diff --git a/.github/workflows/benchmark.yaml b/.github/workflows/benchmark.yaml index 5ebb16b9..c6bb9479 100644 --- a/.github/workflows/benchmark.yaml +++ b/.github/workflows/benchmark.yaml @@ -18,7 +18,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x # Run benchmark with `go test -bench` and stores the output to a file - name: Run benchmark run: make BENCH_OUTPUT=ci-cd run-bench @@ -30,7 +30,7 @@ jobs: key: ${{ runner.os }}-gen1-benchmark # Run `github-action-benchmark` action - name: Store benchmark result - uses: benchmark-action/github-action-benchmark@v1.20.3 + uses: benchmark-action/github-action-benchmark@v1.20.4 with: # What benchmark tool the output.txt came from tool: 'customBiggerIsBetter' diff --git a/.github/workflows/branch-cov.yaml b/.github/workflows/branch-cov.yaml index 84733a4e..3228058c 100644 --- a/.github/workflows/branch-cov.yaml +++ b/.github/workflows/branch-cov.yaml @@ -18,7 +18,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 97dcdab9..838ba029 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -30,7 +30,7 @@ jobs: uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Cache go dependencies id: cache-go-dependencies uses: actions/cache@v4 diff --git a/.github/workflows/cloc.yaml b/.github/workflows/cloc.yaml index bdf7bc54..ad3f261b 100644 --- a/.github/workflows/cloc.yaml +++ b/.github/workflows/cloc.yaml @@ -21,7 +21,7 @@ jobs: uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Check out source code uses: actions/checkout@v4 - name: Install dependencies diff --git a/.github/workflows/cluster.yaml b/.github/workflows/cluster.yaml index d0ef442f..fc904224 100644 --- a/.github/workflows/cluster.yaml +++ b/.github/workflows/cluster.yaml @@ -31,7 +31,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE @@ -50,6 +50,7 @@ jobs: cd $GITHUB_WORKSPACE make binary make bench + make $PWD/hack/tools/bin/oras - name: Setup minio service run: | @@ -130,6 +131,7 @@ jobs: skopeo --debug copy --src-tls-verify=false docker://localhost:8080/golang:1.20 oci:golang:1.20 echo "{\"name\":\"foo\",\"value\":\"bar\"}" > config.json echo "hello world" > artifact.txt + export PATH=$PATH:$PWD/hack/tools/bin oras push --plain-http localhost:8080/hello-artifact:v2 \ --config config.json:application/vnd.acme.rocket.config.v1+json \ artifact.txt:text/plain -d -v @@ -185,7 +187,7 @@ jobs: key: ${{ runner.os }}-gen1-benchmark-stateless-cluster # Run `github-action-benchmark` action - name: Store benchmark result - uses: benchmark-action/github-action-benchmark@v1.20.3 + uses: benchmark-action/github-action-benchmark@v1.20.4 with: # What benchmark tool the output.txt came from tool: 'customBiggerIsBetter' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0f33616e..8be983f5 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -49,11 +49,11 @@ jobs: uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3.26.10 + uses: github/codeql-action/init@v3.28.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3.26.10 + uses: github/codeql-action/autobuild@v3.28.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -77,4 +77,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.26.10 + uses: github/codeql-action/analyze@v3.28.0 diff --git a/.github/workflows/compare-binary-size.yaml b/.github/workflows/compare-binary-size.yaml index b57f3a15..079bb47f 100644 --- a/.github/workflows/compare-binary-size.yaml +++ b/.github/workflows/compare-binary-size.yaml @@ -14,7 +14,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Checkout zot (main branch) run: | mkdir -p $GITHUB_WORKSPACE/zot_main diff --git a/.github/workflows/ecosystem-tools.yaml b/.github/workflows/ecosystem-tools.yaml index 533c037f..321f5579 100644 --- a/.github/workflows/ecosystem-tools.yaml +++ b/.github/workflows/ecosystem-tools.yaml @@ -20,7 +20,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE @@ -37,15 +37,23 @@ jobs: # install cri-o (for crictl) OS=xUbuntu_22.04 CRIO_VERSION=1.26 - echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list - echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list - curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/Release.key | sudo apt-key add - - curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/Release.key | sudo apt-key add - + curl -fsSL https://download.opensuse.org/repositories/isv:/kubernetes:/addons:/cri-o:/prerelease:/main:/build/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg + echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://download.opensuse.org/repositories/isv:/kubernetes:/addons:/cri-o:/prerelease:/main:/build/deb/ /" | sudo tee /etc/apt/sources.list.d/cri-o.list sudo apt update - sudo apt install -y cri-o cri-o-runc + sudo apt install -y cri-o runc sudo systemctl enable crio.service sudo systemctl start crio.service sudo chmod 0777 /var/run/crio/crio.sock + # install docker + # Add Docker's official GPG key: + sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc + sudo chmod a+r /etc/apt/keyrings/docker.asc + echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ + $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null + sudo apt update + sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin # install dex git clone https://github.com/dexidp/dex.git cd dex/ diff --git a/.github/workflows/gc-stress-test.yaml b/.github/workflows/gc-stress-test.yaml index 534018ec..782a7050 100644 --- a/.github/workflows/gc-stress-test.yaml +++ b/.github/workflows/gc-stress-test.yaml @@ -20,7 +20,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Run zb id: bench @@ -51,7 +51,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Run zb id: bench @@ -82,7 +82,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - uses: ./.github/actions/setup-localstack - name: Setup minio service run: | @@ -157,7 +157,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - uses: ./.github/actions/setup-localstack - name: Setup minio service run: | diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml index 26b9d0e5..00c6b0ae 100644 --- a/.github/workflows/golangci-lint.yaml +++ b/.github/workflows/golangci-lint.yaml @@ -18,13 +18,13 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: '1.22' + go-version: '1.23' - uses: actions/checkout@v4 - name: Run linter with GH action uses: golangci/golangci-lint-action@v6 with: # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version - version: v1.59.1 + version: v1.61.0 # Optional: working directory, useful for monorepos # working-directory: somedir diff --git a/.github/workflows/gqlgen.yaml b/.github/workflows/gqlgen.yaml index 841e888f..7afa3c4d 100644 --- a/.github/workflows/gqlgen.yaml +++ b/.github/workflows/gqlgen.yaml @@ -25,7 +25,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE diff --git a/.github/workflows/license.yaml b/.github/workflows/license.yaml index 47967ba4..48ad6abb 100644 --- a/.github/workflows/license.yaml +++ b/.github/workflows/license.yaml @@ -22,7 +22,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Install go-licenses run: go install github.com/google/go-licenses@latest - name: Check for forbidden licenses diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index b22976c8..a85f14f5 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -21,7 +21,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE @@ -72,7 +72,7 @@ jobs: uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE @@ -90,7 +90,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - uses: ./.github/actions/setup-localstack - name: Run zb @@ -127,7 +127,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - uses: ./.github/actions/setup-localstack - name: Run zb @@ -175,7 +175,7 @@ jobs: - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE @@ -206,7 +206,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE diff --git a/.github/workflows/oci-conformance-action.yaml b/.github/workflows/oci-conformance-action.yaml index f1e0fd5a..46a7b78b 100644 --- a/.github/workflows/oci-conformance-action.yaml +++ b/.github/workflows/oci-conformance-action.yaml @@ -20,11 +20,11 @@ jobs: runs-on: ubuntu-latest # Steps represent a sequence of tasks that will be executed as part of the job steps: - - name: Install go 1.22 + - name: Install go 1.23 uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Checkout this PR uses: actions/checkout@v4 - name: Start zot server diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 44225854..60cc8612 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -9,7 +9,7 @@ permissions: read-all jobs: push-singlearch-image: name: Push single arch OCI images to GitHub Packages - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: contents: read packages: write @@ -87,7 +87,7 @@ jobs: push-multiarch-image: name: Push multiarch OCI images to GitHub Packages needs: push-singlearch-image - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: contents: read packages: write @@ -117,7 +117,7 @@ jobs: test-image: name: Test OCI images published to GitHub Packages needs: push-multiarch-image - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: packages: read steps: @@ -203,7 +203,7 @@ jobs: scan-image: name: Run Trivy scan on OCI images published to GitHub Packages needs: push-singlearch-image - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: security-events: write packages: read @@ -237,14 +237,14 @@ jobs: TRIVY_USERNAME: ${{ github.actor }} TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3.26.10 + uses: github/codeql-action/upload-sarif@v3.28.0 with: sarif_file: 'trivy-results.sarif' scan-multiarch-image: name: Run Trivy scan on OCI multiarch images published to GitHub Packages needs: push-multiarch-image - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 permissions: security-events: write packages: read @@ -274,18 +274,18 @@ jobs: TRIVY_USERNAME: ${{ github.actor }} TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3.26.10 + uses: github/codeql-action/upload-sarif@v3.28.0 with: sarif_file: 'trivy-results.sarif' update-helm-chart: - if: github.event_name == 'release' && github.event.action== 'published' + if: ${{ github.event_name == 'release' && github.event.action == 'published' && !contains(github.event.release.tag_name, 'rc') }} needs: push-multiarch-image name: Update Helm Chart permissions: contents: write packages: write - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/scorecards.yaml b/.github/workflows/scorecards.yaml index 12f0fdaa..54bca58d 100644 --- a/.github/workflows/scorecards.yaml +++ b/.github/workflows/scorecards.yaml @@ -57,6 +57,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3.26.10 + uses: github/codeql-action/upload-sarif@v3.28.0 with: sarif_file: results.sarif diff --git a/.github/workflows/sync-3rdparty-images.yaml b/.github/workflows/sync-3rdparty-images.yaml index 5e7d23e1..ea45997f 100644 --- a/.github/workflows/sync-3rdparty-images.yaml +++ b/.github/workflows/sync-3rdparty-images.yaml @@ -18,7 +18,7 @@ jobs: strategy: matrix: golang_version: - - "1.22" + - "1.23" runs-on: ubuntu-latest steps: - name: Log in to GitHub Docker Registry @@ -40,10 +40,20 @@ jobs: packages: write runs-on: ubuntu-latest steps: + - uses: actions/checkout@v4 + with: + sparse-checkout: | + Makefile + sparse-checkout-cone-mode: false - name: Copy trivy-db using oras cli run: | + # setup oras + make $PWD/hack/tools/bin/oras + export PATH=$PATH:$PWD/hack/tools/bin oras login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io oras copy ghcr.io/aquasecurity/trivy-db:2 ghcr.io/${{ github.repository_owner }}/trivy-db:2 + oras copy ghcr.io/aquasecurity/trivy-db:latest ghcr.io/${{ github.repository_owner }}/trivy-db:latest + oras copy ghcr.io/aquasecurity/trivy-java-db:1 ghcr.io/${{ github.repository_owner }}/trivy-java-db:1 sync-localstack: name: 'localstack' permissions: diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 3646408d..40443ef6 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -21,7 +21,7 @@ jobs: uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Cache go dependencies id: cache-go-dependencies uses: actions/cache@v4 @@ -60,7 +60,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Cache go dependencies id: cache-go-dependencies uses: actions/cache@v4 @@ -99,7 +99,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Cache go dependencies id: cache-go-dependencies uses: actions/cache@v4 @@ -133,7 +133,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: download all workflow coverage files uses: actions/download-artifact@v4 - name: merge code coverage @@ -144,7 +144,7 @@ jobs: cp coverage-devmode/* . make covhtml - name: upload code coverage - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 with: token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/tls.yaml b/.github/workflows/tls.yaml index 1c5ac552..6a70712e 100644 --- a/.github/workflows/tls.yaml +++ b/.github/workflows/tls.yaml @@ -18,7 +18,7 @@ jobs: - uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Install dependencies run: | cd $GITHUB_WORKSPACE diff --git a/.github/workflows/web-scan.yaml b/.github/workflows/web-scan.yaml index 4eeb2711..9ab788a1 100644 --- a/.github/workflows/web-scan.yaml +++ b/.github/workflows/web-scan.yaml @@ -25,7 +25,7 @@ jobs: uses: actions/setup-go@v5 with: cache: false - go-version: 1.22.x + go-version: 1.23.x - name: Checkout uses: actions/checkout@v4 - name: Build zot @@ -56,7 +56,7 @@ jobs: env: FLAVOR: ${{ matrix.flavor }} - name: ZAP Scan Rest API - uses: zaproxy/action-baseline@v0.13.0 + uses: zaproxy/action-baseline@v0.14.0 with: token: ${{ secrets.GITHUB_TOKEN }} docker_name: 'ghcr.io/zaproxy/zaproxy:stable' @@ -65,3 +65,4 @@ jobs: cmd_options: '-a -j' allow_issue_writing: false fail_action: true + artifact_name: zap_scan_${{ matrix.flavor }} diff --git a/Makefile b/Makefile index 91fb30a3..51395c90 100644 --- a/Makefile +++ b/Makefile @@ -10,14 +10,14 @@ TOOLSDIR := $(shell pwd)/hack/tools PATH := bin:$(TOOLSDIR)/bin:$(PATH) STACKER := $(shell which stacker) GOLINTER := $(TOOLSDIR)/bin/golangci-lint -GOLINTER_VERSION := v1.59.1 +GOLINTER_VERSION := v1.61.0 NOTATION := $(TOOLSDIR)/bin/notation NOTATION_VERSION := 1.0.0 COSIGN := $(TOOLSDIR)/bin/cosign COSIGN_VERSION := 2.2.0 HELM := $(TOOLSDIR)/bin/helm ORAS := $(TOOLSDIR)/bin/oras -ORAS_VERSION := 1.0.0-rc.1 +ORAS_VERSION := 1.2.1 REGCLIENT := $(TOOLSDIR)/bin/regctl REGCLIENT_VERSION := v0.5.7 CRICTL := $(TOOLSDIR)/bin/crictl @@ -25,7 +25,7 @@ CRICTL_VERSION := v1.26.1 ACTION_VALIDATOR := $(TOOLSDIR)/bin/action-validator ACTION_VALIDATOR_VERSION := v0.5.3 ZUI_BUILD_PATH := "" -ZUI_VERSION := commit-3178209 +ZUI_VERSION := commit-930ae7e ZUI_REPO_OWNER := project-zot ZUI_REPO_NAME := zui SWAGGER_VERSION := v1.16.2 diff --git a/build/Dockerfile b/build/Dockerfile index b5a19bd6..7e77e3c1 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,7 +1,7 @@ # --- # Stage 1: Install certs, build binary, create default config file # --- -FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.22 AS builder +FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.23 AS builder ARG TARGETOS ARG TARGETARCH @@ -17,7 +17,8 @@ RUN echo '{\n\ },\n\ "http": {\n\ "address": "0.0.0.0",\n\ - "port": "5000"\n\ + "port": "5000",\n\ + "compat": ["docker2s2"]\n\ },\n\ "log": {\n\ "level": "debug"\n\ diff --git a/build/Dockerfile-conformance b/build/Dockerfile-conformance index 6878935c..efb40175 100644 --- a/build/Dockerfile-conformance +++ b/build/Dockerfile-conformance @@ -1,7 +1,7 @@ # --- # Stage 1: Install certs, build binary, create default config file # --- -FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.22 AS builder +FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.23 AS builder ARG TARGETOS ARG TARGETARCH diff --git a/build/Dockerfile-minimal b/build/Dockerfile-minimal index 789bcca6..2a367f8c 100644 --- a/build/Dockerfile-minimal +++ b/build/Dockerfile-minimal @@ -1,7 +1,7 @@ # --- # Stage 1: Install certs, build binary, create default config file # --- -FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.22 AS builder +FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.23 AS builder ARG TARGETOS ARG TARGETARCH diff --git a/build/Dockerfile-zb b/build/Dockerfile-zb index 34ea763e..80e916e2 100644 --- a/build/Dockerfile-zb +++ b/build/Dockerfile-zb @@ -1,7 +1,7 @@ # --- # Stage 1: Install certs, build binary, create default config file # --- -FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.22 AS builder +FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.23 AS builder ARG TARGETOS ARG TARGETARCH diff --git a/build/Dockerfile-zxp b/build/Dockerfile-zxp index b37db033..dde0d25b 100644 --- a/build/Dockerfile-zxp +++ b/build/Dockerfile-zxp @@ -1,7 +1,7 @@ # --- # Stage 1: Build binary, create default config file # --- -FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.22 AS builder +FROM --platform=$BUILDPLATFORM ghcr.io/project-zot/golang:1.23 AS builder ARG TARGETOS ARG TARGETARCH diff --git a/build/stacker-conformance.yaml b/build/stacker-conformance.yaml index 8beb8569..9e156a7c 100644 --- a/build/stacker-conformance.yaml +++ b/build/stacker-conformance.yaml @@ -1,7 +1,7 @@ build: from: type: docker - url: docker://ghcr.io/project-zot/golang:1.22 + url: docker://ghcr.io/project-zot/golang:1.23 binds: - ../. -> /zotcopy run: | diff --git a/build/stacker-minimal.yaml b/build/stacker-minimal.yaml index dd90f347..64e75b28 100644 --- a/build/stacker-minimal.yaml +++ b/build/stacker-minimal.yaml @@ -1,7 +1,7 @@ build: from: type: docker - url: docker://ghcr.io/project-zot/golang:1.22 + url: docker://ghcr.io/project-zot/golang:1.23 binds: - ../. -> /zotcopy run: | diff --git a/build/stacker-zb.yaml b/build/stacker-zb.yaml index 7db9c6b1..36573ad0 100644 --- a/build/stacker-zb.yaml +++ b/build/stacker-zb.yaml @@ -1,7 +1,7 @@ build: from: type: docker - url: docker://ghcr.io/project-zot/golang:1.22 + url: docker://ghcr.io/project-zot/golang:1.23 binds: - ../. -> /zotcopy run: | diff --git a/build/stacker-zxp.yaml b/build/stacker-zxp.yaml index e39dcdb7..34aaa83f 100644 --- a/build/stacker-zxp.yaml +++ b/build/stacker-zxp.yaml @@ -1,7 +1,7 @@ build: from: type: docker - url: docker://ghcr.io/project-zot/golang:1.22 + url: docker://ghcr.io/project-zot/golang:1.23 binds: - ../. -> /zotcopy run: | diff --git a/build/stacker.yaml b/build/stacker.yaml index 1e14b421..12e1a414 100644 --- a/build/stacker.yaml +++ b/build/stacker.yaml @@ -1,7 +1,7 @@ build: from: type: docker - url: docker://ghcr.io/project-zot/golang:1.22 + url: docker://ghcr.io/project-zot/golang:1.23 binds: - ../. -> /zotcopy run: | @@ -21,7 +21,8 @@ build: }, "http":{ "address":"0.0.0.0", - "port":"5000" + "port":"5000", + "compat": ["docker2s2"] }, "log":{ "level":"debug" diff --git a/examples/config-docker-compat.json b/examples/config-docker-compat.json new file mode 100644 index 00000000..ff9a19d6 --- /dev/null +++ b/examples/config-docker-compat.json @@ -0,0 +1,14 @@ +{ + "distSpecVersion": "1.1.0", + "storage": { + "rootDirectory": "/tmp/zot" + }, + "http": { + "address": "127.0.0.1", + "port": "8080", + "compat": ["docker2s2"] + }, + "log": { + "level": "debug" + } +} diff --git a/examples/config-sync-ecr-credential-helper.json b/examples/config-sync-ecr-credential-helper.json new file mode 100644 index 00000000..8cb5b538 --- /dev/null +++ b/examples/config-sync-ecr-credential-helper.json @@ -0,0 +1,40 @@ +{ + "distSpecVersion": "1.1.0", + "storage": { + "rootDirectory": "/tmp/zot", + "dedupe": false, + "storageDriver": { + "name": "s3", + "region": "REGION_NAME", + "bucket": "BUGKET_NAME", + "rootdirectory": "/ROOTDIR", + "secure": true, + "skipverify": false + } + }, + "http": { + "address": "0.0.0.0", + "port": "8080" + }, + "log": { + "level": "debug" + }, + "extensions": { + "sync": { + "credentialsFile": "", + "DownloadDir": "/tmp/zot", + "registries": [ + { + "urls": [ + "https://ACCOUNTID.dkr.ecr.REGION.amazonaws.com" + ], + "onDemand": true, + "maxRetries": 5, + "retryDelay": "2m", + "credentialHelper": "ecr" + } + ] + } + } +} + diff --git a/go.mod b/go.mod index b528da29..1243a9a3 100644 --- a/go.mod +++ b/go.mod @@ -1,92 +1,95 @@ module zotregistry.dev/zot -go 1.22.5 +go 1.23 require ( - github.com/99designs/gqlgen v0.17.54 + github.com/99designs/gqlgen v0.17.61 github.com/Masterminds/semver v1.5.0 - github.com/aquasecurity/trivy v0.55.2 - github.com/aquasecurity/trivy-db v0.0.0-20240910133327-7e0f4d2ed4c1 + github.com/aquasecurity/trivy v0.58.1 + github.com/aquasecurity/trivy-db v0.0.0-20241209111357-8c398f13db0e github.com/aws/aws-sdk-go v1.55.5 - github.com/aws/aws-sdk-go-v2 v1.31.0 - github.com/aws/aws-sdk-go-v2/config v1.27.39 - github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.8 - github.com/aws/aws-sdk-go-v2/service/dynamodb v1.35.3 - github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.33.3 + github.com/aws/aws-sdk-go-v2 v1.32.7 + github.com/aws/aws-sdk-go-v2/config v1.28.7 + github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.22 + github.com/aws/aws-sdk-go-v2/service/dynamodb v1.38.1 + github.com/aws/aws-sdk-go-v2/service/ecr v1.36.6 + github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.34.8 github.com/aws/aws-secretsmanager-caching-go v1.2.0 - github.com/aws/smithy-go v1.21.0 - github.com/bmatcuk/doublestar/v4 v4.6.1 + github.com/aws/smithy-go v1.22.1 + github.com/bmatcuk/doublestar/v4 v4.7.1 github.com/briandowns/spinner v1.23.1 github.com/chartmuseum/auth v0.5.0 - github.com/containers/common v0.60.3 - github.com/containers/image/v5 v5.32.2 + github.com/containers/common v0.61.0 + github.com/containers/image/v5 v5.33.0 github.com/dchest/siphash v1.2.3 github.com/didip/tollbooth/v7 v7.0.2 - github.com/distribution/distribution/v3 v3.0.0-beta.1.0.20240729175644-f0bd0f689923 + github.com/distribution/distribution/v3 v3.0.0-rc.2 github.com/dustin/go-humanize v1.0.1 - github.com/fsnotify/fsnotify v1.7.0 - github.com/go-ldap/ldap/v3 v3.4.8 + github.com/fsnotify/fsnotify v1.8.0 + github.com/go-ldap/ldap/v3 v3.4.10 github.com/gofrs/uuid v4.4.0+incompatible github.com/google/go-containerregistry v0.20.2 github.com/google/go-github/v62 v62.0.0 github.com/google/uuid v1.6.0 github.com/gorilla/mux v1.8.2-0.20240619235004-db9d1d0073d2 github.com/gorilla/securecookie v1.1.2 - github.com/gorilla/sessions v1.3.0 + github.com/gorilla/sessions v1.4.0 github.com/hashicorp/golang-lru/v2 v2.0.7 github.com/json-iterator/go v1.1.12 - github.com/migueleliasweb/go-github-mock v1.0.1 + github.com/migueleliasweb/go-github-mock v1.1.0 github.com/mitchellh/mapstructure v1.5.0 github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba github.com/notaryproject/notation-core-go v1.1.0 - github.com/notaryproject/notation-go v1.1.1 + github.com/notaryproject/notation-go v1.2.1 github.com/olekukonko/tablewriter v0.0.5 github.com/opencontainers/distribution-spec/specs-go v0.0.0-20240201174943-0f98d91a0afe github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0 github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 github.com/project-zot/mockoidc v0.0.0-20240610203808-d69d9e02020a - github.com/prometheus/client_golang v1.20.4 + github.com/prometheus/client_golang v1.20.5 github.com/prometheus/client_model v0.6.1 github.com/rs/zerolog v1.33.0 - github.com/sigstore/cosign/v2 v2.4.0 - github.com/sigstore/sigstore v1.8.9 + github.com/sigstore/cosign/v2 v2.4.1 + github.com/sigstore/sigstore v1.8.11 github.com/smartystreets/goconvey v1.8.1 github.com/spf13/cobra v1.8.1 github.com/spf13/viper v1.19.0 - github.com/stretchr/testify v1.9.0 + github.com/stretchr/testify v1.10.0 github.com/swaggo/http-swagger v1.3.4 - github.com/swaggo/swag v1.16.3 - github.com/vektah/gqlparser/v2 v2.5.17 - github.com/zitadel/oidc/v3 v3.30.0 + github.com/swaggo/swag v1.16.4 + github.com/vektah/gqlparser/v2 v2.5.21 + github.com/zitadel/oidc/v3 v3.33.1 go.etcd.io/bbolt v1.3.11 - golang.org/x/crypto v0.27.0 - golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 - golang.org/x/oauth2 v0.23.0 - google.golang.org/protobuf v1.34.2 + golang.org/x/crypto v0.31.0 + golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c + golang.org/x/oauth2 v0.24.0 + google.golang.org/protobuf v1.36.1 gopkg.in/resty.v1 v1.12.0 gopkg.in/yaml.v3 v3.0.1 - modernc.org/sqlite v1.33.1 + modernc.org/sqlite v1.34.4 oras.land/oras-go/v2 v2.5.0 ) require ( - cloud.google.com/go v0.115.0 // indirect - cloud.google.com/go/auth v0.7.3 // indirect - cloud.google.com/go/auth/oauth2adapt v0.2.3 // indirect - cloud.google.com/go/compute/metadata v0.5.0 // indirect - cloud.google.com/go/iam v1.1.12 // indirect - cloud.google.com/go/storage v1.43.0 // indirect + cel.dev/expr v0.16.1 // indirect + cloud.google.com/go v0.115.1 // indirect + cloud.google.com/go/auth v0.9.3 // indirect + cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect + cloud.google.com/go/compute/metadata v0.5.1 // indirect + cloud.google.com/go/iam v1.2.1 // indirect + cloud.google.com/go/monitoring v1.21.0 // indirect + cloud.google.com/go/storage v1.45.0 // indirect cuelabs.dev/go/oci/ociregistry v0.0.0-20240404174027-a39bec0462d2 // indirect cuelang.org/go v0.9.2 // indirect - dario.cat/mergo v1.0.0 // indirect + dario.cat/mergo v1.0.1 // indirect filippo.io/edwards25519 v1.1.0 // indirect - github.com/AdaLogics/go-fuzz-headers v0.0.0-20240716105424-66b64c4bb379 // indirect + github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20231105174938-2b5cbb29f3e2 // indirect - github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0 // indirect + github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0 // indirect github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 // indirect github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect @@ -100,25 +103,29 @@ require ( github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect github.com/BurntSushi/toml v1.4.0 // indirect - github.com/CycloneDX/cyclonedx-go v0.9.0 // indirect + github.com/CycloneDX/cyclonedx-go v0.9.2 // indirect + github.com/DataDog/zstd v1.5.5 // indirect github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible // indirect + github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.24.1 // indirect + github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.48.1 // indirect + github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.48.1 // indirect github.com/Intevation/gval v1.3.0 // indirect github.com/Intevation/jsonpath v0.2.1 // indirect github.com/KyleBanks/depth v1.2.1 // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Masterminds/goutils v1.1.1 // indirect - github.com/Masterminds/semver/v3 v3.2.1 // indirect - github.com/Masterminds/sprig/v3 v3.2.3 // indirect + github.com/Masterminds/semver/v3 v3.3.0 // indirect + github.com/Masterminds/sprig/v3 v3.3.0 // indirect github.com/Masterminds/squirrel v1.5.4 // indirect github.com/Microsoft/go-winio v0.6.2 // indirect - github.com/Microsoft/hcsshim v0.12.5 // indirect + github.com/Microsoft/hcsshim v0.12.9 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect github.com/ProtonMail/go-crypto v1.1.0-alpha.5-proton // indirect github.com/ThalesIgnite/crypto11 v1.2.5 // indirect github.com/VividCortex/ewma v1.2.0 // indirect github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect github.com/agext/levenshtein v1.2.3 // indirect - github.com/agnivade/levenshtein v1.1.1 // indirect + github.com/agnivade/levenshtein v1.2.0 // indirect github.com/alecthomas/chroma v0.10.0 // indirect github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 // indirect github.com/alibabacloud-go/cr-20160607 v1.0.1 // indirect @@ -138,67 +145,70 @@ require ( github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce // indirect github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 // indirect github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 // indirect - github.com/aquasecurity/go-version v0.0.0-20240603093900-cf8a8d29271d // indirect + github.com/aquasecurity/go-version v0.0.0-20241105054539-1951e80d786f // indirect github.com/aquasecurity/table v1.8.0 // indirect github.com/aquasecurity/tml v0.6.1 // indirect - github.com/aquasecurity/trivy-checks v0.13.1-0.20240830230553-53ddbbade784 // indirect + github.com/aquasecurity/trivy-checks v1.4.0 // indirect github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.17.37 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.14 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.18 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.18 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.17.48 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.22 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.26 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.26 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect - github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.23.3 // indirect + github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.24.10 // indirect github.com/aws/aws-sdk-go-v2/service/ebs v1.25.3 // indirect - github.com/aws/aws-sdk-go-v2/service/ec2 v1.175.1 // indirect - github.com/aws/aws-sdk-go-v2/service/ecr v1.32.1 // indirect + github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0 // indirect github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.25.3 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.9.19 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.20 // indirect - github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.23.3 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.27.3 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.31.3 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.7 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.7 // indirect + github.com/aws/aws-sdk-go-v2/service/s3 v1.68.0 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.24.8 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.7 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.33.3 // indirect github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20240730143543-a8d7d3c42ca1 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect github.com/bitnami/go-version v0.0.0-20240404145124-6814fce176da // indirect github.com/blang/semver v3.5.1+incompatible // indirect github.com/blang/semver/v4 v4.0.0 // indirect - github.com/buildkite/agent/v3 v3.76.2 // indirect - github.com/buildkite/go-pipeline v0.10.0 // indirect + github.com/buildkite/agent/v3 v3.81.0 // indirect + github.com/buildkite/go-pipeline v0.13.1 // indirect github.com/buildkite/interpolate v0.1.3 // indirect github.com/buildkite/roko v1.2.0 // indirect github.com/cenkalti/backoff/v4 v4.3.0 // indirect + github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chai2010/gettext-go v1.0.3 // indirect github.com/cheggaaa/pb/v3 v3.1.5 // indirect github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 // indirect github.com/clbanning/mxj/v2 v2.7.0 // indirect github.com/cloudflare/circl v1.3.9 // indirect + github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78 // indirect github.com/cockroachdb/apd/v3 v3.2.1 // indirect github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect github.com/containerd/cgroups/v3 v3.0.3 // indirect - github.com/containerd/containerd v1.7.21 // indirect - github.com/containerd/containerd/api v1.7.19 // indirect - github.com/containerd/continuity v0.4.3 // indirect - github.com/containerd/errdefs v0.1.0 // indirect + github.com/containerd/containerd v1.7.23 // indirect + github.com/containerd/containerd/api v1.8.0 // indirect + github.com/containerd/containerd/v2 v2.0.0 // indirect + github.com/containerd/continuity v0.4.4 // indirect + github.com/containerd/errdefs v1.0.0 // indirect + github.com/containerd/errdefs/pkg v0.3.0 // indirect github.com/containerd/fifo v1.1.0 // indirect github.com/containerd/log v0.1.0 // indirect - github.com/containerd/platforms v0.2.1 // indirect + github.com/containerd/platforms v1.0.0-rc.0 // indirect + github.com/containerd/plugin v1.0.0 // indirect github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect - github.com/containerd/ttrpc v1.2.5 // indirect - github.com/containerd/typeurl/v2 v2.2.0 // indirect + github.com/containerd/ttrpc v1.2.6 // indirect + github.com/containerd/typeurl/v2 v2.2.2 // indirect github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect github.com/containers/ocicrypt v1.2.0 // indirect - github.com/containers/storage v1.55.0 // indirect + github.com/containers/storage v1.56.0 // indirect github.com/coreos/go-oidc/v3 v3.11.0 // indirect - github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect - github.com/csaf-poc/csaf_distribution/v3 v3.0.0 // indirect + github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f // indirect - github.com/cyphar/filepath-securejoin v0.3.1 // indirect + github.com/cyphar/filepath-securejoin v0.3.4 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect @@ -206,26 +216,28 @@ require ( github.com/dimchansky/utfbom v1.1.1 // indirect github.com/distribution/reference v0.6.0 // indirect github.com/dlclark/regexp2 v1.11.2 // indirect - github.com/docker/cli v27.1.1+incompatible // indirect + github.com/docker/cli v27.3.1+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect - github.com/docker/docker v27.1.1+incompatible // indirect + github.com/docker/docker v27.3.1+incompatible // indirect github.com/docker/docker-credential-helpers v0.8.2 // indirect github.com/docker/go-connections v0.5.0 // indirect - github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/emicklei/go-restful/v3 v3.12.1 // indirect github.com/emicklei/proto v1.12.1 // indirect github.com/emirpasic/gods v1.18.1 // indirect + github.com/envoyproxy/go-control-plane v0.13.0 // indirect + github.com/envoyproxy/protoc-gen-validate v1.1.0 // indirect github.com/evanphx/json-patch v5.9.0+incompatible // indirect github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect - github.com/fatih/color v1.17.0 // indirect + github.com/fatih/color v1.18.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-asn1-ber/asn1-ber v1.5.7 // indirect github.com/go-chi/chi v4.1.2+incompatible // indirect github.com/go-errors/errors v1.5.1 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect - github.com/go-git/go-billy/v5 v5.5.0 // indirect + github.com/go-git/go-billy/v5 v5.6.0 // indirect github.com/go-git/go-git/v5 v5.12.0 // indirect github.com/go-gorp/gorp/v3 v3.1.0 // indirect github.com/go-ini/ini v1.67.0 // indirect @@ -246,10 +258,12 @@ require ( github.com/go-piv/piv-go v1.11.0 // indirect github.com/go-pkgz/expirable-cache/v3 v3.0.0 // indirect github.com/go-redis/redis/v8 v8.11.5 // indirect + github.com/go-viper/mapstructure/v2 v2.2.1 // indirect github.com/gobwas/glob v0.2.3 // indirect + github.com/gocsaf/csaf/v3 v3.1.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt v3.2.2+incompatible // indirect - github.com/golang-jwt/jwt/v4 v4.5.0 // indirect + github.com/golang-jwt/jwt/v4 v4.5.1 // indirect github.com/golang-jwt/jwt/v5 v5.2.1 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect @@ -266,23 +280,23 @@ require ( github.com/google/s2a-go v0.1.8 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/wire v0.6.0 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect github.com/googleapis/gax-go/v2 v2.13.0 // indirect github.com/gopherjs/gopherjs v1.17.2 // indirect github.com/gorilla/websocket v1.5.3 // indirect github.com/gosuri/uitable v0.0.4 // indirect github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect - github.com/grpc-ecosystem/grpc-gateway/v2 v2.21.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.23.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-getter v1.7.5 // indirect + github.com/hashicorp/go-getter v1.7.6 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-retryablehttp v0.7.7 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/go-version v1.7.0 // indirect github.com/hashicorp/hcl v1.0.1-vault-5 // indirect - github.com/hashicorp/hcl/v2 v2.21.0 // indirect + github.com/hashicorp/hcl/v2 v2.23.0 // indirect github.com/huandu/xstrings v1.5.0 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/in-toto/attestation v1.1.0 // indirect @@ -295,10 +309,10 @@ require ( github.com/josharian/intern v1.0.0 // indirect github.com/jtolds/gls v4.20.0+incompatible // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect - github.com/klauspost/compress v1.17.9 // indirect + github.com/klauspost/compress v1.17.11 // indirect github.com/klauspost/pgzip v1.2.6 // indirect github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f // indirect - github.com/knqyf263/go-deb-version v0.0.0-20230223133812-3ed183d23422 // indirect + github.com/knqyf263/go-deb-version v0.0.0-20241115132648-6f4aee6ccd23 // indirect github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 // indirect github.com/knqyf263/go-rpmdb v0.1.1 // indirect github.com/knqyf263/nested v0.0.1 // indirect @@ -315,7 +329,7 @@ require ( github.com/magiconair/properties v1.8.7 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/masahiro331/go-disk v0.0.0-20240625071113-56c933208fee // indirect - github.com/masahiro331/go-ebs-file v0.0.0-20240112135404-d5fbb1d46323 // indirect + github.com/masahiro331/go-ebs-file v0.0.0-20240917043618-e6d2bea5c32e // indirect github.com/masahiro331/go-ext4-filesystem v0.0.0-20240620024024-ca14e6327bbd // indirect github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08 // indirect github.com/masahiro331/go-vmdk-parser v0.0.0-20221225061455-612096e4bbbd // indirect @@ -324,7 +338,7 @@ require ( github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.16 // indirect github.com/mattn/go-shellwords v1.0.12 // indirect - github.com/mattn/go-sqlite3 v1.14.22 // indirect + github.com/mattn/go-sqlite3 v1.14.24 // indirect github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032 // indirect github.com/miekg/pkcs11 v1.1.1 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect @@ -333,20 +347,21 @@ require ( github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/moby/buildkit v0.15.1 // indirect + github.com/moby/buildkit v0.17.2 // indirect github.com/moby/docker-image-spec v1.3.1 // indirect github.com/moby/locker v1.0.1 // indirect - github.com/moby/spdystream v0.2.0 // indirect + github.com/moby/spdystream v0.4.0 // indirect + github.com/moby/sys/capability v0.3.0 // indirect github.com/moby/sys/mountinfo v0.7.2 // indirect - github.com/moby/sys/sequential v0.5.0 // indirect - github.com/moby/sys/signal v0.7.0 // indirect + github.com/moby/sys/sequential v0.6.0 // indirect + github.com/moby/sys/signal v0.7.1 // indirect github.com/moby/sys/user v0.3.0 // indirect github.com/moby/sys/userns v0.1.0 // indirect github.com/moby/term v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect - github.com/mozillazg/docker-credential-acr-helper v0.3.0 // indirect + github.com/mozillazg/docker-credential-acr-helper v0.4.0 // indirect github.com/muhlemmer/gu v0.3.1 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect @@ -356,44 +371,47 @@ require ( github.com/notaryproject/tspclient-go v0.2.0 // indirect github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect github.com/oklog/ulid v1.3.1 // indirect - github.com/oleiade/reflections v1.0.1 // indirect - github.com/open-policy-agent/opa v0.68.0 // indirect + github.com/oleiade/reflections v1.1.0 // indirect + github.com/open-policy-agent/opa v0.70.0 // indirect github.com/opencontainers/runtime-spec v1.2.0 // indirect - github.com/opencontainers/selinux v1.11.0 // indirect + github.com/opencontainers/runtime-tools v0.9.1-0.20241001195557-6c9570a1678f // indirect + github.com/opencontainers/selinux v1.11.1 // indirect github.com/opentracing/opentracing-go v1.2.0 // indirect - github.com/openvex/discovery v0.1.0 // indirect + github.com/openvex/discovery v0.1.1-0.20240802171711-7c54efc57553 // indirect github.com/openvex/go-vex v0.2.5 // indirect github.com/owenrumney/go-sarif/v2 v2.3.3 // indirect - github.com/owenrumney/squealer v1.2.3 // indirect + github.com/owenrumney/squealer v1.2.5 // indirect github.com/package-url/packageurl-go v0.1.3 // indirect github.com/pborman/uuid v1.2.1 // indirect - github.com/pelletier/go-toml/v2 v2.2.2 // indirect + github.com/pelletier/go-toml/v2 v2.2.3 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect github.com/pkg/errors v0.9.1 // indirect + github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/proglottis/gpgme v0.1.3 // indirect - github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/common v0.60.1 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/protocolbuffers/txtpbfmt v0.0.0-20231025115547-084445ff1adf // indirect github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect github.com/rivo/uniseg v0.4.7 // indirect - github.com/rogpeppe/go-internal v1.12.0 // indirect + github.com/rogpeppe/go-internal v1.13.1 // indirect github.com/rubenv/sql-migrate v1.7.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/sagikazarmark/locafero v0.6.