sprig//:go_default_library", + "@com_github_spf13_pflag//:go_default_library", + "@io_k8s_api//core/v1:go_default_library", + "@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library", + "@io_k8s_client_go//plugin/pkg/client/auth:go_default_library", + "@io_k8s_client_go//rest:go_default_library", + "@io_k8s_client_go//tools/clientcmd:go_default_library", + "@io_k8s_klog//:go_default_library", + "@org_golang_google_api//option:go_default_library", + "@org_golang_google_api//transport:go_default_library", + "@org_golang_x_oauth2//:go_default_library", + "@org_golang_x_oauth2//google:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["google_test.go"], + embed = [":go_default_library"], + deps = [ + "@com_github_spf13_pflag//:go_default_library", + "@org_golang_x_oauth2//:go_default_library", + ], +) diff --git a/authentikos/pkg/plugins/google/google.go b/authentikos/pkg/plugins/google/google.go new file mode 100644 index 0000000000..f948eefed3 --- /dev/null +++ b/authentikos/pkg/plugins/google/google.go @@ -0,0 +1,304 @@ +package google + +import ( + "bytes" + "context" + "errors" + "fmt" + "html/template" + "io/ioutil" + "math" + "os" + "path/filepath" + "time" + + "github.com/Masterminds/sprig" + flag "github.com/spf13/pflag" + "golang.org/x/oauth2" + "golang.org/x/oauth2/google" + "google.golang.org/api/option" + "google.golang.org/api/transport" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + _ "k8s.io/client-go/plugin/pkg/client/auth" // Enable all auth provider plugins + "k8s.io/client-go/rest" + "k8s.io/client-go/tools/clientcmd" + "k8s.io/klog" +) + +// Command-line options. +const ( + defaultKey = "token" // defaultKey is the kubernetes secret data key. + defaultSecret = "authentikos-token" // defaultSecret is the default kubernetes secret name. + defaultTemplate = "{{.Token}}" // defaultTemplate is the default token template string. + defaultNamespace = metav1.NamespaceDefault // defaultNamespace is the default kubernetes namespace. + defaultInterval = 30 * time.Minute // defaultInterval is the default tick interval. + minInterval = 1 * time.Minute // minInterval is the minimum tick interval (inclusive). + maxInterval = tokenExpiration - expiryDelta*2 // maxInterval is the maximum tick interval (exclusive). +) + +// OAuth2 scopes. +const ( + userinfoEmailScope = "https://www.googleapis.com/auth/userinfo.email" // View your email address + cloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform" // View and manage your data across Google Cloud Platform services + openIDScope = "openid" // Authenticate using OpenID Connect +) + +var ( + defaultScopes = []string{userinfoEmailScope, cloudPlatformScope, openIDScope} // defaultScopes is the default OAuth2 scopes. +) + +// Token expiration parameters. +const ( + tokenExpiration = 60 * time.Minute // tokenExpiration is the oauth token expiration. + maxTries = 5 // maxTries is the maximum number of consecutive attempts to force refresh a token. + expiryDelta = 5 * time.Minute // expiryDelta is how early a token is be considered expired before its actual expiration time. +) + +var timeNow = time.Now + +// tokenCreator is a function that creates an oauth token. +type tokenCreator func(forceRefresh bool, tries int) ([]byte, error) + +// tokenTemplate is the template data structure. +type tokenTemplate struct { + Token string +} + +// options are the available command-line flags. +type options struct { + forceRefresh bool + verbose bool + interval time.Duration + creds string + key string + secret string + template string + templateFile string + namespace []string + scopes []string +} + +// parseFlags parses the command-line flags. +func (o *options) parseFlags() { + flag.BoolVarP(&o.forceRefresh, "force-refresh", "r", false, "Force a token refresh. Otherwise, the token will only refresh when necessary.") + flag.BoolVarP(&o.verbose, "verbose", "v", false, "Print verbose output.") + flag.DurationVarP(&o.interval, "interval", "i", defaultInterval, fmt.Sprintf("Token refresh interval [%v - %v).", minInterval, maxInterval)) + flag.StringVarP(&o.creds, "creds", "c", "", "Path to a JSON credentials file.") + flag.StringVarP(&o.secret, "secret", "o", defaultSecret, "Name of secret to create.") + flag.StringVarP(&o.key, "key", "k", defaultKey, "Name of secret data key.") + flag.StringVarP(&o.template, "template", "t", "", "Template string for the token.") + flag.StringVarP(&o.templateFile, "template-file", "f", "", "Path to a template string for the token.") + flag.StringSliceVarP(&o.namespace, "namespace", "n", []string{defaultNamespace}, "Namespace(s) to create the secret in.") + flag.StringSliceVarP(&o.scopes, "scopes", "s", []string{}, "Oauth scope(s) to request for token (see: https://developers.google.com/identity/protocols/oauth2/scopes).") + + flag.Parse() +} + +// validateFlags validates the command-line flags. +func (o *options) validateFlags() error { + var err error + + // Ensure both `template` and `templateFile` are not set. + if len(o.template) > 0 && len(o.templateFile) > 0 { + return errors.New("-t, --template and -f, --template-file are mutually exclusive options") + } + + // Default to `defaultTemplate` if a template is not specified. + if len(o.template) == 0 && len(o.templateFile) == 0 { + o.template = defaultTemplate + } + + // Read in `templateFile` as template if both set and valid. + if len(o.templateFile) > 0 { + data, err := ioutil.ReadFile(o.templateFile) + if err != nil { + return fmt.Errorf("-f, --template-file option invalid: %v", o.templateFile) + } + o.template = string(data) + } + + if len(o.scopes) == 0 { + o.scopes = defaultScopes + } + + // Secrets must have a name, so if unset then default to `defaultSecret`. + if len(o.secret) == 0 { + o.secret = defaultSecret + } + + // Secrets must have a key, so if unset then default to `defaultKey`. + if len(o.key) == 0 { + o.key = defaultKey + } + + // Secrets must have a namespace, so if unset then default to `defaultNamespace`. + if len(o.namespace) == 0 { + o.namespace = []string{defaultNamespace} + } + + // Tick interval must be [1m - 50m), where 60m is the oauth token expiration, 5m is the token expiry delta, and another 5m for processing delta. + if o.interval < minInterval || o.interval >= maxInterval { + return fmt.Errorf("-i, --interval option must be in range [%v, %v): %v", minInterval, maxInterval, o.interval) + } + + if len(o.creds) > 0 { + if o.creds, err = filepath.Abs(o.creds); err != nil || !fileExists(o.creds) { + return fmt.Errorf("-c, --creds option invalid: %v", o.creds) + } + } + + return nil +} + +// fileExists checks if a path exists and is a regular file. +func fileExists(path string) bool { + info, err := os.Stat(path) + if os.IsNotExist(err) { + return false + } + return info.Mode().IsRegular() +} + +// isExpired determines if a token is expired and needs to be refreshed. +func isExpired(o options, token *oauth2.Token) bool { + nextRec := timeNow().Add(o.interval) + expiry := token.Expiry.Add(-expiryDelta) + isExpired := expiry.Before(nextRec) + klog.V(1).Infof("expired: %t; token expiry (minus delta): %v; next reconcile: %v\n", isExpired, expiry, nextRec) + return isExpired +} + +// getBackoffTime returns a backoff time calculated using formula: `{backoff factor} * 2 ^ {# of retries}`. +func getBackoffTime(factor float64, retry int) time.Duration { + return time.Duration(math.Max(factor*math.Exp2(float64(retry)), 0)) * time.Second +} + +// withBackoff waits with a backoff and runs a function. +func withBackoff(factor float64, retry int, f interface{}) interface{} { + time.Sleep(getBackoffTime(factor, retry)) + return f +} + +func generateTokenData(o options, data []byte) ([]byte, error) { + var b bytes.Buffer + + tmpl, err := template.New("TokenData").Funcs(sprig.FuncMap()).Parse(o.template) + if err != nil { + return nil, err + } + + err = tmpl.Execute(&b, &tokenTemplate{Token: string(data)}) + if err != nil { + return nil, err + } + + return b.Bytes(), nil + +} + +// createClusterConfig creates kubernetes cluster configuration. +func createClusterConfig() (*rest.Config, error) { + return clientcmd.NewNonInteractiveDeferredLoadingClientConfig( + clientcmd.NewDefaultClientConfigLoadingRules(), + &clientcmd.ConfigOverrides{}, + ).ClientConfig() +} + +// loadClusterConfig loads kubernetes cluster configuration. +func loadClusterConfig() (*rest.Config, error) { + if clusterConfig, err := rest.InClusterConfig(); err == nil { + return clusterConfig, nil + } else if clusterConfig, err := createClusterConfig(); err == nil { + return clusterConfig, nil + } else { + return nil, err + } +} + +// getOauthTokenCreator returns a function that creates/refreshes an oauth token. +func getOauthTokenCreator(o options) (tokenCreator, error) { + var create tokenCreator + + clientOpts := []option.ClientOption{option.WithScopes(o.scopes...)} + + if len(o.creds) > 0 { + clientOpts = append(clientOpts, option.WithCredentialsFile(o.creds)) + } + + // Reusing the client leverages the token source cache. + client, err := transport.Creds(context.Background(), clientOpts...) + + clientCreator := func(forceRefresh bool) (*google.Credentials, error) { + if forceRefresh { + // Recreating the client invalidates the token source cache. + client, err = transport.Creds(context.Background(), clientOpts...) + klog.V(1).Info("force refreshing token\n", o.verbose) + } + + return client, err + } + + create = func(forceRefresh bool, tries int) ([]byte, error) { + if tries <= 0 { + return nil, fmt.Errorf("maximum tries: %d exceeded to force refresh token", maxTries) + } + + client, err := clientCreator(forceRefresh) + if err != nil { + return withBackoff(1, maxTries-tries, create).(tokenCreator)(forceRefresh, tries-1) + } + + token, err := client.TokenSource.Token() + if err != nil { + return withBackoff(1, maxTries-tries, create).(tokenCreator)(forceRefresh, tries-1) + } + + if isExpired(o, token) { + // Force recreate the token if it will expire before the next reconciliation. + return withBackoff(1, maxTries-tries, create).(tokenCreator)(true, tries-1) + } + + return []byte(token.AccessToken), nil + } + + return create, nil +} + +type Google struct { + o options +} + +func NewSecretGenerator() (*Google, error) { + var o options + o.parseFlags() + if err := o.validateFlags(); err != nil { + return nil, err + } + + return &Google{o: o}, nil +} + +func (g *Google) Secret(ctx context.Context, namespace, name string) (*corev1.Secret, error) { + tokenCreator, err := getOauthTokenCreator(g.o) + if err != nil { + return nil, err + } + + secretData, err := tokenCreator(g.o.forceRefresh, maxTries) + if err != nil { + return nil, err + } + data, err := generateTokenData(g.o, secretData) + if err != nil { + return nil, err + } + + return &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: namespace, + }, + Data: map[string][]byte{g.o.key: data}, + }, nil +} diff --git a/authentikos/authentikos_test.go b/authentikos/pkg/plugins/google/google_test.go old mode 100755 new mode 100644 similarity index 99% rename from authentikos/authentikos_test.go rename to authentikos/pkg/plugins/google/google_test.go index 446d5ee8a5..fd39e557f1 --- a/authentikos/authentikos_test.go +++ b/authentikos/pkg/plugins/google/google_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package main +package google import ( "fmt" diff --git a/repos.bzl b/repos.bzl index e0e149541a..6e86090bab 100644 --- a/repos.bzl +++ b/repos.bzl @@ -2,944 +2,58 @@ load("@bazel_gazelle//:deps.bzl", "go_repository") def go_repositories(): go_repository( - name = "com_github_beorn7_perks", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/beorn7/perks", - sum = "h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=", - version = "v1.0.1", - ) - - go_repository( - name = "com_github_bwmarrin_snowflake", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/bwmarrin/snowflake", - sum = "h1:dRbqXFjM10uA3wdrVZ8Kh19uhciRMOroUYJ7qAqDLhY=", - version = "v0.0.0", - ) - - go_repository( - name = "com_github_davecgh_go_spew", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/davecgh/go-spew", - sum = "h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=", - version = "v1.1.1", - ) - - go_repository( - name = "com_github_deckarep_golang_set", - importpath = "github.com/deckarep/golang-set", - sum = "h1:njG8LmGD6JCWJu4bwIKmkOHvch70UOEIqczl5vp7Gok=", - version = "v0.0.0-20171013212420-1d4478f51bed", - ) - - go_repository( - name = "com_github_fsnotify_fsnotify", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/fsnotify/fsnotify", - sum = "h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=", - version = "v1.4.7", - ) - - go_repository( - name = "com_github_ghodss_yaml", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/ghodss/yaml", - sum = "h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_go_yaml_yaml", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/go-yaml/yaml", - sum = "h1:RYi2hDdss1u4YE7GwixGzWwVo47T8UQwnTLB6vQiq+o=", - version = "v2.1.0+incompatible", - ) - - go_repository( - name = "com_github_gogo_protobuf", - build_file_generation = "on", - build_file_proto_mode = "disable_global", - importpath = "github.com/gogo/protobuf", - sum = "h1:3PaI8p3seN09VjbTYC/QWlUZdZ1qS1zGjy7LH2Wt07I=", - version = "v1.2.2-0.20190723190241-65acae22fc9d", - ) - - go_repository( - name = "com_github_golang_glog", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/golang/glog", - sum = "h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=", - version = "v0.0.0-20160126235308-23def4e6c14b", - ) - - go_repository( - name = "com_github_golang_lint", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/golang/lint", - sum = "h1:2hRPrmiwPrp3fQX967rNJIhQPtiGXdlQWAxKbKw3VHA=", - version = "v0.0.0-20180702182130-06c8688daad7", - ) - - go_repository( - name = "com_github_golang_protobuf", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/golang/protobuf", - sum = "h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=", - version = "v1.3.2", - ) - - go_repository( - name = "com_github_google_btree", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/google/btree", - sum = "h1:0udJVsspx3VBr5FwtLhQQtuAsVc79tTq0ocGIPAU6qo=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_google_go_cmp", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/google/go-cmp", - sum = "h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg=", - version = "v0.3.1", - ) - - go_repository( - name = "com_github_google_go_github", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/google/go-github", - sum = "h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY=", - version = "v17.0.0+incompatible", - ) - - go_repository( - name = "com_github_google_go_querystring", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/google/go-querystring", - sum = "h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_google_gofuzz", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/google/gofuzz", - sum = "h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_googleapis_gax_go", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/googleapis/gax-go", - sum = "h1:j0GKcs05QVmm7yesiZq2+9cxHkNK9YM6zKx4D2qucQU=", - version = "v2.0.0+incompatible", - ) - - go_repository( - name = "com_github_googleapis_gnostic", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/googleapis/gnostic", - sum = "h1:WeAefnSUHlBb0iJKwxFDZdbfGwkd7xRNuV+IpXMJhYk=", - version = "v0.3.1", - ) - - go_repository( - name = "com_github_gorilla_context", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/gorilla/context", - sum = "h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=", - version = "v1.1.1", - ) - - go_repository( - name = "com_github_gorilla_securecookie", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/gorilla/securecookie", - sum = "h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=", - version = "v1.1.1", - ) - - go_repository( - name = "com_github_gorilla_sessions", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/gorilla/sessions", - sum = "h1:uXoZdcdA5XdXF3QzuSlheVRUvjl+1rKY7zBXL68L9RU=", - version = "v1.1.3", - ) - - go_repository( - name = "com_github_gregjones_httpcache", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/gregjones/httpcache", - sum = "h1:f8eY6cV/x1x+HLjOp4r72s/31/V2aTUtg5oKRRPf8/Q=", - version = "v0.0.0-20190212212710-3befbb6ad0cc", - ) - - go_repository( - name = "com_github_hashicorp_errwrap", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/hashicorp/errwrap", - sum = "h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_hashicorp_go_multierror", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/hashicorp/go-multierror", - sum = "h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_hpcloud_tail", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/hpcloud/tail", - sum = "h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_imdario_mergo", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/imdario/mergo", - sum = "h1:Y+UAYTZ7gDEuOfhxKWy+dvb5dRQ6rJjFSdX2HZY1/gI=", - version = "v0.3.7", - ) - - go_repository( - name = "com_github_json_iterator_go", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/json-iterator/go", - sum = "h1:KfgG9LzI+pYjr4xvmz/5H4FXjokeP+rlHLhv3iH62Fo=", - version = "v1.1.7", - ) - - go_repository( - name = "com_github_knative_build", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/knative/build", - sum = "h1:3KvuoUpgXYkK3WKaSBVN/0FSwRaukf212t2bQkMSWjY=", - version = "v0.3.1-0.20190330033454-38ace00371c7", - ) - - go_repository( - name = "com_github_kr_pretty", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/kr/pretty", - sum = "h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=", - version = "v0.1.0", - ) - - go_repository( - name = "com_github_kr_pty", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/kr/pty", - sum = "h1:hyz3dwM5QLc1Rfoz4FuWJQG5BN7tc6K1MndAUnGpQr4=", - version = "v1.1.5", - ) - - go_repository( - name = "com_github_kr_text", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/kr/text", - sum = "h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=", - version = "v0.1.0", - ) - - go_repository( - name = "com_github_mattn_go_zglob", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/mattn/go-zglob", - sum = "h1:xsEx/XUoVlI6yXjqBK062zYhRTZltCNmYPx6v+8DNaY=", - version = "v0.0.1", - ) - - go_repository( - name = "com_github_matttproud_golang_protobuf_extensions", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/matttproud/golang_protobuf_extensions", - sum = "h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=", - version = "v1.0.1", - ) - - go_repository( - name = "com_github_modern_go_concurrent", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/modern-go/concurrent", - sum = "h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=", - version = "v0.0.0-20180306012644-bacd9c7ef1dd", - ) - - go_repository( - name = "com_github_modern_go_reflect2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/modern-go/reflect2", - sum = "h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=", - version = "v1.0.1", - ) - - go_repository( - name = "com_github_onsi_ginkgo", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/onsi/ginkgo", - sum = "h1:q/mM8GF/n0shIN8SaAZ0V+jnLPzen6WIVZdiwrRlMlo=", - version = "v1.10.1", - ) - - go_repository( - name = "com_github_onsi_gomega", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/onsi/gomega", - sum = "h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME=", - version = "v1.7.0", - ) - - go_repository( - name = "com_github_peterbourgon_diskv", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/peterbourgon/diskv", - sum = "h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=", - version = "v2.0.1+incompatible", - ) - - go_repository( - name = "com_github_pmezard_go_difflib", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/pmezard/go-difflib", - sum = "h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_prometheus_client_golang", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/prometheus/client_golang", - sum = "h1:JnMpQc6ppsNgw9QPAGF6Dod479itz7lvlsMzzNayLOI=", - version = "v1.2.1", - ) - - go_repository( - name = "com_github_prometheus_client_model", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/prometheus/client_model", - sum = "h1:gQz4mCbXsO+nc9n1hCxHcGA3Zx3Eo+UHZoInFGUIXNM=", - version = "v0.0.0-20190812154241-14fe0d1b01d4", - ) - - go_repository( - name = "com_github_prometheus_common", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/prometheus/common", - sum = "h1:L+1lyG48J1zAQXA3RBX/nG/B3gjlHq0zTt2tlbJLyCY=", - version = "v0.7.0", - ) - - go_repository( - name = "com_github_prometheus_procfs", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/prometheus/procfs", - sum = "h1:3+auTFlqw+ZaQYJARz6ArODtkaIwtvBTx3N2NehQlL8=", - version = "v0.0.5", - ) - - go_repository( - name = "com_github_satori_go_uuid", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/satori/go.uuid", - sum = "h1:1r/p6yT1FfHR1+qBm7UYBPgfqCmzz/8mpNvfc+iKlfU=", - version = "v0.0.0-20160713180306-0aa62d5ddceb", - ) - - go_repository( - name = "com_github_shurcool_githubv4", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/shurcooL/githubv4", - sum = "h1:cppRIvEpuZcSdhbhyJZ/3ThCPYlx6xuZg8Qid/0+bz0=", - version = "v0.0.0-20180925043049-51d7b505e2e9", - ) - - go_repository( - name = "com_github_shurcool_go", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/shurcooL/go", - sum = "h1:MZM7FHLqUHYI0Y/mQAt3d2aYa0SiNms/hFqC9qJYolM=", - version = "v0.0.0-20180423040247-9e1955d9fb6e", - ) - - go_repository( - name = "com_github_shurcool_graphql", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/shurcooL/graphql", - sum = "h1:YIoQLhvoRcfiL0pyxqkESFZXa7jQrcfLTUSSUeyYMO8=", - version = "v0.0.0-20180924043259-e4a3a37e6d42", - ) - - go_repository( - name = "com_github_sirupsen_logrus", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/sirupsen/logrus", - sum = "h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=", - version = "v1.4.2", - ) - - go_repository( - name = "com_github_spf13_pflag", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/spf13/pflag", - sum = "h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=", - version = "v1.0.5", - ) - - go_repository( - name = "com_github_stretchr_objx", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/stretchr/objx", - sum = "h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=", - version = "v0.2.0", - ) - - go_repository( - name = "com_github_stretchr_testify", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/stretchr/testify", - sum = "h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=", - version = "v1.4.0", - ) - - go_repository( - name = "com_google_cloud_go", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "cloud.google.com/go", - sum = "h1:AVXDdKsrtX33oR9fbCMu/+c1o8Ofjq6Ku/MInaLVg5Y=", - version = "v0.46.3", - ) - - go_repository( - name = "in_gopkg_airbrake_gobrake_v2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/airbrake/gobrake.v2", - sum = "h1:7z2uVWwn7oVeeugY1DtlPAy5H+KYgB1KeKTnqjNatLo=", - version = "v2.0.9", - ) - - go_repository( - name = "in_gopkg_check_v1", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/check.v1", - sum = "h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=", - version = "v1.0.0-20180628173108-788fd7840127", - ) - - go_repository( - name = "in_gopkg_fsnotify_v1", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/fsnotify.v1", - sum = "h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=", - version = "v1.4.7", - ) - - go_repository( - name = "in_gopkg_gemnasium_logrus_airbrake_hook_v2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/gemnasium/logrus-airbrake-hook.v2", - sum = "h1:OAj3g0cR6Dx/R07QgQe8wkA9RNjB2u4i700xBkIT4e0=", - version = "v2.1.2", - ) - - go_repository( - name = "in_gopkg_inf_v0", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/inf.v0", - sum = "h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=", - version = "v0.9.1", - ) - - go_repository( - name = "in_gopkg_robfig_cron_v2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/robfig/cron.v2", - sum = "h1:E846t8CnR+lv5nE+VuiKTDG/v1U2stad0QzddfJC7kY=", - version = "v2.0.0-20150107220207-be2e0b0deed5", - ) - - go_repository( - name = "in_gopkg_tomb_v1", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/tomb.v1", - sum = "h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=", - version = "v1.0.0-20141024135613-dd632973f1e7", - ) - - go_repository( - name = "in_gopkg_yaml_v2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/yaml.v2", - sum = "h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I=", - version = "v2.2.4", - ) - - go_repository( - name = "io_k8s_api", - build_file_generation = "on", - build_file_proto_mode = "disable_global", - importpath = "k8s.io/api", - replace = "k8s.io/api", - sum = "h1:bkwe5LsuANqyOwsBng5Qc4S91D2Tv0JHctAztt3YTQs=", - version = "v0.0.0-20190918195907-bd6ac527cfd2", - ) - - go_repository( - name = "io_k8s_apiextensions_apiserver", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "k8s.io/apiextensions-apiserver", - sum = "h1:Kl/sh+wWzYK2hWFZtwvuFECup1SbE2kXfMnhGZsoO5M=", - version = "v0.0.0-20190918201827-3de75813f604", - ) - - go_repository( - name = "io_k8s_apimachinery", - build_file_generation = "on", - build_file_name = "BUILD.bazel", - build_file_proto_mode = "disable_global", - importpath = "k8s.io/apimachinery", - replace = "k8s.io/apimachinery", - sum = "h1:7Kns6qqhMAQWvGkxYOLSLRZ5hJO0/5pcE5lPGP2fxUw=", - version = "v0.0.0-20190817020851-f2f3a405f61d", - ) - - go_repository( - name = "io_k8s_client_go", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "k8s.io/client-go", - replace = "k8s.io/client-go", - sum = "h1:huOvPq1vO7dkuw9rZPYsLGpFmyGvy6L8q6mDItgkdQ4=", - version = "v0.0.0-20190918200256-06eb1244587a", - ) - - go_repository( - name = "io_k8s_klog", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "k8s.io/klog", - sum = "h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ=", - version = "v0.4.0", - ) - - go_repository( - name = "io_k8s_sigs_yaml", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "sigs.k8s.io/yaml", - sum = "h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=", - version = "v1.1.0", - ) - - go_repository( - name = "io_k8s_test_infra", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "k8s.io/test-infra", - sum = "h1:J/nTZ/pg1zz6bx923NafH3gb+Fr7RJKAuOoeKey/xWM=", - version = "v0.0.0-20191025015832-1849ddeb80fc", - ) - - go_repository( - name = "io_opencensus_go", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "go.opencensus.io", - sum = "h1:8dP3SGL7MPB94crU3bEPplMPe83FI4EouesJUeFHv50=", - version = "v0.22.1", - ) - - go_repository( - name = "org_golang_google_api", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "google.golang.org/api", - sum = "h1:n/qM3q0/rV2F0pox7o0CvNhlPvZAo7pLbef122cbLJ0=", - version = "v0.11.0", - ) - - go_repository( - name = "org_golang_google_appengine", - build_file_generation = "on", - build_file_proto_mode = "disable_global", - importpath = "google.golang.org/appengine", - sum = "h1:j8RI1yW0SkI+paT6uGwMlrMI/6zwYA6/CFil8rxOzGI=", - version = "v1.6.2", - ) - - go_repository( - name = "org_golang_google_genproto", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "google.golang.org/genproto", - sum = "h1:4HYDjxeNXAOTv3o1N2tjo8UUSlhQgAD52FVkwxnWgM8=", - version = "v0.0.0-20191009194640-548a555dbc03", - ) - - go_repository( - name = "org_golang_google_grpc", - build_file_generation = "on", - build_file_proto_mode = "disable_global", - importpath = "google.golang.org/grpc", - sum = "h1:q4XQuHFC6I28BKZpo6IYyb3mNO+l7lSOxRuYTCiDfXk=", - version = "v1.23.1", - ) - - go_repository( - name = "org_golang_x_crypto", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/crypto", - sum = "h1:1wopBVtVdWnn03fZelqdXTqk7U7zPQCb+T4rbU9ZEoU=", - version = "v0.0.0-20190611184440-5c40567a22f8", - ) - - go_repository( - name = "org_golang_x_net", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/net", - sum = "h1:5O4U9trLjNpuhpynaDsqwCk+Tw6seqJz1EbqbnzHrc8=", - version = "v0.0.0-20191021144547-ec77196f6094", - ) - - go_repository( - name = "org_golang_x_oauth2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/oauth2", - sum = "h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0=", - version = "v0.0.0-20190604053449-0f29369cfe45", - ) - - go_repository( - name = "org_golang_x_sync", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/sync", - sum = "h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=", - version = "v0.0.0-20190911185100-cd5d95a43a6e", - ) - - go_repository( - name = "org_golang_x_sys", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/sys", - sum = "h1:/XfQ9z7ib8eEJX2hdgFTZJ/ntt0swNk5oYBziWeTCvY=", - version = "v0.0.0-20191010194322-b09406accb47", - ) - - go_repository( - name = "org_golang_x_text", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/text", - sum = "h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=", - version = "v0.3.2", - ) - - go_repository( - name = "org_golang_x_time", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/time", - sum = "h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=", - version = "v0.0.0-20190308202827-9d24e82272b4", - ) - - go_repository( - name = "org_golang_x_tools", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/tools", - sum = "h1:X4UYO3m0+b0v4ctMUiMVB/vdVP5v25QRYMtH88N+Ne8=", - version = "v0.0.0-20191022210528-83d82311fd1f", - ) - - go_repository( - name = "cc_mvdan_interfacer", - commit = "c20040233aed", - importpath = "mvdan.cc/interfacer", - ) - - go_repository( - name = "cc_mvdan_lint", - commit = "adc824a0674b", - importpath = "mvdan.cc/lint", - ) - - go_repository( - name = "cc_mvdan_unparam", - commit = "cc9d2fb52971", - importpath = "mvdan.cc/unparam", - ) - - go_repository( - name = "co_honnef_go_tools", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "honnef.co/go/tools", - sum = "h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM=", - version = "v0.0.1-2019.2.3", - ) - - go_repository( - name = "com_4d63_gochecknoglobals", - commit = "abbdf6ec0afb", - importpath = "4d63.com/gochecknoglobals", - ) - - go_repository( - name = "com_4d63_gochecknoinits", - commit = "14d5915061e5", - importpath = "4d63.com/gochecknoinits", - ) - - go_repository( - name = "com_github_alecthomas_gocyclo", - commit = "aa8f8b160214", - importpath = "github.com/alecthomas/gocyclo", - ) - - go_repository( - name = "com_github_alexflint_go_arg", - importpath = "github.com/alexflint/go-arg", - tag = "v1.0.0", - ) - - go_repository( - name = "com_github_alexflint_go_scalar", - importpath = "github.com/alexflint/go-scalar", - tag = "v1.0.0", - ) - - go_repository( - name = "com_github_alexkohler_nakedret", - commit = "c0e305a4f690", - importpath = "github.com/alexkohler/nakedret", - ) - - go_repository( - name = "com_github_burntsushi_toml", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/BurntSushi/toml", - sum = "h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=", - version = "v0.3.1", - ) - - go_repository( - name = "com_github_client9_misspell", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/client9/misspell", - sum = "h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI=", - version = "v0.3.4", - ) - - go_repository( - name = "com_github_gordonklaus_ineffassign", - commit = "1003c8bd00dc", - importpath = "github.com/gordonklaus/ineffassign", - ) - - go_repository( - name = "com_github_jgautheron_goconst", - commit = "9740945f5dcb", - importpath = "github.com/jgautheron/goconst", - ) - - go_repository( - name = "com_github_kisielk_errcheck", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/kisielk/errcheck", - sum = "h1:reN85Pxc5larApoH1keMBiu2GWtPqXQ1nc9gx+jOU+E=", - version = "v1.2.0", - ) - - go_repository( - name = "com_github_kisielk_gotool", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/kisielk/gotool", - sum = "h1:AV2c/EiW3KqPNT9ZKl07ehoAGi4C5/01Cfbblndcapg=", - version = "v1.0.0", - ) - - go_repository( - name = "com_github_mdempsky_maligned", - commit = "6e39bd26a8c8", - importpath = "github.com/mdempsky/maligned", - ) - - go_repository( - name = "com_github_mdempsky_unconvert", - commit = "2db5a8ead8e7", - importpath = "github.com/mdempsky/unconvert", - ) - - go_repository( - name = "com_github_mibk_dupl", - importpath = "github.com/mibk/dupl", - tag = "v1.0.0", - ) - - go_repository( - name = "com_github_mozilla_tls_observatory", - commit = "8791a200eb40", - importpath = "github.com/mozilla/tls-observatory", - ) - - go_repository( - name = "com_github_nbutton23_zxcvbn_go", - commit = "a22cb81b2ecd", - importpath = "github.com/nbutton23/zxcvbn-go", - ) - - go_repository( - name = "com_github_opennota_check", - commit = "0c771f5545ff", - importpath = "github.com/opennota/check", - ) - - go_repository( - name = "com_github_rogpeppe_go_internal", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/rogpeppe/go-internal", - sum = "h1:XU784Pr0wdahMY2bYcyK6N1KuaRAdLtqD4qd8D18Bfs=", - version = "v1.3.2", - ) - - go_repository( - name = "com_github_ryanuber_go_glob", - commit = "256dc444b735", - importpath = "github.com/ryanuber/go-glob", - ) - - go_repository( - name = "com_github_securego_gosec", - commit = "a966ff760c3a", - importpath = "github.com/securego/gosec", + name = "cc_mvdan_interfacer", + commit = "c20040233aed", + importpath = "mvdan.cc/interfacer", ) go_repository( - name = "com_github_stripe_safesql", - commit = "cddf355596fe", - importpath = "github.com/stripe/safesql", + name = "cc_mvdan_lint", + commit = "adc824a0674b", + importpath = "mvdan.cc/lint", ) go_repository( - name = "com_github_tsenart_deadcode", - commit = "210d2dc333e9", - importpath = "github.com/tsenart/deadcode", + name = "cc_mvdan_unparam", + commit = "cc9d2fb52971", + importpath = "mvdan.cc/unparam", ) go_repository( - name = "com_github_walle_lll", - commit = "8b13b3fbf731", - importpath = "github.com/walle/lll", + name = "cc_mvdan_xurls_v2", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "mvdan.cc/xurls/v2", + sum = "h1:r1zSOSNS/kqtpmATyMMMvaZ4/djsesbYz5kr0+qMRWc=", + version = "v2.0.0", ) - go_repository( - name = "in_gopkg_errgo_v2", + name = "co_honnef_go_tools", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "gopkg.in/errgo.v2", - sum = "h1:0vLT13EuvQ0hNvakwLuFZ/jYrLp5F3kcWHXdRggjCE8=", - version = "v2.1.0", + importpath = "honnef.co/go/tools", + sum = "h1:/8zB6iBfHCl1qAnEAWwGPNrUvapuy6CPla1VM0k8hQw=", + version = "v0.0.0-20190106161140-3f1c8253044a", ) go_repository( - name = "org_golang_x_lint", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "golang.org/x/lint", - sum = "h1:5hukYrvBGR8/eNkX5mdUezrA6JiaEZDtJb9Ei+1LlBs=", - version = "v0.0.0-20190930215403-16217165b5de", + name = "com_4d63_gochecknoglobals", + commit = "abbdf6ec0afb", + importpath = "4d63.com/gochecknoglobals", ) + go_repository( - name = "com_github_bazelbuild_buildtools", - importpath = "github.com/bazelbuild/buildtools", - sum = "h1:WHyHxJd9ZTyyXqlEuheY93v4cPJLBy0SIEshPCcK0xQ=", - version = "v0.0.0-20190404153937-93253d6efaa9", + name = "com_4d63_gochecknoinits", + commit = "14d5915061e5", + importpath = "4d63.com/gochecknoinits", ) + go_repository( - name = "cc_mvdan_xurls_v2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "mvdan.cc/xurls/v2", - sum = "h1:r1zSOSNS/kqtpmATyMMMvaZ4/djsesbYz5kr0+qMRWc=", - version = "v2.0.0", + name = "com_github_alecthomas_gocyclo", + commit = "aa8f8b160214", + importpath = "github.com/alecthomas/gocyclo", ) + go_repository( name = "com_github_alecthomas_template", build_file_generation = "on", @@ -956,6 +70,24 @@ def go_repositories(): sum = "h1:Hs82Z41s6SdL1CELW+XaDYmOH4hkBN4/N9og/AsOv7E=", version = "v0.0.0-20190717042225-c3de453c63f4", ) + go_repository( + name = "com_github_alexflint_go_arg", + importpath = "github.com/alexflint/go-arg", + tag = "v1.0.0", + ) + + go_repository( + name = "com_github_alexflint_go_scalar", + importpath = "github.com/alexflint/go-scalar", + tag = "v1.0.0", + ) + + go_repository( + name = "com_github_alexkohler_nakedret", + commit = "c0e305a4f690", + importpath = "github.com/alexkohler/nakedret", + ) + go_repository( name = "com_github_andygrunwald_go_gerrit", build_file_generation = "on", @@ -978,6 +110,15 @@ def go_repositories(): sum = "h1:G1bPvciwNyF7IUmKXNt9Ak3m6u9DE1rF+RmtIkBpVdA=", version = "v0.0.0-20180202201655-eb2c6b5be1b6", ) + + go_repository( + name = "com_github_asaskevich_govalidator", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/asaskevich/govalidator", + sum = "h1:eg0MeVzsP1G42dRafH3vf+al2vQIJU0YHX+1Tw87oco=", + version = "v0.0.0-20180720115003-f9ffefc3facf", + ) go_repository( name = "com_github_aws_aws_k8s_tester", build_file_generation = "on", @@ -1018,6 +159,15 @@ def go_repositories(): sum = "h1:QjGHsWFbJyl312t0BtgkmZy2TTYA++FF0UakGbr3ZhQ=", version = "v0.0.0-20190123011202-457680cc0804", ) + + go_repository( + name = "com_github_azure_go_ansiterm", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/Azure/go-ansiterm", + sum = "h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=", + version = "v0.0.0-20170929234023-d6e3b3328b78", + ) go_repository( name = "com_github_azure_go_autorest", build_file_generation = "on", @@ -1026,6 +176,43 @@ def go_repositories(): sum = "h1:viZ3tV5l4gE2Sw0xrasFHytCGtzYCrT+um/rrSQ1BfA=", version = "v11.1.2+incompatible", ) + go_repository( + name = "com_github_azure_go_autorest_autorest", + importpath = "github.com/Azure/go-autorest/autorest", + sum = "h1:MRvx8gncNaXJqOoLmhNjUAKh33JJF8LyxPhomEtOsjs=", + version = "v0.9.0", + ) + go_repository( + name = "com_github_azure_go_autorest_autorest_adal", + importpath = "github.com/Azure/go-autorest/autorest/adal", + sum = "h1:q2gDruN08/guU9vAjuPWff0+QIrpH6ediguzdAzXAUU=", + version = "v0.5.0", + ) + go_repository( + name = "com_github_azure_go_autorest_autorest_date", + importpath = "github.com/Azure/go-autorest/autorest/date", + sum = "h1:YGrhWfrgtFs84+h0o46rJrlmsZtyZRg470CqAXTZaGM=", + version = "v0.1.0", + ) + go_repository( + name = "com_github_azure_go_autorest_autorest_mocks", + importpath = "github.com/Azure/go-autorest/autorest/mocks", + sum = "h1:Ww5g4zThfD/6cLb4z6xxgeyDa7QDkizMkJKe0ysZXp0=", + version = "v0.2.0", + ) + go_repository( + name = "com_github_azure_go_autorest_logger", + importpath = "github.com/Azure/go-autorest/logger", + sum = "h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY=", + version = "v0.1.0", + ) + go_repository( + name = "com_github_azure_go_autorest_tracing", + importpath = "github.com/Azure/go-autorest/tracing", + sum = "h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k=", + version = "v0.5.0", + ) + go_repository( name = "com_github_bazelbuild_bazel_gazelle", build_file_generation = "on", @@ -1034,6 +221,21 @@ def go_repositories(): sum = "h1:nJsPG30GPtJUtYmjU4NEpnGp3nsRFN46ROgh6pawuhw=", version = "v0.18.1", ) + go_repository( + name = "com_github_bazelbuild_buildtools", + importpath = "github.com/bazelbuild/buildtools", + sum = "h1:WHyHxJd9ZTyyXqlEuheY93v4cPJLBy0SIEshPCcK0xQ=", + version = "v0.0.0-20190404153937-93253d6efaa9", + ) + go_repository( + name = "com_github_beorn7_perks", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/beorn7/perks", + sum = "h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=", + version = "v1.0.1", + ) + go_repository( name = "com_github_bgentry_speakeasy", build_file_generation = "on", @@ -1050,6 +252,72 @@ def go_repositories(): sum = "h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=", version = "v3.5.1+incompatible", ) + go_repository( + name = "com_github_bradleyfalzon_ghinstallation", + importpath = "github.com/bradleyfalzon/ghinstallation", + sum = "h1:pmBXkxgM1WeF8QYvDLT5kuQiHMcmf+X015GI0KM/E3I=", + version = "v1.1.1", + ) + + go_repository( + name = "com_github_burntsushi_toml", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/BurntSushi/toml", + sum = "h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=", + version = "v0.3.1", + ) + + go_repository( + name = "com_github_burntsushi_xgb", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/BurntSushi/xgb", + sum = "h1:1BDTz0u9nC3//pOCMdNH+CiXJVYJh5UQNCOBG7jbELc=", + version = "v0.0.0-20160522181843-27f122750802", + ) + go_repository( + name = "com_github_bwmarrin_snowflake", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/bwmarrin/snowflake", + sum = "h1:dRbqXFjM10uA3wdrVZ8Kh19uhciRMOroUYJ7qAqDLhY=", + version = "v0.0.0", + ) + + go_repository( + name = "com_github_cespare_xxhash_v2", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/cespare/xxhash/v2", + sum = "h1:yTUvW7Vhb89inJ+8irsUqiWjh8iT6sQPZiQzI6ReGkA=", + version = "v2.1.0", + ) + go_repository( + name = "com_github_clarketm_json", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/clarketm/json", + sum = "h1:gvWCzx4JHbBeVPpSV9LVr+PXfRInRnDy80D9nnTLULs=", + version = "v1.13.0", + ) + go_repository( + name = "com_github_client9_misspell", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/client9/misspell", + sum = "h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI=", + version = "v0.3.4", + ) + + go_repository( + name = "com_github_coreos_bbolt", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/coreos/bbolt", + sum = "h1:uTXKg9gY70s9jMAKdfljFQcuh4e/BXOM+V+d00KFj3A=", + version = "v1.3.1-coreos.6", + ) go_repository( name = "com_github_coreos_etcd", build_file_generation = "on", @@ -1066,6 +334,15 @@ def go_repositories(): sum = "h1:bXhRBIXoTm9BYHS3gE0TtQuyNZyeEMux2sDi4oo5YOo=", version = "v2.0.0+incompatible", ) + + go_repository( + name = "com_github_coreos_go_oidc", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/coreos/go-oidc", + sum = "h1:X+JQSgXg3CcxgcBoMAqU8NoS0fch8zHxjiKWcXclxaI=", + version = "v0.0.0-20180117170138-065b426bd416", + ) go_repository( name = "com_github_coreos_go_semver", build_file_generation = "on", @@ -1098,6 +375,22 @@ def go_repositories(): sum = "h1:BSKMNlYxDvnunlTymqtgONjNnaRV1sTpcovwwjF22jk=", version = "v1.0.10", ) + go_repository( + name = "com_github_davecgh_go_spew", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/davecgh/go-spew", + sum = "h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=", + version = "v1.1.1", + ) + + go_repository( + name = "com_github_deckarep_golang_set", + importpath = "github.com/deckarep/golang-set", + sum = "h1:njG8LmGD6JCWJu4bwIKmkOHvch70UOEIqczl5vp7Gok=", + version = "v0.0.0-20171013212420-1d4478f51bed", + ) + go_repository( name = "com_github_denisenkom_go_mssqldb", build_file_generation = "on", @@ -1122,6 +415,15 @@ def go_repositories(): sum = "h1:ySLvBAM0EvOGaX7TI4dAM5lWj+RdJUCKtGSEHN8SGBg=", version = "v1.0.0", ) + + go_repository( + name = "com_github_docker_cli", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/docker/cli", + sum = "h1:KrSeY2qJPl1blFLllwCMBIgwilomqEte/nb8dPhqY2o=", + version = "v0.0.0-20190925022749-754388324470", + ) go_repository( name = "com_github_docker_distribution", build_file_generation = "on", @@ -1138,21 +440,47 @@ def go_repositories(): sum = "h1:7X3lPJrEEhoUt1UnISqyUB4phKf9aAKVMdFXD63DJO8=", version = "v1.4.2-0.20180531152204-71cd53e4a197", ) + + go_repository( + name = "com_github_docker_docker_credential_helpers", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/docker/docker-credential-helpers", + sum = "h1:zI2p9+1NQYdnG6sMU26EX4aVGlqbInSQxQXLvzJ4RPQ=", + version = "v0.6.3", + ) + go_repository( + name = "com_github_docker_go_connections", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/docker/go-connections", + sum = "h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=", + version = "v0.4.0", + ) + go_repository( + name = "com_github_docker_go_units", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/docker/go-units", + sum = "h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk=", + version = "v0.3.3", + ) + go_repository( - name = "com_github_docker_go_connections", + name = "com_github_docker_spdystream", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/docker/go-connections", - sum = "h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=", - version = "v0.4.0", + importpath = "github.com/docker/spdystream", + sum = "h1:cenwrSVm+Z7QLSV/BsnenAOcDXdX4cMv4wP0B/5QbPg=", + version = "v0.0.0-20160310174837-449fdfce4d96", ) go_repository( - name = "com_github_docker_go_units", + name = "com_github_docopt_docopt_go", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/docker/go-units", - sum = "h1:Xk8S3Xj5sLGlG5g67hJmYMmUgXv5N4PhkjJHHqrwnTk=", - version = "v0.3.3", + importpath = "github.com/docopt/docopt-go", + sum = "h1:bWDMxwH3px2JBh6AyO7hdCn/PkvCZXii8TGj7sbtEbQ=", + version = "v0.0.0-20180111231733-ee0de3bc6815", ) go_repository( name = "com_github_dustin_go_humanize", @@ -1180,6 +508,23 @@ def go_repositories(): sum = "h1:YOEu7KNc61ntiQlcEeUIoDTJ2o8mQznoNvUhiigpIqc=", version = "v1.1.0", ) + + go_repository( + name = "com_github_elazarl_goproxy", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/elazarl/goproxy", + sum = "h1:p1yVGRW3nmb85p1Sh1ZJSDm4A4iKLS5QNbvUHMgGu/M=", + version = "v0.0.0-20170405201442-c4fc26588b6e", + ) + go_repository( + name = "com_github_emicklei_go_restful", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/emicklei/go-restful", + sum = "h1:H2pdYOb3KQ1/YsqVWoWNLQO+fusocsw354rqGTZtAgw=", + version = "v0.0.0-20170410110728-ff4f55a20633", + ) go_repository( name = "com_github_erikstmartin_go_testdb", build_file_generation = "on", @@ -1204,6 +549,15 @@ def go_repositories(): sum = "h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys=", version = "v1.7.0", ) + go_repository( + name = "com_github_fsnotify_fsnotify", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/fsnotify/fsnotify", + sum = "h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=", + version = "v1.4.7", + ) + go_repository( name = "com_github_fsouza_fake_gcs_server", build_file_generation = "on", @@ -1212,6 +566,31 @@ def go_repositories(): sum = "h1:3iml5UHzQtk3cpnYfqW16Ia+1xSuu9tc4BElZu5470M=", version = "v0.0.0-20180612165233-e85be23bdaa8", ) + go_repository( + name = "com_github_ghodss_yaml", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/ghodss/yaml", + sum = "h1:ZktWZesgun21uEDrwW7iEV1zPCGQldM2atlJZ3TdvVM=", + version = "v0.0.0-20150909031657-73d445a93680", + ) + + go_repository( + name = "com_github_globalsign_mgo", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/globalsign/mgo", + sum = "h1:DujepqpGd1hyOd7aW59XpK7Qymp8iy83xq74fLr21is=", + version = "v0.0.0-20181015135952-eeefdecb41b8", + ) + go_repository( + name = "com_github_go_gl_glfw", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-gl/glfw", + sum = "h1:QbL/5oDUmRBzO9/Z7Seo6zf912W/a6Sr4Eu0G/3Jho0=", + version = "v0.0.0-20190409004039-e6da0acd62b1", + ) go_repository( name = "com_github_go_kit_kit", build_file_generation = "on", @@ -1244,37 +623,89 @@ def go_repositories(): sum = "h1:qXBXPDdNncunGs7XeEpsJt8wCjYBygluzfdLO0G5baE=", version = "v0.1.1", ) + + go_repository( + name = "com_github_go_openapi_analysis", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-openapi/analysis", + sum = "h1:eYp14J1o8TTSCzndHBtsNuckikV1PfZOSnx4BcBeu0c=", + version = "v0.17.2", + ) + go_repository( + name = "com_github_go_openapi_errors", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-openapi/errors", + sum = "h1:azEQ8Fnx0jmtFF2fxsnmd6I0x6rsweUF63qqSO1NmKk=", + version = "v0.17.2", + ) go_repository( name = "com_github_go_openapi_jsonpointer", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/go-openapi/jsonpointer", - sum = "h1:A9+F4Dc/MCNB5jibxf6rRvOvR/iFgQdyNx9eIhnGqq0=", - version = "v0.19.2", + sum = "h1:wSt/4CYxs70xbATrGXhokKF1i0tZjENLOo1ioIO13zk=", + version = "v0.0.0-20160704185906-46af16f9f7b1", ) go_repository( name = "com_github_go_openapi_jsonreference", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/go-openapi/jsonreference", - sum = "h1:o20suLFB4Ri0tuzpWtyHlh7E7HnkqTNLq6aR6WVNS1w=", - version = "v0.19.2", + sum = "h1:tF+augKRWlWx0J0B7ZyyKSiTyV6E1zZe+7b3qQlcEf8=", + version = "v0.0.0-20160704190145-13c6e3589ad9", + ) + + go_repository( + name = "com_github_go_openapi_loads", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-openapi/loads", + sum = "h1:tEXYu6Xc0pevpzzQx5ghrMN9F7IVpN/+u4iD3rkYE5o=", + version = "v0.17.2", + ) + go_repository( + name = "com_github_go_openapi_runtime", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-openapi/runtime", + sum = "h1:/ZK67ikFhQAMFFH/aPu2MaGH7QjP4wHBvHYOVIzDAw0=", + version = "v0.17.2", ) go_repository( name = "com_github_go_openapi_spec", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/go-openapi/spec", - sum = "h1:SStNd1jRcYtfKCN7R0laGNs80WYYvn5CbBjM2sOmCrE=", - version = "v0.19.2", + sum = "h1:C1JKChikHGpXwT5UQDFaryIpDtyyGL/CR6C2kB7F1oc=", + version = "v0.0.0-20160808142527-6aced65f8501", + ) + + go_repository( + name = "com_github_go_openapi_strfmt", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-openapi/strfmt", + sum = "h1:1isAxYf//QDTnVzbLAMrUK++0k1EjeLJU/gTOR0o3Mc=", + version = "v0.17.0", ) go_repository( name = "com_github_go_openapi_swag", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/go-openapi/swag", - sum = "h1:jvO6bCMBEilGwMfHhrd61zIID4oIFdwb76V17SM88dE=", - version = "v0.19.2", + sum = "h1:zP3nY8Tk2E6RTkqGYrarZXuzh+ffyLDljLxCy1iJw80=", + version = "v0.0.0-20160704191624-1d0bd113de87", + ) + + go_repository( + name = "com_github_go_openapi_validate", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-openapi/validate", + sum = "h1:PVXYcP1GkTl+XIAJnyJxOmK6CSG5Q1UcvoCvNO++5Kg=", + version = "v0.18.0", ) go_repository( name = "com_github_go_sql_driver_mysql", @@ -1292,6 +723,15 @@ def go_repositories(): sum = "h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk=", version = "v1.8.0", ) + go_repository( + name = "com_github_go_yaml_yaml", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/go-yaml/yaml", + sum = "h1:RYi2hDdss1u4YE7GwixGzWwVo47T8UQwnTLB6vQiq+o=", + version = "v2.1.0+incompatible", + ) + go_repository( name = "com_github_gobuffalo_envy", build_file_generation = "on", @@ -1300,22 +740,66 @@ def go_repositories(): sum = "h1:OsV5vOpHYUpP7ZLS6sem1y40/lNX1BZj+ynMiRi21lQ=", version = "v1.6.15", ) + go_repository( + name = "com_github_gogo_protobuf", + build_file_generation = "on", + build_file_proto_mode = "disable_global", + importpath = "github.com/gogo/protobuf", + sum = "h1:3PaI8p3seN09VjbTYC/QWlUZdZ1qS1zGjy7LH2Wt07I=", + version = "v1.2.2-0.20190723190241-65acae22fc9d", + ) + + go_repository( + name = "com_github_golang_collections_collections", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/golang-collections/collections", + sum = "h1:zN2lZNZRflqFyxVaTIU61KNKQ9C0055u9CAfpmqUvo4=", + version = "v0.0.0-20130729185459-604e922904d3", + ) + go_repository( + name = "com_github_golang_glog", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/golang/glog", + sum = "h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=", + version = "v0.0.0-20160126235308-23def4e6c14b", + ) + go_repository( name = "com_github_golang_groupcache", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/golang/groupcache", - sum = "h1:ZgQEtGgCBiWRM39fZuwSd1LwSqqSW0hOdXCYYDX0R3I=", - version = "v0.0.0-20190702054246-869f871628b6", + sum = "h1:LbsanbbD6LieFkXbj9YNNBupiGHJgFeLpO0j0Fza1h8=", + version = "v0.0.0-20160516000752-02826c3e7903", + ) + go_repository( + name = "com_github_golang_lint", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/golang/lint", + sum = "h1:2hRPrmiwPrp3fQX967rNJIhQPtiGXdlQWAxKbKw3VHA=", + version = "v0.0.0-20180702182130-06c8688daad7", ) + go_repository( name = "com_github_golang_mock", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/golang/mock", - sum = "h1:qGJ6qTW+x6xX/my+8YUVl4WNpX9B7+/l2tRsHGZ7f2s=", - version = "v1.3.1", + sum = "h1:28o5sBqPkBsMGnC6b4MvE2TzSr5/AT4c/1fLqVGIwlk=", + version = "v1.2.0", ) + go_repository( + name = "com_github_golang_protobuf", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/golang/protobuf", + sum = "h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=", + version = "v1.3.2", + ) + go_repository( name = "com_github_golang_snappy", importpath = "github.com/golang/snappy", @@ -1330,6 +814,24 @@ def go_repositories(): sum = "h1:ZKld1VOtsGhAe37E7wMxEDgAlGM5dvFY+DiOhSkhP9Y=", version = "v1.7.0", ) + go_repository( + name = "com_github_google_btree", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/google/btree", + sum = "h1:964Od4U6p2jUkFxvCydnIczKteheJEzHRToSGK3Bnlw=", + version = "v0.0.0-20180813153112-4030bb1f1f0c", + ) + + go_repository( + name = "com_github_google_go_cmp", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/google/go-cmp", + sum = "h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg=", + version = "v0.3.1", + ) + go_repository( name = "com_github_google_go_containerregistry", build_file_generation = "on", @@ -1338,6 +840,39 @@ def go_repositories(): sum = "h1:i2MA7D3vtR5uk9ZPzVp/IC9616kCPv0RScyRD/tVQGM=", version = "v0.0.0-20191010200024-a3d713f9b7f8", ) + go_repository( + name = "com_github_google_go_github", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/google/go-github", + sum = "h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY=", + version = "v17.0.0+incompatible", + ) + go_repository( + name = "com_github_google_go_github_v29", + importpath = "github.com/google/go-github/v29", + sum = "h1:opYN6Wc7DOz7Ku3Oh4l7prmkOMwEcQxpFtxdU8N8Pts=", + version = "v29.0.2", + ) + + go_repository( + name = "com_github_google_go_querystring", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/google/go-querystring", + sum = "h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk=", + version = "v1.0.0", + ) + + go_repository( + name = "com_github_google_gofuzz", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/google/gofuzz", + sum = "h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw=", + version = "v1.0.0", + ) + go_repository( name = "com_github_google_martian", build_file_generation = "on", @@ -1351,8 +886,17 @@ def go_repositories(): build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/google/pprof", - sum = "h1:Jnx61latede7zDD3DiiP4gmNz33uK0U5HDUaF0a/HVQ=", - version = "v0.0.0-20190515194954-54271f7e092f", + sum = "h1:eqyIo2HjKhKe/mJzTG8n4VqvLXIOEG+SLdDqX7xGtkY=", + version = "v0.0.0-20181206194817-3ea8567a2e57", + ) + + go_repository( + name = "com_github_google_renameio", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/google/renameio", + sum = "h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=", + version = "v0.1.0", ) go_repository( name = "com_github_google_uuid", @@ -1362,22 +906,62 @@ def go_repositories(): sum = "h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=", version = "v1.1.1", ) + go_repository( + name = "com_github_googleapis_gax_go", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/googleapis/gax-go", + sum = "h1:j0GKcs05QVmm7yesiZq2+9cxHkNK9YM6zKx4D2qucQU=", + version = "v2.0.0+incompatible", + ) + go_repository( name = "com_github_googleapis_gax_go_v2", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/googleapis/gax-go/v2", - sum = "h1:sjZBwGj9Jlw33ImPtvFviGYvseOtDM7hkSKB7+Tv3SM=", - version = "v2.0.5", + sum = "h1:hU4mGcQI4DaAYW+IbTun+2qEZVFxK0ySjQLTbS0VQKc=", + version = "v2.0.4", + ) + go_repository( + name = "com_github_googleapis_gnostic", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/googleapis/gnostic", + sum = "h1:7XGaL1e6bYS1yIonGp9761ExpPPV1ui0SAC59Yube9k=", + version = "v0.0.0-20170729233727-0c5108395e2d", + ) + + go_repository( + name = "com_github_googlecloudplatform_testgrid", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/GoogleCloudPlatform/testgrid", + sum = "h1:CyF0eU2zgmEnZSlo2tlTYuzHu7etOg07+WwuE4kVn58=", + version = "v0.0.0-20191016232453-9f0319fc1197", + ) + go_repository( + name = "com_github_gophercloud_gophercloud", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/gophercloud/gophercloud", + sum = "h1:P/nh25+rzXouhytV2pUHBb65fnds26Ghl8/391+sT5o=", + version = "v0.1.0", + ) + go_repository( + name = "com_github_gordonklaus_ineffassign", + commit = "1003c8bd00dc", + importpath = "github.com/gordonklaus/ineffassign", ) go_repository( - name = "com_github_gophercloud_gophercloud", + name = "com_github_gorilla_context", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/gophercloud/gophercloud", - sum = "h1:L9JPKrtsHMQ4VCRQfHvbbHBfB2Urn8xf6QZeXZ+OrN4=", - version = "v0.0.0-20190126172459-c818fa66e4c8", + importpath = "github.com/gorilla/context", + sum = "h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=", + version = "v1.1.1", ) + go_repository( name = "com_github_gorilla_csrf", build_file_generation = "on", @@ -1394,6 +978,24 @@ def go_repositories(): sum = "h1:Pgr17XVTNXAk3q/r4CpKzC5xBM/qW1uVLV+IhRZpIIk=", version = "v1.6.2", ) + go_repository( + name = "com_github_gorilla_securecookie", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/gorilla/securecookie", + sum = "h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=", + version = "v1.1.1", + ) + + go_repository( + name = "com_github_gorilla_sessions", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/gorilla/sessions", + sum = "h1:uXoZdcdA5XdXF3QzuSlheVRUvjl+1rKY7zBXL68L9RU=", + version = "v1.1.3", + ) + go_repository( name = "com_github_gorilla_websocket", build_file_generation = "on", @@ -1402,6 +1004,24 @@ def go_repositories(): sum = "h1:Lh2aW+HnU2Nbe1gqD9SOJLJxW1jBMmQOktN2acDyJk8=", version = "v0.0.0-20170926233335-4201258b820c", ) + + go_repository( + name = "com_github_gotestyourself_gotestyourself", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/gotestyourself/gotestyourself", + sum = "h1:AQwinXlbQR2HvPjQZOmDhRqsv5mZf+Jb1RnSLxcqZcI=", + version = "v2.2.0+incompatible", + ) + go_repository( + name = "com_github_gregjones_httpcache", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/gregjones/httpcache", + sum = "h1:6TSoaYExHper8PYsJu23GWVNOyYRCSnIFyxKgLSZ54w=", + version = "v0.0.0-20170728041850-787624de3eb7", + ) + go_repository( name = "com_github_grpc_ecosystem_go_grpc_middleware", build_file_generation = "on", @@ -1426,13 +1046,31 @@ def go_repositories(): sum = "h1:pX7cnDwSSmG0dR9yNjCQSSpmsJOqFdT7SzVp5Yl9uVw=", version = "v1.4.1", ) + go_repository( + name = "com_github_hashicorp_errwrap", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/hashicorp/errwrap", + sum = "h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=", + version = "v1.0.0", + ) + + go_repository( + name = "com_github_hashicorp_go_multierror", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/hashicorp/go-multierror", + sum = "h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o=", + version = "v1.0.0", + ) + go_repository( name = "com_github_hashicorp_golang_lru", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/hashicorp/golang-lru", - sum = "h1:YPkqC67at8FYaadspW/6uE0COsBxS2656RLEr8Bppgk=", - version = "v0.5.3", + sum = "h1:0hERBMJE1eitiLkihrMvRVBYAkpHzc/J3QdDN+dAcgU=", + version = "v0.5.1", ) go_repository( name = "com_github_hashicorp_hcl", @@ -1442,6 +1080,30 @@ def go_repositories(): sum = "h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=", version = "v1.0.0", ) + go_repository( + name = "com_github_hpcloud_tail", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/hpcloud/tail", + sum = "h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=", + version = "v1.0.0", + ) + go_repository( + name = "com_github_huandu_xstrings", + importpath = "github.com/huandu/xstrings", + sum = "h1:gvV6jG9dTgFEncxo+AF7PH6MZXi/vZl25owA/8Dg8Wo=", + version = "v1.3.0", + ) + + go_repository( + name = "com_github_imdario_mergo", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/imdario/mergo", + sum = "h1:JboBksRwiiAJWvIYJVo46AfV+IAIKZpfrSzVKj42R4Q=", + version = "v0.3.5", + ) + go_repository( name = "com_github_inconshreveable_mousetrap", build_file_generation = "on", @@ -1458,6 +1120,12 @@ def go_repositories(): sum = "h1:AciJ2ei/llFRundm7CtqwF6B2aOds1A7QG3sMW8QiaQ=", version = "v0.0.0-20161215172503-049f9b42e9a5", ) + go_repository( + name = "com_github_jgautheron_goconst", + commit = "9740945f5dcb", + importpath = "github.com/jgautheron/goconst", + ) + go_repository( name = "com_github_jinzhu_gorm", build_file_generation = "on", @@ -1506,6 +1174,15 @@ def go_repositories(): sum = "h1:VKV+ZcuP6l3yW9doeqz6ziZGgcynBVQO+obU0+0hcPo=", version = "v0.1.0", ) + go_repository( + name = "com_github_json_iterator_go", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/json-iterator/go", + sum = "h1:KfgG9LzI+pYjr4xvmz/5H4FXjokeP+rlHLhv3iH62Fo=", + version = "v1.1.7", + ) + go_repository( name = "com_github_jstemmer_go_junit_report", build_file_generation = "on", @@ -1522,6 +1199,24 @@ def go_repositories(): sum = "h1:TDTW5Yz1mjftljbcKqRcrYhd4XeOoI98t+9HbQbYf7g=", version = "v1.2.0", ) + go_repository( + name = "com_github_kisielk_errcheck", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/kisielk/errcheck", + sum = "h1:reN85Pxc5larApoH1keMBiu2GWtPqXQ1nc9gx+jOU+E=", + version = "v1.2.0", + ) + + go_repository( + name = "com_github_kisielk_gotool", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/kisielk/gotool", + sum = "h1:AV2c/EiW3KqPNT9ZKl07ehoAGi4C5/01Cfbblndcapg=", + version = "v1.0.0", + ) + go_repository( name = "com_github_klauspost_compress", build_file_generation = "on", @@ -1546,6 +1241,15 @@ def go_repositories(): sum = "h1:oIPZROsWuPHpOdMVWLuJZXwgjhrW8r1yEX8UqMyeNHM=", version = "v1.2.1", ) + go_repository( + name = "com_github_knative_build", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/knative/build", + sum = "h1:3KvuoUpgXYkK3WKaSBVN/0FSwRaukf212t2bQkMSWjY=", + version = "v0.3.1-0.20190330033454-38ace00371c7", + ) + go_repository( name = "com_github_knative_pkg", build_file_generation = "on", @@ -1570,6 +1274,33 @@ def go_repositories(): sum = "h1:T+h1c/A9Gawja4Y9mFVWj2vyii2bbUNDw3kt9VxK2EY=", version = "v0.0.0-20140226030751-b84e30acd515", ) + go_repository( + name = "com_github_kr_pretty", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/kr/pretty", + sum = "h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=", + version = "v0.1.0", + ) + + go_repository( + name = "com_github_kr_pty", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/kr/pty", + sum = "h1:VkoXIwSboBpnk99O/KFauAEILuNHv5DVFKZMBN/gUgw=", + version = "v1.1.1", + ) + + go_repository( + name = "com_github_kr_text", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/kr/text", + sum = "h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=", + version = "v0.1.0", + ) + go_repository( name = "com_github_lib_pq", build_file_generation = "on", @@ -1591,8 +1322,8 @@ def go_repositories(): build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/mailru/easyjson", - sum = "h1:nTT4s92Dgz2HlrB2NaMgvlfqHH39OgMhA7z3PK7PGD4=", - version = "v0.0.0-20190614124828-94de47d64c63", + sum = "h1:TpvdAwDAt1K4ANVOfcihouRdvP+MgAfDWwBuct4l6ZY=", + version = "v0.0.0-20160728113105-d5b7844b561a", ) go_repository( name = "com_github_markbates_inflect", @@ -1602,13 +1333,32 @@ def go_repositories(): sum = "h1:5fh1gzTFhfae06u3hzHYO9xe3l3v3nW5Pwt3naLTP5g=", version = "v1.0.4", ) + go_repository( + name = "com_github_masterminds_goutils", + importpath = "github.com/Masterminds/goutils", + sum = "h1:zukEsf/1JZwCMgHiK3GZftabmxiCw4apj3a28RPBiVg=", + version = "v1.1.0", + ) + go_repository( + name = "com_github_masterminds_semver", + importpath = "github.com/Masterminds/semver", + sum = "h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww=", + version = "v1.5.0", + ) + go_repository( + name = "com_github_masterminds_sprig", + importpath = "github.com/Masterminds/sprig", + sum = "h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60=", + version = "v2.22.0+incompatible", + ) + go_repository( name = "com_github_mattbaird_jsonpatch", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/mattbaird/jsonpatch", - sum = "h1:+J2gw7Bw77w/fbK7wnNJJDKmw1IbWft2Ul5BzrG1Qm8=", - version = "v0.0.0-20171005235357-81af80346b1a", + sum = "h1:uYuGXJBAi1umT+ZS4oQJUgKtfXCAYTR+n9zw1ViT0vA=", + version = "v0.0.0-20200820163806-098863c1fc24", ) go_repository( name = "com_github_mattn_go_colorable", @@ -1642,6 +1392,42 @@ def go_repositories(): sum = "h1:LeyN6zuPxHQrv7ZGHbo2Ymtj+BfpbG02+5iAgKds/zU=", version = "v0.0.0-20160514122348-38ee283dabf1", ) + go_repository( + name = "com_github_mattn_go_zglob", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/mattn/go-zglob", + sum = "h1:xsEx/XUoVlI6yXjqBK062zYhRTZltCNmYPx6v+8DNaY=", + version = "v0.0.1", + ) + + go_repository( + name = "com_github_matttproud_golang_protobuf_extensions", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/matttproud/golang_protobuf_extensions", + sum = "h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=", + version = "v1.0.1", + ) + + go_repository( + name = "com_github_mdempsky_maligned", + commit = "6e39bd26a8c8", + importpath = "github.com/mdempsky/maligned", + ) + + go_repository( + name = "com_github_mdempsky_unconvert", + commit = "2db5a8ead8e7", + importpath = "github.com/mdempsky/unconvert", + ) + + go_repository( + name = "com_github_mibk_dupl", + importpath = "github.com/mibk/dupl", + tag = "v1.0.0", + ) + go_repository( name = "com_github_microsoft_go_winio", build_file_generation = "on", @@ -1650,6 +1436,13 @@ def go_repositories(): sum = "h1:+hMXMk01us9KgxGb7ftKQt2Xpf5hH/yky+TDA+qxleU=", version = "v0.4.14", ) + go_repository( + name = "com_github_mitchellh_copystructure", + importpath = "github.com/mitchellh/copystructure", + sum = "h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ=", + version = "v1.0.0", + ) + go_repository( name = "com_github_mitchellh_go_homedir", build_file_generation = "on", @@ -1674,6 +1467,45 @@ def go_repositories(): sum = "h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE=", version = "v1.1.2", ) + go_repository( + name = "com_github_mitchellh_reflectwalk", + importpath = "github.com/mitchellh/reflectwalk", + sum = "h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY=", + version = "v1.0.0", + ) + + go_repository( + name = "com_github_modern_go_concurrent", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/modern-go/concurrent", + sum = "h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=", + version = "v0.0.0-20180306012644-bacd9c7ef1dd", + ) + + go_repository( + name = "com_github_modern_go_reflect2", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/modern-go/reflect2", + sum = "h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=", + version = "v1.0.1", + ) + + go_repository( + name = "com_github_mozilla_tls_observatory", + commit = "8791a200eb40", + importpath = "github.com/mozilla/tls-observatory", + ) + + go_repository( + name = "com_github_munnerz_goautoneg", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/munnerz/goautoneg", + sum = "h1:7PxY7LVfSZm7PEeBTyK1rj1gABdCO2mbri6GKO1cMDs=", + version = "v0.0.0-20120707110453-a547fc61f48d", + ) go_repository( name = "com_github_mwitkow_go_conntrack", build_file_generation = "on", @@ -1682,6 +1514,29 @@ def go_repositories(): sum = "h1:F9x/1yl3T2AeKLr2AMdilSD8+f9bvMnNN8VS5iDtovc=", version = "v0.0.0-20161129095857-cc309e4a2223", ) + + go_repository( + name = "com_github_mxk_go_flowrate", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/mxk/go-flowrate", + sum = "h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus=", + version = "v0.0.0-20140419014527-cca7078d478f", + ) + go_repository( + name = "com_github_natefinch_lumberjack", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/natefinch/lumberjack", + sum = "h1:4QJd3OLAMgj7ph+yZTuX13Ld4UpgHp07nNdFX7mqFfM=", + version = "v2.0.0+incompatible", + ) + go_repository( + name = "com_github_nbutton23_zxcvbn_go", + commit = "a22cb81b2ecd", + importpath = "github.com/nbutton23/zxcvbn-go", + ) + go_repository( name = "com_github_nytimes_gziphandler", build_file_generation = "on", @@ -1698,6 +1553,24 @@ def go_repositories(): sum = "h1:58+kh9C6jJVXYjt8IE48G2eWl6BjwU5Gj0gqY84fy78=", version = "v0.0.0-20170122224234-a0225b3f23b5", ) + go_repository( + name = "com_github_onsi_ginkgo", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/onsi/ginkgo", + sum = "h1:q/mM8GF/n0shIN8SaAZ0V+jnLPzen6WIVZdiwrRlMlo=", + version = "v1.10.1", + ) + + go_repository( + name = "com_github_onsi_gomega", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/onsi/gomega", + sum = "h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME=", + version = "v1.7.0", + ) + go_repository( name = "com_github_opencontainers_go_digest", build_file_generation = "on", @@ -1714,6 +1587,12 @@ def go_repositories(): sum = "h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=", version = "v1.0.1", ) + go_repository( + name = "com_github_opennota_check", + commit = "0c771f5545ff", + importpath = "github.com/opennota/check", + ) + go_repository( name = "com_github_openzipkin_zipkin_go", build_file_generation = "on", @@ -1738,6 +1617,15 @@ def go_repositories(): sum = "h1:e5+lF2E4Y2WCIxBefVowBuB0iHrUH4HZ8q+6mGF7fJc=", version = "v1.3.0", ) + go_repository( + name = "com_github_peterbourgon_diskv", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/peterbourgon/diskv", + sum = "h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=", + version = "v2.0.1+incompatible", + ) + go_repository( name = "com_github_pierrec_lz4", importpath = "github.com/pierrec/lz4", @@ -1752,21 +1640,74 @@ def go_repositories(): sum = "h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=", version = "v0.8.1", ) + go_repository( + name = "com_github_pmezard_go_difflib", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/pmezard/go-difflib", + sum = "h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=", + version = "v1.0.0", + ) + + go_repository( + name = "com_github_pquerna_cachecontrol", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/pquerna/cachecontrol", + sum = "h1:0XM1XL/OFFJjXsYXlG30spTkV/E9+gmd5GD1w2HE8xM=", + version = "v0.0.0-20171018203845-0dec1b30a021", + ) + go_repository( + name = "com_github_prometheus_client_golang", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/prometheus/client_golang", + sum = "h1:JnMpQc6ppsNgw9QPAGF6Dod479itz7lvlsMzzNayLOI=", + version = "v1.2.1", + ) + + go_repository( + name = "com_github_prometheus_client_model", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/prometheus/client_model", + sum = "h1:gQz4mCbXsO+nc9n1hCxHcGA3Zx3Eo+UHZoInFGUIXNM=", + version = "v0.0.0-20190812154241-14fe0d1b01d4", + ) + + go_repository( + name = "com_github_prometheus_common", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/prometheus/common", + sum = "h1:L+1lyG48J1zAQXA3RBX/nG/B3gjlHq0zTt2tlbJLyCY=", + version = "v0.7.0", + ) + + go_repository( + name = "com_github_prometheus_procfs", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/prometheus/procfs", + sum = "h1:3+auTFlqw+ZaQYJARz6ArODtkaIwtvBTx3N2NehQlL8=", + version = "v0.0.5", + ) + go_repository( name = "com_github_puerkitobio_purell", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/PuerkitoBio/purell", - sum = "h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI=", - version = "v1.1.1", + sum = "h1:0GoNN3taZV6QI81IXgCbxMyEaJDXMSIjArYBCYzVVvs=", + version = "v1.0.0", ) go_repository( name = "com_github_puerkitobio_urlesc", build_file_generation = "on", build_file_proto_mode = "disable", importpath = "github.com/PuerkitoBio/urlesc", - sum = "h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M=", - version = "v0.0.0-20170810143723-de5bf2ad4578", + sum = "h1:JCHLVE3B+kJde7bIEo5N4J+ZbLhp0J1Fs+ulyRws4gE=", + version = "v0.0.0-20160726150825-5bd2802263f2", ) go_repository( name = "com_github_rcrowley_go_metrics", @@ -1774,6 +1715,24 @@ def go_repositories(): sum = "h1:9ZKAASQSHhDYGoxY8uLVpewe1GDZ2vu2Tr/vTdVAkFQ=", version = "v0.0.0-20181016184325-3113b8401b8a", ) + + go_repository( + name = "com_github_remyoudompheng_bigfft", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/remyoudompheng/bigfft", + sum = "h1:/NRJ5vAYoqz+7sG51ubIDHXeWO8DlTSrToPu6q11ziA=", + version = "v0.0.0-20170806203942-52369c62f446", + ) + go_repository( + name = "com_github_rogpeppe_go_internal", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/rogpeppe/go-internal", + sum = "h1:XU784Pr0wdahMY2bYcyK6N1KuaRAdLtqD4qd8D18Bfs=", + version = "v1.3.2", + ) + go_repository( name = "com_github_russross_blackfriday", build_file_generation = "on", @@ -1782,6 +1741,26 @@ def go_repositories(): sum = "h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo=", version = "v1.5.2", ) + go_repository( + name = "com_github_ryanuber_go_glob", + commit = "256dc444b735", + importpath = "github.com/ryanuber/go-glob", + ) + go_repository( + name = "com_github_satori_go_uuid", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/satori/go.uuid", + sum = "h1:1r/p6yT1FfHR1+qBm7UYBPgfqCmzz/8mpNvfc+iKlfU=", + version = "v0.0.0-20160713180306-0aa62d5ddceb", + ) + + go_repository( + name = "com_github_securego_gosec", + commit = "a966ff760c3a", + importpath = "github.com/securego/gosec", + ) + go_repository( name = "com_github_shopify_sarama", importpath = "github.com/Shopify/sarama", @@ -1794,6 +1773,42 @@ def go_repositories(): sum = "h1:TKdv8HiTLgE5wdJuEML90aBgNWsokNbMijUGhmcoBJc=", version = "v2.1.4+incompatible", ) + go_repository( + name = "com_github_shurcool_githubv4", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/shurcooL/githubv4", + sum = "h1:cppRIvEpuZcSdhbhyJZ/3ThCPYlx6xuZg8Qid/0+bz0=", + version = "v0.0.0-20180925043049-51d7b505e2e9", + ) + + go_repository( + name = "com_github_shurcool_go", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/shurcooL/go", + sum = "h1:MZM7FHLqUHYI0Y/mQAt3d2aYa0SiNms/hFqC9qJYolM=", + version = "v0.0.0-20180423040247-9e1955d9fb6e", + ) + + go_repository( + name = "com_github_shurcool_graphql", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/shurcooL/graphql", + sum = "h1:YIoQLhvoRcfiL0pyxqkESFZXa7jQrcfLTUSSUeyYMO8=", + version = "v0.0.0-20180924043259-e4a3a37e6d42", + ) + + go_repository( + name = "com_github_sirupsen_logrus", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/sirupsen/logrus", + sum = "h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4=", + version = "v1.4.2", + ) + go_repository( name = "com_github_soheilhy_cmux", build_file_generation = "on", @@ -1834,6 +1849,15 @@ def go_repositories(): sum = "h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk=", version = "v1.0.0", ) + go_repository( + name = "com_github_spf13_pflag", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/spf13/pflag", + sum = "h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=", + version = "v1.0.3", + ) + go_repository( name = "com_github_spf13_viper", build_file_generation = "on", @@ -1842,6 +1866,30 @@ def go_repositories(): sum = "h1:VUFqw5KcqRf7i70GOzW7N+Q7+gxVBkSSqiXB12+JQ4M=", version = "v1.3.2", ) + go_repository( + name = "com_github_stretchr_objx", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/stretchr/objx", + sum = "h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=", + version = "v0.1.0", + ) + + go_repository( + name = "com_github_stretchr_testify", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "github.com/stretchr/testify", + sum = "h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=", + version = "v1.3.0", + ) + + go_repository( + name = "com_github_stripe_safesql", + commit = "cddf355596fe", + importpath = "github.com/stripe/safesql", + ) + go_repository( name = "com_github_tektoncd_pipeline", build_file_generation = "on", @@ -1858,6 +1906,12 @@ def go_repositories(): sum = "h1:ndzgwNDnKIqyCvHTXaCqh9KlOWKvBry6nuXMJmonVsE=", version = "v0.0.0-20170815181823-89b8d40f7ca8", ) + go_repository( + name = "com_github_tsenart_deadcode", + commit = "210d2dc333e9", + importpath = "github.com/tsenart/deadcode", + ) + go_repository( name = "com_github_ugorji_go", build_file_generation = "on", @@ -1882,6 +1936,12 @@ def go_repositories(): sum = "h1:m9MfmZWX7bwr9kUcs/Asr95j0IVXzGNNc+/5ku2m26Q=", version = "v1.18.0", ) + go_repository( + name = "com_github_walle_lll", + commit = "8b13b3fbf731", + importpath = "github.com/walle/lll", + ) + go_repository( name = "com_github_xiang90_probing", build_file_generation = "on", @@ -1907,531 +1967,543 @@ def go_repositories(): version = "v0.0.3-0.20170626215501-b2862e3d0a77", ) go_repository( - name = "in_gopkg_alecthomas_kingpin_v2", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/alecthomas/kingpin.v2", - sum = "h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc=", - version = "v2.2.6", - ) - go_repository( - name = "in_gopkg_cheggaaa_pb_v1", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "gopkg.in/cheggaaa/pb.v1", - sum = "h1:Ev7yu1/f6+d+b3pi5vPdRPc6nNtP1umSfcWiEfRqv6I=", - version = "v1.0.25", - ) - go_repository( - name = "io_etcd_go_bbolt", - build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "go.etcd.io/bbolt", - sum = "h1:M0l89sIuZ+RkW0rLbUsmxescVzLwLUs+Kvks+0jeHdM=", - version = "v1.3.1-etcd.7", - ) - go_repository( - name = "io_etcd_go_etcd", + name = "com_google_cloud_go", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "go.etcd.io/etcd", - sum = "h1:eBTQSvESFeaCGhot+9ieBlsaWyKPcJCGF/WSa+Vbrw8=", - version = "v0.0.0-20181031231232-83304cfc808c", + importpath = "cloud.google.com/go", + sum = "h1:ROfEUZz+Gh5pa62DJWXSaonyu3StP6EA6lPEXPI6mCo=", + version = "v0.38.0", ) + go_repository( - name = "io_k8s_code_generator", + name = "com_google_cloud_go_bigquery", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "k8s.io/code-generator", - sum = "h1:5ThSMjYOj3BFKSGhu4ol8ZdkuChW+dc33TyvySWbTTw=", - version = "v0.0.0-20190831074504-732c9ca86353", + importpath = "cloud.google.com/go/bigquery", + sum = "h1:hL+ycaJpVE9M7nLoiXb/Pn10ENE2u+oddxbD8uu0ZVU=", + version = "v1.0.1", ) go_repository( - name = "io_k8s_gengo", + name = "com_google_cloud_go_datastore", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "k8s.io/gengo", - sum = "h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM=", - version = "v0.0.0-20190822140433-26a664648505", + importpath = "cloud.google.com/go/datastore", + sum = "h1:Kt+gOPPp2LEPWp8CSfxhsM8ik9CcyE/gYu+0r+RnZvM=", + version = "v1.0.0", ) go_repository( - name = "io_k8s_kube_openapi", + name = "com_google_cloud_go_pubsub", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "k8s.io/kube-openapi", - sum = "h1:EYm5AW/UUDbnmnI+gK0TJDVK9qPLhM+sRHYanNKw0EQ=", - version = "v0.0.0-20190816220812-743ec37842bf", + importpath = "cloud.google.com/go/pubsub", + sum = "h1:W9tAK3E57P75u0XLLR82LZyw8VpAnhmyTOxW9qzmyj8=", + version = "v1.0.1", ) go_repository( - name = "io_k8s_kubernetes", + name = "com_google_cloud_go_storage", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "k8s.io/kubernetes", - sum = "h1:wJx/r2HuPVaaBeCUk/P47GSK0eyrj3mI/kESRFBp6/A=", - version = "v1.14.7", - ) - go_repository( - name = "io_k8s_repo_infra", - importpath = "k8s.io/repo-infra", - sum = "h1:PQyAIB6SRdV0a3Vj/VA39L1uANW36k/zg3tOk/Ffh3U=", - version = "v0.0.0-20190329054012-df02ded38f95", + importpath = "cloud.google.com/go/storage", + sum = "h1:q7KNypEb3CARnitCAqY63g+dZp9HDEgv/c6IPlPLMJI=", + version = "v1.1.2", ) go_repository( - name = "io_k8s_sigs_controller_runtime", + name = "com_shuralyov_dmitri_gpu_mtl", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "sigs.k8s.io/controller-runtime", - sum = "h1:ZtdgqJXVHsIytjdmDuk0QjagnzyLq9FjojXRqIp+dU4=", - version = "v0.3.0", + importpath = "dmitri.shuralyov.com/gpu/mtl", + sum = "h1:VpgP7xuJadIUuKccphEpTJnWhS2jkQyMt6Y7pJCD7fY=", + version = "v0.0.0-20190408044501-666a987793e9", ) go_repository( - name = "io_k8s_sigs_testing_frameworks", + name = "in_gopkg_airbrake_gobrake_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "sigs.k8s.io/testing_frameworks", - sum = "h1:cP2l8fkA3O9vekpy5Ks8mmA0NW/F7yBdXf8brkWhVrs=", - version = "v0.1.1", + importpath = "gopkg.in/airbrake/gobrake.v2", + sum = "h1:7z2uVWwn7oVeeugY1DtlPAy5H+KYgB1KeKTnqjNatLo=", + version = "v2.0.9", ) + go_repository( - name = "io_k8s_utils", + name = "in_gopkg_alecthomas_kingpin_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "k8s.io/utils", - sum = "h1:VBM/0P5TWxwk+Nw6Z+lAw3DKgO76g90ETOiA6rfLV1Y=", - version = "v0.0.0-20190506122338-8fab8cb257d5", + importpath = "gopkg.in/alecthomas/kingpin.v2", + sum = "h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc=", + version = "v2.2.6", ) go_repository( - name = "ml_vbom_util", + name = "in_gopkg_check_v1", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "vbom.ml/util", - sum = "h1:O69FD9pJA4WUZlEwYatBEEkRWKQ5cKodWpdKTrCS/iQ=", - version = "v0.0.0-20180919145318-efcd4e0f9787", + importpath = "gopkg.in/check.v1", + sum = "h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=", + version = "v1.0.0-20180628173108-788fd7840127", ) + go_repository( - name = "org_golang_x_exp", + name = "in_gopkg_cheggaaa_pb_v1", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "golang.org/x/exp", - sum = "h1:ewBcnrlKhy0GKnQ31tXkOC/G7/jHC4ogar1TiIfANC4=", - version = "v0.0.0-20191014171548-69215a2ee97e", + importpath = "gopkg.in/cheggaaa/pb.v1", + sum = "h1:Ev7yu1/f6+d+b3pi5vPdRPc6nNtP1umSfcWiEfRqv6I=", + version = "v1.0.25", ) go_repository( - name = "org_uber_go_atomic", + name = "in_gopkg_errgo_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "go.uber.org/atomic", - sum = "h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4=", - version = "v1.3.2", + importpath = "gopkg.in/errgo.v2", + sum = "h1:0vLT13EuvQ0hNvakwLuFZ/jYrLp5F3kcWHXdRggjCE8=", + version = "v2.1.0", ) go_repository( - name = "org_uber_go_multierr", + name = "in_gopkg_fsnotify_v1", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "go.uber.org/multierr", - sum = "h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI=", - version = "v1.1.0", + importpath = "gopkg.in/fsnotify.v1", + sum = "h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=", + version = "v1.4.7", ) + go_repository( - name = "org_uber_go_zap", + name = "in_gopkg_gemnasium_logrus_airbrake_hook_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "go.uber.org/zap", - sum = "h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o=", - version = "v1.9.1", + importpath = "gopkg.in/gemnasium/logrus-airbrake-hook.v2", + sum = "h1:OAj3g0cR6Dx/R07QgQe8wkA9RNjB2u4i700xBkIT4e0=", + version = "v2.1.2", ) + go_repository( - name = "xyz_gomodules_jsonpatch_v2", + name = "in_gopkg_inf_v0", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "gomodules.xyz/jsonpatch/v2", - sum = "h1:xyiBuvkD2g5n7cYzx6u2sxQvsAy4QJsZFCzGVdzOXZ0=", - version = "v2.0.1", + importpath = "gopkg.in/inf.v0", + sum = "h1:3zYtXIO92bvsdS3ggAdA8Gb4Azj0YU+TVY1uGYNFA8o=", + version = "v0.9.0", ) + go_repository( - name = "com_github_burntsushi_xgb", + name = "in_gopkg_natefinch_lumberjack_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/BurntSushi/xgb", - sum = "h1:1BDTz0u9nC3//pOCMdNH+CiXJVYJh5UQNCOBG7jbELc=", - version = "v0.0.0-20160522181843-27f122750802", + importpath = "gopkg.in/natefinch/lumberjack.v2", + sum = "h1:986b60BAz5vO2Vaf48yQaq+wb2bU4JsXxKu1+itW6x8=", + version = "v2.0.0-20150622162204-20b71e5b60d7", ) go_repository( - name = "io_rsc_binaryregexp", + name = "in_gopkg_robfig_cron_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "rsc.io/binaryregexp", - sum = "h1:HfqmD5MEmC0zvwBuF187nq9mdnXjXsSivRiXN7SmRkE=", - version = "v0.2.0", + importpath = "gopkg.in/robfig/cron.v2", + sum = "h1:E846t8CnR+lv5nE+VuiKTDG/v1U2stad0QzddfJC7kY=", + version = "v2.0.0-20150107220207-be2e0b0deed5", ) + go_repository( - name = "org_golang_x_image", + name = "in_gopkg_square_go_jose_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "golang.org/x/image", - sum = "h1:+qEpEAPhDZ1o0x3tHzZTQDArnOixOzGD9HUJfcg0mb4=", - version = "v0.0.0-20190802002840-cff245a6509b", + importpath = "gopkg.in/square/go-jose.v2", + sum = "h1:ELQJ5WuT+ydETLCpWvAuw8iGBQRGoJq+A3RAbbAcZUY=", + version = "v2.0.0-20180411045311-89060dee6a84", ) go_repository( - name = "org_golang_x_mobile", + name = "in_gopkg_tomb_v1", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "golang.org/x/mobile", - sum = "h1:4+4C/Iv2U4fMZBiMCc98MG1In4gJY5YRhtpDNeDeHWs=", - version = "v0.0.0-20190719004257-d2bd2a29d028", + importpath = "gopkg.in/tomb.v1", + sum = "h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=", + version = "v1.0.0-20141024135613-dd632973f1e7", ) + go_repository( - name = "com_github_asaskevich_govalidator", + name = "in_gopkg_yaml_v1", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/asaskevich/govalidator", - sum = "h1:eg0MeVzsP1G42dRafH3vf+al2vQIJU0YHX+1Tw87oco=", - version = "v0.0.0-20180720115003-f9ffefc3facf", + importpath = "gopkg.in/yaml.v1", + sum = "h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU=", + version = "v1.0.0-20140924161607-9f9df34309c0", ) go_repository( - name = "com_github_azure_go_ansiterm", + name = "in_gopkg_yaml_v2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/Azure/go-ansiterm", - sum = "h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=", - version = "v0.0.0-20170929234023-d6e3b3328b78", + importpath = "gopkg.in/yaml.v2", + sum = "h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I=", + version = "v2.2.4", ) + go_repository( - name = "com_github_cespare_xxhash_v2", + name = "in_gopkg_yaml_v3", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/cespare/xxhash/v2", - sum = "h1:yTUvW7Vhb89inJ+8irsUqiWjh8iT6sQPZiQzI6ReGkA=", - version = "v2.1.0", + importpath = "gopkg.in/yaml.v3", + sum = "h1:0efs3hwEZhFKsCoP8l6dDB1AZWMgnEl3yWXWRZTOaEA=", + version = "v3.0.0-20190709130402-674ba3eaed22", ) go_repository( - name = "com_github_clarketm_json", + name = "io_etcd_go_bbolt", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/clarketm/json", - sum = "h1:gvWCzx4JHbBeVPpSV9LVr+PXfRInRnDy80D9nnTLULs=", - version = "v1.13.0", + importpath = "go.etcd.io/bbolt", + sum = "h1:M0l89sIuZ+RkW0rLbUsmxescVzLwLUs+Kvks+0jeHdM=", + version = "v1.3.1-etcd.7", ) go_repository( - name = "com_github_coreos_bbolt", + name = "io_etcd_go_etcd", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/coreos/bbolt", - sum = "h1:uTXKg9gY70s9jMAKdfljFQcuh4e/BXOM+V+d00KFj3A=", - version = "v1.3.1-coreos.6", + importpath = "go.etcd.io/etcd", + sum = "h1:eBTQSvESFeaCGhot+9ieBlsaWyKPcJCGF/WSa+Vbrw8=", + version = "v0.0.0-20181031231232-83304cfc808c", ) go_repository( - name = "com_github_coreos_go_oidc", + name = "io_k8s_api", build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/coreos/go-oidc", - sum = "h1:X+JQSgXg3CcxgcBoMAqU8NoS0fch8zHxjiKWcXclxaI=", - version = "v0.0.0-20180117170138-065b426bd416", + build_file_proto_mode = "disable_global", + importpath = "k8s.io/api", + sum = "h1:j1mSRwavnCC3Q5QpgH0ldhap5qeCnRuf7xl0l1VUzdM=", + version = "v0.0.0-20191005115622-2e41325d9e4b", ) + go_repository( - name = "com_github_docker_cli", + name = "io_k8s_apiextensions_apiserver", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/docker/cli", - sum = "h1:KrSeY2qJPl1blFLllwCMBIgwilomqEte/nb8dPhqY2o=", - version = "v0.0.0-20190925022749-754388324470", + importpath = "k8s.io/apiextensions-apiserver", + sum = "h1:Kl/sh+wWzYK2hWFZtwvuFECup1SbE2kXfMnhGZsoO5M=", + version = "v0.0.0-20190918201827-3de75813f604", ) + go_repository( - name = "com_github_docker_docker_credential_helpers", + name = "io_k8s_apimachinery", build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/docker/docker-credential-helpers", - sum = "h1:zI2p9+1NQYdnG6sMU26EX4aVGlqbInSQxQXLvzJ4RPQ=", - version = "v0.6.3", + build_file_name = "BUILD.bazel", + build_file_proto_mode = "disable_global", + importpath = "k8s.io/apimachinery", + sum = "h1:arf6Ha+cae2UQsu4JW0KNMhXRDYzV4Il6NnTI/0npUc=", + version = "v0.0.0-20191006235458-f9f2f3f8ab02", ) + go_repository( - name = "com_github_docker_spdystream", + name = "io_k8s_apiserver", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/docker/spdystream", - sum = "h1:cenwrSVm+Z7QLSV/BsnenAOcDXdX4cMv4wP0B/5QbPg=", - version = "v0.0.0-20160310174837-449fdfce4d96", + importpath = "k8s.io/apiserver", + sum = "h1:vXeVIqZsVgwfUENTAeybgfNVW7zZD7GPZJGtwReK+hI=", + version = "v0.0.0-20190918200908-1e17798da8c1", ) go_repository( - name = "com_github_docopt_docopt_go", + name = "io_k8s_client_go", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/docopt/docopt-go", - sum = "h1:bWDMxwH3px2JBh6AyO7hdCn/PkvCZXii8TGj7sbtEbQ=", - version = "v0.0.0-20180111231733-ee0de3bc6815", + importpath = "k8s.io/client-go", + sum = "h1:7KILztrOx+9yROaqEgvDvtAuiFHMjUBOXg77flds6Es=", + version = "v0.0.0-20191008115822-1210218b4a26", ) + go_repository( - name = "com_github_elazarl_goproxy", + name = "io_k8s_code_generator", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/elazarl/goproxy", - sum = "h1:p1yVGRW3nmb85p1Sh1ZJSDm4A4iKLS5QNbvUHMgGu/M=", - version = "v0.0.0-20170405201442-c4fc26588b6e", + importpath = "k8s.io/code-generator", + sum = "h1:5ThSMjYOj3BFKSGhu4ol8ZdkuChW+dc33TyvySWbTTw=", + version = "v0.0.0-20190831074504-732c9ca86353", ) + go_repository( - name = "com_github_emicklei_go_restful", + name = "io_k8s_component_base", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/emicklei/go-restful", - sum = "h1:spTtZBk5DYEvbxMVutUuTyh1Ao2r4iyvLdACqsl/Ljk=", - version = "v2.9.5+incompatible", + importpath = "k8s.io/component-base", + sum = "h1:YicOHTLJZz/TIpJcqhVYJI2LyuM7VMkYiiG6FZfJmzY=", + version = "v0.0.0-20190918200425-ed2f0867c778", ) go_repository( - name = "com_github_globalsign_mgo", + name = "io_k8s_gengo", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/globalsign/mgo", - sum = "h1:DujepqpGd1hyOd7aW59XpK7Qymp8iy83xq74fLr21is=", - version = "v0.0.0-20181015135952-eeefdecb41b8", + importpath = "k8s.io/gengo", + sum = "h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk=", + version = "v0.0.0-20190128074634-0689ccc1d7d6", ) go_repository( - name = "com_github_go_gl_glfw", + name = "io_k8s_klog", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/go-gl/glfw", - sum = "h1:QbL/5oDUmRBzO9/Z7Seo6zf912W/a6Sr4Eu0G/3Jho0=", - version = "v0.0.0-20190409004039-e6da0acd62b1", + importpath = "k8s.io/klog", + sum = "h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=", + version = "v1.0.0", ) + go_repository( - name = "com_github_go_openapi_analysis", + name = "io_k8s_kube_openapi", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/go-openapi/analysis", - sum = "h1:eYp14J1o8TTSCzndHBtsNuckikV1PfZOSnx4BcBeu0c=", - version = "v0.17.2", + importpath = "k8s.io/kube-openapi", + sum = "h1:EYm5AW/UUDbnmnI+gK0TJDVK9qPLhM+sRHYanNKw0EQ=", + version = "v0.0.0-20190816220812-743ec37842bf", ) go_repository( - name = "com_github_go_openapi_errors", + name = "io_k8s_kubernetes", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/go-openapi/errors", - sum = "h1:azEQ8Fnx0jmtFF2fxsnmd6I0x6rsweUF63qqSO1NmKk=", - version = "v0.17.2", + importpath = "k8s.io/kubernetes", + sum = "h1:wJx/r2HuPVaaBeCUk/P47GSK0eyrj3mI/kESRFBp6/A=", + version = "v1.14.7", ) go_repository( - name = "com_github_go_openapi_loads", + name = "io_k8s_repo_infra", + importpath = "k8s.io/repo-infra", + sum = "h1:PQyAIB6SRdV0a3Vj/VA39L1uANW36k/zg3tOk/Ffh3U=", + version = "v0.0.0-20190329054012-df02ded38f95", + ) + go_repository( + name = "io_k8s_sigs_controller_runtime", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/go-openapi/loads", - sum = "h1:tEXYu6Xc0pevpzzQx5ghrMN9F7IVpN/+u4iD3rkYE5o=", - version = "v0.17.2", + importpath = "sigs.k8s.io/controller-runtime", + sum = "h1:ZtdgqJXVHsIytjdmDuk0QjagnzyLq9FjojXRqIp+dU4=", + version = "v0.3.0", ) + go_repository( - name = "com_github_go_openapi_runtime", + name = "io_k8s_sigs_structured_merge_diff", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/go-openapi/runtime", - sum = "h1:/ZK67ikFhQAMFFH/aPu2MaGH7QjP4wHBvHYOVIzDAw0=", - version = "v0.17.2", + importpath = "sigs.k8s.io/structured-merge-diff", + sum = "h1:4Z09Hglb792X0kfOBBJUPFEyvVfQWrYT/l8h5EKA6JQ=", + version = "v0.0.0-20190525122527-15d366b2352e", ) go_repository( - name = "com_github_go_openapi_strfmt", + name = "io_k8s_sigs_testing_frameworks", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/go-openapi/strfmt", - sum = "h1:1isAxYf//QDTnVzbLAMrUK++0k1EjeLJU/gTOR0o3Mc=", - version = "v0.17.0", + importpath = "sigs.k8s.io/testing_frameworks", + sum = "h1:cP2l8fkA3O9vekpy5Ks8mmA0NW/F7yBdXf8brkWhVrs=", + version = "v0.1.1", ) go_repository( - name = "com_github_go_openapi_validate", + name = "io_k8s_sigs_yaml", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/go-openapi/validate", - sum = "h1:PVXYcP1GkTl+XIAJnyJxOmK6CSG5Q1UcvoCvNO++5Kg=", - version = "v0.18.0", + importpath = "sigs.k8s.io/yaml", + sum = "h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=", + version = "v1.1.0", ) + go_repository( - name = "com_github_golang_collections_collections", + name = "io_k8s_test_infra", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/golang-collections/collections", - sum = "h1:zN2lZNZRflqFyxVaTIU61KNKQ9C0055u9CAfpmqUvo4=", - version = "v0.0.0-20130729185459-604e922904d3", + importpath = "k8s.io/test-infra", + sum = "h1:J/nTZ/pg1zz6bx923NafH3gb+Fr7RJKAuOoeKey/xWM=", + version = "v0.0.0-20191025015832-1849ddeb80fc", ) + go_repository( - name = "com_github_google_renameio", + name = "io_k8s_utils", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/google/renameio", - sum = "h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=", - version = "v0.1.0", + importpath = "k8s.io/utils", + sum = "h1:rfepARh/ECp66dk9TTmT//1PBkHffjnxhdOrgH4m+eA=", + version = "v0.0.0-20190920012459-5008bf6f8cd6", ) go_repository( - name = "com_github_googlecloudplatform_testgrid", + name = "io_opencensus_go", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/GoogleCloudPlatform/testgrid", - sum = "h1:CyF0eU2zgmEnZSlo2tlTYuzHu7etOg07+WwuE4kVn58=", - version = "v0.0.0-20191016232453-9f0319fc1197", + importpath = "go.opencensus.io", + sum = "h1:mU6zScU4U1YAFPHEHYk+3JC4SY7JxgkqS10ZOSyksNg=", + version = "v0.21.0", ) + go_repository( - name = "com_github_gotestyourself_gotestyourself", + name = "io_rsc_binaryregexp", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/gotestyourself/gotestyourself", - sum = "h1:AQwinXlbQR2HvPjQZOmDhRqsv5mZf+Jb1RnSLxcqZcI=", - version = "v2.2.0+incompatible", + importpath = "rsc.io/binaryregexp", + sum = "h1:HfqmD5MEmC0zvwBuF187nq9mdnXjXsSivRiXN7SmRkE=", + version = "v0.2.0", ) go_repository( - name = "com_github_munnerz_goautoneg", + name = "ml_vbom_util", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/munnerz/goautoneg", - sum = "h1:7PxY7LVfSZm7PEeBTyK1rj1gABdCO2mbri6GKO1cMDs=", - version = "v0.0.0-20120707110453-a547fc61f48d", + importpath = "vbom.ml/util", + sum = "h1:O69FD9pJA4WUZlEwYatBEEkRWKQ5cKodWpdKTrCS/iQ=", + version = "v0.0.0-20180919145318-efcd4e0f9787", ) + go_repository( - name = "com_github_mxk_go_flowrate", + name = "org_apache_git_thrift_git", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/mxk/go-flowrate", - sum = "h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus=", - version = "v0.0.0-20140419014527-cca7078d478f", + importpath = "git.apache.org/thrift.git", + sum = "h1:OR8VhtwhcAI3U48/rzBsVOuHi0zDPzYI1xASVcdSgR8=", + version = "v0.0.0-20180902110319-2566ecd5d999", ) go_repository( - name = "com_github_natefinch_lumberjack", + name = "org_golang_google_api", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/natefinch/lumberjack", - sum = "h1:4QJd3OLAMgj7ph+yZTuX13Ld4UpgHp07nNdFX7mqFfM=", - version = "v2.0.0+incompatible", + importpath = "google.golang.org/api", + sum = "h1:KKgc1aqhV8wDPbDzlDtpvyjZFY3vjz85FP7p4wcQUyI=", + version = "v0.4.0", ) + go_repository( - name = "com_github_pquerna_cachecontrol", + name = "org_golang_google_appengine", build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "github.com/pquerna/cachecontrol", - sum = "h1:0XM1XL/OFFJjXsYXlG30spTkV/E9+gmd5GD1w2HE8xM=", - version = "v0.0.0-20171018203845-0dec1b30a021", + build_file_proto_mode = "disable_global", + importpath = "google.golang.org/appengine", + sum = "h1:KxkO13IPW4Lslp2bz+KHP2E3gtFlrIGNThxkZQ3g+4c=", + version = "v1.5.0", ) + go_repository( - name = "com_github_remyoudompheng_bigfft", + name = "org_golang_google_genproto", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "github.com/remyoudompheng/bigfft", - sum = "h1:/NRJ5vAYoqz+7sG51ubIDHXeWO8DlTSrToPu6q11ziA=", - version = "v0.0.0-20170806203942-52369c62f446", + importpath = "google.golang.org/genproto", + sum = "h1:ZUjXAXmrAyrmmCPHgCA/vChHcpsX27MZ3yBonD/z1KE=", + version = "v0.0.0-20190418145605-e7d98fc518a7", ) + go_repository( - name = "com_google_cloud_go_bigquery", + name = "org_golang_google_grpc", build_file_generation = "on", - build_file_proto_mode = "disable", - importpath = "cloud.google.com/go/bigquery", - sum = "h1:hL+ycaJpVE9M7nLoiXb/Pn10ENE2u+oddxbD8uu0ZVU=", - version = "v1.0.1", + build_file_proto_mode = "disable_global", + importpath = "google.golang.org/grpc", + sum = "h1:cfg4PD8YEdSFnm7qLV4++93WcmhH2nIUhMjhdCvl3j8=", + version = "v1.19.0", ) + go_repository( - name = "com_google_cloud_go_datastore", + name = "org_golang_x_build", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "cloud.google.com/go/datastore", - sum = "h1:Kt+gOPPp2LEPWp8CSfxhsM8ik9CcyE/gYu+0r+RnZvM=", - version = "v1.0.0", + importpath = "golang.org/x/build", + sum = "h1:Hgyq56/B1VbKi6tNXTJq3eo63zJbRzQr4uBZqiciilA=", + version = "v0.0.0-20171220025321-125f04e1fc4b", ) go_repository( - name = "com_google_cloud_go_pubsub", + name = "org_golang_x_crypto", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "cloud.google.com/go/pubsub", - sum = "h1:W9tAK3E57P75u0XLLR82LZyw8VpAnhmyTOxW9qzmyj8=", - version = "v1.0.1", + importpath = "golang.org/x/crypto", + sum = "h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=", + version = "v0.0.0-20190701094942-4def268fd1a4", ) + go_repository( - name = "com_google_cloud_go_storage", + name = "org_golang_x_exp", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "cloud.google.com/go/storage", - sum = "h1:q7KNypEb3CARnitCAqY63g+dZp9HDEgv/c6IPlPLMJI=", - version = "v1.1.2", + importpath = "golang.org/x/exp", + sum = "h1:c2HOrn5iMezYjSlGPncknSEr/8x5LELb/ilJbXi9DEA=", + version = "v0.0.0-20190121172915-509febef88a4", ) + go_repository( - name = "com_shuralyov_dmitri_gpu_mtl", + name = "org_golang_x_image", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "dmitri.shuralyov.com/gpu/mtl", - sum = "h1:VpgP7xuJadIUuKccphEpTJnWhS2jkQyMt6Y7pJCD7fY=", - version = "v0.0.0-20190408044501-666a987793e9", + importpath = "golang.org/x/image", + sum = "h1:+qEpEAPhDZ1o0x3tHzZTQDArnOixOzGD9HUJfcg0mb4=", + version = "v0.0.0-20190802002840-cff245a6509b", ) go_repository( - name = "in_gopkg_natefinch_lumberjack_v2", + name = "org_golang_x_lint", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "gopkg.in/natefinch/lumberjack.v2", - sum = "h1:986b60BAz5vO2Vaf48yQaq+wb2bU4JsXxKu1+itW6x8=", - version = "v2.0.0-20150622162204-20b71e5b60d7", + importpath = "golang.org/x/lint", + sum = "h1:hX65Cu3JDlGH3uEdK7I99Ii+9kjD6mvnnpfLdEAH0x4=", + version = "v0.0.0-20190301231843-5614ed5bae6f", ) + go_repository( - name = "in_gopkg_square_go_jose_v2", + name = "org_golang_x_mobile", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "gopkg.in/square/go-jose.v2", - sum = "h1:ELQJ5WuT+ydETLCpWvAuw8iGBQRGoJq+A3RAbbAcZUY=", - version = "v2.0.0-20180411045311-89060dee6a84", + importpath = "golang.org/x/mobile", + sum = "h1:4+4C/Iv2U4fMZBiMCc98MG1In4gJY5YRhtpDNeDeHWs=", + version = "v0.0.0-20190719004257-d2bd2a29d028", ) + go_repository( - name = "in_gopkg_yaml_v1", + name = "org_golang_x_mod", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "gopkg.in/yaml.v1", - sum = "h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU=", - version = "v1.0.0-20140924161607-9f9df34309c0", + importpath = "golang.org/x/mod", + sum = "h1:sfUMP1Gu8qASkorDVjnMuvgJzwFbTZSeXFiGBYAVdl4=", + version = "v0.1.0", ) go_repository( - name = "in_gopkg_yaml_v3", + name = "org_golang_x_net", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "gopkg.in/yaml.v3", - sum = "h1:0efs3hwEZhFKsCoP8l6dDB1AZWMgnEl3yWXWRZTOaEA=", - version = "v3.0.0-20190709130402-674ba3eaed22", + importpath = "golang.org/x/net", + sum = "h1:gkKoSkUmnU6bpS/VhkuO27bzQeSA51uaEfbOW5dNb68=", + version = "v0.0.0-20190812203447-cdfb69ac37fc", ) + go_repository( - name = "io_k8s_apiserver", + name = "org_golang_x_oauth2", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "k8s.io/apiserver", - sum = "h1:vXeVIqZsVgwfUENTAeybgfNVW7zZD7GPZJGtwReK+hI=", - version = "v0.0.0-20190918200908-1e17798da8c1", + importpath = "golang.org/x/oauth2", + sum = "h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0=", + version = "v0.0.0-20190604053449-0f29369cfe45", ) + go_repository( - name = "io_k8s_component_base", + name = "org_golang_x_sync", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "k8s.io/component-base", - sum = "h1:YicOHTLJZz/TIpJcqhVYJI2LyuM7VMkYiiG6FZfJmzY=", - version = "v0.0.0-20190918200425-ed2f0867c778", + importpath = "golang.org/x/sync", + sum = "h1:bjcUS9ztw9kFmmIxJInhon/0Is3p+EHBKNgquIzo1OI=", + version = "v0.0.0-20190227155943-e225da77a7e6", ) + go_repository( - name = "io_k8s_sigs_structured_merge_diff", + name = "org_golang_x_sys", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "sigs.k8s.io/structured-merge-diff", - sum = "h1:4Z09Hglb792X0kfOBBJUPFEyvVfQWrYT/l8h5EKA6JQ=", - version = "v0.0.0-20190525122527-15d366b2352e", + importpath = "golang.org/x/sys", + sum = "h1:25KHgbfyiSm6vwQLbM3zZIe1v9p/3ea4Rz+nnM5K/i4=", + version = "v0.0.0-20190616124812-15dcb6c0061f", ) + go_repository( - name = "org_apache_git_thrift_git", + name = "org_golang_x_text", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "git.apache.org/thrift.git", - sum = "h1:OR8VhtwhcAI3U48/rzBsVOuHi0zDPzYI1xASVcdSgR8=", - version = "v0.0.0-20180902110319-2566ecd5d999", + importpath = "golang.org/x/text", + sum = "h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=", + version = "v0.3.2", ) + go_repository( - name = "org_golang_x_build", + name = "org_golang_x_time", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "golang.org/x/build", - sum = "h1:Hgyq56/B1VbKi6tNXTJq3eo63zJbRzQr4uBZqiciilA=", - version = "v0.0.0-20171220025321-125f04e1fc4b", + importpath = "golang.org/x/time", + sum = "h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=", + version = "v0.0.0-20190308202827-9d24e82272b4", ) + go_repository( - name = "org_golang_x_mod", + name = "org_golang_x_tools", build_file_generation = "on", build_file_proto_mode = "disable", - importpath = "golang.org/x/mod", - sum = "h1:sfUMP1Gu8qASkorDVjnMuvgJzwFbTZSeXFiGBYAVdl4=", - version = "v0.1.0", + importpath = "golang.org/x/tools", + sum = "h1:H3uGjxCR/6Ds0Mjgyp7LMK81+LvmbvWWEnJhzk1Pi9E=", + version = "v0.0.0-20190312170243-e65039ee4138", ) + go_repository( name = "org_golang_x_xerrors", build_file_generation = "on", @@ -2496,6 +2568,31 @@ def go_repositories(): sum = "h1:7ccXrupWZIS3twbUGrtKmHS2DXY6xegFua+6O3xgAFU=", version = "v1.0.0", ) + go_repository( + name = "org_uber_go_atomic", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "go.uber.org/atomic", + sum = "h1:2Oa65PReHzfn29GpvgsYwloV9AVFHPDk8tYxt2c2tr4=", + version = "v1.3.2", + ) + go_repository( + name = "org_uber_go_multierr", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "go.uber.org/multierr", + sum = "h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI=", + version = "v1.1.0", + ) + go_repository( + name = "org_uber_go_zap", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "go.uber.org/zap", + sum = "h1:XCJQEf3W6eZaVwhRBof6ImoYGJSITeKWsyeh3HFu/5o=", + version = "v1.9.1", + ) + go_repository( name = "tools_gotest", build_file_generation = "on", @@ -2504,3 +2601,11 @@ def go_repositories(): sum = "h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=", version = "v2.2.0+incompatible", ) + go_repository( + name = "xyz_gomodules_jsonpatch_v2", + build_file_generation = "on", + build_file_proto_mode = "disable", + importpath = "gomodules.xyz/jsonpatch/v2", + sum = "h1:xyiBuvkD2g5n7cYzx6u2sxQvsAy4QJsZFCzGVdzOXZ0=", + version = "v2.0.1", + ) From ecc3277a5eb3ec35e004205c22e9e3aff7342180 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Wed, 4 Nov 2020 12:21:47 -0500 Subject: [PATCH 2/7] Authentikos: Add missing license headers. --- authentikos/pkg/plugins/github/github.go | 14 ++++++++++++++ authentikos/pkg/plugins/github/github_test.go | 14 ++++++++++++++ authentikos/pkg/plugins/google/google.go | 14 ++++++++++++++ 3 files changed, 42 insertions(+) diff --git a/authentikos/pkg/plugins/github/github.go b/authentikos/pkg/plugins/github/github.go index af3c9d89ff..198c1a6dd9 100644 --- a/authentikos/pkg/plugins/github/github.go +++ b/authentikos/pkg/plugins/github/github.go @@ -1,3 +1,17 @@ +// Copyright 2020 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package github import ( diff --git a/authentikos/pkg/plugins/github/github_test.go b/authentikos/pkg/plugins/github/github_test.go index 2f4a232990..2809e2724a 100644 --- a/authentikos/pkg/plugins/github/github_test.go +++ b/authentikos/pkg/plugins/github/github_test.go @@ -1,3 +1,17 @@ +// Copyright 2020 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package github import ( diff --git a/authentikos/pkg/plugins/google/google.go b/authentikos/pkg/plugins/google/google.go index f948eefed3..d34663d0e3 100644 --- a/authentikos/pkg/plugins/google/google.go +++ b/authentikos/pkg/plugins/google/google.go @@ -1,3 +1,17 @@ +// Copyright 2020 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package google import ( From a8a6fd7dcb834c70544dffe5aaed850f5a4bcfb9 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Wed, 4 Nov 2020 12:53:35 -0500 Subject: [PATCH 3/7] Authentikos: Fix gitignore to not ignore dirs with "authentikos" in path. The gitignore was configured to ignore the authentikos binary generated by `go build`, but because of the gitignore syntax this resulted in git ignoring any directory with "authentikos" in the path. Also adds in missing files that were previously being ignored. --- authentikos/.gitignore | 2 +- authentikos/pkg/authentikos/BUILD.bazel | 27 ++++ authentikos/pkg/authentikos/authentikos.go | 132 ++++++++++++++++++ .../pkg/authentikos/authentikos_test.go | 95 +++++++++++++ 4 files changed, 255 insertions(+), 1 deletion(-) create mode 100644 authentikos/pkg/authentikos/BUILD.bazel create mode 100644 authentikos/pkg/authentikos/authentikos.go create mode 100644 authentikos/pkg/authentikos/authentikos_test.go diff --git a/authentikos/.gitignore b/authentikos/.gitignore index fbe82ac3cb..f832e27456 100644 --- a/authentikos/.gitignore +++ b/authentikos/.gitignore @@ -1 +1 @@ -authentikos +/authentikos diff --git a/authentikos/pkg/authentikos/BUILD.bazel b/authentikos/pkg/authentikos/BUILD.bazel new file mode 100644 index 0000000000..142805bdf3 --- /dev/null +++ b/authentikos/pkg/authentikos/BUILD.bazel @@ -0,0 +1,27 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test") + +go_library( + name = "go_default_library", + srcs = ["authentikos.go"], + importpath = "istio.io/test-infra/authentikos/pkg/authentikos", + visibility = ["//visibility:public"], + deps = [ + "@com_github_mattbaird_jsonpatch//:go_default_library", + "@io_k8s_api//core/v1:go_default_library", + "@io_k8s_apimachinery//pkg/types:go_default_library", + "@io_k8s_client_go//kubernetes/typed/core/v1:go_default_library", + "@io_k8s_klog//:go_default_library", + ], +) + +go_test( + name = "go_default_test", + srcs = ["authentikos_test.go"], + embed = [":go_default_library"], + deps = [ + "@com_github_google_go_cmp//cmp:go_default_library", + "@io_k8s_api//core/v1:go_default_library", + "@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library", + "@io_k8s_client_go//kubernetes/fake:go_default_library", + ], +) diff --git a/authentikos/pkg/authentikos/authentikos.go b/authentikos/pkg/authentikos/authentikos.go new file mode 100644 index 0000000000..9dbbe7418f --- /dev/null +++ b/authentikos/pkg/authentikos/authentikos.go @@ -0,0 +1,132 @@ +// Copyright 2020 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package authentikos + +import ( + "context" + "encoding/json" + "fmt" + "strings" + "time" + + "github.com/mattbaird/jsonpatch" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/types" + v1 "k8s.io/client-go/kubernetes/typed/core/v1" + "k8s.io/klog" +) + +// SecretGenerator generates a secret for the given namespace/name. +type SecretGenerator interface { + Secret(ctx context.Context, namespace, name string) (*corev1.Secret, error) +} + +// SecretCreator is responsible for creating/updating the Secret resources. +type SecretCreator struct { + client v1.SecretsGetter + gen SecretGenerator +} + +// NewSecretCreator creates a new SecretCreator client for the given kubeclient +// + SecretGenerator. +func NewSecretCreator(client v1.SecretsGetter, gen SecretGenerator) *SecretCreator { + return &SecretCreator{ + client: client, + gen: gen, + } +} + +// Create creates or updates the Secret resource. For updates, only the Secret +// data is updated to preserve ObjectMeta fields like labels/annotations. +func (c *SecretCreator) Create(ctx context.Context, namespace, name string) (*corev1.Secret, error) { + req, err := c.gen.Secret(ctx, namespace, name) + if err != nil { + return nil, err + } + if secret, err := c.client.Secrets(namespace).Create(req); err == nil { + return secret, nil + } + + // Only update the secret data, leave metadata untouched. + patch, err := json.Marshal([]jsonpatch.JsonPatchOperation{jsonpatch.NewPatch("replace", "/data", req.Data)}) + if err != nil { + return nil, err + } + secret, err := c.client.Secrets(namespace).Patch(req.GetName(), types.JSONPatchType, patch) + if err != nil { + return nil, err + } + return secret, nil +} + +// Reconcile runs a reconciliation loop in order to achieve desired secret state. +func Reconcile(ctx context.Context, client *SecretCreator, interval time.Duration, name string, namespaces ...string) { + ticker := time.NewTicker(interval) + + work := func(ctx context.Context) { + var ( + secrets []*corev1.Secret + errs namespacedErrors + ) + for _, ns := range namespaces { + secret, err := client.Create(ctx, ns, name) + if err != nil { + errs = append(errs, &namespacedError{ns, err.Error()}) + } else { + secrets = append(secrets, secret) + } + } + klog.Info(fmt.Sprintf( + "%v: reconcile complete; secrets: %v; errors: %v; next reconcile: %vm\n", + time.Now().Format(time.RFC3339), + len(secrets), + len(errs), + interval.Minutes(), + )) + + if len(errs) > 0 { + klog.V(1).Info(fmt.Sprintf("errors: %v\n", errs.Errors())) + } + } + + for ; ctx.Err() == nil; <-ticker.C { + work(ctx) + } +} + +// namespacedError is a custom error type which stores a message and a kubernetes namespace. +type namespacedError struct { + namespace string + message string +} + +// namespacedError returns the string representation of the error. +func (err namespacedError) Error() string { + return fmt.Sprintf("%v:%v", err.namespace, err.message) +} + +// namespacedError is a list of custom namespaced errors. +type namespacedErrors []*namespacedError + +// namespacedErrors returns the string representation of the error(s). +func (errs namespacedErrors) Errors() string { + var errMsgs []string + + for _, err := range errs { + errMsgs = append(errMsgs, err.Error()) + } + + return strings.Join(errMsgs, ", ") +} diff --git a/authentikos/pkg/authentikos/authentikos_test.go b/authentikos/pkg/authentikos/authentikos_test.go new file mode 100644 index 0000000000..56e02d8242 --- /dev/null +++ b/authentikos/pkg/authentikos/authentikos_test.go @@ -0,0 +1,95 @@ +// Copyright 2020 Istio Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package authentikos + +import ( + "context" + "testing" + "time" + + "github.com/google/go-cmp/cmp" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes/fake" +) + +type simpleSecretGen struct { + secret *corev1.Secret +} + +func (g *simpleSecretGen) Secret(ctx context.Context, namespace, name string) (*corev1.Secret, error) { + return g.secret, nil +} + +func TestSecretCreator(t *testing.T) { + ctx := context.Background() + ns := "default" + name := "secret" + secret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: ns, + }, + Data: map[string][]byte{ + "secret": []byte("hunter2"), + }, + } + client := fake.NewSimpleClientset() + c := &SecretCreator{ + client: client.CoreV1(), + gen: &simpleSecretGen{secret: secret}, + } + + t.Run("Create", func(t *testing.T) { + s, err := c.Create(ctx, ns, name) + if err != nil { + t.Fatal(err) + } + if diff := cmp.Diff(secret, s); diff != "" { + t.Error(diff) + } + }) + + t.Run("Update", func(t *testing.T) { + // Simulate user annotation of secret. Leave secret gen as is. + annotatedSecret := &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + Namespace: ns, + Annotations: map[string]string{"foo": "bar"}, + }, + Data: secret.Data, + } + if _, err := client.CoreV1().Secrets(ns).Update(annotatedSecret); err != nil { + t.Fatalf("Secret.Update: %v", err) + } + s, err := c.Create(ctx, ns, name) + if err != nil { + t.Fatal(err) + } + // User annotations should be preserved. + if diff := cmp.Diff(annotatedSecret, s); diff != "" { + t.Error(diff) + } + }) +} + +func TestReconcile_Cancel(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) + cancel() + + // This should effectively be a no-op, since the context is already cancelled. + Reconcile(ctx, nil, time.Second, "") +} From ea61aa0ec3a73b7c5da2043c5acbe6dd6c659e5a Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Wed, 4 Nov 2020 15:01:10 -0500 Subject: [PATCH 4/7] Authentikos: Fix validation test when running as root. If running as root (i.e. default user for docker run), setting the file permissions to `0000` doesn't actually prevent the file from being unreadable. This was causing false signals in CI testing. This modifies the behavior to just create a file that doesn't exist, which has the same effect of what we're trying to test (e.g. that we can't read the template file). Since the deletedCredsFile is similar in this sense this was also changed to be consistent. Also added some minor test QoL changes (usage of t.Helper, t.Log) to aid future debugging. --- authentikos/pkg/plugins/google/google_test.go | 29 ++++++++++++------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/authentikos/pkg/plugins/google/google_test.go b/authentikos/pkg/plugins/google/google_test.go index fd39e557f1..6877bc44c1 100644 --- a/authentikos/pkg/plugins/google/google_test.go +++ b/authentikos/pkg/plugins/google/google_test.go @@ -20,6 +20,7 @@ import ( "fmt" "io/ioutil" "os" + "path/filepath" "reflect" "testing" "time" @@ -28,30 +29,33 @@ import ( "golang.org/x/oauth2" ) -func makeFile(data string, readable bool) string { - f, _ := ioutil.TempFile("", "") - fname := f.Name() +func makeFile(t *testing.T, data string) string { + t.Helper() - _ = ioutil.WriteFile(fname, []byte(data), 0644) + f, err := ioutil.TempFile("", "") + if err != nil { + t.Fatalf("ioutil.TempFile: %v", err) + } + fname := f.Name() - if !readable { - _ = os.Chmod(fname, 0000) + if err := ioutil.WriteFile(fname, []byte(data), 0644); err != nil { + t.Fatalf("ioutil.WriteFile: %v", err) } return fname } func TestValidateFlags(t *testing.T) { - creds := "super secret data" template := "{{.Token}}" - deletedCredsFile := makeFile(creds, true) - validTFile := makeFile(template, true) - invalidTFile := makeFile(template, false) + validTFile := makeFile(t, template) + + // Simulate invalid/deleted files by generating a path, but has no file. + deletedCredsFile := filepath.Join(os.TempDir(), fmt.Sprintf("deleted-creds-%d", time.Now().Unix())) + invalidTFile := filepath.Join(os.TempDir(), fmt.Sprintf("invalid-%d", time.Now().Unix())) os.Remove(deletedCredsFile) defer os.Remove(validTFile) - defer os.Remove(invalidTFile) testCases := []struct { name string @@ -143,6 +147,9 @@ func TestValidateFlags(t *testing.T) { o.parseFlags() + t.Logf("Options (pre-validate): %+v", o) + t.Cleanup(func() { t.Logf("Options (post-validate): %+v", o) }) + if err := o.validateFlags(); (err != nil) != tc.expectedErr { t.Fatalf("expected error: %t != actual error: %t: %v", tc.expectedErr, err != nil, err) } From e606abce6a8dba1e12e3c6b74f467be64de2f7e0 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Thu, 5 Nov 2020 13:52:34 -0500 Subject: [PATCH 5/7] Authentikos: Fix klog and pflag flag parsing. Adds missing support for mixing standard golang and pflag flags. See https://github.com/spf13/pflag#supporting-go-flags-when-using-pflag for details. --- authentikos/pkg/authentikos/authentikos.go | 4 ++ authentikos/pkg/plugins/google/google.go | 44 +++++++------------ authentikos/pkg/plugins/google/google_test.go | 7 +-- 3 files changed, 24 insertions(+), 31 deletions(-) diff --git a/authentikos/pkg/authentikos/authentikos.go b/authentikos/pkg/authentikos/authentikos.go index 9dbbe7418f..c6caa76034 100644 --- a/authentikos/pkg/authentikos/authentikos.go +++ b/authentikos/pkg/authentikos/authentikos.go @@ -53,19 +53,23 @@ func NewSecretCreator(client v1.SecretsGetter, gen SecretGenerator) *SecretCreat func (c *SecretCreator) Create(ctx context.Context, namespace, name string) (*corev1.Secret, error) { req, err := c.gen.Secret(ctx, namespace, name) if err != nil { + klog.Errorf("error getting secret: %v", err) return nil, err } if secret, err := c.client.Secrets(namespace).Create(req); err == nil { + klog.V(1).Infof("error creating secret (this may be expected): %v", err) return secret, nil } // Only update the secret data, leave metadata untouched. patch, err := json.Marshal([]jsonpatch.JsonPatchOperation{jsonpatch.NewPatch("replace", "/data", req.Data)}) if err != nil { + klog.V(1).Infof("error generating patch: %v", err) return nil, err } secret, err := c.client.Secrets(namespace).Patch(req.GetName(), types.JSONPatchType, patch) if err != nil { + klog.Errorf("error patching secret: %v", err) return nil, err } return secret, nil diff --git a/authentikos/pkg/plugins/google/google.go b/authentikos/pkg/plugins/google/google.go index d34663d0e3..ced8b89a2a 100644 --- a/authentikos/pkg/plugins/google/google.go +++ b/authentikos/pkg/plugins/google/google.go @@ -35,8 +35,6 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" _ "k8s.io/client-go/plugin/pkg/client/auth" // Enable all auth provider plugins - "k8s.io/client-go/rest" - "k8s.io/client-go/tools/clientcmd" "k8s.io/klog" ) @@ -93,10 +91,16 @@ type options struct { scopes []string } -// parseFlags parses the command-line flags. -func (o *options) parseFlags() { +var ( + o = options{} +) + +func init() { + flags(&o) +} + +func flags(o *options) { flag.BoolVarP(&o.forceRefresh, "force-refresh", "r", false, "Force a token refresh. Otherwise, the token will only refresh when necessary.") - flag.BoolVarP(&o.verbose, "verbose", "v", false, "Print verbose output.") flag.DurationVarP(&o.interval, "interval", "i", defaultInterval, fmt.Sprintf("Token refresh interval [%v - %v).", minInterval, maxInterval)) flag.StringVarP(&o.creds, "creds", "c", "", "Path to a JSON credentials file.") flag.StringVarP(&o.secret, "secret", "o", defaultSecret, "Name of secret to create.") @@ -105,8 +109,6 @@ func (o *options) parseFlags() { flag.StringVarP(&o.templateFile, "template-file", "f", "", "Path to a template string for the token.") flag.StringSliceVarP(&o.namespace, "namespace", "n", []string{defaultNamespace}, "Namespace(s) to create the secret in.") flag.StringSliceVarP(&o.scopes, "scopes", "s", []string{}, "Oauth scope(s) to request for token (see: https://developers.google.com/identity/protocols/oauth2/scopes).") - - flag.Parse() } // validateFlags validates the command-line flags. @@ -211,25 +213,6 @@ func generateTokenData(o options, data []byte) ([]byte, error) { } -// createClusterConfig creates kubernetes cluster configuration. -func createClusterConfig() (*rest.Config, error) { - return clientcmd.NewNonInteractiveDeferredLoadingClientConfig( - clientcmd.NewDefaultClientConfigLoadingRules(), - &clientcmd.ConfigOverrides{}, - ).ClientConfig() -} - -// loadClusterConfig loads kubernetes cluster configuration. -func loadClusterConfig() (*rest.Config, error) { - if clusterConfig, err := rest.InClusterConfig(); err == nil { - return clusterConfig, nil - } else if clusterConfig, err := createClusterConfig(); err == nil { - return clusterConfig, nil - } else { - return nil, err - } -} - // getOauthTokenCreator returns a function that creates/refreshes an oauth token. func getOauthTokenCreator(o options) (tokenCreator, error) { var create tokenCreator @@ -265,6 +248,7 @@ func getOauthTokenCreator(o options) (tokenCreator, error) { token, err := client.TokenSource.Token() if err != nil { + klog.Errorf("error getting token: %v", err) return withBackoff(1, maxTries-tries, create).(tokenCreator)(forceRefresh, tries-1) } @@ -284,8 +268,6 @@ type Google struct { } func NewSecretGenerator() (*Google, error) { - var o options - o.parseFlags() if err := o.validateFlags(); err != nil { return nil, err } @@ -296,15 +278,18 @@ func NewSecretGenerator() (*Google, error) { func (g *Google) Secret(ctx context.Context, namespace, name string) (*corev1.Secret, error) { tokenCreator, err := getOauthTokenCreator(g.o) if err != nil { + klog.Errorf("error getting OAuth creator: %v", err) return nil, err } secretData, err := tokenCreator(g.o.forceRefresh, maxTries) if err != nil { + klog.Errorf("error getting OAuth token: %v", err) return nil, err } data, err := generateTokenData(g.o, secretData) if err != nil { + klog.Errorf("error generating token data: %v", err) return nil, err } @@ -312,6 +297,9 @@ func (g *Google) Secret(ctx context.Context, namespace, name string) (*corev1.Se ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "authentikos", + }, }, Data: map[string][]byte{g.o.key: data}, }, nil diff --git a/authentikos/pkg/plugins/google/google_test.go b/authentikos/pkg/plugins/google/google_test.go index 6877bc44c1..1ff76a47d4 100644 --- a/authentikos/pkg/plugins/google/google_test.go +++ b/authentikos/pkg/plugins/google/google_test.go @@ -139,13 +139,14 @@ func TestValidateFlags(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - var o options + + o = options{} os.Args = []string{"authentikos"} os.Args = append(os.Args, tc.args...) pflag.CommandLine = pflag.NewFlagSet(os.Args[0], pflag.ExitOnError) - - o.parseFlags() + flags(&o) + pflag.Parse() t.Logf("Options (pre-validate): %+v", o) t.Cleanup(func() { t.Logf("Options (post-validate): %+v", o) }) From fd89511562b9a3ce8032753b5794e24764ea2e19 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Thu, 5 Nov 2020 13:54:37 -0500 Subject: [PATCH 6/7] Authentikos: Fix integration tests. This includes fixes for a variety of issues related to integration testing: - Use `kind load docker-image` to pass in the local image to the test. - Disable remote pulling of authentikos images to prevent pulling a non-test image - Modify integ-test makefile rule to depend on fresh image builds. - Update `kindest/node` version to latest v1.17.x image. This is required to support host networking DNS resolution that is broken in v1.17.0. - Modify unit tests to be more OSX friendly (`xargs -r` doesn't exist on OSX) --- authentikos/Makefile | 2 +- authentikos/authentikos.go | 13 ++++++++----- authentikos/test/integ-simple.sh | 16 ++++++++-------- authentikos/test/lib.sh | 3 ++- .../test/testdata/authentikos-simple.yaml | 6 +++--- 5 files changed, 22 insertions(+), 18 deletions(-) diff --git a/authentikos/Makefile b/authentikos/Makefile index 972527e266..b9a29f363b 100644 --- a/authentikos/Makefile +++ b/authentikos/Makefile @@ -33,7 +33,7 @@ unit-test: @go test ./... .PHONY: integ-test -integ-test: +integ-test: image @bash ./test/integ-simple.sh .PHONY: test diff --git a/authentikos/authentikos.go b/authentikos/authentikos.go index 1c116323b0..e39feeefd4 100644 --- a/authentikos/authentikos.go +++ b/authentikos/authentikos.go @@ -21,6 +21,7 @@ import ( "flag" "time" + "github.com/spf13/pflag" "istio.io/test-infra/authentikos/pkg/authentikos" "istio.io/test-infra/authentikos/pkg/plugins/google" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -36,7 +37,7 @@ const ( defaultKey = "token" // defaultKey is the kubernetes secret data key. defaultSecret = "authentikos-token" // defaultSecret is the default kubernetes secret name. defaultNamespace = metav1.NamespaceDefault // defaultNamespace is the default kubernetes namespace. - defaultInterval = 30 * time.Minute // defaultInterval is the default tick interval. + defaultInterval = 1 * time.Minute // defaultInterval is the default tick interval. ) // createClusterConfig creates kubernetes cluster configuration. @@ -60,20 +61,22 @@ func loadClusterConfig() (*rest.Config, error) { // main entry point. func main() { - flag.Parse() + klog.InitFlags(nil) + pflag.CommandLine.AddGoFlagSet(flag.CommandLine) + pflag.Parse() g, err := google.NewSecretGenerator() if err != nil { - klog.Exit(err) + klog.Exit("error creating secret generator: %v", err) } config, err := loadClusterConfig() if err != nil { - klog.Exit(err) + klog.Exitf("error loading cluster config: %v", err) } clientset, err := kubernetes.NewForConfig(config) if err != nil { - klog.Exit(err) + klog.Exit("error creating k8s clientset: %v", err) } client := authentikos.NewSecretCreator(clientset.CoreV1(), g) diff --git a/authentikos/test/integ-simple.sh b/authentikos/test/integ-simple.sh index 19c2b73a04..6dea66b06d 100644 --- a/authentikos/test/integ-simple.sh +++ b/authentikos/test/integ-simple.sh @@ -33,31 +33,31 @@ get_tokeninfo() { } run_test() { - set -x + set -xe local tokeninfo="$1" echo "Test 'error' is null" - echo "$tokeninfo" | jq -r '.error' | xargs -r -I% test % = "null" + [[ $(echo "$tokeninfo" | jq -r '.error') == 'null' ]] || exit 1 echo "Test 'issued_to' exists" - echo "$tokeninfo" | jq -r '.issued_to' | xargs -r test -n + [[ $(echo "$tokeninfo" | jq -r '.issued_to') != "null" ]] || exit 1 echo "Test 'audience' exists" - echo "$tokeninfo" | jq -r '.audience' | xargs -r test -n + [[ $(echo "$tokeninfo" | jq -r '.audience') != "null" ]] || exit 1 echo "Test 'user_id' exists" - echo "$tokeninfo" | jq -r '.user_id' | xargs -r test -n + [[ $(echo "$tokeninfo" | jq -r '.user_id') != "null" ]] || exit 1 echo "Test 'email' exists" - echo "$tokeninfo" | jq -r '.email' | xargs -r test -n + [[ $(echo "$tokeninfo" | jq -r '.email') != "null" ]] || exit 1 echo "Test 'expires_in' greater than 0" - echo "$tokeninfo" | jq -r '.expires_in' | xargs -r -I% test % -lt 0 + [[ $(echo "$tokeninfo" | jq -r '.expires_in') -gt 0 ]] || exit 1 echo "Test 'scope' includes 'userinfo.email', 'cloud-platform', and 'openid'" echo "$tokeninfo" | jq -r '.scope' | - grep -w "openi" | + grep -w "openid" | grep -w "https://www.googleapis.com/auth/cloud-platform" | grep -w "https://www.googleapis.com/auth/userinfo.email" >/dev/null } diff --git a/authentikos/test/lib.sh b/authentikos/test/lib.sh index df9b135f34..2c95c59495 100644 --- a/authentikos/test/lib.sh +++ b/authentikos/test/lib.sh @@ -20,7 +20,7 @@ export KUBECONFIG KUBECONFIG=$(mktemp -t kubeconfig-XXXXXXXXXX) name="authentikos" -image="${IMAGE:-kindest/node:v1.17.0}" +image="${IMAGE:-kindest/node:v1.17.11}" verbosity="${VERBOSITY:-9}" cleanup_cluster() { @@ -29,6 +29,7 @@ cleanup_cluster() { setup_cluster() { kind create cluster --name="$name" --image="$image" --verbosity="$verbosity" --wait=60s + kind load docker-image gcr.io/istio-testing/authentikos:latest --name="$name" } with_timeout() { diff --git a/authentikos/test/testdata/authentikos-simple.yaml b/authentikos/test/testdata/authentikos-simple.yaml index ff64900cec..9a73694d46 100644 --- a/authentikos/test/testdata/authentikos-simple.yaml +++ b/authentikos/test/testdata/authentikos-simple.yaml @@ -63,10 +63,10 @@ spec: serviceAccountName: authentikos containers: - name: authentikos - image: gcr.io/istio-testing/authentikos:0.0.6 - imagePullPolicy: Always + image: gcr.io/istio-testing/authentikos:latest + imagePullPolicy: Never args: - - --verbose + - -v1 - --creds=/etc/creds/service-account.json volumeMounts: - name: creds From 48fde298aae1835ad04d9eccf14c376c9a7a8fc1 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Thu, 5 Nov 2020 13:56:18 -0500 Subject: [PATCH 7/7] Authentikos: Fix log formatting commands. --- authentikos/authentikos.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/authentikos/authentikos.go b/authentikos/authentikos.go index e39feeefd4..25bc716334 100644 --- a/authentikos/authentikos.go +++ b/authentikos/authentikos.go @@ -67,7 +67,7 @@ func main() { g, err := google.NewSecretGenerator() if err != nil { - klog.Exit("error creating secret generator: %v", err) + klog.Exitf("error creating secret generator: %v", err) } config, err := loadClusterConfig() @@ -76,7 +76,7 @@ func main() { } clientset, err := kubernetes.NewForConfig(config) if err != nil { - klog.Exit("error creating k8s clientset: %v", err) + klog.Exitf("error creating k8s clientset: %v", err) } client := authentikos.NewSecretCreator(clientset.CoreV1(), g)