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/samber/lo v1.47.0 // indirect github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect + github.com/sassoftware/go-rpmutils v0.4.0 // indirect github.com/sassoftware/relic v7.2.1+incompatible // indirect github.com/secure-systems-lab/go-securesystemslib v0.8.0 // indirect github.com/segmentio/ksuid v1.0.4 // indirect github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/shibumi/go-pathspec v1.3.0 // indirect github.com/shopspring/decimal v1.4.0 // indirect - github.com/sigstore/fulcio v1.5.1 // indirect + github.com/sigstore/fulcio v1.6.4 // indirect github.com/sigstore/protobuf-specs v0.3.2 // indirect github.com/sigstore/rekor v1.3.6 // indirect github.com/sigstore/sigstore-go v0.6.1 // indirect @@ -416,94 +434,100 @@ require ( github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect github.com/tchap/go-patricia/v2 v2.3.1 // indirect - github.com/tetratelabs/wazero v1.7.3 // indirect + github.com/tetratelabs/wazero v1.8.1 // indirect github.com/thales-e-security/pool v0.0.2 // indirect github.com/theupdateframework/go-tuf v0.7.0 // indirect - github.com/theupdateframework/go-tuf/v2 v2.0.0 // indirect + github.com/theupdateframework/go-tuf/v2 v2.0.1 // indirect github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect github.com/tjfoc/gmsm v1.4.1 // indirect github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 // indirect github.com/transparency-dev/merkle v0.0.2 // indirect github.com/twitchtv/twirp v8.1.3+incompatible // indirect github.com/ulikunitz/xz v0.5.12 // indirect - github.com/urfave/cli/v2 v2.27.4 // indirect - github.com/vbatts/tar-split v0.11.5 // indirect - github.com/vbauerster/mpb/v8 v8.7.5 // indirect - github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect + github.com/urfave/cli/v2 v2.27.5 // indirect + github.com/vbatts/tar-split v0.11.6 // indirect + github.com/vbauerster/mpb/v8 v8.8.3 // indirect + github.com/veraison/go-cose v1.2.1 // indirect + github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect - github.com/xanzy/go-gitlab v0.107.0 // indirect + github.com/x448/float16 v0.8.4 // indirect + github.com/xanzy/go-gitlab v0.109.0 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect + github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect github.com/xlab/treeprint v1.2.0 // indirect github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect github.com/yashtewari/glob-intersection v0.2.0 // indirect github.com/zclconf/go-cty v1.15.0 // indirect - github.com/zclconf/go-cty-yaml v1.0.3 // indirect + github.com/zclconf/go-cty-yaml v1.1.0 // indirect github.com/zeebo/errs v1.3.0 // indirect - github.com/zitadel/logging v0.6.0 // indirect + github.com/zitadel/logging v0.6.1 // indirect github.com/zitadel/schema v1.3.0 // indirect go.mongodb.org/mongo-driver v1.16.0 // indirect - go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect + go.mozilla.org/pkcs7 v0.9.0 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/contrib/bridges/prometheus v0.53.0 // indirect - go.opentelemetry.io/contrib/exporters/autoexport v0.53.0 // indirect - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect - go.opentelemetry.io/otel v1.29.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.4.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.28.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.28.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.28.0 // indirect - go.opentelemetry.io/otel/exporters/prometheus v0.50.0 // indirect - go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.4.0 // indirect - go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.28.0 // indirect - go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.28.0 // indirect - go.opentelemetry.io/otel/log v0.4.0 // indirect - go.opentelemetry.io/otel/metric v1.29.0 // indirect - go.opentelemetry.io/otel/sdk v1.28.0 // indirect - go.opentelemetry.io/otel/sdk/log v0.4.0 // indirect - go.opentelemetry.io/otel/sdk/metric v1.28.0 // indirect - go.opentelemetry.io/otel/trace v1.29.0 // indirect + go.opentelemetry.io/contrib/bridges/prometheus v0.57.0 // indirect + go.opentelemetry.io/contrib/detectors/gcp v1.29.0 // indirect + go.opentelemetry.io/contrib/exporters/autoexport v0.57.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.56.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 // indirect + go.opentelemetry.io/otel v1.32.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.8.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.8.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.32.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.32.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.32.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.32.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0 // indirect + go.opentelemetry.io/otel/exporters/prometheus v0.54.0 // indirect + go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.8.0 // indirect + go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.32.0 // indirect + go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.32.0 // indirect + go.opentelemetry.io/otel/log v0.8.0 // indirect + go.opentelemetry.io/otel/metric v1.32.0 // indirect + go.opentelemetry.io/otel/sdk v1.32.0 // indirect + go.opentelemetry.io/otel/sdk/log v0.8.0 // indirect + go.opentelemetry.io/otel/sdk/metric v1.32.0 // indirect + go.opentelemetry.io/otel/trace v1.32.0 // indirect go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.starlark.net v0.0.0-20240725214946-42030a7cedce // indirect - go.step.sm/crypto v0.51.1 // indirect + go.step.sm/crypto v0.51.2 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - golang.org/x/mod v0.20.0 // indirect - golang.org/x/net v0.29.0 // indirect - golang.org/x/sync v0.8.0 // indirect - golang.org/x/sys v0.25.0 // indirect - golang.org/x/term v0.24.0 // indirect - golang.org/x/text v0.18.0 // indirect - golang.org/x/time v0.6.0 // indirect - golang.org/x/tools v0.24.0 // indirect + golang.org/x/mod v0.22.0 // indirect + golang.org/x/net v0.33.0 // indirect + golang.org/x/sync v0.10.0 // indirect + golang.org/x/sys v0.28.0 // indirect + golang.org/x/term v0.27.0 // indirect + golang.org/x/text v0.21.0 // indirect + golang.org/x/time v0.7.0 // indirect + golang.org/x/tools v0.26.0 // indirect golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9 // indirect - google.golang.org/api v0.190.0 // indirect - google.golang.org/genproto v0.0.0-20240730163845-b1a4ccb954bf // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20240730163845-b1a4ccb954bf // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf // indirect - google.golang.org/grpc v1.66.0 // indirect + google.golang.org/api v0.197.0 // indirect + google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28 // indirect + google.golang.org/grpc v1.68.0 // indirect + google.golang.org/grpc/stats/opentelemetry v0.0.0-20240907200651-3ffb98b2c93a // indirect gopkg.in/cheggaaa/pb.v1 v1.0.28 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - helm.sh/helm/v3 v3.15.3 // indirect - k8s.io/api v0.30.3 // indirect - k8s.io/apiextensions-apiserver v0.30.3 // indirect - k8s.io/apimachinery v0.30.3 // indirect - k8s.io/apiserver v0.30.3 // indirect - k8s.io/cli-runtime v0.30.3 // indirect - k8s.io/client-go v0.30.3 // indirect - k8s.io/component-base v0.30.3 // indirect + helm.sh/helm/v3 v3.16.3 // indirect + k8s.io/api v0.31.2 // indirect + k8s.io/apiextensions-apiserver v0.31.1 // indirect + k8s.io/apimachinery v0.31.2 // indirect + k8s.io/apiserver v0.31.2 // indirect + k8s.io/cli-runtime v0.31.2 // indirect + k8s.io/client-go v0.31.2 // indirect + k8s.io/component-base v0.31.2 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20240730131305-7a9a4e85957e // indirect - k8s.io/kubectl v0.30.3 // indirect + k8s.io/kubectl v0.31.2 // indirect k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect modernc.org/gc/v3 v3.0.0-20240722195230-4a140ff9c08e // indirect modernc.org/libc v1.55.7 // indirect @@ -511,7 +535,7 @@ require ( modernc.org/memory v1.8.0 // indirect modernc.org/strutil v1.2.0 // indirect modernc.org/token v1.1.0 // indirect - mvdan.cc/sh/v3 v3.8.0 // indirect + mvdan.cc/sh/v3 v3.10.0 // indirect oras.land/oras-go v1.2.6 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.17.3 // indirect @@ -519,4 +543,6 @@ require ( sigs.k8s.io/release-utils v0.8.4 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect + tags.cncf.io/container-device-interface v0.8.0 // indirect + tags.cncf.io/container-device-interface/specs-go v0.8.0 // indirect ) diff --git a/go.sum b/go.sum index 095c0a06..1cf363a2 100644 --- a/go.sum +++ b/go.sum @@ -1,3 +1,5 @@ +cel.dev/expr v0.16.1 h1:NR0+oFYzR1CqLFhTAqg3ql59G9VfN8fKq1TCHJ6gq1g= +cel.dev/expr v0.16.1/go.mod h1:AsGA5zb3WruAEQeQng1RZdGEXmBj0jvMWh6l5SnNuC8= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= @@ -30,8 +32,8 @@ cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w9 cloud.google.com/go v0.102.0/go.mod h1:oWcCzKlqJ5zgHQt9YsaeTY9KzIvjyy0ArmiBUgpQ+nc= cloud.google.com/go v0.102.1/go.mod h1:XZ77E9qnTEnrgEOvr4xzfdX5TRo7fB4T2F4O6+34hIU= cloud.google.com/go v0.104.0/go.mod h1:OO6xxXdJyvuJPcEPBLN9BJPD+jep5G1+2U5B5gkRYtA= -cloud.google.com/go v0.115.0 h1:CnFSK6Xo3lDYRoBKEcAtia6VSC837/ZkJuRduSFnr14= -cloud.google.com/go v0.115.0/go.mod h1:8jIM5vVgoAEoiVxQ/O4BFTfHqulPZgs/ufEzMcFMdWU= +cloud.google.com/go v0.115.1 h1:Jo0SM9cQnSkYfp44+v+NQXHpcHqlnRJk2qxh6yvxxxQ= +cloud.google.com/go v0.115.1/go.mod h1:DuujITeaufu3gL68/lOFIirVNJwQeyf5UXyi+Wbgknc= cloud.google.com/go/aiplatform v1.22.0/go.mod h1:ig5Nct50bZlzV6NvKaTwmplLLddFx0YReh9WfTO5jKw= cloud.google.com/go/aiplatform v1.24.0/go.mod h1:67UUvRBKG6GTayHKV8DBv2RtR1t93YRu5B1P3x99mYY= cloud.google.com/go/analytics v0.11.0/go.mod h1:DjEWCu41bVbYcKyvlws9Er60YE4a//bK6mnhWvQeFNI= @@ -46,10 +48,10 @@ cloud.google.com/go/asset v1.8.0/go.mod h1:mUNGKhiqIdbr8X7KNayoYvyc4HbbFO9URsjby cloud.google.com/go/assuredworkloads v1.5.0/go.mod h1:n8HOZ6pff6re5KYfBXcFvSViQjDwxFkAkmUFffJRbbY= cloud.google.com/go/assuredworkloads v1.6.0/go.mod h1:yo2YOk37Yc89Rsd5QMVECvjaMKymF9OP+QXWlKXUkXw= cloud.google.com/go/assuredworkloads v1.7.0/go.mod h1:z/736/oNmtGAyU47reJgGN+KVoYoxeLBoj4XkKYscNI= -cloud.google.com/go/auth v0.7.3 h1:98Vr+5jMaCZ5NZk6e/uBgf60phTk/XN84r8QEWB9yjY= -cloud.google.com/go/auth v0.7.3/go.mod h1:HJtWUx1P5eqjy/f6Iq5KeytNpbAcGolPhOgyop2LlzA= -cloud.google.com/go/auth/oauth2adapt v0.2.3 h1:MlxF+Pd3OmSudg/b1yZ5lJwoXCEaeedAguodky1PcKI= -cloud.google.com/go/auth/oauth2adapt v0.2.3/go.mod h1:tMQXOfZzFuNuUxOypHlQEXgdfX5cuhwU+ffUuXRJE8I= +cloud.google.com/go/auth v0.9.3 h1:VOEUIAADkkLtyfr3BLa3R8Ed/j6w1jTBmARx+wb5w5U= +cloud.google.com/go/auth v0.9.3/go.mod h1:7z6VY+7h3KUdRov5F1i8NDP5ZzWKYmEPO842BgCsmTk= +cloud.google.com/go/auth/oauth2adapt v0.2.4 h1:0GWE/FUsXhf6C+jAkWgYm7X9tK8cuEIfy19DBn6B6bY= +cloud.google.com/go/auth/oauth2adapt v0.2.4/go.mod h1:jC/jOpwFP6JBxhB3P5Rr0a9HLMC/Pe3eaL4NmdvqPtc= cloud.google.com/go/automl v1.5.0/go.mod h1:34EjfoFGMZ5sgJ9EoLsRtdPSNZLcfflJR39VbVNS2M0= cloud.google.com/go/automl v1.6.0/go.mod h1:ugf8a6Fx+zP0D59WLhqgTDsQI9w07o64uf/Is3Nh5p8= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= @@ -72,8 +74,8 @@ cloud.google.com/go/compute v1.6.0/go.mod h1:T29tfhtVbq1wvAPo0E3+7vhgmkOYeXjhFvz cloud.google.com/go/compute v1.6.1/go.mod h1:g85FgpzFvNULZ+S8AYq87axRKuf2Kh7deLqV/jJ3thU= cloud.google.com/go/compute v1.7.0/go.mod h1:435lt8av5oL9P3fv1OEzSbSUe+ybHXGMPQHHZWZxy9U= cloud.google.com/go/compute v1.10.0/go.mod h1:ER5CLbMxl90o2jtNbGSbtfOpQKR0t15FOtRsugnLrlU= -cloud.google.com/go/compute/metadata v0.5.0 h1:Zr0eK8JbFv6+Wi4ilXAR8FJ3wyNdpxHKJNPos6LTZOY= -cloud.google.com/go/compute/metadata v0.5.0/go.mod h1:aHnloV2TPI38yx4s9+wAZhHykWvVCfu7hQbF+9CWoiY= +cloud.google.com/go/compute/metadata v0.5.1 h1:NM6oZeZNlYjiwYje+sYFjEpP0Q0zCan1bmQW/KmIrGs= +cloud.google.com/go/compute/metadata v0.5.1/go.mod h1:C66sj2AluDcIqakBq/M8lw8/ybHgOZqin2obFxa/E5k= cloud.google.com/go/containeranalysis v0.5.1/go.mod h1:1D92jd8gRR/c0fGMlymRgxWD3Qw9C1ff6/T7mLgVL8I= cloud.google.com/go/containeranalysis v0.6.0/go.mod h1:HEJoiEIu+lEXM+k7+qLCci0h33lX3ZqoYFdmPcoO7s4= cloud.google.com/go/datacatalog v1.3.0/go.mod h1:g9svFY6tuR+j+hrTw3J2dNcmI0dzmSiyOzm8kpLq0a0= @@ -111,22 +113,26 @@ cloud.google.com/go/gkehub v0.10.0/go.mod h1:UIPwxI0DsrpsVoWpLB0stwKCP+WFVG9+y97 cloud.google.com/go/grafeas v0.2.0/go.mod h1:KhxgtF2hb0P191HlY5besjYm6MqTSTj3LSI+M+ByZHc= cloud.google.com/go/iam v0.3.0/go.mod h1:XzJPvDayI+9zsASAFO68Hk07u3z+f+JrT2xXNdp4bnY= cloud.google.com/go/iam v0.5.0/go.mod h1:wPU9Vt0P4UmCux7mqtRu6jcpPAb74cP1fh50J3QpkUc= -cloud.google.com/go/iam v1.1.12 h1:JixGLimRrNGcxvJEQ8+clfLxPlbeZA6MuRJ+qJNQ5Xw= -cloud.google.com/go/iam v1.1.12/go.mod h1:9LDX8J7dN5YRyzVHxwQzrQs9opFFqn0Mxs9nAeB+Hhg= -cloud.google.com/go/kms v1.18.4 h1:dYN3OCsQ6wJLLtOnI8DGUwQ5shMusXsWCCC+s09ATsk= -cloud.google.com/go/kms v1.18.4/go.mod h1:SG1bgQ3UWW6/KdPo9uuJnzELXY5YTTMJtDYvajiQ22g= +cloud.google.com/go/iam v1.2.1 h1:QFct02HRb7H12J/3utj0qf5tobFh9V4vR6h9eX5EBRU= +cloud.google.com/go/iam v1.2.1/go.mod h1:3VUIJDPpwT6p/amXRC5GY8fCCh70lxPygguVtI0Z4/g= +cloud.google.com/go/kms v1.19.0 h1:x0OVJDl6UH1BSX4THKlMfdcFWoE4ruh90ZHuilZekrU= +cloud.google.com/go/kms v1.19.0/go.mod h1:e4imokuPJUc17Trz2s6lEXFDt8bgDmvpVynH39bdrHM= cloud.google.com/go/language v1.4.0/go.mod h1:F9dRpNFQmJbkaop6g0JhSBXCNlO90e1KWx5iDdxbWic= cloud.google.com/go/language v1.6.0/go.mod h1:6dJ8t3B+lUYfStgls25GusK04NLh3eDLQnWM3mdEbhI= cloud.google.com/go/lifesciences v0.5.0/go.mod h1:3oIKy8ycWGPUyZDR/8RNnTOYevhaMLqh5vLUXs9zvT8= cloud.google.com/go/lifesciences v0.6.0/go.mod h1:ddj6tSX/7BOnhxCSd3ZcETvtNr8NZ6t/iPhY2Tyfu08= -cloud.google.com/go/longrunning v0.5.11 h1:Havn1kGjz3whCfoD8dxMLP73Ph5w+ODyZB9RUsDxtGk= -cloud.google.com/go/longrunning v0.5.11/go.mod h1:rDn7//lmlfWV1Dx6IB4RatCPenTwwmqXuiP0/RgoEO4= +cloud.google.com/go/logging v1.11.0 h1:v3ktVzXMV7CwHq1MBF65wcqLMA7i+z3YxbUsoK7mOKs= +cloud.google.com/go/logging v1.11.0/go.mod h1:5LDiJC/RxTt+fHc1LAt20R9TKiUTReDg6RuuFOZ67+A= +cloud.google.com/go/longrunning v0.6.1 h1:lOLTFxYpr8hcRtcwWir5ITh1PAKUD/sG2lKrTSYjyMc= +cloud.google.com/go/longrunning v0.6.1/go.mod h1:nHISoOZpBcmlwbJmiVk5oDRz0qG/ZxPynEGs1iZ79s0= cloud.google.com/go/mediatranslation v0.5.0/go.mod h1:jGPUhGTybqsPQn91pNXw0xVHfuJ3leR1wj37oU3y1f4= cloud.google.com/go/mediatranslation v0.6.0/go.mod h1:hHdBCTYNigsBxshbznuIMFNe5QXEowAuNmmC7h8pu5w= cloud.google.com/go/memcache v1.4.0/go.mod h1:rTOfiGZtJX1AaFUrOgsMHX5kAzaTQ8azHiuDoTPzNsE= cloud.google.com/go/memcache v1.5.0/go.mod h1:dk3fCK7dVo0cUU2c36jKb4VqKPS22BTkf81Xq617aWM= cloud.google.com/go/metastore v1.5.0/go.mod h1:2ZNrDcQwghfdtCwJ33nM0+GrBGlVuh8rakL3vdPY3XY= cloud.google.com/go/metastore v1.6.0/go.mod h1:6cyQTls8CWXzk45G55x57DVQ9gWg7RiH65+YgPsNh9s= +cloud.google.com/go/monitoring v1.21.0 h1:EMc0tB+d3lUewT2NzKC/hr8cSR9WsUieVywzIHetGro= +cloud.google.com/go/monitoring v1.21.0/go.mod h1:tuJ+KNDdJbetSsbSGTqnaBvbauS5kr3Q/koy3Up6r+4= cloud.google.com/go/networkconnectivity v1.4.0/go.mod h1:nOl7YL8odKyAOtzNX73/M5/mGZgqqMeryi6UPZTk/rA= cloud.google.com/go/networkconnectivity v1.5.0/go.mod h1:3GzqJx7uhtlM3kln0+x5wyFvuVH1pIBJjhCpjzSt75o= cloud.google.com/go/networksecurity v0.5.0/go.mod h1:xS6fOCoqpVC5zx15Z/MqkfDwH4+m/61A3ODiDV1xmiQ= @@ -177,10 +183,12 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9 cloud.google.com/go/storage v1.22.1/go.mod h1:S8N1cAStu7BOeFfE8KAQzmyyLkK8p/vmRq6kuBTW58Y= cloud.google.com/go/storage v1.23.0/go.mod h1:vOEEDNFnciUMhBeT6hsJIn3ieU5cFRmzeLgDvXzfIXc= cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= -cloud.google.com/go/storage v1.43.0 h1:CcxnSohZwizt4LCzQHWvBf1/kvtHUn7gk9QERXPyXFs= -cloud.google.com/go/storage v1.43.0/go.mod h1:ajvxEa7WmZS1PxvKRq4bq0tFT3vMd502JwstCcYv0Q0= +cloud.google.com/go/storage v1.45.0 h1:5av0QcIVj77t+44mV4gffFC/LscFRUhto6UBMB5SimM= +cloud.google.com/go/storage v1.45.0/go.mod h1:wpPblkIuMP5jCB/E48Pz9zIo2S/zD8g+ITmxKkPCITE= cloud.google.com/go/talent v1.1.0/go.mod h1:Vl4pt9jiHKvOgF9KoZo6Kob9oV4lwd/ZD5Cto54zDRw= cloud.google.com/go/talent v1.2.0/go.mod h1:MoNF9bhFQbiJ6eFD3uSsg0uBALw4n4gaCaEjBw9zo8g= +cloud.google.com/go/trace v1.11.0 h1:UHX6cOJm45Zw/KIbqHe4kII8PupLt/V5tscZUkeiJVI= +cloud.google.com/go/trace v1.11.0/go.mod h1:Aiemdi52635dBR7o3zuc9lLjXo3BwGaChEjCa3tJNmM= cloud.google.com/go/videointelligence v1.6.0/go.mod h1:w0DIDlVRKtwPCn/C4iwZIJdvC69yInhW0cfi+p546uU= cloud.google.com/go/videointelligence v1.7.0/go.mod h1:k8pI/1wAhjznARtVT9U1llUaFNPh7muw8QyOUpavru4= cloud.google.com/go/vision v1.2.0/go.mod h1:SmNwgObm5DpFBme2xpyOyasvBc1aPdjvMk2bBk0tKD0= @@ -194,27 +202,29 @@ cuelabs.dev/go/oci/ociregistry v0.0.0-20240404174027-a39bec0462d2 h1:BnG6pr9TTr6 cuelabs.dev/go/oci/ociregistry v0.0.0-20240404174027-a39bec0462d2/go.mod h1:pK23AUVXuNzzTpfMCA06sxZGeVQ/75FdVtW249de9Uo= cuelang.org/go v0.9.2 h1:pfNiry2PdRBr02G/aKm5k2vhzmqbAOoaB4WurmEbWvs= cuelang.org/go v0.9.2/go.mod h1:qpAYsLOf7gTM1YdEg6cxh553uZ4q9ZDWlPbtZr9q1Wk= -dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= -dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= +dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= -github.com/99designs/gqlgen v0.17.54 h1:AsF49k/7RJlwA00RQYsYN0T8cQuaosnV/7G1dHC3Uh8= -github.com/99designs/gqlgen v0.17.54/go.mod h1:77/+pVe6zlTsz++oUg2m8VLgzdUPHxjoAG3BxI5y8Rc= -github.com/AdaLogics/go-fuzz-headers v0.0.0-20240716105424-66b64c4bb379 h1:shYAfOpsleWVaSwGxQjmi+BBIwzj5jxB1FTCpVqs0N8= -github.com/AdaLogics/go-fuzz-headers v0.0.0-20240716105424-66b64c4bb379/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= +github.com/99designs/gqlgen v0.17.61 h1:vE7xLRC066n9wehgjeplILOWtwz75zbzcV2/Iv9i3pw= +github.com/99designs/gqlgen v0.17.61/go.mod h1:rFU1T3lhv/tPeAlww/DJ4ol2YxT/pPpue+xxPbkd3r4= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8afgbRMd7mFxO99hRNu+6tazq8nFF9lIwo9JFroBk= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20231105174938-2b5cbb29f3e2 h1:dIScnXFlF784X79oi7MzVT6GWqr/W1uUt0pB5CsDs9M= github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20231105174938-2b5cbb29f3e2/go.mod h1:gCLVsLfv1egrcZu+GoJATN5ts75F2s62ih/457eWzOw= github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230919221257-8b5d3ce2d11d h1:zjqpY4C7H15HjRPEenkS4SAn3Jy2eRRjkjZbGR30TOg= github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230919221257-8b5d3ce2d11d/go.mod h1:XNqJ7hv2kY++g8XEHREpi+JqZo3+0l+CH2egBVN4yqM= -github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0 h1:8+4G8JaejP8Xa6W46PzJEwisNgBXMvFcz78N6zG/ARw= -github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0/go.mod h1:GgeIE+1be8Ivm7Sh4RgwI42aTtC9qrcj+Y9Y6CjJhJs= +github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0 h1:kcnfY4vljxXliXDBrA9K9lwF8IoEZ4Up6Eg9kWTIm28= +github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.14.0/go.mod h1:tlqp9mUGbsP+0z3Q+c0Q5MgSdq/OMwQhm5bffR3Q3ss= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 h1:nyQWyZvwGTvunIMxi1Y9uXkcyr+I7TeNrr/foo4Kpk8= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0/go.mod h1:l38EPgmsp71HHLq9j7De57JcKOWPyhrsW1Awm1JS6K0= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 h1:tfLQ34V6F7tVSwoTf/4lH5sE0o6eCJuNDTmH09nDpbc= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0/go.mod h1:9kIvujWAA58nmPmWB1m23fyWic1kYZMxD9CxaWn4Qpg= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 h1:JZg6HRh6W6U4OLl6lk7BZ7BLisIzM9dG1R50zUk9C/M= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0/go.mod h1:YL1xnZ6QejvQHWJrX/AvhFl4WW4rqHVoKspWNVwFk0M= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0 h1:B/dfvscEQtew9dVuoxqxrUKKv8Ih2f55PydknDamU+g= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.0/go.mod h1:fiPSssYvltE08HJchL04dOy+RD4hgrjph0cwGGMntdI= +github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0 h1:+m0M/LFxN43KvULkDNfdXOgrjtg6UYJPFBJyuEcRCAw= +github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache v0.3.0/go.mod h1:PwOyop78lveYMRs6oCxjiVyBdyCgIYH6XHIVZO9/SFQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 h1:ywEEhmNahHBihViHepv3xPBn1663uRv2t2q/ESv9seY= github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.1.0 h1:DRiANoJTiW6obBQe3SqZizkuV1PEgfiiGivmVocDy64= @@ -247,18 +257,30 @@ github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUM github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= +github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1 h1:WJTmL004Abzc5wDB5VtZG2PJk5ndYDgVacGqfirKxjM= +github.com/AzureAD/microsoft-authentication-extensions-for-go/cache v0.1.1/go.mod h1:tCcJZ0uHAmvjsVYzEFivsRTN00oz5BEsRgQHu5JZ9WE= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mxXfQidrMEnLlPk9UMeRtyBTnEFtxkV0kU= github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/CycloneDX/cyclonedx-go v0.9.0 h1:inaif7qD8bivyxp7XLgxUYtOXWtDez7+j72qKTMQTb8= -github.com/CycloneDX/cyclonedx-go v0.9.0/go.mod h1:NE/EWvzELOFlG6+ljX/QeMlVt9VKcTwu8u0ccsACEsw= +github.com/CycloneDX/cyclonedx-go v0.9.2 h1:688QHn2X/5nRezKe2ueIVCt+NRqf7fl3AVQk+vaFcIo= +github.com/CycloneDX/cyclonedx-go v0.9.2/go.mod h1:vcK6pKgO1WanCdd61qx4bFnSsDJQ6SbM2ZuMIgq86Jg= github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= +github.com/DataDog/zstd v1.5.5 h1:oWf5W7GtOLgp6bciQYDmhHHjdhYkALu6S/5Ni9ZgSvQ= +github.com/DataDog/zstd v1.5.5/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw= github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible h1:juIaKLLVhqzP55d8x4cSVgwyQv76Z55/fRv/UBr2KkQ= github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.24.1 h1:pB2F2JKCj1Znmp2rwxxt1J0Fg0wezTMgWYk5Mpbi1kg= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.24.1/go.mod h1:itPGVDKf9cC/ov4MdvJ2QZ0khw4bfoo9jzwTJlaxy2k= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.48.1 h1:UQ0AhxogsIRZDkElkblfnwjc3IaltCm2HUMvezQaL7s= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.48.1/go.mod h1:jyqM3eLpJ3IbIFDTKVz2rF9T/xWGW0rIriGwnz8l9Tk= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/cloudmock v0.48.1 h1:oTX4vsorBZo/Zdum6OKPA4o7544hm6smoRv1QjpTwGo= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/cloudmock v0.48.1/go.mod h1:0wEl7vrAD8mehJyohS9HZy+WyEOaQO2mJx86Cvh93kM= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.48.1 h1:8nn+rsCvTq9axyEh382S0PFLBeaFwNsT43IrPWzctRU= +github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.48.1/go.mod h1:viRWSEhtMZqz1rhwmOVKkWl6SwmVowfL9O2YR5gI2PE= github.com/Intevation/gval v1.3.0 h1:+Ze5sft5MmGbZrHj06NVUbcxCb67l9RaPTLMNr37mjw= github.com/Intevation/gval v1.3.0/go.mod h1:xmGyGpP5be12EL0P12h+dqiYG8qn2j3PJxIgkoOHO5o= github.com/Intevation/jsonpath v0.2.1 h1:rINNQJ0Pts5XTFEG+zamtdL7l9uuE1z0FBA+r55Sw+A= @@ -271,18 +293,17 @@ github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJ github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= -github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= -github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= -github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= -github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= -github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= +github.com/Masterminds/semver/v3 v3.3.0 h1:B8LGeaivUe71a5qox1ICM/JLl0NqZSW5CHyL+hmvYS0= +github.com/Masterminds/semver/v3 v3.3.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= +github.com/Masterminds/sprig/v3 v3.3.0 h1:mQh0Yrg1XPo6vjYXgtf5OtijNAKJRNcTdOOGZe3tPhs= +github.com/Masterminds/sprig/v3 v3.3.0/go.mod h1:Zy1iXRYNqNLUolqCpL4uhk6SHUMAOSCzdgBfDb35Lz0= github.com/Masterminds/squirrel v1.5.4 h1:uUcX/aBc8O7Fg9kaISIUsHXdKuqehiXAMQTYX8afzqM= github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= -github.com/Microsoft/hcsshim v0.12.5 h1:bpTInLlDy/nDRWFVcefDZZ1+U8tS+rz3MxjKgu9boo0= -github.com/Microsoft/hcsshim v0.12.5/go.mod h1:tIUGego4G1EN5Hb6KC90aDYiUI2dqLSTTOCjVNpOgZ8= +github.com/Microsoft/hcsshim v0.12.9 h1:2zJy5KA+l0loz1HzEGqyNnjd3fyZA31ZBCGKacp6lLg= +github.com/Microsoft/hcsshim v0.12.9/go.mod h1:fJ0gkFAna6ukt0bLdKB8djt4XIJhF/vEPuoIWYVvZ8Y= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8= github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= @@ -296,8 +317,8 @@ github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d h1:licZJFw2RwpH github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat636LX7Bqt5lYEZ27JNDcqxfjdBQuJ/MM4CN/Lzo= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= -github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8= -github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo= +github.com/agnivade/levenshtein v1.2.0 h1:U9L4IOT0Y3i0TIlUIDJ7rVUziKi/zPbrJGaFrtYH3SY= +github.com/agnivade/levenshtein v1.2.0/go.mod h1:QVVI16kDrtSuwcpd0p1+xMC6Z/VfhtCyDIjcwga4/DU= github.com/alecthomas/chroma v0.10.0 h1:7XDcGkCQopCNKjZHfYrNLraA+M7e0fMiJ/Mfikbfjek= github.com/alecthomas/chroma v0.10.0/go.mod h1:jtJATyUxlIORhUOFNA9NZDWGAQ8wpxQQqNSB4rjA/1s= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= @@ -378,20 +399,20 @@ github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 h1: github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46/go.mod h1:olhPNdiiAAMiSujemd1O/sc6GcyePr23f/6uGKtthNg= github.com/aquasecurity/go-version v0.0.0-20201107203531-5e48ac5d022a/go.mod h1:9Beu8XsUNNfzml7WBf3QmyPToP1wm1Gj/Vc5UJKqTzU= github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492/go.mod h1:9Beu8XsUNNfzml7WBf3QmyPToP1wm1Gj/Vc5UJKqTzU= -github.com/aquasecurity/go-version v0.0.0-20240603093900-cf8a8d29271d h1:4zour5Sh9chOg+IqIinIcJ3qtr3cIf8FdFY6aArlXBw= -github.com/aquasecurity/go-version v0.0.0-20240603093900-cf8a8d29271d/go.mod h1:1cPOp4BaQZ1G2F5fnw4dFz6pkOyXJI9KTuak8ghIl3U= +github.com/aquasecurity/go-version v0.0.0-20241105054539-1951e80d786f h1:6mwfszC0VohA3NF75EX8pPStmmL0spZnTlkLp83M69c= +github.com/aquasecurity/go-version v0.0.0-20241105054539-1951e80d786f/go.mod h1:1cPOp4BaQZ1G2F5fnw4dFz6pkOyXJI9KTuak8ghIl3U= github.com/aquasecurity/table v1.8.0 h1:9ntpSwrUfjrM6/YviArlx/ZBGd6ix8W+MtojQcM7tv0= github.com/aquasecurity/table v1.8.0/go.mod h1:eqOmvjjB7AhXFgFqpJUEE/ietg7RrMSJZXyTN8E/wZw= github.com/aquasecurity/testdocker v0.0.0-20240730042311-4642e94c7fc8 h1:b43UVqYjz7qDqK+cVOtF2Lk6CxjytYItP6Pgf3wGsNE= github.com/aquasecurity/testdocker v0.0.0-20240730042311-4642e94c7fc8/go.mod h1:wXA9k3uuaxY3yu7gxrxZDPo/04FEMJtwyecdAlYrEIo= github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo= github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY= -github.com/aquasecurity/trivy v0.55.2 h1:C7Olgc3PUtAkh/2+hrgk99xc4ovJqQP9/J0A+iexi3Q= -github.com/aquasecurity/trivy v0.55.2/go.mod h1:dnAVPMsa9mMaZ1DZdasvFWT10WGok/boHQCpoDFgelo= -github.com/aquasecurity/trivy-checks v0.13.1-0.20240830230553-53ddbbade784 h1:1rvPiCK8uQd3sarOuZ60nwksHpxsNdrvptz4eDW/V14= -github.com/aquasecurity/trivy-checks v0.13.1-0.20240830230553-53ddbbade784/go.mod h1:Ralz7PWmR3LirHlXxVtUXc+7CFmWE82jbLk7+TPvV/0= -github.com/aquasecurity/trivy-db v0.0.0-20240910133327-7e0f4d2ed4c1 h1:G0gnacAORRUqz2Tm5MqivSpldY2GZ74ijhJcMsae+sA= -github.com/aquasecurity/trivy-db v0.0.0-20240910133327-7e0f4d2ed4c1/go.mod h1:PYkSRx4dlgFATEt+okGwibvbxVEtqsOdH+vX/saACYE= +github.com/aquasecurity/trivy v0.58.1 h1:O9JWiQbGToqI2J05k1Zgjn8kYct2iTqsoXMsym+qL5E= +github.com/aquasecurity/trivy v0.58.1/go.mod h1:UOjuv5UWMw9ekGej6lpyfG8/ASOTgCwa2FIQC8JkPC8= +github.com/aquasecurity/trivy-checks v1.4.0 h1:XFGPuA8C4f31GO9g7xOkubHq4W87y9iXrWnulsIoZFs= +github.com/aquasecurity/trivy-checks v1.4.0/go.mod h1:TSUbI3wBy9jgQl5lRUCR+B5pNiOxp6M26Jep8VCL/eM= +github.com/aquasecurity/trivy-db v0.0.0-20241209111357-8c398f13db0e h1:O5j5SeCNBrXApgBTOobO06q4LMxJxIhcSGE7H6Y154E= +github.com/aquasecurity/trivy-db v0.0.0-20241209111357-8c398f13db0e/go.mod h1:gS8VhlNxhraiq60BBnJw9kGtjeMspQ9E8pX24jCL4jg= github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 h1:JVgBIuIYbwG+ekC5lUHUpGJboPYiCcxiz06RCtz8neI= github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48/go.mod h1:Ldya37FLi0e/5Cjq2T5Bty7cFkzUDwTcPeQua+2M8i8= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= @@ -404,56 +425,56 @@ github.com/aws/aws-sdk-go v1.44.122/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX github.com/aws/aws-sdk-go v1.47.10/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU= github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= -github.com/aws/aws-sdk-go-v2 v1.31.0 h1:3V05LbxTSItI5kUqNwhJrrrY1BAXxXt0sN0l72QmG5U= -github.com/aws/aws-sdk-go-v2 v1.31.0/go.mod h1:ztolYtaEUtdpf9Wftr31CJfLVjOnD/CVRkKOOYgF8hA= -github.com/aws/aws-sdk-go-v2/config v1.27.39 h1:FCylu78eTGzW1ynHcongXK9YHtoXD5AiiUqq3YfJYjU= -github.com/aws/aws-sdk-go-v2/config v1.27.39/go.mod h1:wczj2hbyskP4LjMKBEZwPRO1shXY+GsQleab+ZXT2ik= -github.com/aws/aws-sdk-go-v2/credentials v1.17.37 h1:G2aOH01yW8X373JK419THj5QVqu9vKEwxSEsGxihoW0= -github.com/aws/aws-sdk-go-v2/credentials v1.17.37/go.mod h1:0ecCjlb7htYCptRD45lXJ6aJDQac6D2NlKGpZqyTG6A= -github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.8 h1:YNkm1DPhE4wnslPKD8jLVfKPujd94R8eI175vgKvIHI= -github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.8/go.mod h1:Ipgx7ZeodWz/Fd1TxCQwy0rXkxk2WDxZBJUuoZLzpqw= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.14 h1:C/d03NAmh8C4BZXhuRNboF/DqhBkBCeDiJDcaqIT5pA= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.14/go.mod h1:7I0Ju7p9mCIdlrfS+JCgqcYD0VXz/N4yozsox+0o078= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.18 h1:kYQ3H1u0ANr9KEKlGs/jTLrBFPo8P8NaH/w7A01NeeM= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.18/go.mod h1:r506HmK5JDUh9+Mw4CfGJGSSoqIiLCndAuqXuhbv67Y= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.18 h1:Z7IdFUONvTcvS7YuhtVxN99v2cCoHRXOS4mTr0B/pUc= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.18/go.mod h1:DkKMmksZVVyat+Y+r1dEOgJEfUeA7UngIHWeKsi0yNc= +github.com/aws/aws-sdk-go-v2 v1.32.7 h1:ky5o35oENWi0JYWUZkB7WYvVPP+bcRF5/Iq7JWSb5Rw= +github.com/aws/aws-sdk-go-v2 v1.32.7/go.mod h1:P5WJBrYqqbWVaOxgH0X/FYYD47/nooaPOZPlQdmiN2U= +github.com/aws/aws-sdk-go-v2/config v1.28.7 h1:GduUnoTXlhkgnxTD93g1nv4tVPILbdNQOzav+Wpg7AE= +github.com/aws/aws-sdk-go-v2/config v1.28.7/go.mod h1:vZGX6GVkIE8uECSUHB6MWAUsd4ZcG2Yq/dMa4refR3M= +github.com/aws/aws-sdk-go-v2/credentials v1.17.48 h1:IYdLD1qTJ0zanRavulofmqut4afs45mOWEI+MzZtTfQ= +github.com/aws/aws-sdk-go-v2/credentials v1.17.48/go.mod h1:tOscxHN3CGmuX9idQ3+qbkzrjVIx32lqDSU1/0d/qXs= +github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.22 h1:p2LDiYhvM9mMExEY1meHMAmjmVlzD1J1jVG+fGut+mE= +github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.22/go.mod h1:fo5T2fYMHVF2rHrym50h7Ue/+SECRJlUHUFZLjSX18g= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.22 h1:kqOrpojG71DxJm/KDPO+Z/y1phm1JlC8/iT+5XRmAn8= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.22/go.mod h1:NtSFajXVVL8TA2QNngagVZmUtXciyrHOt7xgz4faS/M= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.26 h1:I/5wmGMffY4happ8NOCuIUEWGUvvFp5NSeQcXl9RHcI= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.26/go.mod h1:FR8f4turZtNy6baO0KJ5FJUmXH/cSkI9fOngs0yl6mA= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.26 h1:zXFLuEuMMUOvEARXFUVJdfqZ4bvvSgdGRq/ATcrQxzM= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.26/go.mod h1:3o2Wpy0bogG1kyOPrgkXA8pgIfEEv0+m19O9D5+W8y8= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.35.3 h1:X4iS+RcIKHkAMQz47nDt/nHxZUCKdnfgw940yluJ29Q= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.35.3/go.mod h1:k5XW8MoMxsNZ20RJmsokakvENUwQyjv69R9GqrI4xdQ= -github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.23.3 h1:q+pKQ9hZfIJNyoYSwPWbj19GnEPWvLOXwHpR/HYyx4o= -github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.23.3/go.mod h1:NZQWaOwOszI7jnQ7s1i5kN/FUAglaaJIm2htZG7BJKw= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.38.1 h1:AnSNs7Ogi0LXHPMDBx4RE7imU4/JmzWFziqkMKJA2AY= +github.com/aws/aws-sdk-go-v2/service/dynamodb v1.38.1/go.mod h1:J8xqRbx7HIc8ids2P8JbrKx9irONPEYq7Z1FpLDpi3I= +github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.24.10 h1:aWEbNPNdGiTGSR6/Yy9S0Ad07sMVaT/CFaVq7GuDGx4= +github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.24.10/go.mod h1:HywkMgYwY0uaybPvvctx6fkm3L1ssRKeGv7TPZ6OQ/M= github.com/aws/aws-sdk-go-v2/service/ebs v1.25.3 h1:0Z1Oz8bRQJ1I/kDmTbISFxKwptaJoghfjh4QrKmXzE0= github.com/aws/aws-sdk-go-v2/service/ebs v1.25.3/go.mod h1:qIEaYAxM0l8/Tq5XtqCgc4Zs1a14JXoO2wU+LcCQDVk= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.175.1 h1:7B5ppg4i5N2B6t+aH77WLbAu8sD98MLlzruWzq5scyY= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.175.1/go.mod h1:ISODge3zgdwOEa4Ou6WM9PKbxJWJ15DYKnr2bfmCAIA= -github.com/aws/aws-sdk-go-v2/service/ecr v1.32.1 h1:PxM8EHsv1sd9eWGamMQCvqBEjxytK5kAwjrxlfG3tac= -github.com/aws/aws-sdk-go-v2/service/ecr v1.32.1/go.mod h1:kdk+WJbHcGVbIlRQfSrKyuKkbWDdD8I9NScyS5vZ8eQ= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0 h1:RhSoBFT5/8tTmIseJUXM6INTXTQDF8+0oyxWBnozIms= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.193.0/go.mod h1:mzj8EEjIHSN2oZRXiw1Dd+uB4HZTl7hC8nBzX9IZMWw= +github.com/aws/aws-sdk-go-v2/service/ecr v1.36.6 h1:zg+3FGHA0PBs0KM25qE/rOf2o5zsjNa1g/Qq83+SDI0= +github.com/aws/aws-sdk-go-v2/service/ecr v1.36.6/go.mod h1:ZSq54Z9SIsOTf1Efwgw1msilSs4XVEfVQiP9nYVnKpM= github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.25.3 h1:n2eqzO9VabUkd77b88Hos6OEtbGohB/TRrtXLTZi38Y= github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.25.3/go.mod h1:Oy3yHBGkKtTmsn6iJGEZxytzZQrEvoFRWldB4XmzlO4= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.5 h1:QFASJGfT8wMXtuP3D5CRmMjARHv9ZmzFUMJznHDOY3w= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.5/go.mod h1:QdZ3OmoIjSX+8D1OPAzPxDfjXASbBMDsz9qvtyIhtik= -github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.9.19 h1:dOxqOlOEa2e2heC/74+ZzcJOa27+F1aXFZpYgY/4QfA= -github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.9.19/go.mod h1:aV6U1beLFvk3qAgognjS3wnGGoDId8hlPEiBsLHXVZE= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.20 h1:Xbwbmk44URTiHNx6PNo0ujDE6ERlsCKJD3u1zfnzAPg= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.20/go.mod h1:oAfOFzUB14ltPZj1rWwRc3d/6OgD76R8KlvU3EqM9Fg= -github.com/aws/aws-sdk-go-v2/service/kms v1.35.3 h1:UPTdlTOwWUX49fVi7cymEN6hDqCwe3LNv1vi7TXUutk= -github.com/aws/aws-sdk-go-v2/service/kms v1.35.3/go.mod h1:gjDP16zn+WWalyaUqwCCioQ8gU8lzttCCc9jYsiQI/8= -github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0 h1:Cso4Ev/XauMVsbwdhYEoxg8rxZWw43CFqqaPB5w3W2c= -github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0/go.mod h1:BSPI0EfnYUuNHPS0uqIo5VrRwzie+Fp+YhQOUs16sKI= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.33.3 h1:W2M3kQSuN1+FXgV2wMv1JMWPxw/37wBN87QHYDuTV0Y= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.33.3/go.mod h1:WyLS5qwXHtjKAONYZq/4ewdd+hcVsa3LBu77Ow5uj3k= -github.com/aws/aws-sdk-go-v2/service/sso v1.23.3 h1:rs4JCczF805+FDv2tRhZ1NU0RB2H6ryAvsWPanAr72Y= -github.com/aws/aws-sdk-go-v2/service/sso v1.23.3/go.mod h1:XRlMvmad0ZNL+75C5FYdMvbbLkd6qiqz6foR1nA1PXY= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.27.3 h1:S7EPdMVZod8BGKQQPTBK+FcX9g7bKR7c4+HxWqHP7Vg= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.27.3/go.mod h1:FnvDM4sfa+isJ3kDXIzAB9GAwVSzFzSy97uZ3IsHo4E= -github.com/aws/aws-sdk-go-v2/service/sts v1.31.3 h1:VzudTFrDCIDakXtemR7l6Qzt2+JYsVqo2MxBPt5k8T8= -github.com/aws/aws-sdk-go-v2/service/sts v1.31.3/go.mod h1:yMWe0F+XG0DkRZK5ODZhG7BEFYhLXi2dqGsv6tX0cgI= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE= +github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.7 h1:EqGlayejoCRXmnVC6lXl6phCm9R2+k35e0gWsO9G5DI= +github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.7/go.mod h1:BTw+t+/E5F3ZnDai/wSOYM54WUVjSdewE7Jvwtb7o+w= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.7 h1:8eUsivBQzZHqe/3FE+cqwfH+0p5Jo8PFM/QYQSmeZ+M= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.7/go.mod h1:kLPQvGUmxn/fqiCrDeohwG33bq2pQpGeY62yRO6Nrh0= +github.com/aws/aws-sdk-go-v2/service/kms v1.35.7 h1:v0D1LeMkA/X+JHAZWERrr+sUGOt8KrCZKnJA6KszkcE= +github.com/aws/aws-sdk-go-v2/service/kms v1.35.7/go.mod h1:K9lwD0Rsx9+NSaJKsdAdlDK4b2G4KKOEve9PzHxPoMI= +github.com/aws/aws-sdk-go-v2/service/s3 v1.68.0 h1:bFpcqdwtAEsgpZXvkTxIThFQx/EM0oV6kXmfFIGjxME= +github.com/aws/aws-sdk-go-v2/service/s3 v1.68.0/go.mod h1:ralv4XawHjEMaHOWnTFushl0WRqim/gQWesAMF6hTow= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.34.8 h1:WT3EPriVEpHE2jeNqHqj7l43JCIWPoZjNNRluZ7agII= +github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.34.8/go.mod h1:By/yiMzR0yfhPaqRWE3GrT9B/Z6871z1GfWGc+vf4Y8= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.8 h1:CvuUmnXI7ebaUAhbJcDy9YQx8wHR69eZ9I7q5hszt/g= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.8/go.mod h1:XDeGv1opzwm8ubxddF0cgqkZWsyOtw4lr6dxwmb6YQg= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.7 h1:F2rBfNAL5UyswqoeWv9zs74N/NanhK16ydHW1pahX6E= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.7/go.mod h1:JfyQ0g2JG8+Krq0EuZNnRwX0mU0HrwY/tG6JNfcqh4k= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.3 h1:Xgv/hyNgvLda/M9l9qxXc4UFSgppnRczLxlMs5Ae/QY= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.3/go.mod h1:5Gn+d+VaaRgsjewpMvGazt0WfcFO+Md4wLOuBfGR9Bc= github.com/aws/aws-secretsmanager-caching-go v1.2.0 h1:gUA+CVKvFLj4OUSknhIrnt4dF7Y37+JrChKqfaehJME= github.com/aws/aws-secretsmanager-caching-go v1.2.0/go.mod h1:6t2/zQIsigFMlnpOdGj503Dgaz24tMqIRhass9uoTBo= -github.com/aws/smithy-go v1.21.0 h1:H7L8dtDRk0P1Qm6y0ji7MCYMQObJ5R9CRpyPhRUkLYA= -github.com/aws/smithy-go v1.21.0/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= +github.com/aws/smithy-go v1.22.1 h1:/HPHZQ0g7f4eUeK6HKglFz8uwVfZKgoI25rb/J+dnro= +github.com/aws/smithy-go v1.22.1/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20240730143543-a8d7d3c42ca1 h1:KzgMB9L9rxpYY7TVVZLQCn2JUdJyRsIKVzxd6KzJSKY= github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20240730143543-a8d7d3c42ca1/go.mod h1:yRvLJAL/+VxKEc103WbeojloNH9Da5YKkY72PCg/r4s= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -468,18 +489,18 @@ github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdn github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= -github.com/bmatcuk/doublestar/v4 v4.6.1 h1:FH9SifrbvJhnlQpztAx++wlkk70QBf0iBWDwNy7PA4I= -github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= +github.com/bmatcuk/doublestar/v4 v4.7.1 h1:fdDeAqgT47acgwd9bd9HxJRDmc9UAmPpc+2m0CXv75Q= +github.com/bmatcuk/doublestar/v4 v4.7.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/briandowns/spinner v1.23.1 h1:t5fDPmScwUjozhDj4FA46p5acZWIPXYE30qW2Ptu650= github.com/briandowns/spinner v1.23.1/go.mod h1:LaZeM4wm2Ywy6vO571mvhQNRcWfRUnXOs0RcKV0wYKM= github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70= github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/buildkite/agent/v3 v3.76.2 h1:SweFq3e0N20RikWsVeOXzTjfr0AoOskxm9c0bcNyI0E= -github.com/buildkite/agent/v3 v3.76.2/go.mod h1:9ffbmJD7d7C/nOcElj6Qm+uIj1QoYh3NNvka4rkKkss= -github.com/buildkite/go-pipeline v0.10.0 h1:EDffu+LfMY2k5u+iEdo6Jn3obGKsrL5wicc1O/yFeRs= -github.com/buildkite/go-pipeline v0.10.0/go.mod h1:eMH1kiav5VeiTiu0Mk2/M7nZhKyFeL4iGj7Y7rj4f3w= +github.com/buildkite/agent/v3 v3.81.0 h1:JVfkng2XnsXesFXwiFwLJFkuzVu4zvoJCvedfoIXD6E= +github.com/buildkite/agent/v3 v3.81.0/go.mod h1:edJeyycODRxaFvpT22rDGwaQ5oa4eB8GjtbjgX5VpFw= +github.com/buildkite/go-pipeline v0.13.1 h1:Y9p8pQIwPtauVwNrcmTDH6+XK7jE1nLuvWVaK8oymA8= +github.com/buildkite/go-pipeline v0.13.1/go.mod h1:2HHqlSFTYgHFhzedJu0LhLs9n5c9XkYnHiQFVN5HE4U= github.com/buildkite/interpolate v0.1.3 h1:OFEhqji1rNTRg0u9DsSodg63sjJQEb1uWbENq9fUOBM= github.com/buildkite/interpolate v0.1.3/go.mod h1:UNVe6A+UfiBNKbhAySrBbZFZFxQ+DXr9nWen6WVt/A8= github.com/buildkite/roko v1.2.0 h1:hbNURz//dQqNl6Eo9awjQOVOZwSDJ8VEbBDxSfT9rGQ= @@ -491,6 +512,8 @@ github.com/cenkalti/backoff/v3 v3.2.2/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4r github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g= +github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -523,6 +546,8 @@ github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78 h1:QVw89YDxXxEe+l8gU8ETbOasdwEV+avkR75ZzsVV9WI= +github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78/go.mod h1:W+zGtBO5Y1IgJhy4+A9GOqVhqLpfZi+vwmdNXUehLA8= github.com/cockroachdb/apd/v3 v3.2.1 h1:U+8j7t0axsIgvQUqthuNm82HIrYXodOV2iWLWtEaIwg= github.com/cockroachdb/apd/v3 v3.2.1/go.mod h1:klXJcjp+FffLTHlhIG69tezTDvdP065naDsHzKhYSqc= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= @@ -531,53 +556,58 @@ github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be h1:J5BL github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be/go.mod h1:mk5IQ+Y0ZeO87b858TlA645sVcEcbiX6YqP98kt+7+w= github.com/containerd/cgroups/v3 v3.0.3 h1:S5ByHZ/h9PMe5IOQoN7E+nMc2UcLEM/V48DGDJ9kip0= github.com/containerd/cgroups/v3 v3.0.3/go.mod h1:8HBe7V3aWGLFPd/k03swSIsGjZhHI2WzJmticMgVuz0= -github.com/containerd/containerd v1.7.21 h1:USGXRK1eOC/SX0L195YgxTHb0a00anxajOzgfN0qrCA= -github.com/containerd/containerd v1.7.21/go.mod h1:e3Jz1rYRUZ2Lt51YrH9Rz0zPyJBOlSvB3ghr2jbVD8g= -github.com/containerd/containerd/api v1.7.19 h1:VWbJL+8Ap4Ju2mx9c9qS1uFSB1OVYr5JJrW2yT5vFoA= -github.com/containerd/containerd/api v1.7.19/go.mod h1:fwGavl3LNwAV5ilJ0sbrABL44AQxmNjDRcwheXDb6Ig= -github.com/containerd/continuity v0.4.3 h1:6HVkalIp+2u1ZLH1J/pYX2oBVXlJZvh1X1A7bEZ9Su8= -github.com/containerd/continuity v0.4.3/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ= -github.com/containerd/errdefs v0.1.0 h1:m0wCRBiu1WJT/Fr+iOoQHMQS/eP5myQ8lCv4Dz5ZURM= -github.com/containerd/errdefs v0.1.0/go.mod h1:YgWiiHtLmSeBrvpw+UfPijzbLaB77mEG1WwJTDETIV0= +github.com/containerd/containerd v1.7.23 h1:H2CClyUkmpKAGlhQp95g2WXHfLYc7whAuvZGBNYOOwQ= +github.com/containerd/containerd v1.7.23/go.mod h1:7QUzfURqZWCZV7RLNEn1XjUCQLEf0bkaK4GjUaZehxw= +github.com/containerd/containerd/api v1.8.0 h1:hVTNJKR8fMc/2Tiw60ZRijntNMd1U+JVMyTRdsD2bS0= +github.com/containerd/containerd/api v1.8.0/go.mod h1:dFv4lt6S20wTu/hMcP4350RL87qPWLVa/OHOwmmdnYc= +github.com/containerd/containerd/v2 v2.0.0 h1:qLDdFaAykQrIyLiqwQrNLLz95wiC36bAZVwioUwqShM= +github.com/containerd/containerd/v2 v2.0.0/go.mod h1:j25kDy9P48/ngb1sxWIFfK6GsnqOHoSqo1EpAod20VQ= +github.com/containerd/continuity v0.4.4 h1:/fNVfTJ7wIl/YPMHjf+5H32uFhl63JucB34PlCpMKII= +github.com/containerd/continuity v0.4.4/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE= +github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI= +github.com/containerd/errdefs v1.0.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ/kCkyJ2k+M= +github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151Xdx3ZPPE= +github.com/containerd/errdefs/pkg v0.3.0/go.mod h1:NJw6s9HwNuRhnjJhM7pylWwMyAkmCQvQ4GpJHEqRLVk= github.com/containerd/fifo v1.1.0 h1:4I2mbh5stb1u6ycIABlBw9zgtlK8viPI9QkQNRQEEmY= github.com/containerd/fifo v1.1.0/go.mod h1:bmC4NWMbXlt2EZ0Hc7Fx7QzTFxgPID13eH0Qu+MAb2o= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= -github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpSBQv6A= -github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw= +github.com/containerd/platforms v1.0.0-rc.0 h1:GuHWSKgVVO3POn6nRBB4sH63uPOLa87yuuhsGLWaXAA= +github.com/containerd/platforms v1.0.0-rc.0/go.mod h1:T1XAzzOdYs3it7l073MNXyxRwQofJfqwi/8cRjufIk4= +github.com/containerd/plugin v1.0.0 h1:c8Kf1TNl6+e2TtMHZt+39yAPDbouRH9WAToRjex483Y= +github.com/containerd/plugin v1.0.0/go.mod h1:hQfJe5nmWfImiqT1q8Si3jLv3ynMUIBB47bQ+KexvO8= github.com/containerd/stargz-snapshotter/estargz v0.15.1 h1:eXJjw9RbkLFgioVaTG+G/ZW/0kEe2oEKCdS/ZxIyoCU= github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk= -github.com/containerd/ttrpc v1.2.5 h1:IFckT1EFQoFBMG4c3sMdT8EP3/aKfumK1msY+Ze4oLU= -github.com/containerd/ttrpc v1.2.5/go.mod h1:YCXHsb32f+Sq5/72xHubdiJRQY9inL4a4ZQrAbN1q9o= -github.com/containerd/typeurl/v2 v2.2.0 h1:6NBDbQzr7I5LHgp34xAXYF5DOTQDn05X58lsPEmzLso= -github.com/containerd/typeurl/v2 v2.2.0/go.mod h1:8XOOxnyatxSWuG8OfsZXVnAF4iZfedjS/8UHSPJnX4g= -github.com/containers/common v0.60.3 h1:pToT7gtFx/KWyMtWw98g4pIbW54i9KfGH2QrdN2s1io= -github.com/containers/common v0.60.3/go.mod h1:I0upBi1qJX3QmzGbUOBN1LVP6RvkKhd3qQpZbQT+Q54= -github.com/containers/image/v5 v5.32.2 h1:SzNE2Y6sf9b1GJoC8qjCuMBXwQrACFp4p0RK15+4gmQ= -github.com/containers/image/v5 v5.32.2/go.mod h1:v1l73VeMugfj/QtKI+jhYbwnwFCFnNGckvbST3rQ5Hk= +github.com/containerd/ttrpc v1.2.6 h1:zG+Kn5EZ6MUYCS1t2Hmt2J4tMVaLSFEJVOraDQwNPC4= +github.com/containerd/ttrpc v1.2.6/go.mod h1:YCXHsb32f+Sq5/72xHubdiJRQY9inL4a4ZQrAbN1q9o= +github.com/containerd/typeurl/v2 v2.2.2 h1:3jN/k2ysKuPCsln5Qv8bzR9cxal8XjkxPogJfSNO31k= +github.com/containerd/typeurl/v2 v2.2.2/go.mod h1:95ljDnPfD3bAbDJRugOiShd/DlAAsxGtUBhJxIn7SCk= +github.com/containers/common v0.61.0 h1:j/84PTqZIKKYy42OEJsZmjZ4g4Kq2ERuC3tqp2yWdh4= +github.com/containers/common v0.61.0/go.mod h1:NGRISq2vTFPSbhNqj6MLwyes4tWSlCnqbJg7R77B8xc= +github.com/containers/image/v5 v5.33.0 h1:6oPEFwTurf7pDTGw7TghqGs8K0+OvPtY/UyzU0B2DfE= +github.com/containers/image/v5 v5.33.0/go.mod h1:T7HpASmvnp2H1u4cyckMvCzLuYgpD18dSmabSw0AcHk= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= github.com/containers/ocicrypt v1.2.0 h1:X14EgRK3xNFvJEfI5O4Qn4T3E25ANudSOZz/sirVuPM= github.com/containers/ocicrypt v1.2.0/go.mod h1:ZNviigQajtdlxIZGibvblVuIFBKIuUI2M0QM12SD31U= -github.com/containers/storage v1.55.0 h1:wTWZ3YpcQf1F+dSP4KxG9iqDfpQY1otaUXjPpffuhgg= -github.com/containers/storage v1.55.0/go.mod h1:28cB81IDk+y7ok60Of6u52RbCeBRucbFOeLunhER1RQ= +github.com/containers/storage v1.56.0 h1:DZ9KSkj6M2tvj/4bBoaJu3QDHRl35BwsZ4kmLJS97ZI= +github.com/containers/storage v1.56.0/go.mod h1:c6WKowcAlED/DkWGNuL9bvGYqIWCVy7isRMdCSKWNjk= github.com/coreos/go-oidc/v3 v3.11.0 h1:Ia3MxdwpSw702YW0xgfmP1GVCMA9aEFWu12XUZ3/OtI= github.com/coreos/go-oidc/v3 v3.11.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0= github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/cpuguy83/dockercfg v0.3.1 h1:/FpZ+JaygUR/lZP2NlFI2DVfrOEMAIKP5wWEJdoYe9E= -github.com/cpuguy83/dockercfg v0.3.1/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc= +github.com/cpuguy83/dockercfg v0.3.2 h1:DlJTyZGBDlXqUZ2Dk2Q3xHs/FtnooJJVaad2S9GKorA= +github.com/cpuguy83/dockercfg v0.3.2/go.mod h1:sugsbF4//dDlL/i+S+rtpIWp+5h0BHJHfjj5/jFyUJc= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.21 h1:1/QdRyBaHHJP61QkWMXlOIBfsgdDeeKfK8SYVUWJKf0= -github.com/creack/pty v1.1.21/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= -github.com/csaf-poc/csaf_distribution/v3 v3.0.0 h1:ob9+Fmpff0YWgTP3dYaw7G2hKQ9cegh9l3zksc+q3sM= -github.com/csaf-poc/csaf_distribution/v3 v3.0.0/go.mod h1:uilCTiNKivq+6zrDvjtZaUeLk70oe21iwKivo6ILwlQ= +github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc= +github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.23 h1:4M6+isWdcStXEf15G/RbrMPOQj1dZ7HPZCGwE4kOeP0= +github.com/creack/pty v1.1.23/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE= github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f h1:eHnXnuK47UlSTOQexbzxAZfekVz6i+LKRdj1CU5DPaM= github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= -github.com/cyphar/filepath-securejoin v0.3.1 h1:1V7cHiaW+C+39wEfpH6XlLBQo3j/PciWFrgfCLS8XrE= -github.com/cyphar/filepath-securejoin v0.3.1/go.mod h1:F7i41x/9cBF7lzCrVsYs9fuzwRZm4NQsGTBdpp6mETc= +github.com/cyphar/filepath-securejoin v0.3.4 h1:VBWugsJh2ZxJmLFSM06/0qzQyiQX2Qs0ViKrUAcqdZ8= +github.com/cyphar/filepath-securejoin v0.3.4/go.mod h1:8s/MCNJREmFK0H02MF6Ihv1nakJe4L/w3WZLHNkvlYM= github.com/danieljoos/wincred v1.2.1 h1:dl9cBrupW8+r5250DYkYxocLeZ1Y4vB1kxgtjxw8GQs= github.com/danieljoos/wincred v1.2.1/go.mod h1:uGaFL9fDn3OLTvzCGulzE+SzjEe5NGlh5FdCcyfPwps= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -594,8 +624,8 @@ github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWa github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= -github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+UbP35JkH8yB7MYb4q/qhBarqZE6g= -github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= +github.com/dgryski/trifles v0.0.0-20230903005119-f50d829f2e54 h1:SG7nF6SRlWhcT7cNTs5R6Hk4V2lcmLz2NsG2VnInyNo= +github.com/dgryski/trifles v0.0.0-20230903005119-f50d829f2e54/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= github.com/didip/tollbooth/v7 v7.0.2 h1:WYEfusYI6g64cN0qbZgekDrYfuYBZjUZd5+RlWi69p4= github.com/didip/tollbooth/v7 v7.0.2/go.mod h1:RtRYfEmFGX70+ike5kSndSvLtQ3+F2EAmTI4Un/VXNc= github.com/digitorus/pkcs7 v0.0.0-20230713084857-e76b763bdc49/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= @@ -605,19 +635,19 @@ github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 h1:lxmTCgmHE1G github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7/go.mod h1:GvWntX9qiTlOud0WkQ6ewFm0LPy5JUR1Xo0Ngbd1w6Y= github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= -github.com/distribution/distribution/v3 v3.0.0-beta.1.0.20240729175644-f0bd0f689923 h1:j3L5ly19rMyoy+okWyeMdf9+X8NyU3ZuIje8Hc6B+IA= -github.com/distribution/distribution/v3 v3.0.0-beta.1.0.20240729175644-f0bd0f689923/go.mod h1:3PKHxunRSv4DqZ1Q9HgsocS2/PBIHFfm0ICBKkJQE1g= +github.com/distribution/distribution/v3 v3.0.0-rc.2 h1:tTrzntanYMbd20SyvdeR83Ya1l/aBwDcA3NCIpmwemc= +github.com/distribution/distribution/v3 v3.0.0-rc.2/go.mod h1:H2zIRRXS20ylnv2HTuKILAWuANjuA60GB7MLOsQag7Y= github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc= github.com/dlclark/regexp2 v1.11.2 h1:/u628IuisSTwri5/UKloiIsH8+qF2Pu7xEQX+yIKg68= github.com/dlclark/regexp2 v1.11.2/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= -github.com/docker/cli v27.1.1+incompatible h1:goaZxOqs4QKxznZjjBWKONQci/MywhtRv2oNn0GkeZE= -github.com/docker/cli v27.1.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v27.3.1+incompatible h1:qEGdFBF3Xu6SCvCYhc7CzaQTlBmqDuzxPDpigSyeKQQ= +github.com/docker/cli v27.3.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v27.1.1+incompatible h1:hO/M4MtV36kzKldqnA37IWhebRA+LnqqcqDja6kVaKY= -github.com/docker/docker v27.1.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v27.3.1+incompatible h1:KttF0XoteNTicmUtBO0L2tP+J7FGRFTjaEF4k6WdhfI= +github.com/docker/docker v27.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo= github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c= @@ -649,14 +679,18 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.m github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= +github.com/envoyproxy/go-control-plane v0.13.0 h1:HzkeUz1Knt+3bK+8LG1bxOO/jzWZmdxpwC51i202les= +github.com/envoyproxy/go-control-plane v0.13.0/go.mod h1:GRaKG3dwvFoTg4nj7aXdZnvMg4d7nvT/wl9WgVXn3Q8= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/envoyproxy/protoc-gen-validate v1.1.0 h1:tntQDh69XqOCOZsDz0lVJQez/2L6Uu2PdjCQwWCJ3bM= +github.com/envoyproxy/protoc-gen-validate v1.1.0/go.mod h1:sXRDRVmzEbkM7CVcM06s9shE/m23dg3wzjl0UWqJ2q4= github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lShz4oaXpDTX2bLe7ls= github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/color v1.17.0 h1:GlRw1BRJxkpqUCBKzKOw098ed57fEsKeNjpTe3cSjK4= -github.com/fatih/color v1.17.0/go.mod h1:YZ7TlrGPkiz6ku9fK3TLD/pl3CpsiFyu8N92HLgmosI= +github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= +github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= @@ -668,8 +702,8 @@ github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7z github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= -github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= -github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M= +github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -677,7 +711,6 @@ github.com/glebarez/go-sqlite v1.20.3 h1:89BkqGOXR9oRmG58ZrzgoY/Fhy5x0M+/WV48U5z github.com/glebarez/go-sqlite v1.20.3/go.mod h1:u3N6D/wftiAzIOJtZl6BmedqxmmkDfH3q+ihjqxC9u0= github.com/gliderlabs/ssh v0.3.7 h1:iV3Bqi942d9huXnzEF2Mt+CY9gLu8DNM4Obd+8bODRE= github.com/gliderlabs/ssh v0.3.7/go.mod h1:zpHEXBstFnQYtGnB8k8kQLol82umzn/2/snG7alWVD8= -github.com/go-asn1-ber/asn1-ber v1.5.5/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-asn1-ber/asn1-ber v1.5.7 h1:DTX+lbVTWaTw1hQ+PbZPlnDZPEIs0SS/GCZAl535dDk= github.com/go-asn1-ber/asn1-ber v1.5.7/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-chi/chi v4.1.2+incompatible h1:fGFk2Gmi/YKXk0OmGfBh0WgmN3XB8lVnEyNz34tQRec= @@ -688,8 +721,8 @@ github.com/go-errors/errors v1.5.1 h1:ZwEMSLRCapFLflTpT7NKaAc7ukJ8ZPEjzlxt8rPN8b github.com/go-errors/errors v1.5.1/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= -github.com/go-git/go-billy/v5 v5.5.0 h1:yEY4yhzCDuMGSv83oGxiBotRzhwhNr8VZyphhiu+mTU= -github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow= +github.com/go-git/go-billy/v5 v5.6.0 h1:w2hPNtoehvJIxR00Vb4xX94qHQi/ApZfX+nBE2Cjio8= +github.com/go-git/go-billy/v5 v5.6.0/go.mod h1:sFDq7xD3fn3E0GOwUSZqHo9lrkmx8xJhA0ZrfvjBRGM= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= github.com/go-git/go-git/v5 v5.12.0 h1:7Md+ndsjrzZxbddRDZjF14qK+NN56sy6wkqaVrjZtys= @@ -706,8 +739,8 @@ github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQr github.com/go-jose/go-jose/v4 v4.0.4 h1:VsjPI33J0SB9vQM6PLmNjoHqMQNGPiZ0rHL7Ni7Q6/E= github.com/go-jose/go-jose/v4 v4.0.4/go.mod h1:NKb5HO1EZccyMpiZNbdUw/14tiXNyUJh188dfnMCAfc= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-ldap/ldap/v3 v3.4.8 h1:loKJyspcRezt2Q3ZRMq2p/0v8iOurlmeXDPw6fikSvQ= -github.com/go-ldap/ldap/v3 v3.4.8/go.mod h1:qS3Sjlu76eHfHGpUdWkAXQTw4beih+cHsco2jXlIXrk= +github.com/go-ldap/ldap/v3 v3.4.10 h1:ot/iwPOhfpNVgB1o+AVXljizWZ9JTp7YF5oeyONmcJU= +github.com/go-ldap/ldap/v3 v3.4.10/go.mod h1:JXh4Uxgi40P6E9rdsYqpUtbW46D9UTjJ9QSwGRznplY= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -750,16 +783,20 @@ github.com/go-rod/rod v0.116.2/go.mod h1:H+CMO9SCNc2TJ2WfrG+pKhITz57uGNYU43qYHh4 github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U= github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= +github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss= +github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/goccy/go-yaml v1.9.5 h1:Eh/+3uk9kLxG4koCX6lRMAPS1OaMSAi+FJcya0INdB0= github.com/goccy/go-yaml v1.9.5/go.mod h1:U/jl18uSupI5rdI2jmuCswEA2htH9eXfferR3KfscvA= +github.com/gocsaf/csaf/v3 v3.1.0 h1:XXmpMdR6OOGR2R7Av4LQpGNYQ/4IbquaYWfxsCs0Hro= +github.com/gocsaf/csaf/v3 v3.1.0/go.mod h1:3nGOg1D8A/Z7PQ69Or7J6flfT+ILsvPlMXSBKR7BZsY= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= @@ -772,13 +809,14 @@ github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keL github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo= +github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v5 v5.2.1 h1:OuVbFODueb089Lh128TAcimifWaLhJwVflnrgM17wHk= github.com/golang-jwt/jwt/v5 v5.2.1/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.2.1 h1:OptwRhECazUx5ix5TTWC3EZhsZEHWcYWY4FQHTIubm4= -github.com/golang/glog v1.2.1/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= +github.com/golang/glog v1.2.2 h1:1+mZ9upx1Dh6FmUTFR1naJ77miKiXgALjWOZ3NVFPmY= +github.com/golang/glog v1.2.2/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -880,8 +918,8 @@ github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM= github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA= @@ -893,7 +931,6 @@ github.com/google/tink/go v1.7.0/go.mod h1:GAUOd+QE3pgj9q8VKIGTCP33c/B7eb4NhxLcg github.com/google/trillian v1.6.0 h1:jMBeDBIkINFvS2n6oV5maDqfRlxREAc6CW9QYWQ0qT4= github.com/google/trillian v1.6.0/go.mod h1:Yu3nIMITzNhhMJEHjAtp6xKiu+H/iHu2Oq5FjV2mCWI= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= @@ -903,8 +940,8 @@ github.com/google/wire v0.6.0/go.mod h1:F4QhpQ9EDIdJ1Mbop/NZBRB+5yrR6qg3BnctaoUk github.com/googleapis/enterprise-certificate-proxy v0.0.0-20220520183353-fd19c99a87aa/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.1.0/go.mod h1:17drOmN3MwGY7t0e+Ei9b45FFGA3fBs3x36SsCg1hq8= github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= -github.com/googleapis/enterprise-certificate-proxy v0.3.2 h1:Vie5ybvEvT75RniqhfFxPRy3Bf7vr3h0cechB90XaQs= -github.com/googleapis/enterprise-certificate-proxy v0.3.2/go.mod h1:VLSiSSBs/ksPL8kq3OBOQ6WRI2QnaFynd1DCjZ62+V0= +github.com/googleapis/enterprise-certificate-proxy v0.3.4 h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw= +github.com/googleapis/enterprise-certificate-proxy v0.3.4/go.mod h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= @@ -929,9 +966,8 @@ github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+ github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA= github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM= -github.com/gorilla/sessions v1.3.0 h1:XYlkq7KcpOB2ZhHBPv5WpjMIxrQosiZanfoy1HLZFzg= -github.com/gorilla/sessions v1.3.0/go.mod h1:ePLdVu+jbEgHH+KWw8I1z2wqd0BAdAQh/8LRvBeoNcQ= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ= +github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik= github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg= github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= @@ -939,15 +975,15 @@ github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16 github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.21.0 h1:CWyXh/jylQWp2dtiV33mY4iSSp6yf4lmn+c7/tN+ObI= -github.com/grpc-ecosystem/grpc-gateway/v2 v2.21.0/go.mod h1:nCLIt0w3Ept2NwF8ThLmrppXsfT07oC8k0XNDxd8sVU= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.23.0 h1:ad0vkEBuk23VJzZR9nkLVG0YAoN9coASF1GusYX6AlU= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.23.0/go.mod h1:igFoXX2ELCW06bol23DWPB5BEWfZISOzSP5K2sbLea0= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-getter v1.7.5 h1:dT58k9hQ/vbxNMwoI5+xFYAJuv6152UNvdHokfI5wE4= -github.com/hashicorp/go-getter v1.7.5/go.mod h1:W7TalhMmbPmsSMdNjD0ZskARur/9GJ17cfHTRtXV744= +github.com/hashicorp/go-getter v1.7.6 h1:5jHuM+aH373XNtXl9TNTUH5Qd69Trve11tHIrB+6yj4= +github.com/hashicorp/go-getter v1.7.6/go.mod h1:W7TalhMmbPmsSMdNjD0ZskARur/9GJ17cfHTRtXV744= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= @@ -979,19 +1015,17 @@ github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hashicorp/hcl v1.0.1-vault-5 h1:kI3hhbbyzr4dldA8UdTb7ZlVVlI2DACdCfz31RPDgJM= github.com/hashicorp/hcl v1.0.1-vault-5/go.mod h1:XYhtn6ijBSAj6n4YqAaf7RBPS4I06AItNorpy+MoQNM= -github.com/hashicorp/hcl/v2 v2.21.0 h1:lve4q/o/2rqwYOgUg3y3V2YPyD1/zkCLGjIV74Jit14= -github.com/hashicorp/hcl/v2 v2.21.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= +github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3qos= +github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA= github.com/hashicorp/vault/api v1.14.0 h1:Ah3CFLixD5jmjusOgm8grfN9M0d+Y8fVR2SW0K6pJLU= github.com/hashicorp/vault/api v1.14.0/go.mod h1:pV9YLxBGSz+cItFDd8Ii4G17waWOQ32zVjMWHe/cOqk= github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef h1:A9HsByNhogrvm9cWb28sjiS3i7tcKCkflWFEkHfuAgM= github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef/go.mod h1:lADxMC39cJJqL93Duh1xhAs4I2Zs8mKS89XWXFGp9cs= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.5.0 h1:2ag3IFq9ZDANvthTwTiqSSZLjDc+BedvHPAp5tJy2TI= github.com/huandu/xstrings v1.5.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= -github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/in-toto/attestation v1.1.0 h1:oRWzfmZPDSctChD0VaQV7MJrywKOzyNrtpENQFq//2Q= @@ -1042,17 +1076,19 @@ github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfV github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= +github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6 h1:IsMZxCuZqKuao2vNdfD82fjjgPLfyHLpR41Z88viRWs= +github.com/keybase/go-keychain v0.0.0-20231219164618-57a3676c3af6/go.mod h1:3VeWNIJaW+O5xpRQbPp0Ybqu1vJd/pm7s2F473HRrkw= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= -github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= -github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= +github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/klauspost/pgzip v1.2.6 h1:8RXeL5crjEUFnR2/Sn6GJNWtSQ3Dk8pq4CL3jvdDyjU= github.com/klauspost/pgzip v1.2.6/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f h1:GvCU5GXhHq+7LeOzx/haG7HSIZokl3/0GkoUFzsRJjg= github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f/go.mod h1:q59u9px8b7UTj0nIjEjvmTWekazka6xIt6Uogz5Dm+8= -github.com/knqyf263/go-deb-version v0.0.0-20230223133812-3ed183d23422 h1:PPPlUUqPP6fLudIK4n0l0VU4KT2cQGnheW9x8pNiCHI= -github.com/knqyf263/go-deb-version v0.0.0-20230223133812-3ed183d23422/go.mod h1:ijAmSS4jErO6+KRzcK6ixsm3Vt96hMhJ+W+x+VmbrQA= +github.com/knqyf263/go-deb-version v0.0.0-20241115132648-6f4aee6ccd23 h1:dWzdsqjh1p2gNtRKqNwuBvKqMNwnLOPLzVZT1n6DK7s= +github.com/knqyf263/go-deb-version v0.0.0-20241115132648-6f4aee6ccd23/go.mod h1:lUaIXCWzf7BRKTY5iEcrYy1TfgbYLYVIS/B2vPkJzOc= github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 h1:aC6MEAs3PE3lWD7lqrJfDxHd6hcced9R4JTZu85cJwU= github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075/go.mod h1:i4sF0l1fFnY1aiw08QQSwVAFxHEm311Me3WsU/X7nL0= github.com/knqyf263/go-rpmdb v0.1.1 h1:oh68mTCvp1XzxdU7EfafcWzzfstUZAEa3MW0IJye584= @@ -1096,8 +1132,8 @@ github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/masahiro331/go-disk v0.0.0-20240625071113-56c933208fee h1:cgm8mE25x5XXX2oyvJDlyJ72K+rDu/4ZCYce2worNb8= github.com/masahiro331/go-disk v0.0.0-20240625071113-56c933208fee/go.mod h1:rojbW5tVhH1cuVYFKZS+QX+VGXK45JVsRO+jW92kkKM= -github.com/masahiro331/go-ebs-file v0.0.0-20240112135404-d5fbb1d46323 h1:uQubA711SeYStvStohMLrdvRTTohdPHrEPFzerLcY9I= -github.com/masahiro331/go-ebs-file v0.0.0-20240112135404-d5fbb1d46323/go.mod h1:OdtzwqTtu49Gh5RFkNEU1SbcihIuVTtUipwHflqxckE= +github.com/masahiro331/go-ebs-file v0.0.0-20240917043618-e6d2bea5c32e h1:nCgF1JEYIS8KNuJtIeUrmjjhktIMKWNmASZqwK2ynu0= +github.com/masahiro331/go-ebs-file v0.0.0-20240917043618-e6d2bea5c32e/go.mod h1:XFWPTlAcEL733RUjbr0QBybdt6oK2DH7LZk8id2qtd4= github.com/masahiro331/go-ext4-filesystem v0.0.0-20240620024024-ca14e6327bbd h1:JEIW94K3spsvBI5Xb9PGhKSIza9/jxO1lF30tPCAJlA= github.com/masahiro331/go-ext4-filesystem v0.0.0-20240620024024-ca14e6327bbd/go.mod h1:3XMMY1M486mWGTD13WPItg6FsgflQR72ZMAkd+gsyoQ= github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08 h1:AevUBW4cc99rAF8q8vmddIP8qd/0J5s/UyltGbp66dg= @@ -1120,8 +1156,9 @@ github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6T github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-shellwords v1.0.12 h1:M2zGm7EW6UQJvDeQxo4T51eKPurbeFbe8WtebGE2xrk= github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= +github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM= +github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032 h1:TLygBUBxikNJJfLwgm+Qwdgq1FtfV8Uh7bcxRyTzK8s= github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032/go.mod h1:vYT9HE7WCvL64iVeZylKmCsWKfE+JZ8105iuh2Trk8g= @@ -1130,9 +1167,8 @@ github.com/miekg/dns v1.1.61/go.mod h1:mnAarhS3nWaW+NVP2wTkYVIZyHNJ098SJZUki3eyk github.com/miekg/pkcs11 v1.0.3-0.20190429190417-a667d056470f/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU= github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= -github.com/migueleliasweb/go-github-mock v1.0.1 h1:amLEECVny28RCD1ElALUpQxrAimamznkg9rN2O7t934= -github.com/migueleliasweb/go-github-mock v1.0.1/go.mod h1:8PJ7MpMoIiCBBNpuNmvndHm0QicjsE+hjex1yMGmjYQ= -github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/migueleliasweb/go-github-mock v1.1.0 h1:GKaOBPsrPGkAKgtfuWY8MclS1xR6MInkx1SexJucMwE= +github.com/migueleliasweb/go-github-mock v1.1.0/go.mod h1:pYe/XlGs4BGMfRY4vmeixVsODHnVDDhJ9zoi0qzSMHc= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= @@ -1145,25 +1181,26 @@ github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4 github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/buildkit v0.15.1 h1:J6wrew7hphKqlq1wuu6yaUb/1Ra7gEzDAovylGztAKM= -github.com/moby/buildkit v0.15.1/go.mod h1:Yis8ZMUJTHX9XhH9zVyK2igqSHV3sxi3UN0uztZocZk= +github.com/moby/buildkit v0.17.2 h1:/jgk/MuXbA7jeXMkknOpHYB+Ct4aNvQHkBB7SxD3D4U= +github.com/moby/buildkit v0.17.2/go.mod h1:vr5vltV8wt4F2jThbNOChfbAklJ0DOW11w36v210hOg= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk= github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= -github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/moby/spdystream v0.4.0 h1:Vy79D6mHeJJjiPdFEL2yku1kl0chZpJfZcPpb16BRl8= +github.com/moby/spdystream v0.4.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= +github.com/moby/sys/capability v0.3.0 h1:kEP+y6te0gEXIaeQhIi0s7vKs/w0RPoH1qPa6jROcVg= +github.com/moby/sys/capability v0.3.0/go.mod h1:4g9IK291rVkms3LKCDOoYlnV8xKwoDTpIrNEE35Wq0I= github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9KouLrg= github.com/moby/sys/mountinfo v0.7.2/go.mod h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4= -github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc= -github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo= -github.com/moby/sys/signal v0.7.0 h1:25RW3d5TnQEoKvRbEKUGay6DCQ46IxAVTT9CUMgmsSI= -github.com/moby/sys/signal v0.7.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= +github.com/moby/sys/sequential v0.6.0 h1:qrx7XFUd/5DxtqcoH1h438hF5TmOvzC/lspjy7zgvCU= +github.com/moby/sys/sequential v0.6.0/go.mod h1:uyv8EUTrca5PnDsdMGXhZe6CCe8U/UiTWd+lL+7b/Ko= +github.com/moby/sys/signal v0.7.1 h1:PrQxdvxcGijdo6UXXo/lU/TvHUWyPhj7UOpSo8tuvk0= +github.com/moby/sys/signal v0.7.1/go.mod h1:Se1VGehYokAkrSQwL4tDzHvETwUZlnY7S5XtQ50mQp8= github.com/moby/sys/user v0.3.0 h1:9ni5DlcW5an3SvRSx4MouotOygvzaXbaSrc/wGDFWPo= github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs= github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g= @@ -1181,8 +1218,8 @@ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= -github.com/mozillazg/docker-credential-acr-helper v0.3.0 h1:DVWFZ3/O8BP6Ue3iS/Olw+G07u1hCq1EOVCDZZjCIBI= -github.com/mozillazg/docker-credential-acr-helper v0.3.0/go.mod h1:cZlu3tof523ujmLuiNUb6JsjtHcNA70u1jitrrdnuyA= +github.com/mozillazg/docker-credential-acr-helper v0.4.0 h1:Uoh3Z9CcpEDnLiozDx+D7oDgRq7X+R296vAqAumnOcw= +github.com/mozillazg/docker-credential-acr-helper v0.4.0/go.mod h1:2kiicb3OlPytmlNC9XGkLvVC+f0qTiJw3f/mhmeeQBg= github.com/muhlemmer/gu v0.3.1 h1:7EAqmFrW7n3hETvuAdmFmn4hS8W+z3LgKtrnow+YzNM= github.com/muhlemmer/gu v0.3.1/go.mod h1:YHtHR+gxM+bKEIIs7Hmi9sPT3ZDUvTN/i88wQpZkrdM= github.com/muhlemmer/httpforwarded v0.1.0 h1:x4DLrzXdliq8mprgUMR0olDvHGkou5BJsK/vWUetyzY= @@ -1201,8 +1238,8 @@ github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba h1:DO8NFYdcRv1dnyAIN github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba/go.mod h1:4S0XndRL8HNOaQBfdViJ2F/GPCgL524xlXRuXFH12/U= github.com/notaryproject/notation-core-go v1.1.0 h1:xCybcONOKcCyPNihJUSa+jRNsyQFNkrk0eJVVs1kWeg= github.com/notaryproject/notation-core-go v1.1.0/go.mod h1:+6AOh41JPrnVLbW/19SJqdhVHwKgIINBO/np0e7nXJA= -github.com/notaryproject/notation-go v1.1.1 h1:EAY8ERBWhrdaG9MIumSZ9xyUHktgr6OkCByd75HR+FA= -github.com/notaryproject/notation-go v1.1.1/go.mod h1:XykI2i5jHb6cGf+bcG/cIeNfNO2u4Xoy2mkuOKHjVVI= +github.com/notaryproject/notation-go v1.2.1 h1:fbCMBcvg1xttrisd5CyM60QDectGYYF701Us0M3cKN8= +github.com/notaryproject/notation-go v1.2.1/go.mod h1:re9V+TfuNRaUq5e3NuNcCJN53++sL2KbnJrjGyOUpgE= github.com/notaryproject/notation-plugin-framework-go v1.0.0 h1:6Qzr7DGXoCgXEQN+1gTZWuJAZvxh3p8Lryjn5FaLzi4= github.com/notaryproject/notation-plugin-framework-go v1.0.0/go.mod h1:RqWSrTOtEASCrGOEffq0n8pSg2KOgKYiWqFWczRSics= github.com/notaryproject/tspclient-go v0.2.0 h1:g/KpQGmyk/h7j60irIRG1mfWnibNOzJ8WhLqAzuiQAQ= @@ -1215,8 +1252,8 @@ github.com/nxadm/tail v1.4.11 h1:8feyoE3OzPrcshW5/MJ4sGESc5cqmGkGCWlco4l0bqY= github.com/nxadm/tail v1.4.11/go.mod h1:OTaG3NK980DZzxbRq6lEuzgU+mug70nY11sMd4JXXHc= github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/oleiade/reflections v1.0.1 h1:D1XO3LVEYroYskEsoSiGItp9RUxG6jWnCVvrqH0HHQM= -github.com/oleiade/reflections v1.0.1/go.mod h1:rdFxbxq4QXVZWj0F+e9jqjDkc7dbp97vkRixKo2JR60= +github.com/oleiade/reflections v1.1.0 h1:D+I/UsXQB4esMathlt0kkZRJZdUDmhv5zGi/HOwYTWo= +github.com/oleiade/reflections v1.1.0/go.mod h1:mCxx0QseeVCHs5Um5HhJeCKVC7AwS8kO67tky4rdisA= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -1225,16 +1262,16 @@ github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vv github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c= -github.com/onsi/ginkgo/v2 v2.20.0 h1:PE84V2mHqoT1sglvHc8ZdQtPcwmvvt29WLEEO3xmdZw= -github.com/onsi/ginkgo/v2 v2.20.0/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= -github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= -github.com/open-policy-agent/opa v0.68.0 h1:Jl3U2vXRjwk7JrHmS19U3HZO5qxQRinQbJ2eCJYSqJQ= -github.com/open-policy-agent/opa v0.68.0/go.mod h1:5E5SvaPwTpwt2WM177I9Z3eT7qUpmOGjk1ZdHs+TZ4w= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= +github.com/open-policy-agent/opa v0.70.0 h1:B3cqCN2iQAyKxK6+GI+N40uqkin+wzIrM7YA60t9x1U= +github.com/open-policy-agent/opa v0.70.0/go.mod h1:Y/nm5NY0BX0BqjBriKUiV81sCl8XOjjvqQG7dXrggtI= github.com/opencontainers/distribution-spec/specs-go v0.0.0-20240201174943-0f98d91a0afe h1:Gu7JiAGBfMlKG7WsuAqqRBJjDGwEg0RU2NvX1za2Pk4= github.com/opencontainers/distribution-spec/specs-go v0.0.0-20240201174943-0f98d91a0afe/go.mod h1:Va0IMqkjv62YSEytL4sgxrkiD9IzU0T0bX/ZZEtMnSQ= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= @@ -1243,25 +1280,27 @@ github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQ github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2szdn85PY75RI83NrTrM= github.com/opencontainers/runtime-spec v1.2.0 h1:z97+pHb3uELt/yiAWD691HNHQIF07bE7dzrbT927iTk= github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= -github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= +github.com/opencontainers/runtime-tools v0.9.1-0.20241001195557-6c9570a1678f h1:tGGVO3yF9p5s/mPi3kO1AdoUDK49z0dgQqV0jeT1kik= +github.com/opencontainers/runtime-tools v0.9.1-0.20241001195557-6c9570a1678f/go.mod h1:oIH6VwKkaDOO+SIYZpdwrC/0wKYqrfO6E1sG1j3UVws= +github.com/opencontainers/selinux v1.11.1 h1:nHFvthhM0qY8/m+vfhJylliSshm8G1jJ2jDMcgULaH8= +github.com/opencontainers/selinux v1.11.1/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= -github.com/openvex/discovery v0.1.0 h1:pIATikEdNyFnC/2lzVwJYQb9iFvUM7f9ZLM6I1qhQL4= -github.com/openvex/discovery v0.1.0/go.mod h1:k/kM42zRQ6bPFmbKGx5a001lsaEkMaaoXmYx/7plhyY= +github.com/openvex/discovery v0.1.1-0.20240802171711-7c54efc57553 h1:c4u0GIH0w2Q57Pm2Oldrq6EiHFnLCCnRs98A+ggj/YQ= +github.com/openvex/discovery v0.1.1-0.20240802171711-7c54efc57553/go.mod h1:z4b//Qi7p7zcM/c41ogeTy+/nqfMbbeYnfZ+EMCTCD0= github.com/openvex/go-vex v0.2.5 h1:41utdp2rHgAGCsG+UbjmfMG5CWQxs15nGqir1eRgSrQ= github.com/openvex/go-vex v0.2.5/go.mod h1:j+oadBxSUELkrKh4NfNb+BPo77U3q7gdKME88IO/0Wo= github.com/owenrumney/go-sarif v1.1.1/go.mod h1:dNDiPlF04ESR/6fHlPyq7gHKmrM0sHUvAGjsoh8ZH0U= github.com/owenrumney/go-sarif/v2 v2.3.3 h1:ubWDJcF5i3L/EIOER+ZyQ03IfplbSU1BLOE26uKQIIU= github.com/owenrumney/go-sarif/v2 v2.3.3/go.mod h1:MSqMMx9WqlBSY7pXoOZWgEsVB4FDNfhcaXDA1j6Sr+w= -github.com/owenrumney/squealer v1.2.3 h1:7v2BGNReEHYGyopOpjnurbnowk5WWagpN/u9KEu0uUU= -github.com/owenrumney/squealer v1.2.3/go.mod h1:F3PF/UaTAzaexT/cvvMYCSRHLRPBCiUcPClz3SZ6618= +github.com/owenrumney/squealer v1.2.5 h1:zxaDuYTTwqyOlh6koqE57SZ1TdKX06Khu3HSofFMi7M= +github.com/owenrumney/squealer v1.2.5/go.mod h1:lTHxnEfjl8y3QIQpoawfl/Bpe9A7SYKptgKSNtzkHOw= github.com/package-url/packageurl-go v0.1.3 h1:4juMED3hHiz0set3Vq3KeQ75KD1avthoXLtmE3I0PLs= github.com/package-url/packageurl-go v0.1.3/go.mod h1:nKAWB8E6uk1MHqiS/lQb9pYBGH2+mdJ2PJc2s50dQY0= github.com/pborman/uuid v1.2.1 h1:+ZZIw58t/ozdjRaXh/3awHfmWRbzYxJoAdNJxe/3pvw= github.com/pborman/uuid v1.2.1/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM= -github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs= +github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M= +github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI= @@ -1274,6 +1313,8 @@ github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 h1:GFCKgmp0tecUJ0sJuv4pzYCqS9+RGSn52M3FUwPs+uo= +github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -1288,8 +1329,8 @@ github.com/project-zot/mockoidc v0.0.0-20240610203808-d69d9e02020a/go.mod h1:ltI github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.20.4 h1:Tgh3Yr67PaOv/uTqloMsCEdeuFTatm5zIq5+qNN23vI= -github.com/prometheus/client_golang v1.20.4/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= +github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= @@ -1297,8 +1338,8 @@ github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= -github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/common v0.60.1 h1:FUas6GcOw66yB/73KC+BOZoFJmbo/1pojoILArPAaSc= +github.com/prometheus/common v0.60.1/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= @@ -1312,8 +1353,8 @@ github.com/redis/go-redis/extra/rediscmd/v9 v9.0.5 h1:EaDatTxkdHG+U3Bk4EUr+DZ7fO github.com/redis/go-redis/extra/rediscmd/v9 v9.0.5/go.mod h1:fyalQWdtzDBECAQFBJuQe5bzQ02jGd5Qcbgb97Flm7U= github.com/redis/go-redis/extra/redisotel/v9 v9.0.5 h1:EfpWLLCyXw8PSM2/XNJLjI3Pb27yVE+gIAfeqp8LUCc= github.com/redis/go-redis/extra/redisotel/v9 v9.0.5/go.mod h1:WZjPDy7VNzn77AAfnAfVjZNvfJTYfPetfZk5yoSTLaQ= -github.com/redis/go-redis/v9 v9.5.1 h1:H1X4D3yHPaYrkL5X06Wh6xNVM/pX0Ft4RV0vMGvLBh8= -github.com/redis/go-redis/v9 v9.5.1/go.mod h1:hdY0cQFCN4fnSYT6TkisLufl/4W5UIXyv0b/CLO2V2M= +github.com/redis/go-redis/v9 v9.6.1 h1:HHDteefn6ZkTtY5fGUE8tj8uy85AHk6zP7CpzIAM0y4= +github.com/redis/go-redis/v9 v9.6.1/go.mod h1:0C0c6ycQsdpVNQpxb1njEQIqkx5UcsM8FJCQLgE9+RA= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= @@ -1321,8 +1362,8 @@ github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/rs/cors v1.11.1 h1:eU3gRzXLRK57F5rKMGMZURNdIG4EoAmX8k94r9wXWHA= github.com/rs/cors v1.11.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= @@ -1345,6 +1386,8 @@ github.com/samber/lo v1.47.0 h1:z7RynLwP5nbyRscyvcD043DWYoOcYRv3mV8lBeqOCLc= github.com/samber/lo v1.47.0/go.mod h1:RmDH9Ct32Qy3gduHQuKJ3gW1fMHAnE/fAzQuf6He5cU= github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 h1:lZUw3E0/J3roVtGQ+SCrUrg3ON6NgVqpn3+iol9aGu4= github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPOhJotwFIyu2bBVN41fcDUY= +github.com/sassoftware/go-rpmutils v0.4.0 h1:ojND82NYBxgwrV+mX1CWsd5QJvvEZTKddtCdFLPWhpg= +github.com/sassoftware/go-rpmutils v0.4.0/go.mod h1:3goNWi7PGAT3/dlql2lv3+MSN5jNYPjT5mVcQcIsYzI= github.com/sassoftware/relic v7.2.1+incompatible h1:Pwyh1F3I0r4clFJXkSI8bOyJINGqpgjJU3DYAZeI05A= github.com/sassoftware/relic v7.2.1+incompatible/go.mod h1:CWfAxv73/iLZ17rbyhIEq3K9hs5w6FpNMdUT//qR+zk= github.com/sassoftware/relic/v7 v7.6.2 h1:rS44Lbv9G9eXsukknS4mSjIAuuX+lMq/FnStgmZlUv4= @@ -1362,21 +1405,20 @@ github.com/shirou/gopsutil/v3 v3.24.2 h1:kcR0erMbLg5/3LcInpw0X/rrPSqq4CDPyI6A6ZR github.com/shirou/gopsutil/v3 v3.24.2/go.mod h1:tSg/594BcA+8UdQU2XcW803GWYgdtauFFPgJCJKZlVk= github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM= github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ= -github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k= github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sigstore/cosign/v2 v2.4.0 h1:2NdidNgClg+oXr/fDIr37E/BE6j00gqgUhSiBK2kjSQ= -github.com/sigstore/cosign/v2 v2.4.0/go.mod h1:j+fH1DCUkcn92qp6ezDj4JbGMri6eG1nLJC+hs64rvc= -github.com/sigstore/fulcio v1.5.1 h1:Iasy1zfNjaq8BV4S8o6pXspLDU28PQC2z07GmOu9zpM= -github.com/sigstore/fulcio v1.5.1/go.mod h1:W1A/UHrTopy1IBZPMtHmxg7GPYAu+vt5dRXM3W6yjPo= +github.com/sigstore/cosign/v2 v2.4.1 h1:b8UXEfJFks3hmTwyxrRNrn6racpmccUycBHxDMkEPvU= +github.com/sigstore/cosign/v2 v2.4.1/go.mod h1:GvzjBeUKigI+XYnsoVQDmMAsMMc6engxztRSuxE+x9I= +github.com/sigstore/fulcio v1.6.4 h1:d86obfxUAG3Y6CYwOx1pdwCZwKmROB6w6927pKOVIRY= +github.com/sigstore/fulcio v1.6.4/go.mod h1:Y6bn3i3KGhXpaHsAtYP3Z4Np0+VzCo1fLv8Ci6mbPDs= github.com/sigstore/protobuf-specs v0.3.2 h1:nCVARCN+fHjlNCk3ThNXwrZRqIommIeNKWwQvORuRQo= github.com/sigstore/protobuf-specs v0.3.2/go.mod h1:RZ0uOdJR4OB3tLQeAyWoJFbNCBFrPQdcokntde4zRBA= github.com/sigstore/rekor v1.3.6 h1:QvpMMJVWAp69a3CHzdrLelqEqpTM3ByQRt5B5Kspbi8= github.com/sigstore/rekor v1.3.6/go.mod h1:JDTSNNMdQ/PxdsS49DJkJ+pRJCO/83nbR5p3aZQteXc= -github.com/sigstore/sigstore v1.8.9 h1:NiUZIVWywgYuVTxXmRoTT4O4QAGiTEKup4N1wdxFadk= -github.com/sigstore/sigstore v1.8.9/go.mod h1:d9ZAbNDs8JJfxJrYmulaTazU3Pwr8uLL9+mii4BNR3w= +github.com/sigstore/sigstore v1.8.11 h1:tEqeQqbT+awtM87ec9KEeSUxT/AFvJNawneYJyAkFrQ= +github.com/sigstore/sigstore v1.8.11/go.mod h1:fdrFQosxCQ4wTL5H1NrZcQkqQ72AQbPjtpcL2QOGKV0= github.com/sigstore/sigstore-go v0.6.1 h1:tGkkv1oDIER+QYU5MrjqlttQOVDWfSkmYwMqkJhB/cg= github.com/sigstore/sigstore-go v0.6.1/go.mod h1:Xe5GHmUeACRFbomUWzVkf/xYCn8xVifb9DgqJrV2dIw= github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.8 h1:2zHmUvaYCwV6LVeTo+OAkTm8ykOGzA9uFlAjwDPAUWM= @@ -1418,7 +1460,6 @@ github.com/spdx/tools-golang v0.5.5 h1:61c0KLfAcNqAjlg6UNMdkwpMernhw3zVRwDZ2x9XO github.com/spdx/tools-golang v0.5.5/go.mod h1:MVIsXx8ZZzaRWNQpUDhC4Dud34edUYJYecciXgrw5vE= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.7.0 h1:ntdiHjuueXFgm5nzDRdOS4yfT43P5Fnud6DH50rz/7w= github.com/spf13/cast v1.7.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= @@ -1450,36 +1491,37 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/swaggo/files v1.0.1 h1:J1bVJ4XHZNq0I46UU90611i9/YzdrF7x92oX1ig5IdE= github.com/swaggo/files v1.0.1/go.mod h1:0qXmMNH6sXNf+73t65aKeB+ApmgxdnkQzVTAj2uaMUg= github.com/swaggo/http-swagger v1.3.4 h1:q7t/XLx0n15H1Q9/tk3Y9L4n210XzJF5WtnDX64a5ww= github.com/swaggo/http-swagger v1.3.4/go.mod h1:9dAh0unqMBAlbp1uE2Uc2mQTxNMU/ha4UbucIg1MFkQ= -github.com/swaggo/swag v1.16.3 h1:PnCYjPCah8FK4I26l2F/KQ4yz3sILcVUN3cTlBFA9Pg= -github.com/swaggo/swag v1.16.3/go.mod h1:DImHIuOFXKpMFAQjcC7FG4m3Dg4+QuUgUzJmKjI/gRk= +github.com/swaggo/swag v1.16.4 h1:clWJtd9LStiG3VeijiCfOVODP6VpHtKdQy9ELFG3s1A= +github.com/swaggo/swag v1.16.4/go.mod h1:VBsHJRsDvfYvqoiMKnsdwhNV9LEMHgEDZcyVYX0sxPg= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 h1:kdXcSzyDtseVEc4yCz2qF8ZrQvIDBJLl4S1c3GCXmoI= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d h1:vfofYNRScrDdvS342BElfbETmL1Aiz3i2t0zfRj16Hs= github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d/go.mod h1:RRCYJbIwD5jmqPI9XoAFR0OcDxqUctll6zUj/+B4S48= github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes= github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= -github.com/terminalstatic/go-xsd-validate v0.1.5 h1:RqpJnf6HGE2CB/lZB1A8BYguk8uRtcvYAPLCF15qguo= -github.com/terminalstatic/go-xsd-validate v0.1.5/go.mod h1:18lsvYFofBflqCrvo1umpABZ99+GneNTw2kEEc8UPJw= -github.com/testcontainers/testcontainers-go v0.32.0 h1:ug1aK08L3gCHdhknlTTwWjPHPS+/alvLJU/DRxTD/ME= -github.com/testcontainers/testcontainers-go v0.32.0/go.mod h1:CRHrzHLQhlXUsa5gXjTOfqIEJcrK5+xMDmBr/WMI88E= -github.com/testcontainers/testcontainers-go/modules/localstack v0.32.0 h1:FITjE+DSDD136HQho7ThA6cEtUouZzDf7FvMBL2Muog= -github.com/testcontainers/testcontainers-go/modules/localstack v0.32.0/go.mod h1:JasdXHmUT8MTDYfyJza3JjO/k+QA3m8K2GQfnFQM++g= -github.com/tetratelabs/wazero v1.7.3 h1:PBH5KVahrt3S2AHgEjKu4u+LlDbbk+nsGE3KLucy6Rw= -github.com/tetratelabs/wazero v1.7.3/go.mod h1:ytl6Zuh20R/eROuyDaGPkp82O9C/DJfXAwJfQ3X6/7Y= +github.com/terminalstatic/go-xsd-validate v0.1.6 h1:TenYeQ3eY631qNi1/cTmLH/s2slHPRKTTHT+XSHkepo= +github.com/terminalstatic/go-xsd-validate v0.1.6/go.mod h1:18lsvYFofBflqCrvo1umpABZ99+GneNTw2kEEc8UPJw= +github.com/testcontainers/testcontainers-go v0.34.0 h1:5fbgF0vIN5u+nD3IWabQwRybuB4GY8G2HHgCkbMzMHo= +github.com/testcontainers/testcontainers-go v0.34.0/go.mod h1:6P/kMkQe8yqPHfPWNulFGdFHTD8HB2vLq/231xY2iPQ= +github.com/testcontainers/testcontainers-go/modules/localstack v0.34.0 h1:WkjVmea0XQyGTY10Er8fOsVjHQ77iJCmTExnx6fC3Tw= +github.com/testcontainers/testcontainers-go/modules/localstack v0.34.0/go.mod h1:rTo76O/BBeAtfazMQqLvfwBrntBBwDP7/+Z60dm3e9U= +github.com/tetratelabs/wazero v1.8.1 h1:NrcgVbWfkWvVc4UtT4LRLDf91PsOzDzefMdwhLfA550= +github.com/tetratelabs/wazero v1.8.1/go.mod h1:yAI0XTsMBhREkM/YDAK/zNou3GoiAce1P6+rp/wQhjs= github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg= github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU= github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI= github.com/theupdateframework/go-tuf v0.7.0/go.mod h1:uEB7WSY+7ZIugK6R1hiBMBjQftaFzn7ZCDJcp1tCUug= -github.com/theupdateframework/go-tuf/v2 v2.0.0 h1:rD8d9RotYBprZVgC+9oyTZ5MmawepnTSTqoDuxjWgbs= -github.com/theupdateframework/go-tuf/v2 v2.0.0/go.mod h1:baB22nBHeHBCeuGZcIlctNq4P61PcOdyARlplg5xmLA= +github.com/theupdateframework/go-tuf/v2 v2.0.1 h1:11p9tXpq10KQEujxjcIjDSivMKCMLguls7erXHZnxJQ= +github.com/theupdateframework/go-tuf/v2 v2.0.1/go.mod h1:baB22nBHeHBCeuGZcIlctNq4P61PcOdyARlplg5xmLA= github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 h1:e/5i7d4oYZ+C1wj2THlRK+oAhjeS/TRQwMfkIuet3w0= github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399/go.mod h1:LdwHTNJT99C5fTAzDz0ud328OgXz+gierycbcIx2fRs= github.com/tjfoc/gmsm v1.3.2/go.mod h1:HaUcFuY0auTiaHB9MHFGCPx5IaLhTUd2atbCFBQXn9w= @@ -1499,26 +1541,26 @@ github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0o github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc= github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= -github.com/urfave/cli/v2 v2.27.4 h1:o1owoI+02Eb+K107p27wEX9Bb8eqIoZCfLXloLUSWJ8= -github.com/urfave/cli/v2 v2.27.4/go.mod h1:m4QzxcD2qpra4z7WhzEGn74WZLViBnMpb1ToCAKdGRQ= -github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts= -github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= -github.com/vbauerster/mpb/v8 v8.7.5 h1:hUF3zaNsuaBBwzEFoCvfuX3cpesQXZC0Phm/JcHZQ+c= -github.com/vbauerster/mpb/v8 v8.7.5/go.mod h1:bRCnR7K+mj5WXKsy0NWB6Or+wctYGvVwKn6huwvxKa0= -github.com/vektah/gqlparser/v2 v2.5.17 h1:9At7WblLV7/36nulgekUgIaqHZWn5hxqluxrxGUhOmI= -github.com/vektah/gqlparser/v2 v2.5.17/go.mod h1:1lz1OeCqgQbQepsGxPVywrjdBHW2T08PUS3pJqepRww= +github.com/urfave/cli/v2 v2.27.5 h1:WoHEJLdsXr6dDWoJgMq/CboDmyY/8HMMH1fTECbih+w= +github.com/urfave/cli/v2 v2.27.5/go.mod h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ= +github.com/vbatts/tar-split v0.11.6 h1:4SjTW5+PU11n6fZenf2IPoV8/tz3AaYHMWjf23envGs= +github.com/vbatts/tar-split v0.11.6/go.mod h1:dqKNtesIOr2j2Qv3W/cHjnvk9I8+G7oAkFDFN6TCBEI= +github.com/vbauerster/mpb/v8 v8.8.3 h1:dTOByGoqwaTJYPubhVz3lO5O6MK553XVgUo33LdnNsQ= +github.com/vbauerster/mpb/v8 v8.8.3/go.mod h1:JfCCrtcMsJwP6ZwMn9e5LMnNyp3TVNpUWWkN+nd4EWk= +github.com/vektah/gqlparser/v2 v2.5.21 h1:Zw1rG2dr1pRR4wqwbVq4d6+xk2f4ut/yo+hwr4QjE08= +github.com/vektah/gqlparser/v2 v2.5.21/go.mod h1:xMl+ta8a5M1Yo1A1Iwt/k7gSpscwSnHZdw7tfhEGfTM= github.com/veraison/go-cose v1.2.1 h1:Gj4x20D0YP79J2+cK3anjGEMwIkg2xX+TKVVGUXwNAc= github.com/veraison/go-cose v1.2.1/go.mod h1:t6V8WJzHm1PD5HNsuDjW3KLv577uWb6UTzbZGvdQHD8= github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= -github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU= -github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc= +github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IUPn0Bjt8= +github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= -github.com/xanzy/go-gitlab v0.107.0 h1:P2CT9Uy9yN9lJo3FLxpMZ4xj6uWcpnigXsjvqJ6nd2Y= -github.com/xanzy/go-gitlab v0.107.0/go.mod h1:wKNKh3GkYDMOsGmnfuX+ITCmDuSDWFO0G+C4AygL9RY= +github.com/xanzy/go-gitlab v0.109.0 h1:RcRme5w8VpLXTSTTMZdVoQWY37qTJWg+gwdQl4aAttE= +github.com/xanzy/go-gitlab v0.109.0/go.mod h1:wKNKh3GkYDMOsGmnfuX+ITCmDuSDWFO0G+C4AygL9RY= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -1528,6 +1570,8 @@ github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHo github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= +github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo= +github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos= github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4= @@ -1562,22 +1606,22 @@ github.com/zclconf/go-cty v1.15.0 h1:tTCRWxsexYUmtt/wVxgDClUe+uQusuI443uL6e+5sXQ github.com/zclconf/go-cty v1.15.0/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940 h1:4r45xpDWB6ZMSMNJFMOjqrGHynW3DIBuR2H9j0ug+Mo= github.com/zclconf/go-cty-debug v0.0.0-20240509010212-0d6042c53940/go.mod h1:CmBdvvj3nqzfzJ6nTCIwDTPZ56aVGvDrmztiO5g3qrM= -github.com/zclconf/go-cty-yaml v1.0.3 h1:og/eOQ7lvA/WWhHGFETVWNduJM7Rjsv2RRpx1sdFMLc= -github.com/zclconf/go-cty-yaml v1.0.3/go.mod h1:9YLUH4g7lOhVWqUbctnVlZ5KLpg7JAprQNgxSZ1Gyxs= +github.com/zclconf/go-cty-yaml v1.1.0 h1:nP+jp0qPHv2IhUVqmQSzjvqAWcObN0KBkUl2rWBdig0= +github.com/zclconf/go-cty-yaml v1.1.0/go.mod h1:9YLUH4g7lOhVWqUbctnVlZ5KLpg7JAprQNgxSZ1Gyxs= github.com/zeebo/errs v1.3.0 h1:hmiaKqgYZzcVgRL1Vkc1Mn2914BbzB0IBxs+ebeutGs= github.com/zeebo/errs v1.3.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4= -github.com/zitadel/logging v0.6.0 h1:t5Nnt//r+m2ZhhoTmoPX+c96pbMarqJvW1Vq6xFTank= -github.com/zitadel/logging v0.6.0/go.mod h1:Y4CyAXHpl3Mig6JOszcV5Rqqsojj+3n7y2F591Mp/ow= -github.com/zitadel/oidc/v3 v3.30.0 h1:1IuZlK+X+JLExEA2PYgRlVvWHBhz/cMwT7VL/YrQabw= -github.com/zitadel/oidc/v3 v3.30.0/go.mod h1:+I5BgvGO5C2ZJrQRjV34EjkyA7P3GXyYGZgXI8Sdw18= +github.com/zitadel/logging v0.6.1 h1:Vyzk1rl9Kq9RCevcpX6ujUaTYFX43aa4LkvV1TvUk+Y= +github.com/zitadel/logging v0.6.1/go.mod h1:Y4CyAXHpl3Mig6JOszcV5Rqqsojj+3n7y2F591Mp/ow= +github.com/zitadel/oidc/v3 v3.33.1 h1:e3w9PDV0Mh50/ZiJWtzyT0E4uxJ6RXll+hqVDnqGbTU= +github.com/zitadel/oidc/v3 v3.33.1/go.mod h1:zkoZ1Oq6CweX3BaLrftLEGCs6YK6zDpjjVGZrP10AWU= github.com/zitadel/schema v1.3.0 h1:kQ9W9tvIwZICCKWcMvCEweXET1OcOyGEuFbHs4o5kg0= github.com/zitadel/schema v1.3.0/go.mod h1:NptN6mkBDFvERUCvZHlvWmmME+gmZ44xzwRXwhzsbtc= go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0= go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I= go.mongodb.org/mongo-driver v1.16.0 h1:tpRsfBJMROVHKpdGyc1BBEzzjDUWjItxbVSZ8Ls4BQ4= go.mongodb.org/mongo-driver v1.16.0/go.mod h1:oB6AhJQvFQL4LEHyXi6aJzQJtBiTQHiAd83l0GdFaiw= -go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 h1:CCriYyAfq1Br1aIYettdHZTy8mBTIPo7We18TuO/bak= -go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= +go.mozilla.org/pkcs7 v0.9.0 h1:yM4/HS9dYv7ri2biPtxt8ikvB37a980dg69/pKmS+eI= +go.mozilla.org/pkcs7 v0.9.0/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -1587,55 +1631,59 @@ go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/contrib/bridges/prometheus v0.53.0 h1:BdkKDtcrHThgjcEia1737OUuFdP6xzBKAMx2sNZCkvE= -go.opentelemetry.io/contrib/bridges/prometheus v0.53.0/go.mod h1:ZkhVxcJgeXlL/lVyT/vxNHVFiSG5qOaDwYaSgD8IfZo= -go.opentelemetry.io/contrib/exporters/autoexport v0.53.0 h1:13K+tY7E8GJInkrvRiPAhC0gi/7vKjzDNhtmCf+QXG8= -go.opentelemetry.io/contrib/exporters/autoexport v0.53.0/go.mod h1:lyQF6xQ4iDnMg4sccNdFs1zf62xd79YI8vZqKjOTwMs= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 h1:9G6E0TXzGFVfTnawRzrPl83iHOAV7L8NJiR8RSGYV1g= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0/go.mod h1:azvtTADFQJA8mX80jIH/akaE7h+dbm/sVuaHqN13w74= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 h1:4K4tsIXefpVJtvA/8srF4V4y0akAoPHkIslgAkjixJA= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0/go.mod h1:jjdQuTGVsXV4vSs+CJ2qYDeDPf9yIJV23qlIzBm73Vg= -go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw= -go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8= -go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.4.0 h1:zBPZAISA9NOc5cE8zydqDiS0itvg/P/0Hn9m72a5gvM= -go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.4.0/go.mod h1:gcj2fFjEsqpV3fXuzAA+0Ze1p2/4MJ4T7d77AmkvueQ= -go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.28.0 h1:U2guen0GhqH8o/G2un8f/aG/y++OuW6MyCo6hT9prXk= -go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.28.0/go.mod h1:yeGZANgEcpdx/WK0IvvRFC+2oLiMS2u4L/0Rj2M2Qr0= -go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.28.0 h1:aLmmtjRke7LPDQ3lvpFz+kNEH43faFhzW7v8BFIEydg= -go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.28.0/go.mod h1:TC1pyCt6G9Sjb4bQpShH+P5R53pO6ZuGnHuuln9xMeE= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0/go.mod h1:s75jGIWA9OfCMzF0xr+ZgfrB5FEbbV7UuYo32ahUiFI= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0 h1:R3X6ZXmNPRR8ul6i3WgFURCHzaXjHdm0karRG/+dj3s= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.28.0/go.mod h1:QWFXnDavXWwMx2EEcZsf3yxgEKAqsxQ+Syjp+seyInw= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.28.0 h1:j9+03ymgYhPKmeXGk5Zu+cIZOlVzd9Zv7QIiyItjFBU= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.28.0/go.mod h1:Y5+XiUG4Emn1hTfciPzGPJaSI+RpDts6BnCIir0SLqk= -go.opentelemetry.io/otel/exporters/prometheus v0.50.0 h1:2Ewsda6hejmbhGFyUvWZjUThC98Cf8Zy6g0zkIimOng= -go.opentelemetry.io/otel/exporters/prometheus v0.50.0/go.mod h1:pMm5PkUo5YwbLiuEf7t2xg4wbP0/eSJrMxIMxKosynY= -go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.4.0 h1:0MH3f8lZrflbUWXVxyBg/zviDFdGE062uKh5+fu8Vv0= -go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.4.0/go.mod h1:Vh68vYiHY5mPdekTr0ox0sALsqjoVy0w3Os278yX5SQ= -go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.28.0 h1:BJee2iLkfRfl9lc7aFmBwkWxY/RI1RDdXepSF6y8TPE= -go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.28.0/go.mod h1:DIzlHs3DRscCIBU3Y9YSzPfScwnYnzfnCd4g8zA7bZc= -go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.28.0 h1:EVSnY9JbEEW92bEkIYOVMw4q1WJxIAGoFTrtYOzWuRQ= -go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.28.0/go.mod h1:Ea1N1QQryNXpCD0I1fdLibBAIpQuBkznMmkdKrapk1Y= -go.opentelemetry.io/otel/log v0.4.0 h1:/vZ+3Utqh18e8TPjuc3ecg284078KWrR8BRz+PQAj3o= -go.opentelemetry.io/otel/log v0.4.0/go.mod h1:DhGnQvky7pHy82MIRV43iXh3FlKN8UUKftn0KbLOq6I= -go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc= -go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8= -go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE= -go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg= -go.opentelemetry.io/otel/sdk/log v0.4.0 h1:1mMI22L82zLqf6KtkjrRy5BbagOTWdJsqMY/HSqILAA= -go.opentelemetry.io/otel/sdk/log v0.4.0/go.mod h1:AYJ9FVF0hNOgAVzUG/ybg/QttnXhUePWAupmCqtdESo= -go.opentelemetry.io/otel/sdk/metric v1.28.0 h1:OkuaKgKrgAbYrrY0t92c+cC+2F6hsFNnCQArXCKlg08= -go.opentelemetry.io/otel/sdk/metric v1.28.0/go.mod h1:cWPjykihLAPvXKi4iZc1dpER3Jdq2Z0YLse3moQUCpg= -go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4= -go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ= +go.opentelemetry.io/contrib/bridges/prometheus v0.57.0 h1:UW0+QyeyBVhn+COBec3nGhfnFe5lwB0ic1JBVjzhk0w= +go.opentelemetry.io/contrib/bridges/prometheus v0.57.0/go.mod h1:ppciCHRLsyCio54qbzQv0E4Jyth/fLWDTJYfvWpcSVk= +go.opentelemetry.io/contrib/detectors/gcp v1.29.0 h1:TiaiXB4DpGD3sdzNlYQxruQngn5Apwzi1X0DRhuGvDQ= +go.opentelemetry.io/contrib/detectors/gcp v1.29.0/go.mod h1:GW2aWZNwR2ZxDLdv8OyC2G8zkRoQBuURgV7RPQgcPoU= +go.opentelemetry.io/contrib/exporters/autoexport v0.57.0 h1:jmTVJ86dP60C01K3slFQa2NQ/Aoi7zA+wy7vMOKD9H4= +go.opentelemetry.io/contrib/exporters/autoexport v0.57.0/go.mod h1:EJBheUMttD/lABFyLXhce47Wr6DPWYReCzaZiXadH7g= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.56.0 h1:yMkBS9yViCc7U7yeLzJPM2XizlfdVvBRSmsQDWu6qc0= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.56.0/go.mod h1:n8MR6/liuGB5EmTETUBeU5ZgqMOlqKRxUaqPQBOANZ8= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 h1:DheMAlT6POBP+gh8RUH19EOTnQIor5QE0uSRPtzCpSw= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0/go.mod h1:wZcGmeVO9nzP67aYSLDqXNWK87EZWhi7JWj1v7ZXf94= +go.opentelemetry.io/otel v1.32.0 h1:WnBN+Xjcteh0zdk01SVqV55d/m62NJLJdIyb4y/WO5U= +go.opentelemetry.io/otel v1.32.0/go.mod h1:00DCVSB0RQcnzlwyTfqtxSm+DRr9hpYrHjNGiBHVQIg= +go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.8.0 h1:WzNab7hOOLzdDF/EoWCt4glhrbMPVMOO5JYTmpz36Ls= +go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.8.0/go.mod h1:hKvJwTzJdp90Vh7p6q/9PAOd55dI6WA6sWj62a/JvSs= +go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.8.0 h1:S+LdBGiQXtJdowoJoQPEtI52syEP/JYBUpjO49EQhV8= +go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.8.0/go.mod h1:5KXybFvPGds3QinJWQT7pmXf+TN5YIa7CNYObWRkj50= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.32.0 h1:j7ZSD+5yn+lo3sGV69nW04rRR0jhYnBwjuX3r0HvnK0= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.32.0/go.mod h1:WXbYJTUaZXAbYd8lbgGuvih0yuCfOFC5RJoYnoLcGz8= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.32.0 h1:t/Qur3vKSkUCcDVaSumWF2PKHt85pc7fRvFuoVT8qFU= +go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.32.0/go.mod h1:Rl61tySSdcOJWoEgYZVtmnKdA0GeKrSqkHC1t+91CH8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.32.0 h1:IJFEoHiytixx8cMiVAO+GmHR6Frwu+u5Ur8njpFO6Ac= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.32.0/go.mod h1:3rHrKNtLIoS0oZwkY2vxi+oJcwFRWdtUyRII+so45p8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.32.0 h1:9kV11HXBHZAvuPUZxmMWrH8hZn/6UnHX4K0mu36vNsU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.32.0/go.mod h1:JyA0FHXe22E1NeNiHmVp7kFHglnexDQ7uRWDiiJ1hKQ= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0 h1:cMyu9O88joYEaI47CnQkxO1XZdpoTF9fEnW2duIddhw= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0/go.mod h1:6Am3rn7P9TVVeXYG+wtcGE7IE1tsQ+bP3AuWcKt/gOI= +go.opentelemetry.io/otel/exporters/prometheus v0.54.0 h1:rFwzp68QMgtzu9PgP3jm9XaMICI6TsofWWPcBDKwlsU= +go.opentelemetry.io/otel/exporters/prometheus v0.54.0/go.mod h1:QyjcV9qDP6VeK5qPyKETvNjmaaEc7+gqjh4SS0ZYzDU= +go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.8.0 h1:CHXNXwfKWfzS65yrlB2PVds1IBZcdsX8Vepy9of0iRU= +go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.8.0/go.mod h1:zKU4zUgKiaRxrdovSS2amdM5gOc59slmo/zJwGX+YBg= +go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.32.0 h1:SZmDnHcgp3zwlPBS2JX2urGYe/jBKEIT6ZedHRUyCz8= +go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.32.0/go.mod h1:fdWW0HtZJ7+jNpTKUR0GpMEDP69nR8YBJQxNiVCE3jk= +go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.32.0 h1:cC2yDI3IQd0Udsux7Qmq8ToKAx1XCilTQECZ0KDZyTw= +go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.32.0/go.mod h1:2PD5Ex6z8CFzDbTdOlwyNIUywRr1DN0ospafJM1wJ+s= +go.opentelemetry.io/otel/log v0.8.0 h1:egZ8vV5atrUWUbnSsHn6vB8R21G2wrKqNiDt3iWertk= +go.opentelemetry.io/otel/log v0.8.0/go.mod h1:M9qvDdUTRCopJcGRKg57+JSQ9LgLBrwwfC32epk5NX8= +go.opentelemetry.io/otel/metric v1.32.0 h1:xV2umtmNcThh2/a/aCP+h64Xx5wsj8qqnkYZktzNa0M= +go.opentelemetry.io/otel/metric v1.32.0/go.mod h1:jH7CIbbK6SH2V2wE16W05BHCtIDzauciCRLoc/SyMv8= +go.opentelemetry.io/otel/sdk v1.32.0 h1:RNxepc9vK59A8XsgZQouW8ue8Gkb4jpWtJm9ge5lEG4= +go.opentelemetry.io/otel/sdk v1.32.0/go.mod h1:LqgegDBjKMmb2GC6/PrTnteJG39I8/vJCAP9LlJXEjU= +go.opentelemetry.io/otel/sdk/log v0.8.0 h1:zg7GUYXqxk1jnGF/dTdLPrK06xJdrXgqgFLnI4Crxvs= +go.opentelemetry.io/otel/sdk/log v0.8.0/go.mod h1:50iXr0UVwQrYS45KbruFrEt4LvAdCaWWgIrsN3ZQggo= +go.opentelemetry.io/otel/sdk/metric v1.32.0 h1:rZvFnvmvawYb0alrYkjraqJq0Z4ZUJAiyYCU9snn1CU= +go.opentelemetry.io/otel/sdk/metric v1.32.0/go.mod h1:PWeZlq0zt9YkYAp3gjKZ0eicRYvOh1Gd+X99x6GHpCQ= +go.opentelemetry.io/otel/trace v1.32.0 h1:WIC9mYrXf8TmY/EXuULKc8hR17vE+Hjv2cssQDe03fM= +go.opentelemetry.io/otel/trace v1.32.0/go.mod h1:+i4rkvCraA+tG6AzwloGaCtkx53Fa+L+V8e9a7YvhT8= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= go.starlark.net v0.0.0-20240725214946-42030a7cedce h1:YyGqCjZtGZJ+mRPaenEiB87afEO2MFRzLiJNZ0Z0bPw= go.starlark.net v0.0.0-20240725214946-42030a7cedce/go.mod h1:YKMCv9b1WrfWmeqdV5MAuEHWsu5iC+fe6kYl2sQjdI8= -go.step.sm/crypto v0.51.1 h1:ktUg/2hetEMiBAqgz502ktZDGoDoGrcHFg3XpkmkvvA= -go.step.sm/crypto v0.51.1/go.mod h1:PdrhttNU/tG9/YsVd4fdlysBN+UV503p0o2irFZQlAw= +go.step.sm/crypto v0.51.2 h1:5EiCGIMg7IvQTGmJrwRosbXeprtT80OhoS/PJarg60o= +go.step.sm/crypto v0.51.2/go.mod h1:QK7czLjN2k+uqVp5CHXxJbhc70kVRSP+0CQF3zsR5M0= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= @@ -1654,7 +1702,6 @@ golang.org/x/crypto v0.0.0-20201012173705-84dcc777aaee/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= @@ -1662,8 +1709,9 @@ golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= -golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1674,8 +1722,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= +golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY= +golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1705,8 +1753,10 @@ golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.20.0 h1:utOm6MM3R3dnawAiJgn0y+xvuYRsm1RKM/4giyfDgV0= -golang.org/x/mod v0.20.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4= +golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1762,7 +1812,6 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= @@ -1770,10 +1819,10 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= -golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1799,8 +1848,8 @@ golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A= -golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= -golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= +golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1818,8 +1867,9 @@ golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= -golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1877,7 +1927,6 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1897,7 +1946,6 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1907,12 +1955,13 @@ golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= -golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= @@ -1921,8 +1970,9 @@ golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= -golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= +golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= +golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1937,13 +1987,14 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224= -golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= -golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ= +golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -2004,8 +2055,9 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= -golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= -golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= +golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= +golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2064,8 +2116,8 @@ google.golang.org/api v0.96.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ google.golang.org/api v0.97.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= google.golang.org/api v0.98.0/go.mod h1:w7wJQLTM+wvQpNf5JyEcBoxK0RH7EDrh/L4qfsuJ13s= google.golang.org/api v0.100.0/go.mod h1:ZE3Z2+ZOr87Rx7dqFsdRQkRBk36kDtp/h+QpHbB7a70= -google.golang.org/api v0.190.0 h1:ASM+IhLY1zljNdLu19W1jTmU6A+gMk6M46Wlur61s+Q= -google.golang.org/api v0.190.0/go.mod h1:QIr6I9iedBLnfqoD6L6Vze1UvS5Hzj5r2aUBOaZnLHo= +google.golang.org/api v0.197.0 h1:x6CwqQLsFiA5JKAiGyGBjc2bNtHtLddhJCE2IKuhhcQ= +google.golang.org/api v0.197.0/go.mod h1:AuOuo20GoQ331nq7DquGHlU6d+2wN2fZ8O0ta60nRNw= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -2174,12 +2226,12 @@ google.golang.org/genproto v0.0.0-20221010155953-15ba04fc1c0e/go.mod h1:3526vdqw google.golang.org/genproto v0.0.0-20221014173430-6e2ab493f96b/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= google.golang.org/genproto v0.0.0-20221014213838-99cd37c6964a/go.mod h1:1vXfmgAz9N9Jx0QA82PqRVauvCz1SGSz739p0f183jM= google.golang.org/genproto v0.0.0-20221025140454-527a21cfbd71/go.mod h1:9qHF0xnpdSfF6knlcsnpzUu5y+rpwgbvsyGAZPBMg4s= -google.golang.org/genproto v0.0.0-20240730163845-b1a4ccb954bf h1:OqdXDEakZCVtDiZTjcxfwbHPCT11ycCEsTKesBVKvyY= -google.golang.org/genproto v0.0.0-20240730163845-b1a4ccb954bf/go.mod h1:mCr1K1c8kX+1iSBREvU3Juo11CB+QOEWxbRS01wWl5M= -google.golang.org/genproto/googleapis/api v0.0.0-20240730163845-b1a4ccb954bf h1:GillM0Ef0pkZPIB+5iO6SDK+4T9pf6TpaYR6ICD5rVE= -google.golang.org/genproto/googleapis/api v0.0.0-20240730163845-b1a4ccb954bf/go.mod h1:OFMYQFHJ4TM3JRlWDZhJbZfra2uqc3WLBZiaaqP4DtU= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf h1:liao9UHurZLtiEwBgT9LMOnKYsHze6eA6w1KQCMVN2Q= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= +google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 h1:BulPr26Jqjnd4eYDVe+YvyR7Yc2vJGkO5/0UxD0/jZU= +google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:hL97c3SYopEHblzpxRL4lSs523++l8DYxGM1FQiYmb4= +google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28 h1:M0KvPgPmDZHPlbRbaNU1APr28TvwvvdUPlSv7PUvy8g= +google.golang.org/genproto/googleapis/api v0.0.0-20241104194629-dd2ea8efbc28/go.mod h1:dguCy7UOdZhTvLzDyt15+rOrawrpM4q7DD9dQ1P11P4= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28 h1:XVhgTWWV3kGQlwJHR3upFWZeTsei6Oks1apkZSeonIE= +google.golang.org/genproto/googleapis/rpc v0.0.0-20241104194629-dd2ea8efbc28/go.mod h1:GX3210XPVPUjJbTUbvwI8f2IpZDMZuPJWDzDuebbviI= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -2215,9 +2267,11 @@ google.golang.org/grpc v1.48.0/go.mod h1:vN9eftEi1UMyUsIF80+uQXhHjbXYbm0uXoFCACu google.golang.org/grpc v1.49.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.50.0/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= google.golang.org/grpc v1.50.1/go.mod h1:ZgQEeidpAuNRZ8iRrlBKXZQP1ghovWIVhdJRyCDK+GI= -google.golang.org/grpc v1.66.0 h1:DibZuoBznOxbDQxRINckZcUvnCEvrW9pcWIE2yF9r1c= -google.golang.org/grpc v1.66.0/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= +google.golang.org/grpc v1.68.0 h1:aHQeeJbo8zAkAa3pRzrVjZlbz6uSfeOXlJNQM0RAbz0= +google.golang.org/grpc v1.68.0/go.mod h1:fmSPC5AsjSBCK54MyHRx48kpOti1/jRfOlwEWywNjWA= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= +google.golang.org/grpc/stats/opentelemetry v0.0.0-20240907200651-3ffb98b2c93a h1:UIpYSuWdWHSzjwcAFRLjKcPXFZVVLXGEM23W+NWqipw= +google.golang.org/grpc/stats/opentelemetry v0.0.0-20240907200651-3ffb98b2c93a/go.mod h1:9i1T9n4ZinTUZGgzENMi8MDDgbGC5mqTS75JAv6xN3A= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -2233,8 +2287,8 @@ google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQ google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk= +google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -2274,8 +2328,8 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= -helm.sh/helm/v3 v3.15.3 h1:HcZDaVFe9uHa6hpsR54mJjYyRy4uz/pc6csg27nxFOc= -helm.sh/helm/v3 v3.15.3/go.mod h1:FzSIP8jDQaa6WAVg9F+OkKz7J0ZmAga4MABtTbsb9WQ= +helm.sh/helm/v3 v3.16.3 h1:kb8bSxMeRJ+knsK/ovvlaVPfdis0X3/ZhYCSFRP+YmY= +helm.sh/helm/v3 v3.16.3/go.mod h1:zeVWGDR4JJgiRbT3AnNsjYaX8OTJlIE9zC+Q7F7iUSU= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -2283,26 +2337,26 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/api v0.30.3 h1:ImHwK9DCsPA9uoU3rVh4QHAHHK5dTSv1nxJUapx8hoQ= -k8s.io/api v0.30.3/go.mod h1:GPc8jlzoe5JG3pb0KJCSLX5oAFIW3/qNJITlDj8BH04= -k8s.io/apiextensions-apiserver v0.30.3 h1:oChu5li2vsZHx2IvnGP3ah8Nj3KyqG3kRSaKmijhB9U= -k8s.io/apiextensions-apiserver v0.30.3/go.mod h1:uhXxYDkMAvl6CJw4lrDN4CPbONkF3+XL9cacCT44kV4= -k8s.io/apimachinery v0.30.3 h1:q1laaWCmrszyQuSQCfNB8cFgCuDAoPszKY4ucAjDwHc= -k8s.io/apimachinery v0.30.3/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= -k8s.io/apiserver v0.30.3 h1:QZJndA9k2MjFqpnyYv/PH+9PE0SHhx3hBho4X0vE65g= -k8s.io/apiserver v0.30.3/go.mod h1:6Oa88y1CZqnzetd2JdepO0UXzQX4ZnOekx2/PtEjrOg= -k8s.io/cli-runtime v0.30.3 h1:aG69oRzJuP2Q4o8dm+f5WJIX4ZBEwrvdID0+MXyUY6k= -k8s.io/cli-runtime v0.30.3/go.mod h1:hwrrRdd9P84CXSKzhHxrOivAR9BRnkMt0OeP5mj7X30= -k8s.io/client-go v0.30.3 h1:bHrJu3xQZNXIi8/MoxYtZBBWQQXwy16zqJwloXXfD3k= -k8s.io/client-go v0.30.3/go.mod h1:8d4pf8vYu665/kUbsxWAQ/JDBNWqfFeZnvFiVdmx89U= -k8s.io/component-base v0.30.3 h1:Ci0UqKWf4oiwy8hr1+E3dsnliKnkMLZMVbWzeorlk7s= -k8s.io/component-base v0.30.3/go.mod h1:C1SshT3rGPCuNtBs14RmVD2xW0EhRSeLvBh7AGk1quA= +k8s.io/api v0.31.2 h1:3wLBbL5Uom/8Zy98GRPXpJ254nEFpl+hwndmk9RwmL0= +k8s.io/api v0.31.2/go.mod h1:bWmGvrGPssSK1ljmLzd3pwCQ9MgoTsRCuK35u6SygUk= +k8s.io/apiextensions-apiserver v0.31.1 h1:L+hwULvXx+nvTYX/MKM3kKMZyei+UiSXQWciX/N6E40= +k8s.io/apiextensions-apiserver v0.31.1/go.mod h1:tWMPR3sgW+jsl2xm9v7lAyRF1rYEK71i9G5dRtkknoQ= +k8s.io/apimachinery v0.31.2 h1:i4vUt2hPK56W6mlT7Ry+AO8eEsyxMD1U44NR22CLTYw= +k8s.io/apimachinery v0.31.2/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/apiserver v0.31.2 h1:VUzOEUGRCDi6kX1OyQ801m4A7AUPglpsmGvdsekmcI4= +k8s.io/apiserver v0.31.2/go.mod h1:o3nKZR7lPlJqkU5I3Ove+Zx3JuoFjQobGX1Gctw6XuE= +k8s.io/cli-runtime v0.31.2 h1:7FQt4C4Xnqx8V1GJqymInK0FFsoC+fAZtbLqgXYVOLQ= +k8s.io/cli-runtime v0.31.2/go.mod h1:XROyicf+G7rQ6FQJMbeDV9jqxzkWXTYD6Uxd15noe0Q= +k8s.io/client-go v0.31.2 h1:Y2F4dxU5d3AQj+ybwSMqQnpZH9F30//1ObxOKlTI9yc= +k8s.io/client-go v0.31.2/go.mod h1:NPa74jSVR/+eez2dFsEIHNa+3o09vtNaWwWwb1qSxSs= +k8s.io/component-base v0.31.2 h1:Z1J1LIaC0AV+nzcPRFqfK09af6bZ4D1nAOpWsy9owlA= +k8s.io/component-base v0.31.2/go.mod h1:9PeyyFN/drHjtJZMCTkSpQJS3U9OXORnHQqMLDz0sUQ= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20240730131305-7a9a4e85957e h1:OnKkExfhk4yxMqvBSPzUfhv3zQ96FWJ+UOZzLrAFyAo= k8s.io/kube-openapi v0.0.0-20240730131305-7a9a4e85957e/go.mod h1:0CVn9SVo8PeW5/JgsBZZIFmmTk5noOM8WXf2e1tCihE= -k8s.io/kubectl v0.30.3 h1:YIBBvMdTW0xcDpmrOBzcpUVsn+zOgjMYIu7kAq+yqiI= -k8s.io/kubectl v0.30.3/go.mod h1:IcR0I9RN2+zzTRUa1BzZCm4oM0NLOawE6RzlDvd1Fpo= +k8s.io/kubectl v0.31.2 h1:gTxbvRkMBwvTSAlobiTVqsH6S8Aa1aGyBcu5xYLsn8M= +k8s.io/kubectl v0.31.2/go.mod h1:EyASYVU6PY+032RrTh5ahtSOMgoDRIux9V1JLKtG5xM= k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= modernc.org/cc/v4 v4.21.4 h1:3Be/Rdo1fpr8GrQ7IVw9OHtplU4gWbb+wNgeoBMmGLQ= @@ -2325,14 +2379,14 @@ modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4= modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= modernc.org/sortutil v1.2.0 h1:jQiD3PfS2REGJNzNCMMaLSp/wdMNieTbKX920Cqdgqc= modernc.org/sortutil v1.2.0/go.mod h1:TKU2s7kJMf1AE84OoiGppNHJwvB753OYfNl2WRb++Ss= -modernc.org/sqlite v1.33.1 h1:trb6Z3YYoeM9eDL1O8do81kP+0ejv+YzgyFo+Gwy0nM= -modernc.org/sqlite v1.33.1/go.mod h1:pXV2xHxhzXZsgT/RtTFAPY6JJDEvOTcTdwADQCCWD4k= +modernc.org/sqlite v1.34.4 h1:sjdARozcL5KJBvYQvLlZEmctRgW9xqIZc2ncN7PU0P8= +modernc.org/sqlite v1.34.4/go.mod h1:3QQFCG2SEMtc2nv+Wq4cQCH7Hjcg+p/RMlS1XK+zwbk= modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA= modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0= modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= -mvdan.cc/sh/v3 v3.8.0 h1:ZxuJipLZwr/HLbASonmXtcvvC9HXY9d2lXZHnKGjFc8= -mvdan.cc/sh/v3 v3.8.0/go.mod h1:w04623xkgBVo7/IUK89E0g8hBykgEpN0vgOj3RJr6MY= +mvdan.cc/sh/v3 v3.10.0 h1:v9z7N1DLZ7owyLM/SXZQkBSXcwr2IGMm2LY2pmhVXj4= +mvdan.cc/sh/v3 v3.10.0/go.mod h1:z/mSSVyLFGZzqb3ZIKojjyqIx/xbmz/UHdCSv9HmqXY= oras.land/oras-go v1.2.6 h1:z8cmxQXBU8yZ4mkytWqXfo6tZcamPwjsuxYU81xJ8Lk= oras.land/oras-go v1.2.6/go.mod h1:OVPc1PegSEe/K8YiLfosrlqlqTN9PUyFvOw5Y9gwrT8= oras.land/oras-go/v2 v2.5.0 h1:o8Me9kLY74Vp5uw07QXPiitjsw7qNXi8Twd+19Zf02c= @@ -2354,3 +2408,7 @@ sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k= software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= +tags.cncf.io/container-device-interface v0.8.0 h1:8bCFo/g9WODjWx3m6EYl3GfUG31eKJbaggyBDxEldRc= +tags.cncf.io/container-device-interface v0.8.0/go.mod h1:Apb7N4VdILW0EVdEMRYXIDVRZfNJZ+kmEUss2kRRQ6Y= +tags.cncf.io/container-device-interface/specs-go v0.8.0 h1:QYGFzGxvYK/ZLMrjhvY0RjpUavIn4KcmRmVP/JjdBTA= +tags.cncf.io/container-device-interface/specs-go v0.8.0/go.mod h1:BhJIkjjPh4qpys+qm4DAYtUyryaTDg9zris+AczXyws= diff --git a/golangcilint.yaml b/golangcilint.yaml index fd4a6083..fc73dacc 100644 --- a/golangcilint.yaml +++ b/golangcilint.yaml @@ -27,6 +27,7 @@ linters: - contextcheck # needs to revisit: https://github.com/project-zot/zot/pull/2556 - copyloopvar # needs to revisit: https://github.com/project-zot/zot/pull/2556 - typecheck + - exportloopref linters-settings: dupl: diff --git a/pkg/api/authn_test.go b/pkg/api/authn_test.go index a05fd726..e5e29f6c 100644 --- a/pkg/api/authn_test.go +++ b/pkg/api/authn_test.go @@ -954,7 +954,7 @@ func TestCookiestoreCleanup(t *testing.T) { err = os.Chtimes(sessionPath, changeTime, changeTime) So(err, ShouldBeNil) - imgStore := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + imgStore := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imgStore, @@ -989,7 +989,7 @@ func TestCookiestoreCleanup(t *testing.T) { err = os.WriteFile(sessionPath, []byte("session"), storageConstants.DefaultFilePerms) So(err, ShouldBeNil) - imgStore := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + imgStore := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imgStore, diff --git a/pkg/api/authz.go b/pkg/api/authz.go index efb91c63..c41e0edc 100644 --- a/pkg/api/authz.go +++ b/pkg/api/authz.go @@ -12,6 +12,7 @@ import ( "zotregistry.dev/zot/pkg/common" "zotregistry.dev/zot/pkg/log" reqCtx "zotregistry.dev/zot/pkg/requestcontext" + storageTypes "zotregistry.dev/zot/pkg/storage/types" ) const ( @@ -20,6 +21,20 @@ const ( OPENID = "OpenID" ) +func AuthzFilterFunc(userAc *reqCtx.UserAccessControl) storageTypes.FilterRepoFunc { + return func(repo string) (bool, error) { + if userAc == nil { + return true, nil + } + + if userAc.Can(constants.ReadPermission, repo) { + return true, nil + } + + return false, nil + } +} + // AccessController authorizes users to act on resources. type AccessController struct { Config *config.AccessControlConfig diff --git a/pkg/api/config/config.go b/pkg/api/config/config.go index b7d5c7f7..07929c21 100644 --- a/pkg/api/config/config.go +++ b/pkg/api/config/config.go @@ -7,6 +7,7 @@ import ( distspec "github.com/opencontainers/distribution-spec/specs-go" + "zotregistry.dev/zot/pkg/compat" extconf "zotregistry.dev/zot/pkg/extensions/config" storageConstants "zotregistry.dev/zot/pkg/storage/constants" ) @@ -122,7 +123,8 @@ type HTTPConfig struct { Auth *AuthConfig AccessControl *AccessControlConfig `mapstructure:"accessControl,omitempty"` Realm string - Ratelimit *RatelimitConfig `mapstructure:",omitempty"` + Ratelimit *RatelimitConfig `mapstructure:",omitempty"` + Compat []compat.MediaCompatibility `mapstructure:",omitempty"` } type SchedulerConfig struct { diff --git a/pkg/api/controller.go b/pkg/api/controller.go index d9446ba7..056a9bab 100644 --- a/pkg/api/controller.go +++ b/pkg/api/controller.go @@ -78,7 +78,7 @@ func NewController(appConfig *config.Config) *Controller { panic("failed to get member socket") } - if memberSocket == "" { + if memberSocketIdx < 0 || memberSocket == "" { // there is a misconfiguration if the memberSocket cannot be identified logger.Error(). Str("members", strings.Join(appConfig.Cluster.Members, ",")). diff --git a/pkg/api/controller_test.go b/pkg/api/controller_test.go index 66da6687..600ccf13 100644 --- a/pkg/api/controller_test.go +++ b/pkg/api/controller_test.go @@ -381,7 +381,7 @@ func TestAutoPortSelection(t *testing.T) { break } - t.Logf(scanner.Text()) + t.Logf("%s", scanner.Text()) } So(scanner.Err(), ShouldBeNil) @@ -8145,6 +8145,439 @@ func TestRouteFailures(t *testing.T) { }) } +func TestPagedRepositoriesWithAuthorization(t *testing.T) { + port := test.GetFreePort() + baseURL := test.GetBaseURL(port) + conf := config.New() + conf.HTTP.Port = port + username, _ := test.GenerateRandomString() + password, _ := test.GenerateRandomString() + htpasswdPath := test.MakeHtpasswdFileFromString(test.GetCredString(username, password)) + + defer os.Remove(htpasswdPath) + + conf.HTTP.Auth = &config.AuthConfig{ + HTPasswd: config.AuthHTPasswd{ + Path: htpasswdPath, + }, + } + + readPolicyGroup := config.PolicyGroup{ + Policies: []config.Policy{ + { + Users: []string{username}, + Actions: []string{ + constants.ReadPermission, + }, + }, + }, + DefaultPolicy: []string{}, + } + + conf.HTTP.AccessControl = &config.AccessControlConfig{ + Repositories: config.Repositories{ + test.AuthorizationAllRepos: config.PolicyGroup{ + Policies: []config.Policy{ + { + Users: []string{username}, + Actions: []string{ + constants.ReadPermission, + constants.CreatePermission, + }, + }, + }, + + DefaultPolicy: []string{}, + }, + }, + AdminPolicy: config.Policy{ + Users: []string{}, + Actions: []string{}, + }, + } + + ctlr := api.NewController(conf) + ctlr.Config.Storage.RootDirectory = t.TempDir() + + cm := test.NewControllerManager(ctlr) + cm.StartAndWait(port) + + defer cm.StopServer() + + client := resty.New() + client.SetBasicAuth(username, password) + + img := CreateRandomImage() + + repoNames := []string{ + "alpine1", "alpine2", "alpine3", + "alpine4", "alpine5", "alpine6", + "alpine7", "alpine8", "alpine9", + } + + for _, repo := range repoNames { + err := UploadImageWithBasicAuth(img, baseURL, repo, "0.1", username, password) + if err != nil { + panic(err) + } + } + + conf.HTTP.AccessControl.Repositories = config.Repositories{ + "alpine[13579]": readPolicyGroup, + "alpine[2468]": config.PolicyGroup{}, + } + + // Note empty strings signify the query parameter is not set + // There are separate tests for passing the empty string as query parameter + testCases := []struct { + testCaseName string + pageSize string + last string + expectedRepos []string + }{ + { + testCaseName: "no parameters", + pageSize: "", + last: "", + expectedRepos: []string{"alpine1", "alpine3", "alpine5", "alpine7", "alpine9"}, + }, + { + testCaseName: "first 3", + pageSize: "3", + last: "", + expectedRepos: []string{"alpine1", "alpine3", "alpine5"}, + }, + { + testCaseName: "next 2", + pageSize: "3", + last: "alpine5", + expectedRepos: []string{"alpine7", "alpine9"}, + }, + { + testCaseName: "0", + pageSize: "0", + last: "", + expectedRepos: []string{}, + }, + { + testCaseName: "Test the parameter 'last' without parameter 'n'", + pageSize: "", + last: "alpine3", + expectedRepos: []string{"alpine5", "alpine7", "alpine9"}, + }, + { + testCaseName: "Test the parameter 'last' with the final repo as value", + pageSize: "", + last: "alpine9", + expectedRepos: []string{}, + }, + } + + for _, testCase := range testCases { + Convey(testCase.testCaseName, t, func() { + testHTTPPagedRepositories(t, client, baseURL, testCase.testCaseName, testCase.pageSize, + testCase.last, testCase.expectedRepos, repoNames[len(repoNames)-1]) + }) + } +} + +func TestPagedRepositoriesWithSubpaths(t *testing.T) { + port := test.GetFreePort() + baseURL := test.GetBaseURL(port) + conf := config.New() + conf.HTTP.Port = port + + dir := t.TempDir() + firstSubDir := t.TempDir() + secondSubDir := t.TempDir() + + subPaths := make(map[string]config.StorageConfig) + + subPaths["/a"] = config.StorageConfig{RootDirectory: firstSubDir} + subPaths["/b"] = config.StorageConfig{RootDirectory: secondSubDir} + + ctlr := makeController(conf, dir) + ctlr.Config.Storage.SubPaths = subPaths + ctlr.Config.Storage.Commit = true + + cm := test.NewControllerManager(ctlr) + cm.StartAndWait(port) + + defer cm.StopServer() + + rthdlr := api.NewRouteHandler(ctlr) + + img := CreateRandomImage() + + repoNames := []string{ + "alpine1", "alpine2", "alpine3", + "a/alpine4", "a/alpine5", "a/alpine6", + "b/alpine7", "b/alpine8", "b/alpine9", + } + + for _, repo := range repoNames { + err := UploadImage(img, baseURL, repo, "0.1") + if err != nil { + panic(err) + } + } + + // Note empty strings signify the query parameter is not set + // There are separate tests for passing the empty string as query parameter + testCases := []struct { + testCaseName string + pageSize string + last string + expectedRepos []string + }{ + { + testCaseName: "no parameters", + pageSize: "", + last: "", + expectedRepos: repoNames, + }, + { + testCaseName: "first 5", + pageSize: "5", + last: "", + expectedRepos: repoNames[:5], + }, + { + testCaseName: "next 5", + pageSize: "5", + last: "a/alpine5", + expectedRepos: repoNames[5:9], + }, + { + testCaseName: "0", + pageSize: "0", + last: "", + expectedRepos: []string{}, + }, + { + testCaseName: "Test the parameter 'last' without parameter 'n'", + pageSize: "", + last: "alpine2", + expectedRepos: repoNames[2:9], + }, + { + testCaseName: "Test the parameter 'last' with the final repo as value", + pageSize: "", + last: repoNames[len(repoNames)-1], + expectedRepos: []string{}, + }, + } + + for _, testCase := range testCases { + Convey(testCase.testCaseName, t, func() { + testPagedRepositories(t, rthdlr, baseURL, testCase.testCaseName, testCase.pageSize, + testCase.last, testCase.expectedRepos, repoNames[len(repoNames)-1]) + }) + } +} + +func TestPagedRepositories(t *testing.T) { + port := test.GetFreePort() + baseURL := test.GetBaseURL(port) + conf := config.New() + conf.HTTP.Port = port + + ctlr := makeController(conf, t.TempDir()) + ctlr.Config.Storage.Commit = true + + cm := test.NewControllerManager(ctlr) + cm.StartAndWait(port) + + defer cm.StopServer() + + rthdlr := api.NewRouteHandler(ctlr) + + img := CreateRandomImage() + + repoName := "alpine" + repoNames := []string{ + "alpine1", "alpine2", "alpine3", + "alpine4", "alpine5", "alpine6", + "alpine7", "alpine8", "alpine9", + } + + for _, repo := range repoNames { + err := UploadImage(img, baseURL, repo, "0.1") + if err != nil { + panic(err) + } + } + + // Note empty strings signify the query parameter is not set + // There are separate tests for passing the empty string as query parameter + testCases := []struct { + testCaseName string + pageSize string + last string + expectedRepos []string + }{ + { + testCaseName: "no parameters", + pageSize: "", + last: "", + expectedRepos: repoNames, + }, + { + testCaseName: "first 5", + pageSize: "5", + last: "", + expectedRepos: repoNames[:5], + }, + { + testCaseName: "next 5", + pageSize: "5", + last: repoName + "5", + expectedRepos: repoNames[5:9], + }, + { + testCaseName: "0", + pageSize: "0", + last: "", + expectedRepos: []string{}, + }, + { + testCaseName: "Test the parameter 'last' without parameter 'n'", + pageSize: "", + last: repoName + "2", + expectedRepos: repoNames[2:9], + }, + { + testCaseName: "Test the parameter 'last' with the final repo as value", + pageSize: "", + last: repoName + "9", + expectedRepos: []string{}, + }, + } + + for _, testCase := range testCases { + Convey(testCase.testCaseName, t, func() { + testPagedRepositories(t, rthdlr, baseURL, testCase.testCaseName, testCase.pageSize, + testCase.last, testCase.expectedRepos, repoNames[len(repoNames)-1]) + }) + } +} + +func testHTTPPagedRepositories(t *testing.T, client *resty.Client, baseURL string, testCaseName string, + pageSize string, + last string, + expectedRepos []string, lastRepoInStorage string, +) { + t.Helper() + + Convey(testCaseName, func() { + t.Log("Running " + testCaseName) + + params := make(map[string]string) + + if pageSize != "" || last != "" { + if pageSize != "" { + params["n"] = pageSize + } + + if last != "" { + params["last"] = last + } + } + + resp, err := client.R().SetQueryParams(params).Get(baseURL + "/v2/_catalog") + So(err, ShouldBeNil) + So(resp, ShouldNotBeNil) + So(resp.StatusCode(), ShouldEqual, http.StatusOK) + + catalog := struct { + Repositories []string `json:"repositories"` + }{} + + err = json.Unmarshal(resp.Body(), &catalog) + So(err, ShouldBeNil) + + So(catalog.Repositories, ShouldEqual, expectedRepos) + + actualLinkValue := resp.Header().Get("Link") + if pageSize == "0" || pageSize == "" { //nolint:gocritic + So(actualLinkValue, ShouldEqual, "") + } else if expectedRepos[len(expectedRepos)-1] == lastRepoInStorage { + So(actualLinkValue, ShouldEqual, "") + } else { + expectedLinkValue := fmt.Sprintf("; rel=\"next\"", + pageSize, catalog.Repositories[len(catalog.Repositories)-1], + ) + So(actualLinkValue, ShouldEqual, expectedLinkValue) + } + + t.Log("Finished " + testCaseName) + }) +} + +func testPagedRepositories(t *testing.T, rthdlr *api.RouteHandler, baseURL string, testCaseName string, + pageSize string, + last string, + expectedRepos []string, lastRepoInStorage string, +) { + t.Helper() + + Convey(testCaseName, func() { + t.Log("Running " + testCaseName) + + request, _ := http.NewRequestWithContext(context.TODO(), http.MethodGet, + baseURL+constants.RoutePrefix+constants.ExtCatalogPrefix, nil) + + if pageSize != "" || last != "" { + qparm := request.URL.Query() + + if pageSize != "" { + qparm.Add("n", pageSize) + } + + if last != "" { + qparm.Add("last", last) + } + + request.URL.RawQuery = qparm.Encode() + } + + response := httptest.NewRecorder() + + rthdlr.ListRepositories(response, request) + + resp := response.Result() + defer resp.Body.Close() + So(resp, ShouldNotBeNil) + So(resp.StatusCode, ShouldEqual, http.StatusOK) + + catalog := struct { + Repositories []string `json:"repositories"` + }{} + + body, err := io.ReadAll(resp.Body) + So(err, ShouldBeNil) + + err = json.Unmarshal(body, &catalog) + So(err, ShouldBeNil) + + So(catalog.Repositories, ShouldEqual, expectedRepos) + + actualLinkValue := resp.Header.Get("Link") + if pageSize == "0" || pageSize == "" { //nolint:gocritic + So(actualLinkValue, ShouldEqual, "") + } else if expectedRepos[len(expectedRepos)-1] == lastRepoInStorage { + So(actualLinkValue, ShouldEqual, "") + } else { + expectedLinkValue := fmt.Sprintf("; rel=\"next\"", + pageSize, catalog.Repositories[len(catalog.Repositories)-1], + ) + So(actualLinkValue, ShouldEqual, expectedLinkValue) + } + + t.Log("Finished " + testCaseName) + }) +} + func TestListingTags(t *testing.T) { port := test.GetFreePort() baseURL := test.GetBaseURL(port) diff --git a/pkg/api/ldap.go b/pkg/api/ldap.go index 9101093b..bd9ac45d 100644 --- a/pkg/api/ldap.go +++ b/pkg/api/ldap.go @@ -61,7 +61,7 @@ func (lc *LDAPClient) Connect() error { RootCAs: lc.ClientCAs, } - if lc.ClientCertificates != nil && len(lc.ClientCertificates) > 0 { + if len(lc.ClientCertificates) > 0 { config.Certificates = lc.ClientCertificates } @@ -78,7 +78,7 @@ func (lc *LDAPClient) Connect() error { ServerName: lc.ServerName, RootCAs: lc.ClientCAs, } - if lc.ClientCertificates != nil && len(lc.ClientCertificates) > 0 { + if len(lc.ClientCertificates) > 0 { config.Certificates = lc.ClientCertificates } diff --git a/pkg/api/routes.go b/pkg/api/routes.go index 97774058..b92c42d5 100644 --- a/pkg/api/routes.go +++ b/pkg/api/routes.go @@ -47,6 +47,7 @@ import ( mTypes "zotregistry.dev/zot/pkg/meta/types" zreg "zotregistry.dev/zot/pkg/regexp" reqCtx "zotregistry.dev/zot/pkg/requestcontext" + "zotregistry.dev/zot/pkg/storage" storageCommon "zotregistry.dev/zot/pkg/storage/common" storageTypes "zotregistry.dev/zot/pkg/storage/types" "zotregistry.dev/zot/pkg/test/inject" @@ -688,7 +689,7 @@ func (rh *RouteHandler) UpdateManifest(response http.ResponseWriter, request *ht } mediaType := request.Header.Get("Content-Type") - if !storageCommon.IsSupportedMediaType(mediaType) { + if !storageCommon.IsSupportedMediaType(rh.c.Config.HTTP.Compat, mediaType) { err := apiErr.NewError(apiErr.MANIFEST_INVALID).AddDetail(map[string]string{"mediaType": mediaType}) zcommon.WriteJSON(response, http.StatusUnsupportedMediaType, apiErr.NewErrorList(err)) @@ -1763,6 +1764,81 @@ type RepositoryList struct { Repositories []string `json:"repositories"` } +func (rh *RouteHandler) listStorageRepositories(lastEntry string, maxEntries int, + userAc *reqCtx.UserAccessControl, +) ([]string, bool, error) { + var moreEntries bool + + var err error + + var repos []string + + remainder := maxEntries + + combineRepoList := make([]string, 0) + + subStore := rh.c.StoreController.SubStore + + subPaths := make([]string, 0) + for subPath := range subStore { + subPaths = append(subPaths, subPath) + } + + sort.Strings(subPaths) + + storePath := rh.c.StoreController.GetStorePath(lastEntry) + if storePath == storage.DefaultStorePath { + singleStore := rh.c.StoreController.DefaultStore + + repos, moreEntries, err = singleStore.GetNextRepositories(lastEntry, remainder, AuthzFilterFunc(userAc)) + if err != nil { + return repos, false, err + } + + remainder = maxEntries - len(repos) + + if moreEntries && remainder <= 0 && len(repos) > 0 { + // maxEntries has been hit + lastEntry = repos[len(repos)-1] + } else { + // reset for the next substores + lastEntry = "" + } + + combineRepoList = append(combineRepoList, repos...) + } + + for _, subPath := range subPaths { + imgStore := subStore[subPath] + + if lastEntry != "" && subPath != storePath { + continue + } + + if remainder > 0 || maxEntries == -1 { + repos, moreEntries, err = imgStore.GetNextRepositories(lastEntry, remainder, AuthzFilterFunc(userAc)) + if err != nil { + return combineRepoList, false, err + } + + // compute remainder + remainder -= len(repos) + + if moreEntries && remainder <= 0 && len(repos) > 0 { + // maxEntries has been hit + lastEntry = repos[len(repos)-1] + } else { + // reset for the next substores + lastEntry = "" + } + + combineRepoList = append(combineRepoList, repos...) + } + } + + return combineRepoList, moreEntries, nil +} + // ListRepositories godoc // @Summary List image repositories // @Description List all image repositories @@ -1776,50 +1852,40 @@ func (rh *RouteHandler) ListRepositories(response http.ResponseWriter, request * return } - combineRepoList := make([]string, 0) - - subStore := rh.c.StoreController.SubStore - - for _, imgStore := range subStore { - repos, err := imgStore.GetRepositories() - if err != nil { - response.WriteHeader(http.StatusInternalServerError) + q := request.URL.Query() - return - } + lastEntry := q.Get("last") - combineRepoList = append(combineRepoList, repos...) + maxEntries, err := strconv.Atoi(q.Get("n")) + if err != nil { + maxEntries = -1 } - singleStore := rh.c.StoreController.DefaultStore - if singleStore != nil { - repos, err := singleStore.GetRepositories() - if err != nil { - response.WriteHeader(http.StatusInternalServerError) - - return - } + // authz context + userAc, err := reqCtx.UserAcFromContext(request.Context()) + if err != nil { + response.WriteHeader(http.StatusInternalServerError) - combineRepoList = append(combineRepoList, repos...) + return } - repos := make([]string, 0) - // authz context - userAc, err := reqCtx.UserAcFromContext(request.Context()) + repos, moreEntries, err := rh.listStorageRepositories(lastEntry, maxEntries, userAc) if err != nil { response.WriteHeader(http.StatusInternalServerError) return } - if userAc != nil { - for _, r := range combineRepoList { - if userAc.Can(constants.ReadPermission, r) { - repos = append(repos, r) - } - } - } else { - repos = combineRepoList + if moreEntries && len(repos) > 0 { + lastRepo := repos[len(repos)-1] + + response.Header().Set( + "Link", + fmt.Sprintf("; rel=\"next\"", + maxEntries, + lastRepo, + ), + ) } is := RepositoryList{Repositories: repos} diff --git a/pkg/api/routes_test.go b/pkg/api/routes_test.go index bc1554db..68f9c3ef 100644 --- a/pkg/api/routes_test.go +++ b/pkg/api/routes_test.go @@ -1359,8 +1359,10 @@ func TestRoutes(t *testing.T) { "session_id": "test", }, &mocks.MockedImageStore{ - GetRepositoriesFn: func() ([]string, error) { - return []string{}, ErrUnexpectedError + GetNextRepositoriesFn: func(lastRepo string, maxEntries int, + fn storageTypes.FilterRepoFunc, + ) ([]string, bool, error) { + return []string{}, false, ErrUnexpectedError }, }, ) @@ -1374,8 +1376,10 @@ func TestRoutes(t *testing.T) { "session_id": "test", }, &mocks.MockedImageStore{ - GetRepositoriesFn: func() ([]string, error) { - return []string{}, ErrUnexpectedError + GetNextRepositoriesFn: func(lastRepo string, maxEntries int, + fn storageTypes.FilterRepoFunc, + ) ([]string, bool, error) { + return []string{}, false, ErrUnexpectedError }, }, ) @@ -1384,19 +1388,25 @@ func TestRoutes(t *testing.T) { Convey("ListRepositories with Authz", func() { ctlr.StoreController.DefaultStore = &mocks.MockedImageStore{ - GetRepositoriesFn: func() ([]string, error) { - return []string{"repo"}, nil + GetNextRepositoriesFn: func(lastRepo string, maxEntries int, + fn storageTypes.FilterRepoFunc, + ) ([]string, bool, error) { + return []string{"repo"}, false, nil }, } ctlr.StoreController.SubStore = map[string]storageTypes.ImageStore{ "test1": &mocks.MockedImageStore{ - GetRepositoriesFn: func() ([]string, error) { - return []string{"repo1"}, nil + GetNextRepositoriesFn: func(lastRepo string, maxEntries int, + fn storageTypes.FilterRepoFunc, + ) ([]string, bool, error) { + return []string{"repo1"}, false, nil }, }, "test2": &mocks.MockedImageStore{ - GetRepositoriesFn: func() ([]string, error) { - return []string{"repo2"}, nil + GetNextRepositoriesFn: func(lastRepo string, maxEntries int, + fn storageTypes.FilterRepoFunc, + ) ([]string, bool, error) { + return []string{"repo2"}, false, nil }, }, } diff --git a/pkg/cli/client/cve_cmd_test.go b/pkg/cli/client/cve_cmd_test.go index 8d05d1cf..addfff95 100644 --- a/pkg/cli/client/cve_cmd_test.go +++ b/pkg/cli/client/cve_cmd_test.go @@ -119,7 +119,7 @@ func TestNegativeServerResponse(t *testing.T) { dir := t.TempDir() imageStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), nil, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, diff --git a/pkg/cli/client/service.go b/pkg/cli/client/service.go index 5ddac93d..f0d24b49 100644 --- a/pkg/cli/client/service.go +++ b/pkg/cli/client/service.go @@ -962,7 +962,7 @@ func (ref referrersResult) stringPlainText(maxArtifactTypeLen int) (string, erro for _, referrer := range ref { artifactType := ellipsize(referrer.ArtifactType, maxArtifactTypeLen, ellipsis) // digest := ellipsize(godigest.Digest(referrer.Digest).Encoded(), digestWidth, "") - size := ellipsize(humanize.Bytes(uint64(referrer.Size)), sizeWidth, ellipsis) + size := ellipsize(humanize.Bytes(uint64(referrer.Size)), sizeWidth, ellipsis) //nolint:gosec,lll // refererrer.Size should >= 0 row := make([]string, refRowWidth) row[refArtifactTypeIndex] = artifactType @@ -1042,7 +1042,7 @@ func (repo repoStruct) stringPlainText(repoMaxLen, maxTimeLen int, verbose bool) row := make([]string, repoRowWidth) row[repoNameIndex] = repoName - row[repoSizeIndex] = ellipsize(strings.ReplaceAll(humanize.Bytes(uint64(repoSize)), " ", ""), sizeWidth, ellipsis) + row[repoSizeIndex] = ellipsize(strings.ReplaceAll(humanize.Bytes(uint64(repoSize)), " ", ""), sizeWidth, ellipsis) //nolint:gosec,lll // ignore overflow row[repoLastUpdatedIndex] = repoLastUpdated.String() row[repoDownloadsIndex] = strconv.Itoa(repoDownloads) row[repoStarsIndex] = strconv.Itoa(repoStars) @@ -1335,15 +1335,15 @@ func combineServerAndEndpointURL(serverURL, endPoint string) (string, error) { return newURL.String(), nil } -func ellipsize(text string, max int, trailing string) string { +func ellipsize(text string, maxLength int, trailing string) string { text = strings.TrimSpace(text) - if len(text) <= max { + if len(text) <= maxLength { return text } chopLength := len(trailing) - return text[:max-chopLength] + trailing + return text[:maxLength-chopLength] + trailing } func getImageTableWriter(writer io.Writer) *tablewriter.Table { diff --git a/pkg/cli/server/extensions_test.go b/pkg/cli/server/extensions_test.go index 5fe75fdc..9ffca558 100644 --- a/pkg/cli/server/extensions_test.go +++ b/pkg/cli/server/extensions_test.go @@ -1070,7 +1070,7 @@ func TestServeSearchEnabled(t *testing.T) { }) } -func TestServeSearchEnabledCVE(t *testing.T) { +func TestServeSearchEnabledDefaultCVEDB(t *testing.T) { oldArgs := os.Args defer func() { os.Args = oldArgs }() diff --git a/pkg/cli/server/root.go b/pkg/cli/server/root.go index 6514385e..8643d224 100644 --- a/pkg/cli/server/root.go +++ b/pkg/cli/server/root.go @@ -162,6 +162,8 @@ func newVerifyCmd(conf *config.Config) *cobra.Command { Long: "`verify` validates a zot config file", RunE: func(cmd *cobra.Command, args []string) error { if len(args) > 0 { + cmd.SilenceUsage = true + if err := LoadConfiguration(conf, args[0]); err != nil { log.Error().Str("config", args[0]).Msg("invalid config file") @@ -219,20 +221,20 @@ func validateStorageConfig(cfg *config.Config, log zlog.Logger) error { for _, storageConfig := range cfg.Storage.SubPaths { if strings.EqualFold(defaultRootDir, storageConfig.RootDirectory) { - log.Error().Err(zerr.ErrBadConfig). - Msg("invalid storage config, storage subpaths cannot use default storage root directory") + msg := "invalid storage config, storage subpaths cannot use default storage root directory" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } expConfig, ok := expConfigMap[storageConfig.RootDirectory] if ok { equal := expConfig.ParamsEqual(storageConfig) if !equal { - log.Error().Err(zerr.ErrBadConfig). - Msg("invalid storage config, storage config with same root directory should have same parameters") + msg := "invalid storage config, storage config with same root directory should have same parameters" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } else { expConfigMap[storageConfig.RootDirectory] = storageConfig @@ -247,33 +249,34 @@ func validateCacheConfig(cfg *config.Config, log zlog.Logger) error { // dedupe true, remote storage, remoteCache true, but no cacheDriver (remote) //nolint: lll if cfg.Storage.Dedupe && cfg.Storage.StorageDriver != nil && cfg.Storage.RemoteCache && cfg.Storage.CacheDriver == nil { - log.Error().Err(zerr.ErrBadConfig).Msg( - "invalid cache config, dedupe set to true with remote storage and caching, but no remote cache configured") + msg := "invalid database config, dedupe set to true with remote storage and database, but no remote database configured" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } if cfg.Storage.CacheDriver != nil && cfg.Storage.RemoteCache { - // local storage with remote caching + // local storage with remote database if cfg.Storage.StorageDriver == nil { - log.Error().Err(zerr.ErrBadConfig).Msg("invalid cache config, cannot have local storage driver with remote caching!") + msg := "invalid database config, cannot have local storage driver with remote database!" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } - // unsupported cache driver + // unsupported database driver if cfg.Storage.CacheDriver["name"] != storageConstants.DynamoDBDriverName { - log.Error().Err(zerr.ErrBadConfig). - Interface("cacheDriver", cfg.Storage.CacheDriver["name"]).Msg("invalid cache config, unsupported cache driver") + msg := "invalid database config, unsupported database driver" + log.Error().Err(zerr.ErrBadConfig).Interface("cacheDriver", cfg.Storage.CacheDriver["name"]).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } if !cfg.Storage.RemoteCache && cfg.Storage.CacheDriver != nil { log.Warn().Err(zerr.ErrBadConfig).Str("directory", cfg.Storage.RootDirectory). - Msg("invalid cache config, remoteCache set to false but cacheDriver config (remote caching) provided for directory" + - "will ignore and use local caching") + Msg("invalid database config, remoteCache set to false but cacheDriver config (remote database)" + + " provided for directory will ignore and use local database") } // subpaths @@ -281,34 +284,34 @@ func validateCacheConfig(cfg *config.Config, log zlog.Logger) error { // dedupe true, remote storage, remoteCache true, but no cacheDriver (remote) //nolint: lll if subPath.Dedupe && subPath.StorageDriver != nil && subPath.RemoteCache && subPath.CacheDriver == nil { - log.Error().Err(zerr.ErrBadConfig). - Msg("invalid cache config, dedupe set to true with remote storage and caching, but no remote cache configured!") + msg := "invalid database config, dedupe set to true with remote storage and database, but no remote database configured!" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } if subPath.CacheDriver != nil && subPath.RemoteCache { // local storage with remote caching if subPath.StorageDriver == nil { - log.Error().Err(zerr.ErrBadConfig). - Msg("invalid cache config, cannot have local storage driver with remote caching!") + msg := "invalid database config, cannot have local storage driver with remote database!" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } // unsupported cache driver if subPath.CacheDriver["name"] != storageConstants.DynamoDBDriverName { - log.Error().Err(zerr.ErrBadConfig).Interface("cacheDriver", cfg.Storage.CacheDriver["name"]). - Msg("invalid cache config, unsupported cache driver") + msg := "invalid database config, unsupported database driver" + log.Error().Err(zerr.ErrBadConfig).Interface("cacheDriver", cfg.Storage.CacheDriver["name"]).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } if !subPath.RemoteCache && subPath.CacheDriver != nil { log.Warn().Err(zerr.ErrBadConfig).Str("directory", cfg.Storage.RootDirectory). - Msg("invalid cache config, remoteCache set to false but cacheDriver config (remote caching)" + - "provided for directory, will ignore and use local caching") + Msg("invalid database config, remoteCache set to false but cacheDriver config (remote database)" + + "provided for directory, will ignore and use local database") } } @@ -329,30 +332,30 @@ func validateExtensionsConfig(cfg *config.Config, log zlog.Logger) error { // it would make sense to also check for mgmt and user prefs to be enabled, // but those are both enabled by having the search and ui extensions enabled if cfg.Extensions.Search == nil || !*cfg.Extensions.Search.Enable { - log.Error().Err(zerr.ErrBadConfig). - Msg("failed to enable ui, search extension must be enabled") + msg := "failed to enable ui, search extension must be enabled" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } //nolint:lll if cfg.Storage.StorageDriver != nil && cfg.Extensions != nil && cfg.Extensions.Search != nil && cfg.Extensions.Search.Enable != nil && *cfg.Extensions.Search.Enable && cfg.Extensions.Search.CVE != nil { - log.Error().Err(zerr.ErrBadConfig). - Msg("failed to enable cve scanning due to incompatibility with remote storage, please disable cve") + msg := "failed to enable cve scanning due to incompatibility with remote storage, please disable cve" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } for _, subPath := range cfg.Storage.SubPaths { //nolint:lll if subPath.StorageDriver != nil && cfg.Extensions != nil && cfg.Extensions.Search != nil && cfg.Extensions.Search.Enable != nil && *cfg.Extensions.Search.Enable && cfg.Extensions.Search.CVE != nil { - log.Error().Err(zerr.ErrBadConfig). - Msg("failed to enable cve scanning due to incompatibility with remote storage, please disable cve") + msg := "failed to enable cve scanning due to incompatibility with remote storage, please disable cve" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } @@ -403,18 +406,18 @@ func validateConfiguration(config *config.Config, log zlog.Logger) error { if len(config.Storage.StorageDriver) != 0 { // enforce s3 driver in case of using storage driver if config.Storage.StorageDriver["name"] != storageConstants.S3StorageDriverName { - log.Error().Err(zerr.ErrBadConfig).Interface("cacheDriver", config.Storage.StorageDriver["name"]). - Msg("unsupported storage driver") + msg := "unsupported storage driver" + log.Error().Err(zerr.ErrBadConfig).Interface("cacheDriver", config.Storage.StorageDriver["name"]).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } // enforce tmpDir in case sync + s3 if config.Extensions != nil && config.Extensions.Sync != nil && config.Extensions.Sync.DownloadDir == "" { - log.Error().Err(zerr.ErrBadConfig). - Msg("using both sync and remote storage features needs config.Extensions.Sync.DownloadDir to be specified") + msg := "using both sync and remote storage features needs config.Extensions.Sync.DownloadDir to be specified" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } @@ -426,18 +429,19 @@ func validateConfiguration(config *config.Config, log zlog.Logger) error { for route, storageConfig := range subPaths { if len(storageConfig.StorageDriver) != 0 { if storageConfig.StorageDriver["name"] != storageConstants.S3StorageDriverName { + msg := "unsupported storage driver" log.Error().Err(zerr.ErrBadConfig).Str("subpath", route).Interface("storageDriver", - storageConfig.StorageDriver["name"]).Msg("unsupported storage driver") + storageConfig.StorageDriver["name"]).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } // enforce tmpDir in case sync + s3 if config.Extensions != nil && config.Extensions.Sync != nil && config.Extensions.Sync.DownloadDir == "" { - log.Error().Err(zerr.ErrBadConfig). - Msg("using both sync and remote storage features needs config.Extensions.Sync.DownloadDir to be specified") + msg := "using both sync and remote storage features needs config.Extensions.Sync.DownloadDir to be specified" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } } @@ -449,10 +453,10 @@ func validateConfiguration(config *config.Config, log zlog.Logger) error { for pattern := range config.HTTP.AccessControl.Repositories { ok := glob.ValidatePattern(pattern) if !ok { - log.Error().Err(glob.ErrBadPattern).Str("pattern", pattern). - Msg("failed to compile authorization pattern") + msg := "failed to compile authorization pattern" + log.Error().Err(glob.ErrBadPattern).Str("pattern", pattern).Msg(msg) - return glob.ErrBadPattern + return fmt.Errorf("%w: %s", glob.ErrBadPattern, msg) } } } @@ -472,23 +476,23 @@ func validateOpenIDConfig(cfg *config.Config, log zlog.Logger) error { if config.IsOpenIDSupported(provider) { if providerConfig.ClientID == "" || providerConfig.Issuer == "" || len(providerConfig.Scopes) == 0 { - log.Error().Err(zerr.ErrBadConfig). - Msg("OpenID provider config requires clientid, issuer and scopes parameters") + msg := "OpenID provider config requires clientid, issuer and scopes parameters" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } else if config.IsOauth2Supported(provider) { if providerConfig.ClientID == "" || len(providerConfig.Scopes) == 0 { - log.Error().Err(zerr.ErrBadConfig). - Msg("OAuth2 provider config requires clientid and scopes parameters") + msg := "OAuth2 provider config requires clientid and scopes parameters" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } else { - log.Error().Err(zerr.ErrBadConfig). - Msg("unsupported openid/oauth2 provider") + msg := "unsupported openid/oauth2 provider" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } } @@ -499,11 +503,11 @@ func validateOpenIDConfig(cfg *config.Config, log zlog.Logger) error { func validateAuthzPolicies(config *config.Config, log zlog.Logger) error { if (config.HTTP.Auth == nil || (config.HTTP.Auth.HTPasswd.Path == "" && config.HTTP.Auth.LDAP == nil && config.HTTP.Auth.OpenID == nil)) && !authzContainsOnlyAnonymousPolicy(config) { - log.Error().Err(zerr.ErrBadConfig). - Msg("access control config requires one of httpasswd, ldap or openid authentication " + - "or using only 'anonymousPolicy' policies") + msg := "access control config requires one of httpasswd, ldap or openid authentication " + + "or using only 'anonymousPolicy' policies" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } return nil @@ -822,20 +826,22 @@ func LoadConfiguration(config *config.Config, configPath string) error { log := zlog.NewLogger(config.Log.Level, config.Log.Output) if len(metaData.Keys) == 0 { - log.Error().Err(zerr.ErrBadConfig). - Msg("failed to load config due to the absence of any key:value pair") + msg := "failed to load config due to the absence of any key:value pair" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } if len(metaData.Unused) > 0 { - log.Error().Err(zerr.ErrBadConfig).Strs("keys", metaData.Unused). - Msg("failed to load config due to unknown keys") + msg := "failed to load config due to unknown keys" + log.Error().Err(zerr.ErrBadConfig).Strs("keys", metaData.Unused).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } if err := updateLDAPConfig(config); err != nil { + log.Error().Err(err).Msg("failed to read ldap config file") + return err } @@ -921,24 +927,24 @@ func readSecretFile(path string, v any, checkUnsetFields bool) error { //nolint: } if len(metaData.Keys) == 0 { - log.Error().Err(zerr.ErrBadConfig).Str("path", path). - Msg("failed to load secret file due to the absence of any key:value pair") + msg := "failed to load secret file due to the absence of any key:value pair" + log.Error().Err(zerr.ErrBadConfig).Str("path", path).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } if len(metaData.Unused) > 0 { - log.Error().Err(zerr.ErrBadConfig).Str("path", path).Strs("keys", metaData.Unused). - Msg("failed to load secret file due to unknown keys") + msg := "failed to load secret file due to unknown keys" + log.Error().Err(zerr.ErrBadConfig).Str("path", path).Strs("keys", metaData.Unused).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } if checkUnsetFields && len(metaData.Unset) > 0 { - log.Error().Err(zerr.ErrBadConfig).Strs("keys", metaData.Unset). - Msg("failed to load ldap credentials config due to unset keys") + msg := "failed to load secret file due to unset keys" + log.Error().Err(zerr.ErrBadConfig).Strs("keys", metaData.Unset).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } return nil @@ -989,24 +995,24 @@ func validateLDAP(config *config.Config, log zlog.Logger) error { if config.HTTP.Auth != nil && config.HTTP.Auth.LDAP != nil { ldap := config.HTTP.Auth.LDAP if ldap.UserAttribute == "" { - log.Error().Str("userAttribute", ldap.UserAttribute). - Msg("invalid LDAP configuration, missing mandatory key: userAttribute") + msg := "invalid LDAP configuration, missing mandatory key: userAttribute" + log.Error().Str("userAttribute", ldap.UserAttribute).Msg(msg) - return zerr.ErrLDAPConfig + return fmt.Errorf("%w: %s", zerr.ErrLDAPConfig, msg) } if ldap.Address == "" { - log.Error().Str("address", ldap.Address). - Msg("invalid LDAP configuration, missing mandatory key: address") + msg := "invalid LDAP configuration, missing mandatory key: address" + log.Error().Str("address", ldap.Address).Msg(msg) - return zerr.ErrLDAPConfig + return fmt.Errorf("%w: %s", zerr.ErrLDAPConfig, msg) } if ldap.BaseDN == "" { - log.Error().Str("basedn", ldap.BaseDN). - Msg("invalid LDAP configuration, missing mandatory key: basedn") + msg := "invalid LDAP configuration, missing mandatory key: basedn" + log.Error().Str("basedn", ldap.BaseDN).Msg(msg) - return zerr.ErrLDAPConfig + return fmt.Errorf("%w: %s", zerr.ErrLDAPConfig, msg) } } @@ -1019,7 +1025,7 @@ func validateHTTP(config *config.Config, log zlog.Logger) error { if err != nil || (port < 0 || port > 65535) { log.Error().Str("port", config.HTTP.Port).Msg("invalid port") - return zerr.ErrBadConfig + return fmt.Errorf("%w: invalid port %s", zerr.ErrBadConfig, config.HTTP.Port) } } @@ -1032,14 +1038,16 @@ func validateGC(config *config.Config, log zlog.Logger) error { log.Error().Err(zerr.ErrBadConfig).Dur("delay", config.Storage.GCDelay). Msg("invalid garbage-collect delay specified") - return zerr.ErrBadConfig + return fmt.Errorf("%w: invalid garbage-collect delay specified %s", + zerr.ErrBadConfig, config.Storage.GCDelay) } if config.Storage.GCInterval < 0 { log.Error().Err(zerr.ErrBadConfig).Dur("interval", config.Storage.GCInterval). Msg("invalid garbage-collect interval specified") - return zerr.ErrBadConfig + return fmt.Errorf("%w: invalid garbage-collect interval specified %s", + zerr.ErrBadConfig, config.Storage.GCInterval) } if !config.Storage.GC { @@ -1066,7 +1074,8 @@ func validateGC(config *config.Config, log zlog.Logger) error { Interface("gcDelay", subPath.GCDelay). Msg("invalid GC delay configuration - cannot be negative or zero") - return zerr.ErrBadConfig + return fmt.Errorf("%w: invalid GC delay configuration - cannot be negative or zero: %s", + zerr.ErrBadConfig, subPath.GCDelay) } if err := validateGCRules(subPath.Retention, log); err != nil { @@ -1084,7 +1093,8 @@ func validateGCRules(retention config.ImageRetention, log zlog.Logger) error { log.Error().Err(glob.ErrBadPattern).Str("pattern", pattern). Msg("retention repo glob pattern could not be compiled") - return zerr.ErrBadConfig + return fmt.Errorf("%w: retention repo glob pattern could not be compiled: %s", + zerr.ErrBadConfig, pattern) } } @@ -1095,7 +1105,8 @@ func validateGCRules(retention config.ImageRetention, log zlog.Logger) error { log.Error().Err(glob.ErrBadPattern).Str("regex", regex). Msg("retention tag regex could not be compiled") - return zerr.ErrBadConfig + return fmt.Errorf("%w: retention tag regex could not be compiled: %s", + zerr.ErrBadConfig, regex) } } } @@ -1110,38 +1121,39 @@ func validateSync(config *config.Config, log zlog.Logger) error { for id, regCfg := range config.Extensions.Sync.Registries { // check retry options are configured for sync if regCfg.MaxRetries != nil && regCfg.RetryDelay == nil { + msg := "retryDelay is required when using maxRetries" log.Error().Err(zerr.ErrBadConfig).Int("id", id).Interface("extensions.sync.registries[id]", - config.Extensions.Sync.Registries[id]).Msg("retryDelay is required when using maxRetries") + config.Extensions.Sync.Registries[id]).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } if regCfg.Content != nil { for _, content := range regCfg.Content { ok := glob.ValidatePattern(content.Prefix) if !ok { - log.Error().Err(glob.ErrBadPattern).Str("prefix", content.Prefix). - Msg("sync prefix could not be compiled") + msg := "sync prefix could not be compiled" + log.Error().Err(glob.ErrBadPattern).Str("prefix", content.Prefix).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s: %s", zerr.ErrBadConfig, msg, content.Prefix) } if content.Tags != nil && content.Tags.Regex != nil { _, err := regexp.Compile(*content.Tags.Regex) if err != nil { - log.Error().Err(glob.ErrBadPattern).Str("regex", *content.Tags.Regex). - Msg("sync content regex could not be compiled") + msg := "sync content regex could not be compiled" + log.Error().Err(glob.ErrBadPattern).Str("regex", *content.Tags.Regex).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s: %s", zerr.ErrBadConfig, msg, *content.Tags.Regex) } } if content.StripPrefix && !strings.Contains(content.Prefix, "/*") && content.Destination == "/" { + msg := "can not use stripPrefix true and destination '/' without using glob patterns in prefix" log.Error().Err(zerr.ErrBadConfig). - Interface("sync content", content).Str("component", "sync"). - Msg("can not use stripPrefix true and destination '/' without using glob patterns in prefix") + Interface("sync content", content).Str("component", "sync").Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } // check sync config doesn't overlap with retention config @@ -1157,21 +1169,22 @@ func validateSync(config *config.Config, log zlog.Logger) error { func validateClusterConfig(config *config.Config, log zlog.Logger) error { if config.Cluster != nil { if len(config.Cluster.Members) == 0 { - log.Error().Err(zerr.ErrBadConfig). - Msg("cannot have 0 members in a scale out cluster") + msg := "cannot have 0 members in a scale out cluster" + log.Error().Err(zerr.ErrBadConfig).Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } // the allowed length is 16 as the siphash requires a 128 bit key. // that translates to 16 characters * 8 bits each. allowedHashKeyLength := 16 if len(config.Cluster.HashKey) != allowedHashKeyLength { + msg := fmt.Sprintf("hashKey for scale out cluster must have %d characters", allowedHashKeyLength) log.Error().Err(zerr.ErrBadConfig). Str("hashkey", config.Cluster.HashKey). - Msg(fmt.Sprintf("hashKey for scale out cluster must have %d characters", allowedHashKeyLength)) + Msg(msg) - return zerr.ErrBadConfig + return fmt.Errorf("%w: %s", zerr.ErrBadConfig, msg) } } diff --git a/pkg/common/common_test.go b/pkg/common/common_test.go index a6c0f7c3..e3a00fda 100644 --- a/pkg/common/common_test.go +++ b/pkg/common/common_test.go @@ -118,7 +118,7 @@ func TestCommon(t *testing.T) { }) Convey("Test AreSocketsEqual with equal IPv6 sockets", t, func() { - result, err := common.AreSocketsEqual("[::1]:9000", "[0000:0000:0000:0000:0000:0000:0000:00001]:9000") + result, err := common.AreSocketsEqual("[::1]:9000", "[0000:0000:0000:0000:0000:0000:0000:0001]:9000") So(err, ShouldBeNil) So(result, ShouldBeTrue) }) diff --git a/pkg/compat/compat.go b/pkg/compat/compat.go new file mode 100644 index 00000000..a2b61f0e --- /dev/null +++ b/pkg/compat/compat.go @@ -0,0 +1,69 @@ +package compat + +import ( + dockerList "github.com/distribution/distribution/v3/manifest/manifestlist" + docker "github.com/distribution/distribution/v3/manifest/schema2" + v1 "github.com/opencontainers/image-spec/specs-go/v1" + + "zotregistry.dev/zot/errors" +) + +// MediaCompatibility determines non-OCI media-compatilibility. +type MediaCompatibility string + +const ( + DockerManifestV2SchemaV2 = "docker2s2" +) + +// docker + +func CompatibleManifestMediaTypes() []string { + return []string{docker.MediaTypeManifest} +} + +func IsCompatibleManifestMediaType(mediatype string) bool { + for _, mt := range CompatibleManifestMediaTypes() { + if mt == mediatype { + return true + } + } + + return false +} + +func CompatibleManifestListMediaTypes() []string { + return []string{dockerList.MediaTypeManifestList} +} + +func IsCompatibleManifestListMediaType(mediatype string) bool { + for _, mt := range CompatibleManifestListMediaTypes() { + if mt == mediatype { + return true + } + } + + return false +} + +func Validate(body []byte, mediaType string) ([]v1.Descriptor, error) { + switch mediaType { + case docker.MediaTypeManifest: + var desm docker.DeserializedManifest + + if err := desm.UnmarshalJSON(body); err != nil { + return nil, err + } + + return desm.References(), nil + case dockerList.MediaTypeManifestList: + var desm dockerList.DeserializedManifestList + + if err := desm.UnmarshalJSON(body); err != nil { + return nil, err + } + + return desm.References(), nil + } + + return nil, errors.ErrMediaTypeNotSupported +} diff --git a/pkg/exporter/api/controller_test.go b/pkg/exporter/api/controller_test.go index 7fade424..e5628119 100644 --- a/pkg/exporter/api/controller_test.go +++ b/pkg/exporter/api/controller_test.go @@ -30,8 +30,8 @@ import ( . "zotregistry.dev/zot/pkg/test/common" ) -func getRandomLatencyN(max int64) time.Duration { - nBig, err := rand.Int(rand.Reader, big.NewInt(max)) +func getRandomLatencyN(maxLatency int64) time.Duration { + nBig, err := rand.Int(rand.Reader, big.NewInt(maxLatency)) if err != nil { panic(err) } diff --git a/pkg/extensions/config/sync/config.go b/pkg/extensions/config/sync/config.go index ec888a08..180420ee 100644 --- a/pkg/extensions/config/sync/config.go +++ b/pkg/extensions/config/sync/config.go @@ -23,15 +23,16 @@ type Config struct { } type RegistryConfig struct { - URLs []string - PollInterval time.Duration - Content []Content - TLSVerify *bool - OnDemand bool - CertDir string - MaxRetries *int - RetryDelay *time.Duration - OnlySigned *bool + URLs []string + PollInterval time.Duration + Content []Content + TLSVerify *bool + OnDemand bool + CertDir string + MaxRetries *int + RetryDelay *time.Duration + OnlySigned *bool + CredentialHelper string } type Content struct { diff --git a/pkg/extensions/extension_image_trust_test.go b/pkg/extensions/extension_image_trust_test.go index bbdb3f76..a7de46bc 100644 --- a/pkg/extensions/extension_image_trust_test.go +++ b/pkg/extensions/extension_image_trust_test.go @@ -200,7 +200,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ logger.Logger = logger.Output(writers) imageStore := local.NewImageStore(globalDir, false, false, - logger, monitoring.NewMetricsServer(false, logger), nil, nil) + logger, monitoring.NewMetricsServer(false, logger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -321,7 +321,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ logger.Logger = logger.Output(writers) imageStore := local.NewImageStore(globalDir, false, false, - logger, monitoring.NewMetricsServer(false, logger), nil, nil) + logger, monitoring.NewMetricsServer(false, logger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -429,7 +429,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ logger.Logger = logger.Output(writers) imageStore := local.NewImageStore(globalDir, false, false, - logger, monitoring.NewMetricsServer(false, logger), nil, nil) + logger, monitoring.NewMetricsServer(false, logger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -592,7 +592,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ logger.Logger = logger.Output(writers) imageStore := local.NewImageStore(globalDir, false, false, - logger, monitoring.NewMetricsServer(false, logger), nil, nil) + logger, monitoring.NewMetricsServer(false, logger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -856,7 +856,7 @@ func RunSignatureUploadAndVerificationTests(t *testing.T, cacheDriverParams map[ logger.Logger = logger.Output(writers) imageStore := local.NewImageStore(globalDir, false, false, - logger, monitoring.NewMetricsServer(false, logger), nil, nil) + logger, monitoring.NewMetricsServer(false, logger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, diff --git a/pkg/extensions/extension_search.go b/pkg/extensions/extension_search.go index e9523e5a..6946c6b7 100644 --- a/pkg/extensions/extension_search.go +++ b/pkg/extensions/extension_search.go @@ -99,7 +99,7 @@ func SetupSearchRoutes(conf *config.Config, router *mux.Router, storeController extRouter.Use(zcommon.ACHeadersMiddleware(conf, allowedMethods...)) extRouter.Use(zcommon.AddExtensionSecurityHeaders()) extRouter.Methods(allowedMethods...). - Handler(gqlHandler.NewDefaultServer(gql_generated.NewExecutableSchema(resConfig))) + Handler(gqlHandler.NewDefaultServer(gql_generated.NewExecutableSchema(resConfig))) //nolint: staticcheck log.Info().Msg("finished setting up search routes") } diff --git a/pkg/extensions/imagetrust/notation.go b/pkg/extensions/imagetrust/notation.go index 744491c9..f801e6b4 100644 --- a/pkg/extensions/imagetrust/notation.go +++ b/pkg/extensions/imagetrust/notation.go @@ -79,19 +79,21 @@ func NewCertificateLocalStorage(rootDir string) (*CertificateLocalStorage, error } for _, truststoreType := range truststore.Types { - defaultTruststore := path.Join(dir, "truststore", "x509", string(truststoreType), truststoreName) + if truststoreType != truststore.TypeTSA { + defaultTruststore := path.Join(dir, "truststore", "x509", string(truststoreType), truststoreName) + + _, err = os.Stat(defaultTruststore) + if os.IsNotExist(err) { + err = os.MkdirAll(defaultTruststore, defaultDirPerms) + if err != nil { + return nil, err + } + } - _, err = os.Stat(defaultTruststore) - if os.IsNotExist(err) { - err = os.MkdirAll(defaultTruststore, defaultDirPerms) if err != nil { return nil, err } } - - if err != nil { - return nil, err - } } return certStorage, nil @@ -117,7 +119,9 @@ func InitTrustpolicyFile(notationStorage certificateStorage) error { truststores := []string{} for _, truststoreType := range truststore.Types { - truststores = append(truststores, fmt.Sprintf("\"%s:%s\"", string(truststoreType), truststoreName)) + if truststoreType != truststore.TypeTSA { + truststores = append(truststores, fmt.Sprintf("\"%s:%s\"", string(truststoreType), truststoreName)) + } } defaultTruststores := strings.Join(truststores, ",") diff --git a/pkg/extensions/lint/lint_test.go b/pkg/extensions/lint/lint_test.go index 7187ffab..d29ed76b 100644 --- a/pkg/extensions/lint/lint_test.go +++ b/pkg/extensions/lint/lint_test.go @@ -489,7 +489,7 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { linter := lint.NewLinter(lintConfig, log.NewLogger("debug", "")) imgStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil, nil) indexContent, err := imgStore.GetIndexContent("zot-test") So(err, ShouldBeNil) @@ -521,7 +521,7 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { linter := lint.NewLinter(lintConfig, log.NewLogger("debug", "")) imgStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil, nil) indexContent, err := imgStore.GetIndexContent("zot-test") So(err, ShouldBeNil) @@ -591,7 +591,7 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { linter := lint.NewLinter(lintConfig, log.NewLogger("debug", "")) imgStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil, nil) pass, err := linter.CheckMandatoryAnnotations("zot-test", digest, imgStore) So(err, ShouldBeNil) @@ -653,7 +653,7 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { linter := lint.NewLinter(lintConfig, log.NewLogger("debug", "")) imgStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil, nil) pass, err := linter.CheckMandatoryAnnotations("zot-test", digest, imgStore) So(err, ShouldNotBeNil) @@ -717,7 +717,7 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { linter := lint.NewLinter(lintConfig, log.NewLogger("debug", "")) imgStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil, nil) pass, err := linter.CheckMandatoryAnnotations("zot-test", digest, imgStore) So(err, ShouldBeNil) @@ -780,7 +780,7 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { linter := lint.NewLinter(lintConfig, log.NewLogger("debug", "")) imgStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil, nil) err = os.Chmod(path.Join(dir, "zot-test", "blobs"), 0o000) if err != nil { @@ -878,7 +878,7 @@ func TestVerifyMandatoryAnnotationsFunction(t *testing.T) { linter := lint.NewLinter(lintConfig, log.NewLogger("debug", "")) imgStore := local.NewImageStore(dir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), linter, nil, nil) err = os.Chmod(path.Join(dir, "zot-test", "blobs", "sha256", manifest.Config.Digest.Encoded()), 0o000) if err != nil { diff --git a/pkg/extensions/scrub/scrub_test.go b/pkg/extensions/scrub/scrub_test.go index 3406ea50..90f87e2c 100644 --- a/pkg/extensions/scrub/scrub_test.go +++ b/pkg/extensions/scrub/scrub_test.go @@ -195,7 +195,7 @@ func TestRunScrubRepo(t *testing.T) { UseRelPaths: true, }, log) imgStore := local.NewImageStore(dir, true, - true, log, metrics, nil, cacheDriver) + true, log, metrics, nil, cacheDriver, nil) srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log) image := CreateDefaultVulnerableImage() @@ -231,7 +231,7 @@ func TestRunScrubRepo(t *testing.T) { UseRelPaths: true, }, log) imgStore := local.NewImageStore(dir, true, - true, log, metrics, nil, cacheDriver) + true, log, metrics, nil, cacheDriver, nil) srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log) image := CreateDefaultVulnerableImage() @@ -272,7 +272,7 @@ func TestRunScrubRepo(t *testing.T) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) srcStorageCtlr := ociutils.GetDefaultStoreController(dir, log) image := CreateDefaultVulnerableImage() diff --git a/pkg/extensions/search/cve/cve.go b/pkg/extensions/search/cve/cve.go index 7a7c0bfa..f897e494 100644 --- a/pkg/extensions/search/cve/cve.go +++ b/pkg/extensions/search/cve/cve.go @@ -11,6 +11,7 @@ import ( zerr "zotregistry.dev/zot/errors" zcommon "zotregistry.dev/zot/pkg/common" + "zotregistry.dev/zot/pkg/compat" cvemodel "zotregistry.dev/zot/pkg/extensions/search/cve/model" "zotregistry.dev/zot/pkg/extensions/search/cve/trivy" "zotregistry.dev/zot/pkg/log" @@ -69,8 +70,10 @@ func (cveinfo BaseCveInfo) GetImageListForCVE(ctx context.Context, repo, cveID s } for tag, descriptor := range repoMeta.Tags { - switch descriptor.MediaType { - case ispec.MediaTypeImageManifest, ispec.MediaTypeImageIndex: + if descriptor.MediaType == ispec.MediaTypeImageManifest || + descriptor.MediaType == ispec.MediaTypeImageIndex || + compat.IsCompatibleManifestMediaType(descriptor.MediaType) || + compat.IsCompatibleManifestListMediaType(descriptor.MediaType) { manifestDigestStr := descriptor.Digest manifestDigest := godigest.Digest(manifestDigestStr) @@ -102,7 +105,7 @@ func (cveinfo BaseCveInfo) GetImageListForCVE(ctx context.Context, repo, cveID s }, }) } - default: + } else { cveinfo.Log.Debug().Str("image", repo+":"+tag).Str("mediaType", descriptor.MediaType). Msg("image media type not supported for scanning") } @@ -129,8 +132,9 @@ func (cveinfo BaseCveInfo) GetImageListWithCVEFixed(ctx context.Context, repo, c return []cvemodel.TagInfo{}, ctx.Err() } - switch descriptor.MediaType { - case ispec.MediaTypeImageManifest: + //nolint:gocritic // cannot convert to switch-case + if descriptor.MediaType == ispec.MediaTypeImageManifest || + compat.IsCompatibleManifestMediaType(descriptor.MediaType) { manifestDigestStr := descriptor.Digest tagInfo, err := getTagInfoForManifest(tag, manifestDigestStr, cveinfo.MetaDB) @@ -146,7 +150,8 @@ func (cveinfo BaseCveInfo) GetImageListWithCVEFixed(ctx context.Context, repo, c if cveinfo.isManifestVulnerable(ctx, repo, tag, manifestDigestStr, cveID) { vulnerableTags = append(vulnerableTags, tagInfo) } - case ispec.MediaTypeImageIndex: + } else if descriptor.MediaType == ispec.MediaTypeImageIndex || + compat.IsCompatibleManifestListMediaType(descriptor.MediaType) { indexDigestStr := descriptor.Digest indexContent, err := getIndexContent(cveinfo.MetaDB, indexDigestStr) @@ -201,7 +206,7 @@ func (cveinfo BaseCveInfo) GetImageListWithCVEFixed(ctx context.Context, repo, c Timestamp: mostRecentUpdate(vulnerableManifests), }) } - default: + } else { cveinfo.Log.Debug().Str("mediaType", descriptor.MediaType). Msg("image media type not supported for scanning") } @@ -533,18 +538,20 @@ func GetFixedTags(allTags, vulnerableTags []cvemodel.TagInfo) []cvemodel.TagInfo for _, tag := range vulnerableTags { vulnerableTagMap[tag.Tag] = tag - switch tag.Descriptor.MediaType { - case ispec.MediaTypeImageManifest: + //nolint:gocritic // cannot convert to switch-case + if tag.Descriptor.MediaType == ispec.MediaTypeImageManifest || + compat.IsCompatibleManifestMediaType(tag.Descriptor.MediaType) { if tag.Timestamp.Before(earliestVulnerable.Timestamp) { earliestVulnerable = tag } - case ispec.MediaTypeImageIndex: + } else if tag.Descriptor.MediaType == ispec.MediaTypeImageIndex || + compat.IsCompatibleManifestListMediaType(tag.Descriptor.MediaType) { for _, manifestDesc := range tag.Manifests { if manifestDesc.Timestamp.Before(earliestVulnerable.Timestamp) { earliestVulnerable = tag } } - default: + } else { continue } } @@ -557,8 +564,9 @@ func GetFixedTags(allTags, vulnerableTags []cvemodel.TagInfo) []cvemodel.TagInfo // There may be older images which have a fix or // newer images which don't for _, tag := range allTags { - switch tag.Descriptor.MediaType { - case ispec.MediaTypeImageManifest: + //nolint:gocritic // cannot convert to switch-case + if tag.Descriptor.MediaType == ispec.MediaTypeImageManifest || + compat.IsCompatibleManifestMediaType(tag.Descriptor.MediaType) { if tag.Timestamp.Before(earliestVulnerable.Timestamp) { // The vulnerability did not exist at the time this // image was built @@ -570,7 +578,8 @@ func GetFixedTags(allTags, vulnerableTags []cvemodel.TagInfo) []cvemodel.TagInfo if _, ok := vulnerableTagMap[tag.Tag]; !ok { fixedTags = append(fixedTags, tag) } - case ispec.MediaTypeImageIndex: + } else if tag.Descriptor.MediaType == ispec.MediaTypeImageIndex || + compat.IsCompatibleManifestListMediaType(tag.Descriptor.MediaType) { fixedManifests := []cvemodel.DescriptorInfo{} // If the latest update inside the index is before the earliest vulnerability found then @@ -599,7 +608,7 @@ func GetFixedTags(allTags, vulnerableTags []cvemodel.TagInfo) []cvemodel.TagInfo fixedTags = append(fixedTags, fixedTag) } - default: + } else { continue } } diff --git a/pkg/extensions/search/cve/cve_test.go b/pkg/extensions/search/cve/cve_test.go index cd5f9096..d74c6cdc 100644 --- a/pkg/extensions/search/cve/cve_test.go +++ b/pkg/extensions/search/cve/cve_test.go @@ -319,7 +319,7 @@ func TestImageFormat(t *testing.T) { dbDir := t.TempDir() metrics := monitoring.NewMetricsServer(false, log) - defaultStore := local.NewImageStore(imgDir, false, false, log, metrics, nil, nil) + defaultStore := local.NewImageStore(imgDir, false, false, log, metrics, nil, nil, nil) storeController := storage.StoreController{DefaultStore: defaultStore} params := boltdb.DBParameters{ @@ -1350,7 +1350,7 @@ func TestCVEStruct(t *testing.T) { //nolint:gocyclo // Tag is not found cveList, cveSummary, pageInfo, err = cveInfo.GetCVEListForImage(ctx, "repo-with-bad-tag-digest", "tag", "", "", "", pageInput) - So(err, ShouldEqual, zerr.ErrImageMetaNotFound) + So(err, ShouldWrap, zerr.ErrImageMetaNotFound) So(len(cveList), ShouldEqual, 0) So(pageInfo.ItemCount, ShouldEqual, 0) So(pageInfo.TotalCount, ShouldEqual, 0) diff --git a/pkg/extensions/search/cve/scan_test.go b/pkg/extensions/search/cve/scan_test.go index 363a2e7f..d8e53624 100644 --- a/pkg/extensions/search/cve/scan_test.go +++ b/pkg/extensions/search/cve/scan_test.go @@ -505,7 +505,7 @@ func TestScanGeneratorWithRealData(t *testing.T) { metrics := monitoring.NewMetricsServer(true, logger) imageStore := local.NewImageStore(rootDir, false, false, - logger, metrics, nil, nil) + logger, metrics, nil, nil, nil) storeController := storage.StoreController{DefaultStore: imageStore} image := CreateRandomVulnerableImage() diff --git a/pkg/extensions/search/cve/trivy/scanner.go b/pkg/extensions/search/cve/trivy/scanner.go index 42c9e92b..4d7971b1 100644 --- a/pkg/extensions/search/cve/trivy/scanner.go +++ b/pkg/extensions/search/cve/trivy/scanner.go @@ -26,6 +26,7 @@ import ( zerr "zotregistry.dev/zot/errors" zcommon "zotregistry.dev/zot/pkg/common" + "zotregistry.dev/zot/pkg/compat" cvecache "zotregistry.dev/zot/pkg/extensions/search/cve/cache" cvemodel "zotregistry.dev/zot/pkg/extensions/search/cve/model" "zotregistry.dev/zot/pkg/log" @@ -51,10 +52,10 @@ func getNewScanOptions(dir string, dbRepositoryRef, javaDBRepositoryRef name.Ref PkgTypes: []string{types.PkgTypeOS, types.PkgTypeLibrary}, }, DBOptions: flag.DBOptions{ - DBRepository: dbRepositoryRef, - JavaDBRepository: javaDBRepositoryRef, - SkipDBUpdate: true, - SkipJavaDBUpdate: true, + DBRepositories: []name.Reference{dbRepositoryRef}, + JavaDBRepositories: []name.Reference{javaDBRepositoryRef}, + SkipDBUpdate: true, + SkipJavaDBUpdate: true, }, ReportOptions: flag.ReportOptions{ Format: "table", @@ -243,22 +244,23 @@ func (scanner Scanner) IsImageFormatScannable(repo, ref string) (bool, error) { func (scanner Scanner) IsImageMediaScannable(repo, digestStr, mediaType string) (bool, error) { image := repo + "@" + digestStr - switch mediaType { - case ispec.MediaTypeImageManifest: + if mediaType == ispec.MediaTypeImageManifest || //nolint:gocritic // not converting to switch-case + compat.IsCompatibleManifestMediaType(mediaType) { ok, err := scanner.isManifestScanable(digestStr) if err != nil { return ok, fmt.Errorf("image '%s' %w", image, err) } return ok, nil - case ispec.MediaTypeImageIndex: + } else if mediaType == ispec.MediaTypeImageIndex || + compat.IsCompatibleManifestListMediaType(mediaType) { ok, err := scanner.isIndexScannable(digestStr) if err != nil { return ok, fmt.Errorf("image '%s' %w", image, err) } return ok, nil - default: + } else { return false, nil } } @@ -379,10 +381,11 @@ func (scanner Scanner) ScanImage(ctx context.Context, image string) (map[string] err error ) - switch mediaType { - case ispec.MediaTypeImageIndex: + if mediaType == ispec.MediaTypeImageIndex || + compat.IsCompatibleManifestListMediaType(mediaType) { cveIDMap, err = scanner.scanIndex(ctx, repo, digest) - default: + } else if mediaType == ispec.MediaTypeImageManifest || + compat.IsCompatibleManifestMediaType(mediaType) { cveIDMap, err = scanner.scanManifest(ctx, repo, digest) } @@ -583,7 +586,10 @@ func (scanner Scanner) updateDB(ctx context.Context, dbDir string) error { scanner.log.Debug().Str("dbDir", dbDir).Msg("started downloading trivy-db to destination dir") - err := operation.DownloadDB(ctx, "dev", dbDir, scanner.dbRepositoryRef, false, false, registryOpts) + dbRefs := []name.Reference{scanner.dbRepositoryRef} + javaDBRefs := []name.Reference{scanner.javaDBRepositoryRef} + + err := operation.DownloadDB(ctx, "dev", dbDir, dbRefs, false, false, registryOpts) if err != nil { scanner.log.Error().Err(err).Str("dbDir", dbDir). Str("dbRepository", scanner.dbRepositoryRef.String()). @@ -593,7 +599,7 @@ func (scanner Scanner) updateDB(ctx context.Context, dbDir string) error { } if scanner.javaDBRepositoryRef != nil { - javadb.Init(dbDir, scanner.javaDBRepositoryRef, false, false, registryOpts) + javadb.Init(dbDir, javaDBRefs, false, false, registryOpts) if err := javadb.Update(); err != nil { scanner.log.Error().Err(err).Str("dbDir", dbDir). diff --git a/pkg/extensions/search/cve/trivy/scanner_internal_test.go b/pkg/extensions/search/cve/trivy/scanner_internal_test.go index 00c94a43..91d5a9fa 100644 --- a/pkg/extensions/search/cve/trivy/scanner_internal_test.go +++ b/pkg/extensions/search/cve/trivy/scanner_internal_test.go @@ -54,11 +54,11 @@ func TestMultipleStoragePath(t *testing.T) { // Create ImageStore - firstStore := local.NewImageStore(firstRootDir, false, false, log, metrics, nil, nil) + firstStore := local.NewImageStore(firstRootDir, false, false, log, metrics, nil, nil, nil) - secondStore := local.NewImageStore(secondRootDir, false, false, log, metrics, nil, nil) + secondStore := local.NewImageStore(secondRootDir, false, false, log, metrics, nil, nil, nil) - thirdStore := local.NewImageStore(thirdRootDir, false, false, log, metrics, nil, nil) + thirdStore := local.NewImageStore(thirdRootDir, false, false, log, metrics, nil, nil, nil) storeController := storage.StoreController{} @@ -172,7 +172,7 @@ func TestTrivyLibraryErrors(t *testing.T) { metrics := monitoring.NewMetricsServer(false, log) // Create ImageStore - store := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + store := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) storeController := storage.StoreController{} storeController.DefaultStore = store @@ -313,13 +313,13 @@ func TestImageScannable(t *testing.T) { // Continue with initializing the objects the scanner depends on metrics := monitoring.NewMetricsServer(false, log) - store := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + store := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) storeController := storage.StoreController{} storeController.DefaultStore = store scanner := NewScanner(storeController, metaDB, "ghcr.io/project-zot/trivy-db", - "ghcr.io/aquasecurity/trivy-java-db", log) + "ghcr.io/project-zot/trivy-java-db", log) Convey("Valid image should be scannable", t, func() { result, err := scanner.IsImageFormatScannable("repo1", "valid") @@ -352,8 +352,8 @@ func TestImageScannable(t *testing.T) { }) } -func TestDefaultTrivyDBUrl(t *testing.T) { - Convey("Test trivy DB download from default location", t, func() { +func TestTrivyDBUrl(t *testing.T) { + Convey("Test trivy DB download", t, func() { // Create temporary directory rootDir := t.TempDir() @@ -367,7 +367,7 @@ func TestDefaultTrivyDBUrl(t *testing.T) { metrics := monitoring.NewMetricsServer(false, log) // Create ImageStore - store := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + store := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) storeController := storage.StoreController{} storeController.DefaultStore = store @@ -385,8 +385,11 @@ func TestDefaultTrivyDBUrl(t *testing.T) { err = meta.ParseStorage(metaDB, storeController, log) So(err, ShouldBeNil) - scanner := NewScanner(storeController, metaDB, "ghcr.io/aquasecurity/trivy-db", - "ghcr.io/aquasecurity/trivy-java-db", log) + // Ideally we would want to also test the default urls + // But we are getting `response status code 429: toomanyrequests` from + // `ghcr.io/aquasecurity/trivy-db` and `ghcr.io/aquasecurity/trivy-java-db` + scanner := NewScanner(storeController, metaDB, "ghcr.io/project-zot/trivy-db", + "ghcr.io/project-zot/trivy-java-db", log) ctx := context.Background() diff --git a/pkg/extensions/search/cve/trivy/scanner_test.go b/pkg/extensions/search/cve/trivy/scanner_test.go index 3597a0dc..9e2b37a4 100644 --- a/pkg/extensions/search/cve/trivy/scanner_test.go +++ b/pkg/extensions/search/cve/trivy/scanner_test.go @@ -168,7 +168,7 @@ func TestVulnerableLayer(t *testing.T) { log := log.NewLogger("debug", "") imageStore := local.NewImageStore(tempDir, false, false, - log, monitoring.NewMetricsServer(false, log), nil, nil) + log, monitoring.NewMetricsServer(false, log), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -239,7 +239,7 @@ func TestVulnerableLayer(t *testing.T) { log := log.NewLogger("debug", "") imageStore := local.NewImageStore(tempDir, false, false, - log, monitoring.NewMetricsServer(false, log), nil, nil) + log, monitoring.NewMetricsServer(false, log), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -261,7 +261,7 @@ func TestVulnerableLayer(t *testing.T) { So(err, ShouldBeNil) scanner := trivy.NewScanner(storeController, metaDB, "ghcr.io/project-zot/trivy-db", - "ghcr.io/aquasecurity/trivy-java-db", log) + "ghcr.io/project-zot/trivy-java-db", log) err = scanner.UpdateDB(context.Background()) So(err, ShouldBeNil) diff --git a/pkg/extensions/search/gql_generated/generated.go b/pkg/extensions/search/gql_generated/generated.go index 951e955b..88ec7d8d 100644 --- a/pkg/extensions/search/gql_generated/generated.go +++ b/pkg/extensions/search/gql_generated/generated.go @@ -269,7 +269,7 @@ func (e *executableSchema) Schema() *ast.Schema { return parsedSchema } -func (e *executableSchema) Complexity(typeName, field string, childComplexity int, rawArgs map[string]interface{}) (int, bool) { +func (e *executableSchema) Complexity(typeName, field string, childComplexity int, rawArgs map[string]any) (int, bool) { ec := executionContext{nil, e, 0, 0, nil} _ = ec switch typeName + "." + field { @@ -1229,8 +1229,8 @@ func (e *executableSchema) Complexity(typeName, field string, childComplexity in } func (e *executableSchema) Exec(ctx context.Context) graphql.ResponseHandler { - rc := graphql.GetOperationContext(ctx) - ec := executionContext{rc, e, 0, 0, make(chan graphql.DeferredResult)} + opCtx := graphql.GetOperationContext(ctx) + ec := executionContext{opCtx, e, 0, 0, make(chan graphql.DeferredResult)} inputUnmarshalMap := graphql.BuildUnmarshalerMap( ec.unmarshalInputFilter, ec.unmarshalInputImageInput, @@ -1239,7 +1239,7 @@ func (e *executableSchema) Exec(ctx context.Context) graphql.ResponseHandler { ) first := true - switch rc.Operation.Operation { + switch opCtx.Operation.Operation { case ast.Query: return func(ctx context.Context) *graphql.Response { var response graphql.Response @@ -1247,7 +1247,7 @@ func (e *executableSchema) Exec(ctx context.Context) graphql.ResponseHandler { if first { first = false ctx = graphql.WithUnmarshalerMap(ctx, inputUnmarshalMap) - data = ec._Query(ctx, rc.Operation.SelectionSet) + data = ec._Query(ctx, opCtx.Operation.SelectionSet) } else { if atomic.LoadInt32(&ec.pendingDeferred) > 0 { result := <-ec.deferredResults @@ -2220,9 +2220,9 @@ var parsedSchema = gqlparser.MustLoadSchema(sources...) // region ***************************** args.gotpl ***************************** -func (ec *executionContext) field_Query_BaseImageList_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_BaseImageList_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_BaseImageList_argsImage(ctx, rawArgs) if err != nil { return nil, err @@ -2242,7 +2242,7 @@ func (ec *executionContext) field_Query_BaseImageList_args(ctx context.Context, } func (ec *executionContext) field_Query_BaseImageList_argsImage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2264,7 +2264,7 @@ func (ec *executionContext) field_Query_BaseImageList_argsImage( func (ec *executionContext) field_Query_BaseImageList_argsDigest( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2286,7 +2286,7 @@ func (ec *executionContext) field_Query_BaseImageList_argsDigest( func (ec *executionContext) field_Query_BaseImageList_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2306,9 +2306,9 @@ func (ec *executionContext) field_Query_BaseImageList_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_BookmarkedRepos_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_BookmarkedRepos_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_BookmarkedRepos_argsRequestedPage(ctx, rawArgs) if err != nil { return nil, err @@ -2318,7 +2318,7 @@ func (ec *executionContext) field_Query_BookmarkedRepos_args(ctx context.Context } func (ec *executionContext) field_Query_BookmarkedRepos_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2338,9 +2338,9 @@ func (ec *executionContext) field_Query_BookmarkedRepos_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_CVEDiffListForImages_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_CVEDiffListForImages_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_CVEDiffListForImages_argsMinuend(ctx, rawArgs) if err != nil { return nil, err @@ -2370,7 +2370,7 @@ func (ec *executionContext) field_Query_CVEDiffListForImages_args(ctx context.Co } func (ec *executionContext) field_Query_CVEDiffListForImages_argsMinuend( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (ImageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2392,7 +2392,7 @@ func (ec *executionContext) field_Query_CVEDiffListForImages_argsMinuend( func (ec *executionContext) field_Query_CVEDiffListForImages_argsSubtrahend( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (ImageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2414,7 +2414,7 @@ func (ec *executionContext) field_Query_CVEDiffListForImages_argsSubtrahend( func (ec *executionContext) field_Query_CVEDiffListForImages_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2436,7 +2436,7 @@ func (ec *executionContext) field_Query_CVEDiffListForImages_argsRequestedPage( func (ec *executionContext) field_Query_CVEDiffListForImages_argsSearchedCve( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2458,7 +2458,7 @@ func (ec *executionContext) field_Query_CVEDiffListForImages_argsSearchedCve( func (ec *executionContext) field_Query_CVEDiffListForImages_argsExcludedCve( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2478,9 +2478,9 @@ func (ec *executionContext) field_Query_CVEDiffListForImages_argsExcludedCve( return zeroVal, nil } -func (ec *executionContext) field_Query_CVEListForImage_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_CVEListForImage_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_CVEListForImage_argsImage(ctx, rawArgs) if err != nil { return nil, err @@ -2510,7 +2510,7 @@ func (ec *executionContext) field_Query_CVEListForImage_args(ctx context.Context } func (ec *executionContext) field_Query_CVEListForImage_argsImage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2532,7 +2532,7 @@ func (ec *executionContext) field_Query_CVEListForImage_argsImage( func (ec *executionContext) field_Query_CVEListForImage_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2554,7 +2554,7 @@ func (ec *executionContext) field_Query_CVEListForImage_argsRequestedPage( func (ec *executionContext) field_Query_CVEListForImage_argsSearchedCve( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2576,7 +2576,7 @@ func (ec *executionContext) field_Query_CVEListForImage_argsSearchedCve( func (ec *executionContext) field_Query_CVEListForImage_argsExcludedCve( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2598,7 +2598,7 @@ func (ec *executionContext) field_Query_CVEListForImage_argsExcludedCve( func (ec *executionContext) field_Query_CVEListForImage_argsSeverity( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2618,9 +2618,9 @@ func (ec *executionContext) field_Query_CVEListForImage_argsSeverity( return zeroVal, nil } -func (ec *executionContext) field_Query_DerivedImageList_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_DerivedImageList_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_DerivedImageList_argsImage(ctx, rawArgs) if err != nil { return nil, err @@ -2640,7 +2640,7 @@ func (ec *executionContext) field_Query_DerivedImageList_args(ctx context.Contex } func (ec *executionContext) field_Query_DerivedImageList_argsImage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2662,7 +2662,7 @@ func (ec *executionContext) field_Query_DerivedImageList_argsImage( func (ec *executionContext) field_Query_DerivedImageList_argsDigest( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2684,7 +2684,7 @@ func (ec *executionContext) field_Query_DerivedImageList_argsDigest( func (ec *executionContext) field_Query_DerivedImageList_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2704,9 +2704,9 @@ func (ec *executionContext) field_Query_DerivedImageList_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_ExpandedRepoInfo_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_ExpandedRepoInfo_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_ExpandedRepoInfo_argsRepo(ctx, rawArgs) if err != nil { return nil, err @@ -2716,7 +2716,7 @@ func (ec *executionContext) field_Query_ExpandedRepoInfo_args(ctx context.Contex } func (ec *executionContext) field_Query_ExpandedRepoInfo_argsRepo( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2736,9 +2736,9 @@ func (ec *executionContext) field_Query_ExpandedRepoInfo_argsRepo( return zeroVal, nil } -func (ec *executionContext) field_Query_GlobalSearch_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_GlobalSearch_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_GlobalSearch_argsQuery(ctx, rawArgs) if err != nil { return nil, err @@ -2758,7 +2758,7 @@ func (ec *executionContext) field_Query_GlobalSearch_args(ctx context.Context, r } func (ec *executionContext) field_Query_GlobalSearch_argsQuery( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2780,7 +2780,7 @@ func (ec *executionContext) field_Query_GlobalSearch_argsQuery( func (ec *executionContext) field_Query_GlobalSearch_argsFilter( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*Filter, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2802,7 +2802,7 @@ func (ec *executionContext) field_Query_GlobalSearch_argsFilter( func (ec *executionContext) field_Query_GlobalSearch_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2822,9 +2822,9 @@ func (ec *executionContext) field_Query_GlobalSearch_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_ImageListForCVE_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_ImageListForCVE_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_ImageListForCVE_argsID(ctx, rawArgs) if err != nil { return nil, err @@ -2844,7 +2844,7 @@ func (ec *executionContext) field_Query_ImageListForCVE_args(ctx context.Context } func (ec *executionContext) field_Query_ImageListForCVE_argsID( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2866,7 +2866,7 @@ func (ec *executionContext) field_Query_ImageListForCVE_argsID( func (ec *executionContext) field_Query_ImageListForCVE_argsFilter( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*Filter, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2888,7 +2888,7 @@ func (ec *executionContext) field_Query_ImageListForCVE_argsFilter( func (ec *executionContext) field_Query_ImageListForCVE_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2908,9 +2908,9 @@ func (ec *executionContext) field_Query_ImageListForCVE_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_ImageListForDigest_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_ImageListForDigest_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_ImageListForDigest_argsID(ctx, rawArgs) if err != nil { return nil, err @@ -2925,7 +2925,7 @@ func (ec *executionContext) field_Query_ImageListForDigest_args(ctx context.Cont } func (ec *executionContext) field_Query_ImageListForDigest_argsID( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2947,7 +2947,7 @@ func (ec *executionContext) field_Query_ImageListForDigest_argsID( func (ec *executionContext) field_Query_ImageListForDigest_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -2967,9 +2967,9 @@ func (ec *executionContext) field_Query_ImageListForDigest_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_ImageListWithCVEFixed_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_ImageListWithCVEFixed_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_ImageListWithCVEFixed_argsID(ctx, rawArgs) if err != nil { return nil, err @@ -2994,7 +2994,7 @@ func (ec *executionContext) field_Query_ImageListWithCVEFixed_args(ctx context.C } func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsID( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3016,7 +3016,7 @@ func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsID( func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsImage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3038,7 +3038,7 @@ func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsImage( func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsFilter( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*Filter, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3060,7 +3060,7 @@ func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsFilter( func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3080,9 +3080,9 @@ func (ec *executionContext) field_Query_ImageListWithCVEFixed_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_ImageList_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_ImageList_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_ImageList_argsRepo(ctx, rawArgs) if err != nil { return nil, err @@ -3097,7 +3097,7 @@ func (ec *executionContext) field_Query_ImageList_args(ctx context.Context, rawA } func (ec *executionContext) field_Query_ImageList_argsRepo( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3119,7 +3119,7 @@ func (ec *executionContext) field_Query_ImageList_argsRepo( func (ec *executionContext) field_Query_ImageList_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3139,9 +3139,9 @@ func (ec *executionContext) field_Query_ImageList_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query_Image_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_Image_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_Image_argsImage(ctx, rawArgs) if err != nil { return nil, err @@ -3151,7 +3151,7 @@ func (ec *executionContext) field_Query_Image_args(ctx context.Context, rawArgs } func (ec *executionContext) field_Query_Image_argsImage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3171,9 +3171,9 @@ func (ec *executionContext) field_Query_Image_argsImage( return zeroVal, nil } -func (ec *executionContext) field_Query_Referrers_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_Referrers_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_Referrers_argsRepo(ctx, rawArgs) if err != nil { return nil, err @@ -3193,7 +3193,7 @@ func (ec *executionContext) field_Query_Referrers_args(ctx context.Context, rawA } func (ec *executionContext) field_Query_Referrers_argsRepo( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3215,7 +3215,7 @@ func (ec *executionContext) field_Query_Referrers_argsRepo( func (ec *executionContext) field_Query_Referrers_argsDigest( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3237,7 +3237,7 @@ func (ec *executionContext) field_Query_Referrers_argsDigest( func (ec *executionContext) field_Query_Referrers_argsType( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) ([]string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3257,9 +3257,9 @@ func (ec *executionContext) field_Query_Referrers_argsType( return zeroVal, nil } -func (ec *executionContext) field_Query_RepoListWithNewestImage_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_RepoListWithNewestImage_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_RepoListWithNewestImage_argsRequestedPage(ctx, rawArgs) if err != nil { return nil, err @@ -3269,7 +3269,7 @@ func (ec *executionContext) field_Query_RepoListWithNewestImage_args(ctx context } func (ec *executionContext) field_Query_RepoListWithNewestImage_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3289,9 +3289,9 @@ func (ec *executionContext) field_Query_RepoListWithNewestImage_argsRequestedPag return zeroVal, nil } -func (ec *executionContext) field_Query_StarredRepos_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query_StarredRepos_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query_StarredRepos_argsRequestedPage(ctx, rawArgs) if err != nil { return nil, err @@ -3301,7 +3301,7 @@ func (ec *executionContext) field_Query_StarredRepos_args(ctx context.Context, r } func (ec *executionContext) field_Query_StarredRepos_argsRequestedPage( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (*PageInput, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3321,9 +3321,9 @@ func (ec *executionContext) field_Query_StarredRepos_argsRequestedPage( return zeroVal, nil } -func (ec *executionContext) field_Query___type_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field_Query___type_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field_Query___type_argsName(ctx, rawArgs) if err != nil { return nil, err @@ -3333,7 +3333,7 @@ func (ec *executionContext) field_Query___type_args(ctx context.Context, rawArgs } func (ec *executionContext) field_Query___type_argsName( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (string, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3353,9 +3353,9 @@ func (ec *executionContext) field_Query___type_argsName( return zeroVal, nil } -func (ec *executionContext) field___Type_enumValues_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field___Type_enumValues_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field___Type_enumValues_argsIncludeDeprecated(ctx, rawArgs) if err != nil { return nil, err @@ -3365,7 +3365,7 @@ func (ec *executionContext) field___Type_enumValues_args(ctx context.Context, ra } func (ec *executionContext) field___Type_enumValues_argsIncludeDeprecated( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (bool, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3385,9 +3385,9 @@ func (ec *executionContext) field___Type_enumValues_argsIncludeDeprecated( return zeroVal, nil } -func (ec *executionContext) field___Type_fields_args(ctx context.Context, rawArgs map[string]interface{}) (map[string]interface{}, error) { +func (ec *executionContext) field___Type_fields_args(ctx context.Context, rawArgs map[string]any) (map[string]any, error) { var err error - args := map[string]interface{}{} + args := map[string]any{} arg0, err := ec.field___Type_fields_argsIncludeDeprecated(ctx, rawArgs) if err != nil { return nil, err @@ -3397,7 +3397,7 @@ func (ec *executionContext) field___Type_fields_args(ctx context.Context, rawArg } func (ec *executionContext) field___Type_fields_argsIncludeDeprecated( ctx context.Context, - rawArgs map[string]interface{}, + rawArgs map[string]any, ) (bool, error) { // We won't call the directive if the argument is null. // Set call_argument_directives_with_null to true to call directives @@ -3437,7 +3437,7 @@ func (ec *executionContext) _Annotation_Key(ctx context.Context, field graphql.C ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Key, nil }) @@ -3478,7 +3478,7 @@ func (ec *executionContext) _Annotation_Value(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Value, nil }) @@ -3519,7 +3519,7 @@ func (ec *executionContext) _CVE_Id(ctx context.Context, field graphql.Collected ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.ID, nil }) @@ -3560,7 +3560,7 @@ func (ec *executionContext) _CVE_Title(ctx context.Context, field graphql.Collec ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Title, nil }) @@ -3601,7 +3601,7 @@ func (ec *executionContext) _CVE_Description(ctx context.Context, field graphql. ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description, nil }) @@ -3642,7 +3642,7 @@ func (ec *executionContext) _CVE_Reference(ctx context.Context, field graphql.Co ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Reference, nil }) @@ -3683,7 +3683,7 @@ func (ec *executionContext) _CVE_Severity(ctx context.Context, field graphql.Col ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Severity, nil }) @@ -3724,7 +3724,7 @@ func (ec *executionContext) _CVE_PackageList(ctx context.Context, field graphql. ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.PackageList, nil }) @@ -3775,7 +3775,7 @@ func (ec *executionContext) _CVEDiffResult_Minuend(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Minuend, nil }) @@ -3829,7 +3829,7 @@ func (ec *executionContext) _CVEDiffResult_Subtrahend(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Subtrahend, nil }) @@ -3883,7 +3883,7 @@ func (ec *executionContext) _CVEDiffResult_CVEList(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.CVEList, nil }) @@ -3938,7 +3938,7 @@ func (ec *executionContext) _CVEDiffResult_Summary(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Summary, nil }) @@ -3995,7 +3995,7 @@ func (ec *executionContext) _CVEDiffResult_Page(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Page, nil }) @@ -4042,7 +4042,7 @@ func (ec *executionContext) _CVEResultForImage_Tag(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Tag, nil }) @@ -4083,7 +4083,7 @@ func (ec *executionContext) _CVEResultForImage_CVEList(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.CVEList, nil }) @@ -4138,7 +4138,7 @@ func (ec *executionContext) _CVEResultForImage_Summary(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Summary, nil }) @@ -4195,7 +4195,7 @@ func (ec *executionContext) _CVEResultForImage_Page(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Page, nil }) @@ -4242,7 +4242,7 @@ func (ec *executionContext) _GlobalSearchResult_Page(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Page, nil }) @@ -4289,7 +4289,7 @@ func (ec *executionContext) _GlobalSearchResult_Images(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Images, nil }) @@ -4378,7 +4378,7 @@ func (ec *executionContext) _GlobalSearchResult_Repos(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Repos, nil }) @@ -4443,7 +4443,7 @@ func (ec *executionContext) _GlobalSearchResult_Layers(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Layers, nil }) @@ -4490,7 +4490,7 @@ func (ec *executionContext) _HistoryDescription_Created(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Created, nil }) @@ -4531,7 +4531,7 @@ func (ec *executionContext) _HistoryDescription_CreatedBy(ctx context.Context, f ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.CreatedBy, nil }) @@ -4572,7 +4572,7 @@ func (ec *executionContext) _HistoryDescription_Author(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Author, nil }) @@ -4613,7 +4613,7 @@ func (ec *executionContext) _HistoryDescription_Comment(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Comment, nil }) @@ -4654,7 +4654,7 @@ func (ec *executionContext) _HistoryDescription_EmptyLayer(ctx context.Context, ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.EmptyLayer, nil }) @@ -4695,7 +4695,7 @@ func (ec *executionContext) _ImageIdentifier_Repo(ctx context.Context, field gra ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Repo, nil }) @@ -4739,7 +4739,7 @@ func (ec *executionContext) _ImageIdentifier_Tag(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Tag, nil }) @@ -4783,7 +4783,7 @@ func (ec *executionContext) _ImageIdentifier_Digest(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Digest, nil }) @@ -4824,7 +4824,7 @@ func (ec *executionContext) _ImageIdentifier_Platform(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Platform, nil }) @@ -4871,7 +4871,7 @@ func (ec *executionContext) _ImageSummary_RepoName(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.RepoName, nil }) @@ -4912,7 +4912,7 @@ func (ec *executionContext) _ImageSummary_Tag(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Tag, nil }) @@ -4953,7 +4953,7 @@ func (ec *executionContext) _ImageSummary_Digest(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Digest, nil }) @@ -4994,7 +4994,7 @@ func (ec *executionContext) _ImageSummary_MediaType(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.MediaType, nil }) @@ -5035,7 +5035,7 @@ func (ec *executionContext) _ImageSummary_Manifests(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Manifests, nil }) @@ -5104,7 +5104,7 @@ func (ec *executionContext) _ImageSummary_Size(ctx context.Context, field graphq ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Size, nil }) @@ -5145,7 +5145,7 @@ func (ec *executionContext) _ImageSummary_DownloadCount(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.DownloadCount, nil }) @@ -5186,7 +5186,7 @@ func (ec *executionContext) _ImageSummary_LastPullTimestamp(ctx context.Context, ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.LastPullTimestamp, nil }) @@ -5227,7 +5227,7 @@ func (ec *executionContext) _ImageSummary_PushTimestamp(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.PushTimestamp, nil }) @@ -5268,7 +5268,7 @@ func (ec *executionContext) _ImageSummary_LastUpdated(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.LastUpdated, nil }) @@ -5309,7 +5309,7 @@ func (ec *executionContext) _ImageSummary_Description(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description, nil }) @@ -5350,7 +5350,7 @@ func (ec *executionContext) _ImageSummary_IsSigned(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsSigned, nil }) @@ -5391,7 +5391,7 @@ func (ec *executionContext) _ImageSummary_SignatureInfo(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.SignatureInfo, nil }) @@ -5440,7 +5440,7 @@ func (ec *executionContext) _ImageSummary_Licenses(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Licenses, nil }) @@ -5481,7 +5481,7 @@ func (ec *executionContext) _ImageSummary_Labels(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Labels, nil }) @@ -5522,7 +5522,7 @@ func (ec *executionContext) _ImageSummary_Title(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Title, nil }) @@ -5563,7 +5563,7 @@ func (ec *executionContext) _ImageSummary_Source(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Source, nil }) @@ -5604,7 +5604,7 @@ func (ec *executionContext) _ImageSummary_Documentation(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Documentation, nil }) @@ -5645,7 +5645,7 @@ func (ec *executionContext) _ImageSummary_Vendor(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Vendor, nil }) @@ -5686,7 +5686,7 @@ func (ec *executionContext) _ImageSummary_Authors(ctx context.Context, field gra ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Authors, nil }) @@ -5727,7 +5727,7 @@ func (ec *executionContext) _ImageSummary_Vulnerabilities(ctx context.Context, f ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Vulnerabilities, nil }) @@ -5784,7 +5784,7 @@ func (ec *executionContext) _ImageSummary_Referrers(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Referrers, nil }) @@ -5837,7 +5837,7 @@ func (ec *executionContext) _ImageSummary_IsDeletable(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsDeletable, nil }) @@ -5878,7 +5878,7 @@ func (ec *executionContext) _ImageVulnerabilitySummary_MaxSeverity(ctx context.C ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.MaxSeverity, nil }) @@ -5919,7 +5919,7 @@ func (ec *executionContext) _ImageVulnerabilitySummary_Count(ctx context.Context ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Count, nil }) @@ -5960,7 +5960,7 @@ func (ec *executionContext) _ImageVulnerabilitySummary_UnknownCount(ctx context. ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.UnknownCount, nil }) @@ -6001,7 +6001,7 @@ func (ec *executionContext) _ImageVulnerabilitySummary_LowCount(ctx context.Cont ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.LowCount, nil }) @@ -6042,7 +6042,7 @@ func (ec *executionContext) _ImageVulnerabilitySummary_MediumCount(ctx context.C ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.MediumCount, nil }) @@ -6083,7 +6083,7 @@ func (ec *executionContext) _ImageVulnerabilitySummary_HighCount(ctx context.Con ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.HighCount, nil }) @@ -6124,7 +6124,7 @@ func (ec *executionContext) _ImageVulnerabilitySummary_CriticalCount(ctx context ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.CriticalCount, nil }) @@ -6165,7 +6165,7 @@ func (ec *executionContext) _LayerHistory_Layer(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Layer, nil }) @@ -6212,7 +6212,7 @@ func (ec *executionContext) _LayerHistory_HistoryDescription(ctx context.Context ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.HistoryDescription, nil }) @@ -6265,7 +6265,7 @@ func (ec *executionContext) _LayerSummary_Size(ctx context.Context, field graphq ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Size, nil }) @@ -6306,7 +6306,7 @@ func (ec *executionContext) _LayerSummary_Digest(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Digest, nil }) @@ -6347,7 +6347,7 @@ func (ec *executionContext) _ManifestSummary_Digest(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Digest, nil }) @@ -6388,7 +6388,7 @@ func (ec *executionContext) _ManifestSummary_ConfigDigest(ctx context.Context, f ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.ConfigDigest, nil }) @@ -6429,7 +6429,7 @@ func (ec *executionContext) _ManifestSummary_LastUpdated(ctx context.Context, fi ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.LastUpdated, nil }) @@ -6470,7 +6470,7 @@ func (ec *executionContext) _ManifestSummary_Size(ctx context.Context, field gra ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Size, nil }) @@ -6511,7 +6511,7 @@ func (ec *executionContext) _ManifestSummary_IsSigned(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsSigned, nil }) @@ -6552,7 +6552,7 @@ func (ec *executionContext) _ManifestSummary_SignatureInfo(ctx context.Context, ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.SignatureInfo, nil }) @@ -6601,7 +6601,7 @@ func (ec *executionContext) _ManifestSummary_Platform(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Platform, nil }) @@ -6648,7 +6648,7 @@ func (ec *executionContext) _ManifestSummary_DownloadCount(ctx context.Context, ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.DownloadCount, nil }) @@ -6689,7 +6689,7 @@ func (ec *executionContext) _ManifestSummary_Layers(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Layers, nil }) @@ -6736,7 +6736,7 @@ func (ec *executionContext) _ManifestSummary_History(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.History, nil }) @@ -6783,7 +6783,7 @@ func (ec *executionContext) _ManifestSummary_Vulnerabilities(ctx context.Context ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Vulnerabilities, nil }) @@ -6840,7 +6840,7 @@ func (ec *executionContext) _ManifestSummary_Referrers(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Referrers, nil }) @@ -6893,7 +6893,7 @@ func (ec *executionContext) _ManifestSummary_ArtifactType(ctx context.Context, f ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.ArtifactType, nil }) @@ -6934,7 +6934,7 @@ func (ec *executionContext) _PackageInfo_Name(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Name, nil }) @@ -6975,7 +6975,7 @@ func (ec *executionContext) _PackageInfo_PackagePath(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.PackagePath, nil }) @@ -7016,7 +7016,7 @@ func (ec *executionContext) _PackageInfo_InstalledVersion(ctx context.Context, f ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.InstalledVersion, nil }) @@ -7057,7 +7057,7 @@ func (ec *executionContext) _PackageInfo_FixedVersion(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.FixedVersion, nil }) @@ -7098,7 +7098,7 @@ func (ec *executionContext) _PageInfo_TotalCount(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.TotalCount, nil }) @@ -7142,7 +7142,7 @@ func (ec *executionContext) _PageInfo_ItemCount(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.ItemCount, nil }) @@ -7186,7 +7186,7 @@ func (ec *executionContext) _PaginatedImagesResult_Page(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Page, nil }) @@ -7233,7 +7233,7 @@ func (ec *executionContext) _PaginatedImagesResult_Results(ctx context.Context, ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Results, nil }) @@ -7325,7 +7325,7 @@ func (ec *executionContext) _PaginatedReposResult_Page(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Page, nil }) @@ -7372,7 +7372,7 @@ func (ec *executionContext) _PaginatedReposResult_Results(ctx context.Context, f ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Results, nil }) @@ -7440,7 +7440,7 @@ func (ec *executionContext) _Platform_Os(ctx context.Context, field graphql.Coll ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Os, nil }) @@ -7481,7 +7481,7 @@ func (ec *executionContext) _Platform_Arch(ctx context.Context, field graphql.Co ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Arch, nil }) @@ -7522,7 +7522,7 @@ func (ec *executionContext) _Query_CVEListForImage(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().CVEListForImage(rctx, fc.Args["image"].(string), fc.Args["requestedPage"].(*PageInput), fc.Args["searchedCVE"].(*string), fc.Args["excludedCVE"].(*string), fc.Args["severity"].(*string)) }) @@ -7587,7 +7587,7 @@ func (ec *executionContext) _Query_CVEDiffListForImages(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().CVEDiffListForImages(rctx, fc.Args["minuend"].(ImageInput), fc.Args["subtrahend"].(ImageInput), fc.Args["requestedPage"].(*PageInput), fc.Args["searchedCVE"].(*string), fc.Args["excludedCVE"].(*string)) }) @@ -7654,7 +7654,7 @@ func (ec *executionContext) _Query_ImageListForCVE(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().ImageListForCve(rctx, fc.Args["id"].(string), fc.Args["filter"].(*Filter), fc.Args["requestedPage"].(*PageInput)) }) @@ -7715,7 +7715,7 @@ func (ec *executionContext) _Query_ImageListWithCVEFixed(ctx context.Context, fi ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().ImageListWithCVEFixed(rctx, fc.Args["id"].(string), fc.Args["image"].(string), fc.Args["filter"].(*Filter), fc.Args["requestedPage"].(*PageInput)) }) @@ -7776,7 +7776,7 @@ func (ec *executionContext) _Query_ImageListForDigest(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().ImageListForDigest(rctx, fc.Args["id"].(string), fc.Args["requestedPage"].(*PageInput)) }) @@ -7837,7 +7837,7 @@ func (ec *executionContext) _Query_RepoListWithNewestImage(ctx context.Context, ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().RepoListWithNewestImage(rctx, fc.Args["requestedPage"].(*PageInput)) }) @@ -7898,7 +7898,7 @@ func (ec *executionContext) _Query_ImageList(ctx context.Context, field graphql. ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().ImageList(rctx, fc.Args["repo"].(string), fc.Args["requestedPage"].(*PageInput)) }) @@ -7959,7 +7959,7 @@ func (ec *executionContext) _Query_ExpandedRepoInfo(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().ExpandedRepoInfo(rctx, fc.Args["repo"].(string)) }) @@ -8020,7 +8020,7 @@ func (ec *executionContext) _Query_GlobalSearch(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().GlobalSearch(rctx, fc.Args["query"].(string), fc.Args["filter"].(*Filter), fc.Args["requestedPage"].(*PageInput)) }) @@ -8085,7 +8085,7 @@ func (ec *executionContext) _Query_DerivedImageList(ctx context.Context, field g ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().DerivedImageList(rctx, fc.Args["image"].(string), fc.Args["digest"].(*string), fc.Args["requestedPage"].(*PageInput)) }) @@ -8146,7 +8146,7 @@ func (ec *executionContext) _Query_BaseImageList(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().BaseImageList(rctx, fc.Args["image"].(string), fc.Args["digest"].(*string), fc.Args["requestedPage"].(*PageInput)) }) @@ -8207,7 +8207,7 @@ func (ec *executionContext) _Query_Image(ctx context.Context, field graphql.Coll ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().Image(rctx, fc.Args["image"].(string)) }) @@ -8310,7 +8310,7 @@ func (ec *executionContext) _Query_Referrers(ctx context.Context, field graphql. ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().Referrers(rctx, fc.Args["repo"].(string), fc.Args["digest"].(string), fc.Args["type"].([]string)) }) @@ -8377,7 +8377,7 @@ func (ec *executionContext) _Query_StarredRepos(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().StarredRepos(rctx, fc.Args["requestedPage"].(*PageInput)) }) @@ -8438,7 +8438,7 @@ func (ec *executionContext) _Query_BookmarkedRepos(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.resolvers.Query().BookmarkedRepos(rctx, fc.Args["requestedPage"].(*PageInput)) }) @@ -8499,7 +8499,7 @@ func (ec *executionContext) _Query___type(ctx context.Context, field graphql.Col ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.introspectType(fc.Args["name"].(string)) }) @@ -8573,7 +8573,7 @@ func (ec *executionContext) _Query___schema(ctx context.Context, field graphql.C ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return ec.introspectSchema() }) @@ -8628,7 +8628,7 @@ func (ec *executionContext) _Referrer_MediaType(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.MediaType, nil }) @@ -8669,7 +8669,7 @@ func (ec *executionContext) _Referrer_ArtifactType(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.ArtifactType, nil }) @@ -8710,7 +8710,7 @@ func (ec *executionContext) _Referrer_Size(ctx context.Context, field graphql.Co ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Size, nil }) @@ -8751,7 +8751,7 @@ func (ec *executionContext) _Referrer_Digest(ctx context.Context, field graphql. ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Digest, nil }) @@ -8792,7 +8792,7 @@ func (ec *executionContext) _Referrer_Annotations(ctx context.Context, field gra ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Annotations, nil }) @@ -8842,7 +8842,7 @@ func (ec *executionContext) _RepoInfo_Images(ctx context.Context, field graphql. ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Images, nil }) @@ -8931,7 +8931,7 @@ func (ec *executionContext) _RepoInfo_Summary(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Summary, nil }) @@ -8996,7 +8996,7 @@ func (ec *executionContext) _RepoSummary_Name(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Name, nil }) @@ -9037,7 +9037,7 @@ func (ec *executionContext) _RepoSummary_LastUpdated(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.LastUpdated, nil }) @@ -9078,7 +9078,7 @@ func (ec *executionContext) _RepoSummary_Size(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Size, nil }) @@ -9119,7 +9119,7 @@ func (ec *executionContext) _RepoSummary_Platforms(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Platforms, nil }) @@ -9166,7 +9166,7 @@ func (ec *executionContext) _RepoSummary_Vendors(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Vendors, nil }) @@ -9207,7 +9207,7 @@ func (ec *executionContext) _RepoSummary_NewestImage(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.NewestImage, nil }) @@ -9296,7 +9296,7 @@ func (ec *executionContext) _RepoSummary_DownloadCount(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.DownloadCount, nil }) @@ -9337,7 +9337,7 @@ func (ec *executionContext) _RepoSummary_StarCount(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.StarCount, nil }) @@ -9378,7 +9378,7 @@ func (ec *executionContext) _RepoSummary_IsBookmarked(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsBookmarked, nil }) @@ -9419,7 +9419,7 @@ func (ec *executionContext) _RepoSummary_IsStarred(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsStarred, nil }) @@ -9460,7 +9460,7 @@ func (ec *executionContext) _RepoSummary_Rank(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Rank, nil }) @@ -9501,7 +9501,7 @@ func (ec *executionContext) _SignatureSummary_Tool(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Tool, nil }) @@ -9542,7 +9542,7 @@ func (ec *executionContext) _SignatureSummary_IsTrusted(ctx context.Context, fie ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsTrusted, nil }) @@ -9583,7 +9583,7 @@ func (ec *executionContext) _SignatureSummary_Author(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Author, nil }) @@ -9624,7 +9624,7 @@ func (ec *executionContext) ___Directive_name(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Name, nil }) @@ -9668,7 +9668,7 @@ func (ec *executionContext) ___Directive_description(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description(), nil }) @@ -9709,7 +9709,7 @@ func (ec *executionContext) ___Directive_locations(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Locations, nil }) @@ -9753,7 +9753,7 @@ func (ec *executionContext) ___Directive_args(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Args, nil }) @@ -9807,7 +9807,7 @@ func (ec *executionContext) ___Directive_isRepeatable(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsRepeatable, nil }) @@ -9851,7 +9851,7 @@ func (ec *executionContext) ___EnumValue_name(ctx context.Context, field graphql ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Name, nil }) @@ -9895,7 +9895,7 @@ func (ec *executionContext) ___EnumValue_description(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description(), nil }) @@ -9936,7 +9936,7 @@ func (ec *executionContext) ___EnumValue_isDeprecated(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsDeprecated(), nil }) @@ -9980,7 +9980,7 @@ func (ec *executionContext) ___EnumValue_deprecationReason(ctx context.Context, ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.DeprecationReason(), nil }) @@ -10021,7 +10021,7 @@ func (ec *executionContext) ___Field_name(ctx context.Context, field graphql.Col ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Name, nil }) @@ -10065,7 +10065,7 @@ func (ec *executionContext) ___Field_description(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description(), nil }) @@ -10106,7 +10106,7 @@ func (ec *executionContext) ___Field_args(ctx context.Context, field graphql.Col ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Args, nil }) @@ -10160,7 +10160,7 @@ func (ec *executionContext) ___Field_type(ctx context.Context, field graphql.Col ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Type, nil }) @@ -10226,7 +10226,7 @@ func (ec *executionContext) ___Field_isDeprecated(ctx context.Context, field gra ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.IsDeprecated(), nil }) @@ -10270,7 +10270,7 @@ func (ec *executionContext) ___Field_deprecationReason(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.DeprecationReason(), nil }) @@ -10311,7 +10311,7 @@ func (ec *executionContext) ___InputValue_name(ctx context.Context, field graphq ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Name, nil }) @@ -10355,7 +10355,7 @@ func (ec *executionContext) ___InputValue_description(ctx context.Context, field ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description(), nil }) @@ -10396,7 +10396,7 @@ func (ec *executionContext) ___InputValue_type(ctx context.Context, field graphq ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Type, nil }) @@ -10462,7 +10462,7 @@ func (ec *executionContext) ___InputValue_defaultValue(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.DefaultValue, nil }) @@ -10503,7 +10503,7 @@ func (ec *executionContext) ___Schema_description(ctx context.Context, field gra ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description(), nil }) @@ -10544,7 +10544,7 @@ func (ec *executionContext) ___Schema_types(ctx context.Context, field graphql.C ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Types(), nil }) @@ -10610,7 +10610,7 @@ func (ec *executionContext) ___Schema_queryType(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.QueryType(), nil }) @@ -10676,7 +10676,7 @@ func (ec *executionContext) ___Schema_mutationType(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.MutationType(), nil }) @@ -10739,7 +10739,7 @@ func (ec *executionContext) ___Schema_subscriptionType(ctx context.Context, fiel ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.SubscriptionType(), nil }) @@ -10802,7 +10802,7 @@ func (ec *executionContext) ___Schema_directives(ctx context.Context, field grap ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Directives(), nil }) @@ -10858,7 +10858,7 @@ func (ec *executionContext) ___Type_kind(ctx context.Context, field graphql.Coll ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Kind(), nil }) @@ -10902,7 +10902,7 @@ func (ec *executionContext) ___Type_name(ctx context.Context, field graphql.Coll ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Name(), nil }) @@ -10943,7 +10943,7 @@ func (ec *executionContext) ___Type_description(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Description(), nil }) @@ -10984,7 +10984,7 @@ func (ec *executionContext) ___Type_fields(ctx context.Context, field graphql.Co ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Fields(fc.Args["includeDeprecated"].(bool)), nil }) @@ -11050,7 +11050,7 @@ func (ec *executionContext) ___Type_interfaces(ctx context.Context, field graphq ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.Interfaces(), nil }) @@ -11113,7 +11113,7 @@ func (ec *executionContext) ___Type_possibleTypes(ctx context.Context, field gra ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.PossibleTypes(), nil }) @@ -11176,7 +11176,7 @@ func (ec *executionContext) ___Type_enumValues(ctx context.Context, field graphq ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.EnumValues(fc.Args["includeDeprecated"].(bool)), nil }) @@ -11238,7 +11238,7 @@ func (ec *executionContext) ___Type_inputFields(ctx context.Context, field graph ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.InputFields(), nil }) @@ -11289,7 +11289,7 @@ func (ec *executionContext) ___Type_ofType(ctx context.Context, field graphql.Co ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.OfType(), nil }) @@ -11352,7 +11352,7 @@ func (ec *executionContext) ___Type_specifiedByURL(ctx context.Context, field gr ret = graphql.Null } }() - resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (interface{}, error) { + resTmp, err := ec.ResolverMiddleware(ctx, func(rctx context.Context) (any, error) { ctx = rctx // use context from middleware stack in children return obj.SpecifiedByURL(), nil }) @@ -11385,10 +11385,10 @@ func (ec *executionContext) fieldContext___Type_specifiedByURL(_ context.Context // region **************************** input.gotpl ***************************** -func (ec *executionContext) unmarshalInputFilter(ctx context.Context, obj interface{}) (Filter, error) { +func (ec *executionContext) unmarshalInputFilter(ctx context.Context, obj any) (Filter, error) { var it Filter - asMap := map[string]interface{}{} - for k, v := range obj.(map[string]interface{}) { + asMap := map[string]any{} + for k, v := range obj.(map[string]any) { asMap[k] = v } @@ -11440,10 +11440,10 @@ func (ec *executionContext) unmarshalInputFilter(ctx context.Context, obj interf return it, nil } -func (ec *executionContext) unmarshalInputImageInput(ctx context.Context, obj interface{}) (ImageInput, error) { +func (ec *executionContext) unmarshalInputImageInput(ctx context.Context, obj any) (ImageInput, error) { var it ImageInput - asMap := map[string]interface{}{} - for k, v := range obj.(map[string]interface{}) { + asMap := map[string]any{} + for k, v := range obj.(map[string]any) { asMap[k] = v } @@ -11488,10 +11488,10 @@ func (ec *executionContext) unmarshalInputImageInput(ctx context.Context, obj in return it, nil } -func (ec *executionContext) unmarshalInputPageInput(ctx context.Context, obj interface{}) (PageInput, error) { +func (ec *executionContext) unmarshalInputPageInput(ctx context.Context, obj any) (PageInput, error) { var it PageInput - asMap := map[string]interface{}{} - for k, v := range obj.(map[string]interface{}) { + asMap := map[string]any{} + for k, v := range obj.(map[string]any) { asMap[k] = v } @@ -11529,10 +11529,10 @@ func (ec *executionContext) unmarshalInputPageInput(ctx context.Context, obj int return it, nil } -func (ec *executionContext) unmarshalInputPlatformInput(ctx context.Context, obj interface{}) (PlatformInput, error) { +func (ec *executionContext) unmarshalInputPlatformInput(ctx context.Context, obj any) (PlatformInput, error) { var it PlatformInput - asMap := map[string]interface{}{} - for k, v := range obj.(map[string]interface{}) { + asMap := map[string]any{} + for k, v := range obj.(map[string]any) { asMap[k] = v } @@ -13276,7 +13276,7 @@ func (ec *executionContext) marshalNAnnotation2ᚕᚖzotregistryᚗdevᚋzotᚋp return ret } -func (ec *executionContext) unmarshalNBoolean2bool(ctx context.Context, v interface{}) (bool, error) { +func (ec *executionContext) unmarshalNBoolean2bool(ctx context.Context, v any) (bool, error) { res, err := graphql.UnmarshalBoolean(v) return res, graphql.ErrorOnPath(ctx, err) } @@ -13343,7 +13343,7 @@ func (ec *executionContext) marshalNImageIdentifier2ᚖzotregistryᚗdevᚋzot return ec._ImageIdentifier(ctx, sel, v) } -func (ec *executionContext) unmarshalNImageInput2zotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐImageInput(ctx context.Context, v interface{}) (ImageInput, error) { +func (ec *executionContext) unmarshalNImageInput2zotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐImageInput(ctx context.Context, v any) (ImageInput, error) { res, err := ec.unmarshalInputImageInput(ctx, v) return res, graphql.ErrorOnPath(ctx, err) } @@ -13406,7 +13406,7 @@ func (ec *executionContext) marshalNImageSummary2ᚖzotregistryᚗdevᚋzotᚋpk return ec._ImageSummary(ctx, sel, v) } -func (ec *executionContext) unmarshalNInt2int(ctx context.Context, v interface{}) (int, error) { +func (ec *executionContext) unmarshalNInt2int(ctx context.Context, v any) (int, error) { res, err := graphql.UnmarshalInt(v) return res, graphql.ErrorOnPath(ctx, err) } @@ -13555,7 +13555,7 @@ func (ec *executionContext) marshalNRepoSummary2ᚖzotregistryᚗdevᚋzotᚋpkg return ec._RepoSummary(ctx, sel, v) } -func (ec *executionContext) unmarshalNString2string(ctx context.Context, v interface{}) (string, error) { +func (ec *executionContext) unmarshalNString2string(ctx context.Context, v any) (string, error) { res, err := graphql.UnmarshalString(v) return res, graphql.ErrorOnPath(ctx, err) } @@ -13618,7 +13618,7 @@ func (ec *executionContext) marshalN__Directive2ᚕgithubᚗcomᚋ99designsᚋgq return ret } -func (ec *executionContext) unmarshalN__DirectiveLocation2string(ctx context.Context, v interface{}) (string, error) { +func (ec *executionContext) unmarshalN__DirectiveLocation2string(ctx context.Context, v any) (string, error) { res, err := graphql.UnmarshalString(v) return res, graphql.ErrorOnPath(ctx, err) } @@ -13633,8 +13633,8 @@ func (ec *executionContext) marshalN__DirectiveLocation2string(ctx context.Conte return res } -func (ec *executionContext) unmarshalN__DirectiveLocation2ᚕstringᚄ(ctx context.Context, v interface{}) ([]string, error) { - var vSlice []interface{} +func (ec *executionContext) unmarshalN__DirectiveLocation2ᚕstringᚄ(ctx context.Context, v any) ([]string, error) { + var vSlice []any if v != nil { vSlice = graphql.CoerceList(v) } @@ -13808,7 +13808,7 @@ func (ec *executionContext) marshalN__Type2ᚖgithubᚗcomᚋ99designsᚋgqlgen return ec.___Type(ctx, sel, v) } -func (ec *executionContext) unmarshalN__TypeKind2string(ctx context.Context, v interface{}) (string, error) { +func (ec *executionContext) unmarshalN__TypeKind2string(ctx context.Context, v any) (string, error) { res, err := graphql.UnmarshalString(v) return res, graphql.ErrorOnPath(ctx, err) } @@ -13830,7 +13830,7 @@ func (ec *executionContext) marshalOAnnotation2ᚖzotregistryᚗdevᚋzotᚋpkg return ec._Annotation(ctx, sel, v) } -func (ec *executionContext) unmarshalOBoolean2bool(ctx context.Context, v interface{}) (bool, error) { +func (ec *executionContext) unmarshalOBoolean2bool(ctx context.Context, v any) (bool, error) { res, err := graphql.UnmarshalBoolean(v) return res, graphql.ErrorOnPath(ctx, err) } @@ -13840,7 +13840,7 @@ func (ec *executionContext) marshalOBoolean2bool(ctx context.Context, sel ast.Se return res } -func (ec *executionContext) unmarshalOBoolean2ᚖbool(ctx context.Context, v interface{}) (*bool, error) { +func (ec *executionContext) unmarshalOBoolean2ᚖbool(ctx context.Context, v any) (*bool, error) { if v == nil { return nil, nil } @@ -13904,7 +13904,7 @@ func (ec *executionContext) marshalOCVE2ᚖzotregistryᚗdevᚋzotᚋpkgᚋexten return ec._CVE(ctx, sel, v) } -func (ec *executionContext) unmarshalOFilter2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐFilter(ctx context.Context, v interface{}) (*Filter, error) { +func (ec *executionContext) unmarshalOFilter2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐFilter(ctx context.Context, v any) (*Filter, error) { if v == nil { return nil, nil } @@ -13974,7 +13974,7 @@ func (ec *executionContext) marshalOImageVulnerabilitySummary2ᚖzotregistryᚗd return ec._ImageVulnerabilitySummary(ctx, sel, v) } -func (ec *executionContext) unmarshalOInt2ᚖint(ctx context.Context, v interface{}) (*int, error) { +func (ec *executionContext) unmarshalOInt2ᚖint(ctx context.Context, v any) (*int, error) { if v == nil { return nil, nil } @@ -14189,7 +14189,7 @@ func (ec *executionContext) marshalOPageInfo2ᚖzotregistryᚗdevᚋzotᚋpkgᚋ return ec._PageInfo(ctx, sel, v) } -func (ec *executionContext) unmarshalOPageInput2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐPageInput(ctx context.Context, v interface{}) (*PageInput, error) { +func (ec *executionContext) unmarshalOPageInput2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐPageInput(ctx context.Context, v any) (*PageInput, error) { if v == nil { return nil, nil } @@ -14245,7 +14245,7 @@ func (ec *executionContext) marshalOPlatform2ᚖzotregistryᚗdevᚋzotᚋpkgᚋ return ec._Platform(ctx, sel, v) } -func (ec *executionContext) unmarshalOPlatformInput2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐPlatformInput(ctx context.Context, v interface{}) (*PlatformInput, error) { +func (ec *executionContext) unmarshalOPlatformInput2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐPlatformInput(ctx context.Context, v any) (*PlatformInput, error) { if v == nil { return nil, nil } @@ -14397,7 +14397,7 @@ func (ec *executionContext) marshalOSignatureSummary2ᚖzotregistryᚗdevᚋzot return ec._SignatureSummary(ctx, sel, v) } -func (ec *executionContext) unmarshalOSortCriteria2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐSortCriteria(ctx context.Context, v interface{}) (*SortCriteria, error) { +func (ec *executionContext) unmarshalOSortCriteria2ᚖzotregistryᚗdevᚋzotᚋpkgᚋextensionsᚋsearchᚋgql_generatedᚐSortCriteria(ctx context.Context, v any) (*SortCriteria, error) { if v == nil { return nil, nil } @@ -14413,11 +14413,11 @@ func (ec *executionContext) marshalOSortCriteria2ᚖzotregistryᚗdevᚋzotᚋpk return v } -func (ec *executionContext) unmarshalOString2ᚕstringᚄ(ctx context.Context, v interface{}) ([]string, error) { +func (ec *executionContext) unmarshalOString2ᚕstringᚄ(ctx context.Context, v any) ([]string, error) { if v == nil { return nil, nil } - var vSlice []interface{} + var vSlice []any if v != nil { vSlice = graphql.CoerceList(v) } @@ -14451,11 +14451,11 @@ func (ec *executionContext) marshalOString2ᚕstringᚄ(ctx context.Context, sel return ret } -func (ec *executionContext) unmarshalOString2ᚕᚖstring(ctx context.Context, v interface{}) ([]*string, error) { +func (ec *executionContext) unmarshalOString2ᚕᚖstring(ctx context.Context, v any) ([]*string, error) { if v == nil { return nil, nil } - var vSlice []interface{} + var vSlice []any if v != nil { vSlice = graphql.CoerceList(v) } @@ -14483,7 +14483,7 @@ func (ec *executionContext) marshalOString2ᚕᚖstring(ctx context.Context, sel return ret } -func (ec *executionContext) unmarshalOString2ᚖstring(ctx context.Context, v interface{}) (*string, error) { +func (ec *executionContext) unmarshalOString2ᚖstring(ctx context.Context, v any) (*string, error) { if v == nil { return nil, nil } @@ -14499,7 +14499,7 @@ func (ec *executionContext) marshalOString2ᚖstring(ctx context.Context, sel as return res } -func (ec *executionContext) unmarshalOTime2ᚖtimeᚐTime(ctx context.Context, v interface{}) (*time.Time, error) { +func (ec *executionContext) unmarshalOTime2ᚖtimeᚐTime(ctx context.Context, v any) (*time.Time, error) { if v == nil { return nil, nil } diff --git a/pkg/extensions/search/gql_generated/models_gen.go b/pkg/extensions/search/gql_generated/models_gen.go index 553a902a..4f0f1a8f 100644 --- a/pkg/extensions/search/gql_generated/models_gen.go +++ b/pkg/extensions/search/gql_generated/models_gen.go @@ -430,7 +430,7 @@ func (e SortCriteria) String() string { return string(e) } -func (e *SortCriteria) UnmarshalGQL(v interface{}) error { +func (e *SortCriteria) UnmarshalGQL(v any) error { str, ok := v.(string) if !ok { return fmt.Errorf("enums must be strings") diff --git a/pkg/extensions/search/resolver.go b/pkg/extensions/search/resolver.go index 3cd3f9ec..c3366cda 100644 --- a/pkg/extensions/search/resolver.go +++ b/pkg/extensions/search/resolver.go @@ -960,7 +960,9 @@ func globalSearch(ctx context.Context, query string, metaDB mTypes.MetaDB, filte pageInput := getPageInput(requestedPage) expectedTag := strings.TrimPrefix(query, `:`) - matchTagName := func(repoName, actualTag string) bool { return strings.Contains(actualTag, expectedTag) } + matchTagName := func(repoName, actualTag string) bool { + return strings.Contains(strings.ToLower(actualTag), expectedTag) + } fullImageMetaList, err := metaDB.FilterTags(ctx, matchTagName, mTypes.AcceptAllImageMeta) if err != nil { diff --git a/pkg/extensions/search/schema.resolvers.go b/pkg/extensions/search/schema.resolvers.go index 1dd29fbd..b1604947 100644 --- a/pkg/extensions/search/schema.resolvers.go +++ b/pkg/extensions/search/schema.resolvers.go @@ -2,7 +2,7 @@ package search // This file will be automatically regenerated based on the schema, any resolver implementations // will be copied through when generating and any unknown code will be moved to the end. -// Code generated by github.com/99designs/gqlgen version v0.17.54 +// Code generated by github.com/99designs/gqlgen version v0.17.61 import ( "context" diff --git a/pkg/extensions/search/search_test.go b/pkg/extensions/search/search_test.go index 9f2b2f13..234c6300 100644 --- a/pkg/extensions/search/search_test.go +++ b/pkg/extensions/search/search_test.go @@ -1158,7 +1158,7 @@ func TestExpandedRepoInfo(t *testing.T) { ctlr := api.NewController(conf) imageStore := local.NewImageStore(tempDir, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), nil, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -1280,7 +1280,7 @@ func TestExpandedRepoInfo(t *testing.T) { log := log.NewLogger("debug", "") metrics := monitoring.NewMetricsServer(false, log) - testStorage := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + testStorage := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) resp, err := resty.R().Get(baseURL + "/v2/") So(resp, ShouldNotBeNil) @@ -1636,7 +1636,7 @@ func TestExpandedRepoInfo(t *testing.T) { ctlr := api.NewController(conf) imageStore := local.NewImageStore(conf.Storage.RootDirectory, false, false, - log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), nil, nil) + log.NewLogger("debug", ""), monitoring.NewMetricsServer(false, log.NewLogger("debug", "")), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -3005,7 +3005,7 @@ func TestGlobalSearchImageAuthor(t *testing.T) { }) } -func TestGlobalSearch(t *testing.T) { +func TestGlobalSearch(t *testing.T) { //nolint: gocyclo Convey("Test searching for repos with vulnerabitity scanning disabled", t, func() { subpath := "/a" @@ -3904,6 +3904,328 @@ func TestGlobalSearch(t *testing.T) { So(len(results.Images), ShouldEqual, 0) So(len(results.Repos), ShouldEqual, 0) }) + + Convey("test nested indexes", t, func() { + log := log.NewLogger("debug", "") + rootDir := t.TempDir() + port := GetFreePort() + baseURL := GetBaseURL(port) + conf := config.New() + conf.HTTP.Port = port + conf.Storage.RootDirectory = rootDir + defaultVal := true + conf.Extensions = &extconf.ExtensionConfig{ + Search: &extconf.SearchConfig{BaseConfig: extconf.BaseConfig{Enable: &defaultVal}}, + } + conf.Extensions.Search.CVE = nil + + ctlr := api.NewController(conf) + ctlrManager := NewControllerManager(ctlr) + + storeCtlr := ociutils.GetDefaultStoreController(rootDir, log) + + // nested manifest/indexes: + // image111 -> multiArchBottom11 -> multiArchMiddle1 -> multiArchTop + // image112 -> multiArchBottom11 -> multiArchMiddle1 -> multiArchTop + // image121 -> multiArchBottom12 -> multiArchMiddle1 -> multiArchTop + // image122 -> multiArchBottom12 -> multiArchMiddle1 -> multiArchTop + // image211 -> multiArchBottom21 -> multiArchMiddle2 -> multiArchTop + // image212 -> multiArchBottom21 -> multiArchMiddle2 -> multiArchTop + // image31 -> multiArchMiddle3 -> multiArchTop + // image32 -> multiArchMiddle3 -> multiArchTop + + repoName := "nested" + + image111 := CreateRandomImage() + image112 := CreateRandomImage() + multiArchBottom11 := CreateMultiarchWith().Images([]Image{image111, image112}).Build() + err := WriteMultiArchImageToFileSystem(multiArchBottom11, repoName, multiArchBottom11.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + image121 := CreateRandomImage() + image122 := CreateRandomImage() + multiArchBottom12 := CreateMultiarchWith().Images([]Image{image121, image122}).Build() + err = WriteMultiArchImageToFileSystem(multiArchBottom12, repoName, multiArchBottom12.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + indexMultiArchMiddle1 := ispec.Index{ + Versioned: specs.Versioned{SchemaVersion: 2}, + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + Digest: multiArchBottom11.IndexDescriptor.Digest, + Size: multiArchBottom11.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + { + Digest: multiArchBottom12.IndexDescriptor.Digest, + Size: multiArchBottom12.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + }, + } + + indexMultiArchMiddle1Blob, err := json.Marshal(indexMultiArchMiddle1) + So(err, ShouldBeNil) + + indexMultiArchMiddle1Digest, _, err := storeCtlr.GetDefaultImageStore().PutImageManifest(repoName, + "multiArchMiddle1", ispec.MediaTypeImageIndex, indexMultiArchMiddle1Blob) + So(err, ShouldBeNil) + + image211 := CreateRandomImage() + image212 := CreateRandomImage() + multiArchBottom21 := CreateMultiarchWith().Images([]Image{image211, image212}).Build() + err = WriteMultiArchImageToFileSystem(multiArchBottom21, repoName, multiArchBottom21.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + indexMultiArchMiddle2 := ispec.Index{ + Versioned: specs.Versioned{SchemaVersion: 2}, + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + Digest: multiArchBottom21.IndexDescriptor.Digest, + Size: multiArchBottom21.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + }, + } + + indexMultiArchMiddle2Blob, err := json.Marshal(indexMultiArchMiddle2) + So(err, ShouldBeNil) + + indexMultiArchMiddle2Digest, _, err := storeCtlr.GetDefaultImageStore().PutImageManifest(repoName, + "multiArchMiddle2", ispec.MediaTypeImageIndex, indexMultiArchMiddle2Blob) + So(err, ShouldBeNil) + + image31 := CreateRandomImage() + image32 := CreateRandomImage() + multiArchBottom3 := CreateMultiarchWith().Images([]Image{image31, image32}).Build() + err = WriteMultiArchImageToFileSystem(multiArchBottom3, repoName, multiArchBottom3.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + indexMultiArchTop := ispec.Index{ + Versioned: specs.Versioned{SchemaVersion: 2}, + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + Digest: indexMultiArchMiddle1Digest, + Size: int64(len(indexMultiArchMiddle1Blob)), + MediaType: ispec.MediaTypeImageIndex, + }, + { + Digest: indexMultiArchMiddle2Digest, + Size: int64(len(indexMultiArchMiddle2Blob)), + MediaType: ispec.MediaTypeImageIndex, + }, + { + Digest: multiArchBottom3.IndexDescriptor.Digest, + Size: multiArchBottom3.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + }, + } + + indexMultiArchTopBlob, err := json.Marshal(indexMultiArchTop) + So(err, ShouldBeNil) + + _, _, err = storeCtlr.GetDefaultImageStore().PutImageManifest(repoName, "multiArchTop", ispec.MediaTypeImageIndex, + indexMultiArchTopBlob) + So(err, ShouldBeNil) + + ctlrManager.StartAndWait(port) + defer ctlrManager.StopServer() + + // Search for a specific tag cross-repo and return single arch images + results := GlobalSearchGQL(":multiArch", baseURL).GlobalSearch + So(len(results.Images), ShouldEqual, 3) + So(len(results.Repos), ShouldEqual, 0) + + for _, image := range results.Images { + So(image.RepoName, ShouldEqual, repoName) + + switch image.Tag { + case "multiArchMiddle1": + So(len(image.Manifests), ShouldEqual, 4) + case "multiArchMiddle2": + So(len(image.Manifests), ShouldEqual, 2) + case "multiArchTop": + So(len(image.Manifests), ShouldEqual, 8) + } + } + }) + + Convey("test nested indexes", t, func() { + log := log.NewLogger("debug", "") + rootDir := t.TempDir() + port := GetFreePort() + baseURL := GetBaseURL(port) + conf := config.New() + conf.HTTP.Port = port + conf.Storage.RootDirectory = rootDir + defaultVal := true + + updateDuration, _ := time.ParseDuration("1h") + trivyConfig := &extconf.TrivyConfig{ + DBRepository: "ghcr.io/project-zot/trivy-db", + } + cveConfig := &extconf.CVEConfig{ + UpdateInterval: updateDuration, + Trivy: trivyConfig, + } + searchConfig := &extconf.SearchConfig{ + BaseConfig: extconf.BaseConfig{Enable: &defaultVal}, + CVE: cveConfig, + } + conf.Extensions = &extconf.ExtensionConfig{ + Search: searchConfig, + } + + storeCtlr := ociutils.GetDefaultStoreController(rootDir, log) + + // nested manifest/indexes: + // image111 -> multiArchBottom11 -> multiArchMiddle1 -> multiArchTop + // image112 -> multiArchBottom11 -> multiArchMiddle1 -> multiArchTop + // image121 -> multiArchBottom12 -> multiArchMiddle1 -> multiArchTop + // image122 -> multiArchBottom12 -> multiArchMiddle1 -> multiArchTop + // image211 -> multiArchBottom21 -> multiArchMiddle2 -> multiArchTop + // image212 -> multiArchBottom21 -> multiArchMiddle2 -> multiArchTop + // image31 -> multiArchMiddle3 -> multiArchTop + // image32 -> multiArchMiddle3 -> multiArchTop + + repoName := "nested" + + image111 := CreateRandomImage() + image112 := CreateRandomImage() + multiArchBottom11 := CreateMultiarchWith().Images([]Image{image111, image112}).Build() + err := WriteMultiArchImageToFileSystem(multiArchBottom11, repoName, multiArchBottom11.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + image121 := CreateRandomImage() + image122 := CreateRandomImage() + multiArchBottom12 := CreateMultiarchWith().Images([]Image{image121, image122}).Build() + err = WriteMultiArchImageToFileSystem(multiArchBottom12, repoName, multiArchBottom12.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + indexMultiArchMiddle1 := ispec.Index{ + Versioned: specs.Versioned{SchemaVersion: 2}, + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + Digest: multiArchBottom11.IndexDescriptor.Digest, + Size: multiArchBottom11.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + { + Digest: multiArchBottom12.IndexDescriptor.Digest, + Size: multiArchBottom12.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + }, + } + + indexMultiArchMiddle1Blob, err := json.Marshal(indexMultiArchMiddle1) + So(err, ShouldBeNil) + + indexMultiArchMiddle1Digest, _, err := storeCtlr.GetDefaultImageStore().PutImageManifest(repoName, + "multiArchMiddle1", ispec.MediaTypeImageIndex, indexMultiArchMiddle1Blob) + So(err, ShouldBeNil) + + image211 := CreateRandomImage() + image212 := CreateRandomImage() + multiArchBottom21 := CreateMultiarchWith().Images([]Image{image211, image212}).Build() + err = WriteMultiArchImageToFileSystem(multiArchBottom21, repoName, multiArchBottom21.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + indexMultiArchMiddle2 := ispec.Index{ + Versioned: specs.Versioned{SchemaVersion: 2}, + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + Digest: multiArchBottom21.IndexDescriptor.Digest, + Size: multiArchBottom21.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + }, + } + + indexMultiArchMiddle2Blob, err := json.Marshal(indexMultiArchMiddle2) + So(err, ShouldBeNil) + + indexMultiArchMiddle2Digest, _, err := storeCtlr.GetDefaultImageStore().PutImageManifest(repoName, + "multiArchMiddle2", ispec.MediaTypeImageIndex, indexMultiArchMiddle2Blob) + So(err, ShouldBeNil) + + image31 := CreateRandomImage() + image32 := CreateRandomImage() + multiArchBottom3 := CreateMultiarchWith().Images([]Image{image31, image32}).Build() + err = WriteMultiArchImageToFileSystem(multiArchBottom3, repoName, multiArchBottom3.Digest().String(), storeCtlr) + So(err, ShouldBeNil) + + indexMultiArchTop := ispec.Index{ + Versioned: specs.Versioned{SchemaVersion: 2}, + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + Digest: indexMultiArchMiddle1Digest, + Size: int64(len(indexMultiArchMiddle1Blob)), + MediaType: ispec.MediaTypeImageIndex, + }, + { + Digest: indexMultiArchMiddle2Digest, + Size: int64(len(indexMultiArchMiddle2Blob)), + MediaType: ispec.MediaTypeImageIndex, + }, + { + Digest: multiArchBottom3.IndexDescriptor.Digest, + Size: multiArchBottom3.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + }, + } + + indexMultiArchTopBlob, err := json.Marshal(indexMultiArchTop) + So(err, ShouldBeNil) + + _, _, err = storeCtlr.GetDefaultImageStore().PutImageManifest(repoName, "multiArchTop", ispec.MediaTypeImageIndex, + indexMultiArchTopBlob) + So(err, ShouldBeNil) + + ctlr := api.NewController(conf) + + if err := ctlr.Init(); err != nil { + panic(err) + } + + ctlr.CveScanner = getMockCveScanner(ctlr.MetaDB) + + go func() { + if err := ctlr.Run(); !errors.Is(err, http.ErrServerClosed) { + panic(err) + } + }() + + defer ctlr.Shutdown() + + WaitTillServerReady(baseURL) + + // Search for a specific tag cross-repo and return single arch images + results := GlobalSearchGQL(":multiArch", baseURL).GlobalSearch + So(len(results.Images), ShouldEqual, 3) + So(len(results.Repos), ShouldEqual, 0) + + for _, image := range results.Images { + So(image.RepoName, ShouldEqual, repoName) + + switch image.Tag { + case "multiArchMiddle1": + So(len(image.Manifests), ShouldEqual, 4) + case "multiArchMiddle2": + So(len(image.Manifests), ShouldEqual, 2) + case "multiArchTop": + So(len(image.Manifests), ShouldEqual, 8) + } + } + }) } func TestCleaningFilteringParamsGlobalSearch(t *testing.T) { @@ -5452,7 +5774,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) { // get signatur digest log := log.NewLogger("debug", "") metrics := monitoring.NewMetricsServer(false, log) - storage := local.NewImageStore(dir, false, false, log, metrics, nil, nil) + storage := local.NewImageStore(dir, false, false, log, metrics, nil, nil, nil) indexBlob, err := storage.GetIndexContent(repo) So(err, ShouldBeNil) @@ -5526,7 +5848,7 @@ func TestMetaDBWhenDeletingImages(t *testing.T) { // get signatur digest log := log.NewLogger("debug", "") metrics := monitoring.NewMetricsServer(false, log) - storage := local.NewImageStore(dir, false, false, log, metrics, nil, nil) + storage := local.NewImageStore(dir, false, false, log, metrics, nil, nil, nil) indexBlob, err := storage.GetIndexContent(repo) So(err, ShouldBeNil) diff --git a/pkg/extensions/sync/destination.go b/pkg/extensions/sync/destination.go index 3384e627..b93eec62 100644 --- a/pkg/extensions/sync/destination.go +++ b/pkg/extensions/sync/destination.go @@ -304,5 +304,5 @@ func getTempRootDirFromImageReference(imageReference types.ImageReference, repo, func getImageStore(rootDir string, log log.Logger) storageTypes.ImageStore { metrics := monitoring.NewMetricsServer(false, log) - return local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + return local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) } diff --git a/pkg/extensions/sync/ecr_credential_helper.go b/pkg/extensions/sync/ecr_credential_helper.go new file mode 100644 index 00000000..715327fb --- /dev/null +++ b/pkg/extensions/sync/ecr_credential_helper.go @@ -0,0 +1,168 @@ +//go:build sync +// +build sync + +package sync + +import ( + "context" + "encoding/base64" + "errors" + "fmt" + "strings" + "time" + + "github.com/aws/aws-sdk-go-v2/config" + "github.com/aws/aws-sdk-go-v2/service/ecr" + + syncconf "zotregistry.dev/zot/pkg/extensions/config/sync" + "zotregistry.dev/zot/pkg/log" +) + +// ECR tokens are valid for 12 hours. The ExpiryWindow variable is set to 1 hour, +// meaning if the remaining validity of the token is less than 1 hour, it will be considered expired. +const ( + ExpiryWindow int = 1 + ECRURLSplitPartsCount int = 6 + UsernameTokenParts int = 2 +) + +var ( + ErrInvalidURLFormat = errors.New("invalid ECR URL is received") + ErrInvalidTokenFormat = errors.New("invalid token format received from ECR") + ErrUnableToLoadAWSConfig = errors.New("unable to load AWS config for region") + ErrUnableToGetECRAuthToken = errors.New("unable to get ECR authorization token for account") + ErrUnableToDecodeECRToken = errors.New("unable to decode ECR token") + ErrFailedToGetECRCredentials = errors.New("failed to get ECR credentials") +) + +type ECRCredential struct { + username string + password string + expiry time.Time + account string + region string +} + +type ECRCredentialsHelper struct { + credentials map[string]ECRCredential + log log.Logger +} + +func NewECRCredentialHelper(log log.Logger) CredentialHelper { + return &ECRCredentialsHelper{ + credentials: make(map[string]ECRCredential), + log: log, + } +} + +// extractAccountAndRegion extracts the account ID and region from the given ECR URL. +// Example URL format: account.dkr.ecr.region.amazonaws.com. +func extractAccountAndRegion(url string) (string, string, error) { + parts := strings.Split(url, ".") + if len(parts) < ECRURLSplitPartsCount { + return "", "", fmt.Errorf("%w: %s", ErrInvalidURLFormat, url) + } + + accountID := parts[0] // First part is the account ID + + region := parts[3] // Fourth part is the region + + return accountID, region, nil +} + +func getECRCredentials(remoteAddress string) (ECRCredential, error) { + // Extract account ID and region from the URL. + accountID, region, err := extractAccountAndRegion(remoteAddress) + if err != nil { + return ECRCredential{}, fmt.Errorf("%w %s: %w", ErrInvalidTokenFormat, remoteAddress, err) + } + + // Load the AWS config for the specific region. + cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(region)) + if err != nil { + return ECRCredential{}, fmt.Errorf("%w %s: %w", ErrUnableToLoadAWSConfig, region, err) + } + + // Create an ECR client + ecrClient := ecr.NewFromConfig(cfg) + + // Fetch the ECR authorization token. + ecrAuth, err := ecrClient.GetAuthorizationToken(context.TODO(), &ecr.GetAuthorizationTokenInput{ + RegistryIds: []string{accountID}, // Filter by the account ID. + }) + if err != nil { + return ECRCredential{}, fmt.Errorf("%w %s: %w", ErrUnableToGetECRAuthToken, accountID, err) + } + + // Decode the base64-encoded ECR token. + authToken := *ecrAuth.AuthorizationData[0].AuthorizationToken + + decodedToken, err := base64.StdEncoding.DecodeString(authToken) + if err != nil { + return ECRCredential{}, fmt.Errorf("%w: %w", ErrUnableToDecodeECRToken, err) + } + + // Split the decoded token into username and password (username is "AWS"). + tokenParts := strings.Split(string(decodedToken), ":") + if len(tokenParts) != UsernameTokenParts { + return ECRCredential{}, fmt.Errorf("%w", ErrInvalidTokenFormat) + } + + expiry := *ecrAuth.AuthorizationData[0].ExpiresAt + username := tokenParts[0] + password := tokenParts[1] + + return ECRCredential{username: username, password: password, expiry: expiry, account: accountID, region: region}, nil +} + +// GetECRCredentials retrieves the ECR credentials (username and password) from AWS ECR. +func (credHelper *ECRCredentialsHelper) GetCredentials(urls []string) (syncconf.CredentialsFile, error) { + ecrCredentials := make(syncconf.CredentialsFile) + + for _, url := range urls { + remoteAddress := StripRegistryTransport(url) + + ecrCred, err := getECRCredentials(remoteAddress) + if err != nil { + return syncconf.CredentialsFile{}, fmt.Errorf("%w %s: %w", ErrFailedToGetECRCredentials, url, err) + } + // Store the credentials in the map using the base URL as the key. + ecrCredentials[remoteAddress] = syncconf.Credentials{ + Username: ecrCred.username, + Password: ecrCred.password, + } + credHelper.credentials[remoteAddress] = ecrCred + } + + return ecrCredentials, nil +} + +func (credHelper *ECRCredentialsHelper) IsCredentialsValid(remoteAddress string) bool { + expiry := credHelper.credentials[remoteAddress].expiry + expiryDuration := time.Duration(ExpiryWindow) * time.Hour + + if time.Until(expiry) <= expiryDuration { + credHelper.log.Info(). + Str("url", remoteAddress). + Msg("the credentials are close to expiring") + + return false + } + + credHelper.log.Info(). + Str("url", remoteAddress). + Msg("the credentials are valid") + + return true +} + +func (credHelper *ECRCredentialsHelper) RefreshCredentials(remoteAddress string) (syncconf.Credentials, error) { + credHelper.log.Info().Str("url", remoteAddress).Msg("refreshing the ECR credentials") + + ecrCred, err := getECRCredentials(remoteAddress) + if err != nil { + return syncconf.Credentials{}, fmt.Errorf("%w %s: %w", ErrFailedToGetECRCredentials, remoteAddress, err) + } + + return syncconf.Credentials{Username: ecrCred.username, Password: ecrCred.password}, nil +} diff --git a/pkg/extensions/sync/httpclient/client.go b/pkg/extensions/sync/httpclient/client.go index ea248257..4517a362 100644 --- a/pkg/extensions/sync/httpclient/client.go +++ b/pkg/extensions/sync/httpclient/client.go @@ -115,9 +115,11 @@ func (httpClient *Client) SetConfig(config Config) error { httpClient.url = clientURL + // we want TLS enabled if the upstream registry URL is an HTTPS URL + tlsEnabled := clientURL.Scheme == "https" + clientOpts := common.HTTPClientOptions{ - // we want TLS enabled when verifyTLS is true. - TLSEnabled: config.TLSVerify, + TLSEnabled: tlsEnabled, VerifyTLS: config.TLSVerify, Host: clientURL.Host, } @@ -175,9 +177,9 @@ func (httpClient *Client) Ping() bool { return false } -func (httpClient *Client) MakeGetRequest(ctx context.Context, resultPtr interface{}, mediaType string, +func (httpClient *Client) MakeGetRequest(ctx context.Context, resultPtr interface{}, mediaType string, rawQuery string, route ...string, -) ([]byte, string, int, error) { +) ([]byte, http.Header, int, error) { httpClient.lock.RLock() defer httpClient.lock.RUnlock() @@ -190,11 +192,12 @@ func (httpClient *Client) MakeGetRequest(ctx context.Context, resultPtr interfac // we know that the second route argument is always the repo name. // need it for caching tokens, it's not used in requests made to authz server. if idx == 1 { - namespace = path + namespace = strings.Trim(path, "/") } } - url.RawQuery = url.Query().Encode() + url.RawQuery = rawQuery + //nolint: bodyclose,contextcheck resp, body, err := httpClient.makeAndDoRequest(http.MethodGet, mediaType, namespace, url.String()) if err != nil { @@ -202,11 +205,11 @@ func (httpClient *Client) MakeGetRequest(ctx context.Context, resultPtr interfac Str("errorType", common.TypeOf(err)). Msg("failed to make request") - return nil, "", -1, err + return nil, nil, -1, err } if resp.StatusCode != http.StatusOK { - return nil, "", resp.StatusCode, errors.New(string(body)) //nolint:goerr113 + return nil, nil, resp.StatusCode, errors.New(string(body)) //nolint:goerr113 } // read blob @@ -214,7 +217,7 @@ func (httpClient *Client) MakeGetRequest(ctx context.Context, resultPtr interfac err = json.Unmarshal(body, &resultPtr) } - return body, resp.Header.Get("Content-Type"), resp.StatusCode, err + return body, resp.Header, resp.StatusCode, err } func (httpClient *Client) getAuthType(resp *http.Response) { diff --git a/pkg/extensions/sync/references/cosign.go b/pkg/extensions/sync/references/cosign.go index eaa6008c..160b8247 100644 --- a/pkg/extensions/sync/references/cosign.go +++ b/pkg/extensions/sync/references/cosign.go @@ -172,7 +172,7 @@ func (ref CosignReference) SyncReferences(ctx context.Context, localRepo, remote func (ref CosignReference) getManifest(ctx context.Context, repo, cosignTag string) (*ispec.Manifest, []byte, error) { var cosignManifest ispec.Manifest - body, _, statusCode, err := ref.client.MakeGetRequest(ctx, &cosignManifest, ispec.MediaTypeImageManifest, + body, _, statusCode, err := ref.client.MakeGetRequest(ctx, &cosignManifest, ispec.MediaTypeImageManifest, "", "v2", repo, "manifests", cosignTag) if err != nil { if statusCode == http.StatusNotFound { diff --git a/pkg/extensions/sync/references/oci.go b/pkg/extensions/sync/references/oci.go index 16c78f4d..fc391abd 100644 --- a/pkg/extensions/sync/references/oci.go +++ b/pkg/extensions/sync/references/oci.go @@ -159,7 +159,7 @@ func (ref OciReferences) SyncReferences(ctx context.Context, localRepo, remoteRe func (ref OciReferences) getIndex(ctx context.Context, repo, subjectDigestStr string) (ispec.Index, error) { var index ispec.Index - _, _, statusCode, err := ref.client.MakeGetRequest(ctx, &index, ispec.MediaTypeImageIndex, + _, _, statusCode, err := ref.client.MakeGetRequest(ctx, &index, ispec.MediaTypeImageIndex, "", "v2", repo, "referrers", subjectDigestStr) if err != nil { if statusCode == http.StatusNotFound { @@ -182,7 +182,7 @@ func syncManifest(ctx context.Context, client *client.Client, imageStore storage var refDigest godigest.Digest - OCIRefBuf, _, statusCode, err := client.MakeGetRequest(ctx, &manifest, ispec.MediaTypeImageManifest, + OCIRefBuf, _, statusCode, err := client.MakeGetRequest(ctx, &manifest, ispec.MediaTypeImageManifest, "", "v2", remoteRepo, "manifests", desc.Digest.String()) if err != nil { if statusCode == http.StatusNotFound { diff --git a/pkg/extensions/sync/references/references.go b/pkg/extensions/sync/references/references.go index 3e7ec274..17efc21a 100644 --- a/pkg/extensions/sync/references/references.go +++ b/pkg/extensions/sync/references/references.go @@ -152,7 +152,7 @@ func syncBlob(ctx context.Context, client *client.Client, imageStore storageType ) error { var resultPtr interface{} - body, _, statusCode, err := client.MakeGetRequest(ctx, resultPtr, "", "v2", remoteRepo, "blobs", digest.String()) + body, _, statusCode, err := client.MakeGetRequest(ctx, resultPtr, "", "", "v2", remoteRepo, "blobs", digest.String()) if err != nil { if statusCode != http.StatusOK { log.Info().Str("repo", remoteRepo).Str("digest", digest.String()).Msg("couldn't get remote blob") diff --git a/pkg/extensions/sync/references/referrers_tag.go b/pkg/extensions/sync/references/referrers_tag.go index 21ffd275..ffed3692 100644 --- a/pkg/extensions/sync/references/referrers_tag.go +++ b/pkg/extensions/sync/references/referrers_tag.go @@ -151,7 +151,7 @@ func (ref TagReferences) getIndex( ) (ispec.Index, []byte, error) { var index ispec.Index - content, _, statusCode, err := ref.client.MakeGetRequest(ctx, &index, ispec.MediaTypeImageIndex, + content, _, statusCode, err := ref.client.MakeGetRequest(ctx, &index, ispec.MediaTypeImageIndex, "", "v2", repo, "manifests", getReferrersTagFromSubjectDigest(subjectDigestStr)) if err != nil { if statusCode == http.StatusNotFound { diff --git a/pkg/extensions/sync/remote.go b/pkg/extensions/sync/remote.go index fef205d4..174ae94c 100644 --- a/pkg/extensions/sync/remote.go +++ b/pkg/extensions/sync/remote.go @@ -6,6 +6,7 @@ package sync import ( "context" "fmt" + "net/url" "strings" "github.com/containers/image/v5/docker" @@ -43,6 +44,13 @@ func NewRemoteRegistry(client *client.Client, logger log.Logger) Remote { return registry } +func (registry *RemoteRegistry) SetUpstreamAuthConfig(username, password string) { + registry.context.DockerAuthConfig = &types.DockerAuthConfig{ + Username: username, + Password: password, + } +} + func (registry *RemoteRegistry) GetContext() *types.SystemContext { return registry.context } @@ -50,13 +58,37 @@ func (registry *RemoteRegistry) GetContext() *types.SystemContext { func (registry *RemoteRegistry) GetRepositories(ctx context.Context) ([]string, error) { var catalog catalog - _, _, _, err := registry.client.MakeGetRequest(ctx, &catalog, "application/json", //nolint: dogsled + _, header, _, err := registry.client.MakeGetRequest(ctx, &catalog, "application/json", "", //nolint: dogsled constants.RoutePrefix, constants.ExtCatalogPrefix) if err != nil { return []string{}, err } - return catalog.Repositories, nil + var repos []string + + repos = append(repos, catalog.Repositories...) + + link := header.Get("Link") + for link != "" { + linkURLPart, _, _ := strings.Cut(link, ";") + + linkURL, err := url.Parse(strings.Trim(linkURLPart, "<>")) + if err != nil { + return catalog.Repositories, err + } + + _, header, _, err := registry.client.MakeGetRequest(ctx, &catalog, "application/json", + linkURL.RawQuery, constants.RoutePrefix, constants.ExtCatalogPrefix) //nolint: dogsled + if err != nil { + return repos, err + } + + repos = append(repos, catalog.Repositories...) + + link = header.Get("Link") + } + + return repos, nil } func (registry *RemoteRegistry) GetDockerRemoteRepo(repo string) string { diff --git a/pkg/extensions/sync/service.go b/pkg/extensions/sync/service.go index 4f1fca23..1d64c08b 100644 --- a/pkg/extensions/sync/service.go +++ b/pkg/extensions/sync/service.go @@ -27,19 +27,20 @@ import ( ) type BaseService struct { - config syncconf.RegistryConfig - credentials syncconf.CredentialsFile - clusterConfig *config.ClusterConfig - remote Remote - destination Destination - retryOptions *retry.RetryOptions - contentManager ContentManager - storeController storage.StoreController - metaDB mTypes.MetaDB - repositories []string - references references.References - client *client.Client - log log.Logger + config syncconf.RegistryConfig + credentials syncconf.CredentialsFile + credentialHelper CredentialHelper + clusterConfig *config.ClusterConfig + remote Remote + destination Destination + retryOptions *retry.RetryOptions + contentManager ContentManager + storeController storage.StoreController + metaDB mTypes.MetaDB + repositories []string + references references.References + client *client.Client + log log.Logger } func New( @@ -60,16 +61,42 @@ func New( var err error var credentialsFile syncconf.CredentialsFile - if credentialsFilepath != "" { - credentialsFile, err = getFileCredentials(credentialsFilepath) - if err != nil { - log.Error().Str("errortype", common.TypeOf(err)).Str("path", credentialsFilepath). - Err(err).Msg("couldn't get registry credentials from configured path") + + if service.config.CredentialHelper == "" { + // Only load credentials from file if CredentialHelper is not set + if credentialsFilepath != "" { + log.Info(). + Msgf("using file-based credentials because CredentialHelper is not set") + + credentialsFile, err = getFileCredentials(credentialsFilepath) + if err != nil { + log.Error().Str("errortype", common.TypeOf(err)).Str("path", credentialsFilepath). + Err(err).Msg("couldn't get registry credentials from configured path") + } + service.credentialHelper = nil + service.credentials = credentialsFile + } + } else { + log.Info().Msgf("using credentials helper, because CredentialHelper is set to %s", service.config.CredentialHelper) + + credentialHelper := service.config.CredentialHelper + switch credentialHelper { + case "ecr": + // Logic to fetch credentials for ECR + log.Info(). + Msg("fetch the credentials using AWS ECR Auth Token.") + service.credentialHelper = NewECRCredentialHelper(log) + + creds, err := service.credentialHelper.GetCredentials(service.config.URLs) + if err != nil { + log.Error().Err(err).Msg("failed to retrieve credentials using ECR credentials helper.") + } + service.credentials = creds + default: + log.Warn().Msgf("unsupported CredentialHelper: %s", credentialHelper) } } - service.credentials = credentialsFile - // load the cluster config into the object // can be nil if the user did not configure cluster config service.clusterConfig = clusterConfig @@ -102,7 +129,6 @@ func New( service.retryOptions = retryOptions service.storeController = storeController - // try to set next client. if err := service.SetNextAvailableClient(); err != nil { // if it's a ping issue, it will be retried @@ -126,9 +152,46 @@ func New( return service, nil } +// refreshRegistryTemporaryCredentials refreshes the temporary credentials for the registry if necessary. +// It checks whether a CredentialHelper is configured and if the current credentials have expired. +// If the credentials are expired, it attempts to refresh them and updates the service configuration. +func (service *BaseService) refreshRegistryTemporaryCredentials() error { + // If a CredentialHelper is configured, proceed to refresh the credentials if they are invalid or expired. + if service.config.CredentialHelper != "" { + // Strip the transport protocol (e.g., https:// or http://) from the remote address. + remoteAddress := StripRegistryTransport(service.client.GetHostname()) + + if !service.credentialHelper.IsCredentialsValid(remoteAddress) { + // Attempt to refresh the credentials using the CredentialHelper. + credentials, err := service.credentialHelper.RefreshCredentials(remoteAddress) + if err != nil { + service.log.Error(). + Err(err). + Str("url", remoteAddress). + Msg("failed to refresh the credentials") + + return err + } + + service.log.Info(). + Str("url", remoteAddress). + Msg("refreshing the upstream remote registry credentials") + + // Update the service's credentials map with the new set of credentials. + service.credentials[remoteAddress] = credentials + + // Set the upstream authentication context using the refreshed credentials. + service.remote.SetUpstreamAuthConfig(credentials.Username, credentials.Password) + } + } + + // Return nil to indicate the operation completed successfully. + return nil +} + func (service *BaseService) SetNextAvailableClient() error { if service.client != nil && service.client.Ping() { - return nil + return service.refreshRegistryTemporaryCredentials() } found := false diff --git a/pkg/extensions/sync/sync.go b/pkg/extensions/sync/sync.go index 1afd1117..9bc59b69 100644 --- a/pkg/extensions/sync/sync.go +++ b/pkg/extensions/sync/sync.go @@ -13,6 +13,7 @@ import ( "github.com/containers/image/v5/types" "github.com/opencontainers/go-digest" + syncconf "zotregistry.dev/zot/pkg/extensions/config/sync" "zotregistry.dev/zot/pkg/log" "zotregistry.dev/zot/pkg/scheduler" ) @@ -48,6 +49,22 @@ type Registry interface { GetContext() *types.SystemContext } +// The CredentialHelper interface should be implemented by registries that use temporary tokens. +// This interface defines methods to: +// - Check if the credentials for a registry are still valid. +// - Retrieve credentials for the specified registry URLs. +// - Refresh credentials for a given registry URL. +type CredentialHelper interface { + // Validates whether the credentials for the specified registry URL have expired. + IsCredentialsValid(url string) bool + + // Retrieves credentials for the provided list of registry URLs. + GetCredentials(urls []string) (syncconf.CredentialsFile, error) + + // Refreshes credentials for the specified registry URL. + RefreshCredentials(url string) (syncconf.Credentials, error) +} + /* Temporary oci layout, sync first pulls an image to this oci layout (using oci:// transport) then moves them into ImageStore. @@ -68,6 +85,9 @@ type Remote interface { // In the case of public dockerhub images 'library' namespace is added to the repo names of images // eg: alpine -> library/alpine GetDockerRemoteRepo(repo string) string + // SetUpstreamAuthConfig sets the upstream credentials used when the credential helper is set. + // This method refreshes the authentication configuration with the provided username and password. + SetUpstreamAuthConfig(username, password string) } // Local registry. diff --git a/pkg/extensions/sync/sync_internal_test.go b/pkg/extensions/sync/sync_internal_test.go index 5a03ae0f..786db3d0 100644 --- a/pkg/extensions/sync/sync_internal_test.go +++ b/pkg/extensions/sync/sync_internal_test.go @@ -72,7 +72,7 @@ func TestInjectSyncUtils(t *testing.T) { log := log.Logger{Logger: zerolog.New(os.Stdout)} metrics := monitoring.NewMetricsServer(false, log) - imageStore := local.NewImageStore(t.TempDir(), false, false, log, metrics, nil, nil) + imageStore := local.NewImageStore(t.TempDir(), false, false, log, metrics, nil, nil, nil) injected = inject.InjectFailure(0) ols := NewOciLayoutStorage(storage.StoreController{DefaultStore: imageStore}) @@ -216,7 +216,7 @@ func TestDestinationRegistry(t *testing.T) { UseRelPaths: true, }, log) - syncImgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + syncImgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := "repo" storeController := storage.StoreController{DefaultStore: syncImgStore} @@ -334,7 +334,7 @@ func TestDestinationRegistry(t *testing.T) { MandatoryAnnotations: []string{"annot1"}, }, log) - syncImgStore := local.NewImageStore(dir, true, true, log, metrics, linter, cacheDriver) + syncImgStore := local.NewImageStore(dir, true, true, log, metrics, linter, cacheDriver, nil) repoName := "repo" storeController := storage.StoreController{DefaultStore: syncImgStore} @@ -676,3 +676,33 @@ func TestConvertDockerLayersToOCI(t *testing.T) { So(dockerLayers[3].MediaType, ShouldEqual, ispec.MediaTypeImageLayerGzip) }) } + +func TestECRCredentialsHelper(t *testing.T) { + Convey("Test Mock ECR Credentials Helper", t, func() { + mockHelper := mocks.NewMockECRCredentialsHelper() + + Convey("Test Valid Credentials Retrieval", func() { + url := "mockAccount.dkr.ecr.mockRegion.amazonaws.com" + creds, err := mockHelper.GetCredentials([]string{url}) + So(err, ShouldBeNil) + So(creds, ShouldNotBeNil) + So(creds[url].Username, ShouldEqual, "mockUsername") + So(creds[url].Password, ShouldEqual, "mockPassword") + }) + + Convey("Test Credentials Retrieval", func() { + url := "invalid.dkr.ecr.mockRegion.amazonaws.com" + _, err := mockHelper.GetCredentials([]string{url}) + So(err, ShouldNotBeNil) + So(err.Error(), ShouldContainSubstring, "mock error for remote address") + }) + Convey("Test Credentials Refresh", func() { + url := "mockAccount.dkr.ecr.mockRegion.amazonaws.com" + _, err := mockHelper.RefreshCredentials(url) + So(err, ShouldBeNil) + + // Check that the new credentials are valid + So(mockHelper.IsCredentialsValid(url), ShouldBeTrue) + }) + }) +} diff --git a/pkg/extensions/sync/sync_test.go b/pkg/extensions/sync/sync_test.go index d0fc8a79..85c81c4b 100644 --- a/pkg/extensions/sync/sync_test.go +++ b/pkg/extensions/sync/sync_test.go @@ -4670,7 +4670,7 @@ func TestSignatures(t *testing.T) { splittedURL := strings.SplitAfter(srcBaseURL, ":") srcPort := splittedURL[len(splittedURL)-1] - t.Logf(srcPort) + t.Logf("%s", srcPort) cwd, err := os.Getwd() So(err, ShouldBeNil) @@ -5201,7 +5201,7 @@ func TestSignatures(t *testing.T) { splittedURL := strings.SplitAfter(srcBaseURL, ":") srcPort := splittedURL[len(splittedURL)-1] - t.Logf(srcPort) + t.Logf("%s", srcPort) err := signature.SignImageUsingCosign(fmt.Sprintf("%s@%s", repoName, digest.String()), srcPort, true) So(err, ShouldBeNil) diff --git a/pkg/meta/boltdb/boltdb.go b/pkg/meta/boltdb/boltdb.go index 22edebd9..0166bf51 100644 --- a/pkg/meta/boltdb/boltdb.go +++ b/pkg/meta/boltdb/boltdb.go @@ -400,15 +400,9 @@ func (bdw *BoltDB) FilterImageMeta(ctx context.Context, digests []string, } if protoImageMeta.MediaType == ispec.MediaTypeImageIndex { - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(protoImageMeta.Index.Index.Manifests)) - - for _, manifest := range protoImageMeta.Index.Index.Manifests { - imageManifestData, err := getProtoImageMeta(imageBuck, manifest.Digest) - if err != nil { - return err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + _, manifestDataList, err := getAllContainedMeta(imageBuck, protoImageMeta) + if err != nil { + return err } protoImageMeta.Manifests = manifestDataList @@ -457,7 +451,7 @@ func (bdw *BoltDB) SearchRepos(ctx context.Context, searchText string, continue } - protoRepoMeta.Rank = int32(rank) + protoRepoMeta.Rank = int32(rank) //nolint:gosec // ignore overflow protoRepoMeta.IsStarred = zcommon.Contains(userStars, protoRepoMeta.Name) protoRepoMeta.IsBookmarked = zcommon.Contains(userBookmarks, protoRepoMeta.Name) @@ -474,7 +468,7 @@ func getProtoImageMeta(imageBuck *bbolt.Bucket, digest string) (*proto_go.ImageM imageMetaBlob := imageBuck.Get([]byte(digest)) if len(imageMetaBlob) == 0 { - return nil, zerr.ErrImageMetaNotFound + return nil, fmt.Errorf("%w for digest %s", zerr.ErrImageMetaNotFound, digest) } imageMeta := proto_go.ImageMeta{} @@ -487,6 +481,35 @@ func getProtoImageMeta(imageBuck *bbolt.Bucket, digest string) (*proto_go.ImageM return &imageMeta, nil } +func getAllContainedMeta(imageBuck *bbolt.Bucket, imageIndexData *proto_go.ImageMeta, +) ([]*proto_go.ImageMeta, []*proto_go.ManifestMeta, error) { + manifestDataList := make([]*proto_go.ManifestMeta, 0, len(imageIndexData.Index.Index.Manifests)) + imageMetaList := make([]*proto_go.ImageMeta, 0, len(imageIndexData.Index.Index.Manifests)) + + for _, manifest := range imageIndexData.Index.Index.Manifests { + imageManifestData, err := getProtoImageMeta(imageBuck, manifest.Digest) + if err != nil { + return imageMetaList, manifestDataList, err + } + + switch imageManifestData.MediaType { + case ispec.MediaTypeImageManifest: + imageMetaList = append(imageMetaList, imageManifestData) + manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + case ispec.MediaTypeImageIndex: + partialImageDataList, partialManifestDataList, err := getAllContainedMeta(imageBuck, imageManifestData) + if err != nil { + return imageMetaList, manifestDataList, err + } + + imageMetaList = append(imageMetaList, partialImageDataList...) + manifestDataList = append(manifestDataList, partialManifestDataList...) + } + } + + return imageMetaList, manifestDataList, nil +} + func (bdw *BoltDB) SearchTags(ctx context.Context, searchText string, ) ([]mTypes.FullImageMeta, error) { images := []mTypes.FullImageMeta{} @@ -552,15 +575,9 @@ func (bdw *BoltDB) SearchTags(ctx context.Context, searchText string, indexDigest, err) } - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(imageIndexData.Index.Index.Manifests)) - - for _, manifest := range imageIndexData.Index.Index.Manifests { - imageManifestData, err := getProtoImageMeta(imageBuck, manifest.Digest) - if err != nil { - return err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + _, manifestDataList, err := getAllContainedMeta(imageBuck, imageIndexData) + if err != nil { + return err } imageIndexData.Manifests = manifestDataList @@ -649,16 +666,14 @@ func (bdw *BoltDB) FilterTags(ctx context.Context, filterRepoTag mTypes.FilterRe imageIndexMeta := mConvert.GetImageMeta(protoImageIndexMeta) matchedManifests := []*proto_go.ManifestMeta{} - for _, manifest := range protoImageIndexMeta.Index.Index.Manifests { - manifestDigest := manifest.Digest - - imageManifestData, err := getProtoImageMeta(imageMetaBuck, manifestDigest) - if err != nil { - viewError = errors.Join(viewError, err) + imageManifestDataList, _, err := getAllContainedMeta(imageMetaBuck, protoImageIndexMeta) + if err != nil { + viewError = errors.Join(viewError, err) - continue - } + continue + } + for _, imageManifestData := range imageManifestDataList { imageMeta := mConvert.GetImageMeta(imageManifestData) partialImageMeta := common.GetPartialImageMeta(imageIndexMeta, imageMeta) @@ -798,15 +813,9 @@ func (bdw *BoltDB) GetFullImageMeta(ctx context.Context, repo string, tag string } if protoImageMeta.MediaType == ispec.MediaTypeImageIndex { - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(protoImageMeta.Index.Index.Manifests)) - - for _, manifest := range protoImageMeta.Index.Index.Manifests { - imageManifestData, err := getProtoImageMeta(imageBuck, manifest.Digest) - if err != nil { - return err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + _, manifestDataList, err := getAllContainedMeta(imageBuck, protoImageMeta) + if err != nil { + return err } protoImageMeta.Manifests = manifestDataList @@ -830,15 +839,9 @@ func (bdw *BoltDB) GetImageMeta(digest godigest.Digest) (mTypes.ImageMeta, error } if protoImageMeta.MediaType == ispec.MediaTypeImageIndex { - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(protoImageMeta.Index.Index.Manifests)) - - for _, manifest := range protoImageMeta.Index.Index.Manifests { - imageManifestData, err := getProtoImageMeta(imageBuck, manifest.Digest) - if err != nil { - return err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + _, manifestDataList, err := getAllContainedMeta(imageBuck, protoImageMeta) + if err != nil { + return err } protoImageMeta.Manifests = manifestDataList diff --git a/pkg/meta/boltdb/boltdb_test.go b/pkg/meta/boltdb/boltdb_test.go index 60074bb3..067925f3 100644 --- a/pkg/meta/boltdb/boltdb_test.go +++ b/pkg/meta/boltdb/boltdb_test.go @@ -647,7 +647,7 @@ func TestWrapperErrors(t *testing.T) { Convey("DeleteUserData", func() { userAc = reqCtx.NewUserAccessControl() - ctx = userAc.DeriveContext(context.Background()) + ctx = userAc.DeriveContext(context.Background()) //nolint:fatcontext // test code err = boltdbWrapper.DeleteUserData(ctx) So(err, ShouldNotBeNil) @@ -667,7 +667,7 @@ func TestWrapperErrors(t *testing.T) { Convey("GetUserGroups and SetUserGroups", func() { userAc = reqCtx.NewUserAccessControl() - ctx = userAc.DeriveContext(context.Background()) + ctx = userAc.DeriveContext(context.Background()) //nolint:fatcontext // test code _, err := boltdbWrapper.GetUserGroups(ctx) So(err, ShouldNotBeNil) diff --git a/pkg/meta/convert/convert_proto.go b/pkg/meta/convert/convert_proto.go index 59ea2668..b8985be3 100644 --- a/pkg/meta/convert/convert_proto.go +++ b/pkg/meta/convert/convert_proto.go @@ -23,8 +23,8 @@ func GetProtoRepoMeta(repo mTypes.RepoMeta) *proto_go.RepoMeta { Vendors: repo.Vendors, Platforms: GetProtoPlatforms(repo.Platforms), LastUpdatedImage: GetProtoLastUpdatedImage(repo.LastUpdatedImage), - Stars: int32(repo.StarCount), - Downloads: int32(repo.DownloadCount), + Stars: int32(repo.StarCount), //nolint:gosec // ignore overflow + Downloads: int32(repo.DownloadCount), //nolint:gosec // ignore overflow } } @@ -65,7 +65,7 @@ func GetProtoManifestMeta(manifestContent ispec.Manifest, configContent ispec.Im Digest: digest, Size: size, Manifest: &proto_go.Manifest{ - Versioned: &proto_go.Versioned{SchemaVersion: int32(manifestContent.SchemaVersion)}, + Versioned: &proto_go.Versioned{SchemaVersion: int32(manifestContent.SchemaVersion)}, //nolint:gosec,lll // ignore overflow Config: &proto_go.Descriptor{ Digest: manifestContent.Config.Digest.String(), Size: manifestContent.Config.Size, @@ -108,7 +108,7 @@ func GetProtoImageIndexMeta(indexContent ispec.Index, size int64, digest string) Size: size, Digest: digest, Index: &proto_go.Index{ - Versioned: &proto_go.Versioned{SchemaVersion: int32(indexContent.Versioned.SchemaVersion)}, + Versioned: &proto_go.Versioned{SchemaVersion: int32(indexContent.Versioned.SchemaVersion)}, //nolint:gosec,lll // ignore overflow MediaType: ref(ispec.MediaTypeImageIndex), ArtifactType: ref(common.GetIndexArtifactType(indexContent)), Manifests: getProtoManifestList(indexContent.Manifests), @@ -125,7 +125,7 @@ func GetProtoStatistics(stats map[mTypes.ImageDigest]mTypes.DescriptorStatistics for digest, stat := range stats { results[digest] = &proto_go.DescriptorStatistics{ - DownloadCount: int32(stat.DownloadCount), + DownloadCount: int32(stat.DownloadCount), //nolint:gosec // ignore overflow LastPullTimestamp: timestamppb.New(stat.LastPullTimestamp), PushTimestamp: timestamppb.New(stat.PushTimestamp), PushedBy: stat.PushedBy, diff --git a/pkg/meta/dynamodb/dynamodb.go b/pkg/meta/dynamodb/dynamodb.go index c0f80274..8488c78e 100644 --- a/pkg/meta/dynamodb/dynamodb.go +++ b/pkg/meta/dynamodb/dynamodb.go @@ -224,6 +224,45 @@ func (dwr *DynamoDB) GetProtoImageMeta(ctx context.Context, digest godigest.Dige return imageMeta, nil } +func (dwr *DynamoDB) getAllContainedMeta(ctx context.Context, imageIndexData *proto_go.ImageMeta, +) ([]*proto_go.ImageMeta, []*proto_go.ManifestMeta, error) { + manifestDataList := make([]*proto_go.ManifestMeta, 0, len(imageIndexData.Index.Index.Manifests)) + imageMetaList := make([]*proto_go.ImageMeta, 0, len(imageIndexData.Index.Index.Manifests)) + + manifestDigests := make([]string, 0, len(imageIndexData.Index.Index.Manifests)) + for i := range imageIndexData.Index.Index.Manifests { + manifestDigests = append(manifestDigests, imageIndexData.Index.Index.Manifests[i].Digest) + } + + manifestsAttributes, err := dwr.fetchImageMetaAttributesByDigest(ctx, manifestDigests) + if err != nil { + return imageMetaList, manifestDataList, err + } + + for _, manifestAttribute := range manifestsAttributes { + imageManifestData, err := getProtoImageMetaFromAttribute(manifestAttribute["ImageMeta"]) + if err != nil { + return imageMetaList, manifestDataList, err + } + + switch imageManifestData.MediaType { + case ispec.MediaTypeImageManifest: + imageMetaList = append(imageMetaList, imageManifestData) + manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + case ispec.MediaTypeImageIndex: + partialImageDataList, partialManifestDataList, err := dwr.getAllContainedMeta(ctx, imageManifestData) + if err != nil { + return imageMetaList, manifestDataList, err + } + + imageMetaList = append(imageMetaList, partialImageDataList...) + manifestDataList = append(manifestDataList, partialManifestDataList...) + } + } + + return imageMetaList, manifestDataList, nil +} + func (dwr *DynamoDB) setProtoRepoMeta(repo string, repoMeta *proto_go.RepoMeta) error { repoMeta.Name = repo @@ -574,7 +613,7 @@ func (dwr *DynamoDB) SearchRepos(ctx context.Context, searchText string) ([]mTyp continue } - protoRepoMeta.Rank = int32(rank) + protoRepoMeta.Rank = int32(rank) //nolint:gosec // ignore overflow protoRepoMeta.IsStarred = zcommon.Contains(userStars, protoRepoMeta.Name) protoRepoMeta.IsBookmarked = zcommon.Contains(userBookmarks, protoRepoMeta.Name) @@ -640,17 +679,9 @@ func (dwr *DynamoDB) SearchTags(ctx context.Context, searchText string) ([]mType fmt.Errorf("error fetching manifest meta for manifest with digest %s %w", indexDigest, err) } - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(imageIndexData.Index.Index.Manifests)) - - for _, manifest := range imageIndexData.Index.Index.Manifests { - manifestDigest := godigest.Digest(manifest.Digest) - - imageManifestData, err := dwr.GetProtoImageMeta(ctx, manifestDigest) - if err != nil { - return []mTypes.FullImageMeta{}, err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + _, manifestDataList, err := dwr.getAllContainedMeta(ctx, imageIndexData) + if err != nil { + return []mTypes.FullImageMeta{}, err } imageIndexData.Manifests = manifestDataList @@ -739,16 +770,14 @@ func (dwr *DynamoDB) FilterTags(ctx context.Context, filterRepoTag mTypes.Filter imageIndexMeta := mConvert.GetImageMeta(protoImageIndexMeta) matchedManifests := []*proto_go.ManifestMeta{} - for _, manifest := range protoImageIndexMeta.Index.Index.Manifests { - manifestDigest := manifest.Digest - - imageManifestData, err := dwr.GetProtoImageMeta(ctx, godigest.Digest(manifestDigest)) - if err != nil { - viewError = errors.Join(viewError, err) + imageManifestDataList, _, err := dwr.getAllContainedMeta(context.Background(), protoImageIndexMeta) + if err != nil { + viewError = errors.Join(viewError, err) - continue - } + continue + } + for _, imageManifestData := range imageManifestDataList { imageMeta := mConvert.GetImageMeta(imageManifestData) partialImageMeta := common.GetPartialImageMeta(imageIndexMeta, imageMeta) @@ -868,15 +897,9 @@ func (dwr *DynamoDB) GetFullImageMeta(ctx context.Context, repo string, tag stri } if protoImageMeta.MediaType == ispec.MediaTypeImageIndex { - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(protoImageMeta.Index.Index.Manifests)) - - for _, manifest := range protoImageMeta.Index.Index.Manifests { - imageManifestData, err := dwr.GetProtoImageMeta(ctx, godigest.Digest(manifest.Digest)) - if err != nil { - return mTypes.FullImageMeta{}, err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + _, manifestDataList, err := dwr.getAllContainedMeta(ctx, protoImageMeta) + if err != nil { + return mTypes.FullImageMeta{}, err } protoImageMeta.Manifests = manifestDataList @@ -901,17 +924,9 @@ func (dwr *DynamoDB) GetImageMeta(digest godigest.Digest) (mTypes.ImageMeta, err } if protoImageMeta.MediaType == ispec.MediaTypeImageIndex { - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(protoImageMeta.Index.Index.Manifests)) - - for _, manifest := range protoImageMeta.Index.Index.Manifests { - manifestDigest := godigest.Digest(manifest.Digest) - - imageManifestData, err := dwr.GetProtoImageMeta(context.Background(), manifestDigest) - if err != nil { - return mTypes.ImageMeta{}, err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) + _, manifestDataList, err := dwr.getAllContainedMeta(context.Background(), protoImageMeta) + if err != nil { + return mTypes.ImageMeta{}, err } protoImageMeta.Manifests = manifestDataList @@ -1330,27 +1345,11 @@ func (dwr *DynamoDB) FilterImageMeta(ctx context.Context, digests []string, } if protoImageMeta.MediaType == ispec.MediaTypeImageIndex { - manifestDataList := make([]*proto_go.ManifestMeta, 0, len(protoImageMeta.Index.Index.Manifests)) - - indexDigests := make([]string, 0, len(protoImageMeta.Index.Index.Manifests)) - for i := range protoImageMeta.Index.Index.Manifests { - indexDigests = append(indexDigests, protoImageMeta.Index.Index.Manifests[i].Digest) - } - - manifestsAttributes, err := dwr.fetchImageMetaAttributesByDigest(ctx, indexDigests) + _, manifestDataList, err := dwr.getAllContainedMeta(context.Background(), protoImageMeta) if err != nil { return nil, err } - for _, manifestAttribute := range manifestsAttributes { - imageManifestData, err := getProtoImageMetaFromAttribute(manifestAttribute["ImageMeta"]) - if err != nil { - return nil, err - } - - manifestDataList = append(manifestDataList, imageManifestData.Manifests[0]) - } - protoImageMeta.Manifests = manifestDataList } @@ -2001,7 +2000,32 @@ func (dwr *DynamoDB) fetchImageMetaAttributesByDigest(ctx context.Context, diges start = end } - return batchedResp, nil + // Order the responses based on initial digest order + // as BatchGetItem does not guarantee the key order is respected + orderedResp := []map[string]types.AttributeValue{} + respMap := map[string]map[string]types.AttributeValue{} + + for _, item := range batchedResp { + var digest string + + err := attributevalue.Unmarshal(item["TableKey"], &digest) + if err != nil { + return nil, err + } + + respMap[digest] = item + } + + for _, digest := range digests { + imageMeta, ok := respMap[digest] + if !ok { + return nil, fmt.Errorf("%w for digest %s", zerr.ErrImageMetaNotFound, digest) + } + + orderedResp = append(orderedResp, imageMeta) + } + + return orderedResp, nil } func getBatchImageKeys(digests []string) []map[string]types.AttributeValue { @@ -2123,7 +2147,7 @@ func (dwr *DynamoDB) deleteTable(tableName string) error { } func (dwr *DynamoDB) waitTableToBeCreated(tableName string) error { - const maxWaitTime = 20 * time.Second + const maxWaitTime = 120 * time.Second waiter := dynamodb.NewTableExistsWaiter(dwr.Client) diff --git a/pkg/meta/hooks_test.go b/pkg/meta/hooks_test.go index 03d74207..48e8b021 100644 --- a/pkg/meta/hooks_test.go +++ b/pkg/meta/hooks_test.go @@ -26,7 +26,7 @@ func TestOnUpdateManifest(t *testing.T) { storeController := storage.StoreController{} log := log.NewLogger("debug", "") metrics := monitoring.NewMetricsServer(false, log) - storeController.DefaultStore = local.NewImageStore(rootDir, true, true, log, metrics, nil, nil) + storeController.DefaultStore = local.NewImageStore(rootDir, true, true, log, metrics, nil, nil, nil) params := boltdb.DBParameters{ RootDir: rootDir, diff --git a/pkg/meta/parse.go b/pkg/meta/parse.go index ab671c00..056b0e1e 100644 --- a/pkg/meta/parse.go +++ b/pkg/meta/parse.go @@ -11,6 +11,7 @@ import ( zerr "zotregistry.dev/zot/errors" zcommon "zotregistry.dev/zot/pkg/common" + "zotregistry.dev/zot/pkg/compat" "zotregistry.dev/zot/pkg/log" "zotregistry.dev/zot/pkg/meta/convert" mTypes "zotregistry.dev/zot/pkg/meta/types" @@ -309,8 +310,7 @@ func SetImageMetaFromInput(ctx context.Context, repo, reference, mediaType strin ) error { var imageMeta mTypes.ImageMeta - switch mediaType { - case ispec.MediaTypeImageManifest: + if mediaType == ispec.MediaTypeImageManifest || compat.IsCompatibleManifestMediaType(mediaType) { //nolint:gocritic,lll // mixing checking mechanisms manifestContent := ispec.Manifest{} configContent := ispec.Image{} @@ -367,7 +367,7 @@ func SetImageMetaFromInput(ctx context.Context, repo, reference, mediaType strin } imageMeta = convert.GetImageManifestMeta(manifestContent, configContent, int64(len(blob)), digest) - case ispec.MediaTypeImageIndex: + } else if mediaType == ispec.MediaTypeImageIndex || compat.IsCompatibleManifestListMediaType(mediaType) { indexContent := ispec.Index{} err := json.Unmarshal(blob, &indexContent) @@ -376,7 +376,7 @@ func SetImageMetaFromInput(ctx context.Context, repo, reference, mediaType strin } imageMeta = convert.GetImageIndexMeta(indexContent, int64(len(blob)), digest) - default: + } else { return nil } diff --git a/pkg/meta/parse_test.go b/pkg/meta/parse_test.go index 09bb40ee..9fc0c64f 100644 --- a/pkg/meta/parse_test.go +++ b/pkg/meta/parse_test.go @@ -344,7 +344,7 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB, log log.Logger) Convey("Test with simple case", func() { imageStore := local.NewImageStore(rootDir, false, false, - log, monitoring.NewMetricsServer(false, log), nil, nil) + log, monitoring.NewMetricsServer(false, log), nil, nil, nil) storeController := storage.StoreController{DefaultStore: imageStore} manifests := []ispec.Manifest{} @@ -419,7 +419,7 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB, log log.Logger) Convey("Accept orphan signatures", func() { imageStore := local.NewImageStore(rootDir, false, false, - log, monitoring.NewMetricsServer(false, log), nil, nil) + log, monitoring.NewMetricsServer(false, log), nil, nil, nil) storeController := storage.StoreController{DefaultStore: imageStore} @@ -464,7 +464,7 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB, log log.Logger) Convey("Check statistics after load", func() { imageStore := local.NewImageStore(rootDir, false, false, - log, monitoring.NewMetricsServer(false, log), nil, nil) + log, monitoring.NewMetricsServer(false, log), nil, nil, nil) storeController := storage.StoreController{DefaultStore: imageStore} // add an image @@ -505,7 +505,7 @@ func RunParseStorageTests(rootDir string, metaDB mTypes.MetaDB, log log.Logger) // make sure pushTimestamp is always populated to not interfere with retention logic Convey("Always update pushTimestamp if its value is 0(time.Time{})", func() { imageStore := local.NewImageStore(rootDir, false, false, - log, monitoring.NewMetricsServer(false, log), nil, nil) + log, monitoring.NewMetricsServer(false, log), nil, nil, nil) storeController := storage.StoreController{DefaultStore: imageStore} // add an image diff --git a/pkg/storage/common/common.go b/pkg/storage/common/common.go index e28239d5..67bd4de9 100644 --- a/pkg/storage/common/common.go +++ b/pkg/storage/common/common.go @@ -11,6 +11,8 @@ import ( "strings" "time" + dockerList "github.com/distribution/distribution/v3/manifest/manifestlist" + docker "github.com/distribution/distribution/v3/manifest/schema2" "github.com/distribution/distribution/v3/registry/storage/driver" godigest "github.com/opencontainers/go-digest" "github.com/opencontainers/image-spec/schema" @@ -19,6 +21,7 @@ import ( zerr "zotregistry.dev/zot/errors" zcommon "zotregistry.dev/zot/pkg/common" + "zotregistry.dev/zot/pkg/compat" "zotregistry.dev/zot/pkg/extensions/monitoring" zlog "zotregistry.dev/zot/pkg/log" "zotregistry.dev/zot/pkg/scheduler" @@ -62,10 +65,10 @@ func GetManifestDescByReference(index ispec.Index, reference string) (ispec.Desc } func ValidateManifest(imgStore storageTypes.ImageStore, repo, reference, mediaType string, body []byte, - log zlog.Logger, + compats []compat.MediaCompatibility, log zlog.Logger, ) error { // validate the manifest - if !IsSupportedMediaType(mediaType) { + if !IsSupportedMediaType(compats, mediaType) { log.Debug().Interface("actual", mediaType). Msg("bad manifest media type") @@ -145,6 +148,23 @@ func ValidateManifest(imgStore storageTypes.ImageStore, repo, reference, mediaTy log.Error().Err(err).Str("digest", manifest.Digest.String()). Msg("failed to stat manifest due to missing manifest blob") + return zerr.ErrBadManifest + } + } + default: + // non-OCI compatible + descriptors, err := compat.Validate(body, mediaType) + if err != nil { + log.Error().Err(err).Msg("failed to unmarshal JSON") + + return zerr.ErrBadManifest + } + + for _, desc := range descriptors { + if ok, _, _, err := imgStore.StatBlob(repo, desc.Digest); !ok || err != nil { + log.Error().Err(err).Str("digest", desc.Digest.String()). + Msg("failed to stat non-OCI descriptor due to missing blob") + return zerr.ErrBadManifest } } @@ -549,9 +569,10 @@ func IsBlobReferencedInImageIndex(imgStore storageTypes.ImageStore, repo string, case ispec.MediaTypeImageManifest: found, _ = isBlobReferencedInImageManifest(imgStore, repo, digest, desc.Digest, log) default: - log.Warn().Str("mediatype", desc.MediaType).Msg("unknown media-type") // should return true for digests found in index.json even if we don't know it's mediatype if digest == desc.Digest { + log.Debug().Str("mediatype", desc.MediaType).Str("digest", digest.String()). + Msg("unexpected media-type found in image index manifest list") found = true } } @@ -795,7 +816,15 @@ func getBlobDescriptorFromManifest(imgStore storageTypes.ImageStore, repo string return ispec.Descriptor{}, zerr.ErrBlobNotFound } -func IsSupportedMediaType(mediaType string) bool { +func IsSupportedMediaType(compats []compat.MediaCompatibility, mediaType string) bool { + // check for some supported legacy formats if configured + for _, comp := range compats { + if comp == compat.DockerManifestV2SchemaV2 && + (mediaType == docker.MediaTypeManifest || mediaType == dockerList.MediaTypeManifestList) { + return true + } + } + return mediaType == ispec.MediaTypeImageIndex || mediaType == ispec.MediaTypeImageManifest } diff --git a/pkg/storage/common/common_test.go b/pkg/storage/common/common_test.go index c618d762..b6a57514 100644 --- a/pkg/storage/common/common_test.go +++ b/pkg/storage/common/common_test.go @@ -37,7 +37,7 @@ func TestValidateManifest(t *testing.T) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) content := []byte("this is a blob") digest := godigest.FromBytes(content) @@ -180,7 +180,7 @@ func TestGetReferrersErrors(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, false, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, false, true, log, metrics, nil, cacheDriver, nil) artifactType := "application/vnd.example.icecream.v1" validDigest := godigest.FromBytes([]byte("blob")) @@ -401,7 +401,7 @@ func TestGetBlobDescriptorFromRepo(t *testing.T) { driver := local.New(true) imgStore := imagestore.NewImageStore(tdir, tdir, true, - true, log, metrics, nil, driver, cacheDriver) + true, log, metrics, nil, driver, cacheDriver, nil) repoName := "zot-test" diff --git a/pkg/storage/gc/gc.go b/pkg/storage/gc/gc.go index 4c730034..a28125c6 100644 --- a/pkg/storage/gc/gc.go +++ b/pkg/storage/gc/gc.go @@ -17,6 +17,7 @@ import ( zerr "zotregistry.dev/zot/errors" "zotregistry.dev/zot/pkg/api/config" zcommon "zotregistry.dev/zot/pkg/common" + "zotregistry.dev/zot/pkg/compat" zlog "zotregistry.dev/zot/pkg/log" mTypes "zotregistry.dev/zot/pkg/meta/types" "zotregistry.dev/zot/pkg/retention" @@ -219,8 +220,7 @@ func (gc GarbageCollect) removeIndexReferrers(repo string, rootIndex *ispec.Inde var err error for _, desc := range index.Manifests { - switch desc.MediaType { - case ispec.MediaTypeImageIndex: + if (desc.MediaType == ispec.MediaTypeImageIndex) || compat.IsCompatibleManifestListMediaType(desc.MediaType) { indexImage, err := common.GetImageIndex(gc.imgStore, repo, desc.Digest, gc.log) if err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repository", repo).Str("digest", desc.Digest.String()). @@ -249,7 +249,7 @@ func (gc GarbageCollect) removeIndexReferrers(repo string, rootIndex *ispec.Inde if gced { count++ } - case ispec.MediaTypeImageManifest: + } else if (desc.MediaType == ispec.MediaTypeImageManifest) || compat.IsCompatibleManifestMediaType(desc.MediaType) { image, err := common.GetImageManifest(gc.imgStore, repo, desc.Digest, gc.log) if err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repo", repo).Str("digest", desc.Digest.String()). @@ -513,8 +513,7 @@ func (gc GarbageCollect) identifyManifestsReferencedInIndex(index ispec.Index, r referenced map[godigest.Digest]bool, ) error { for _, desc := range index.Manifests { - switch desc.MediaType { - case ispec.MediaTypeImageIndex: + if (desc.MediaType == ispec.MediaTypeImageIndex) || compat.IsCompatibleManifestListMediaType(desc.MediaType) { indexImage, err := common.GetImageIndex(gc.imgStore, repo, desc.Digest, gc.log) if err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repository", repo). @@ -534,7 +533,7 @@ func (gc GarbageCollect) identifyManifestsReferencedInIndex(index ispec.Index, r if err := gc.identifyManifestsReferencedInIndex(indexImage, repo, referenced); err != nil { return err } - case ispec.MediaTypeImageManifest: + } else if (desc.MediaType == ispec.MediaTypeImageManifest) || compat.IsCompatibleManifestMediaType(desc.MediaType) { image, err := common.GetImageManifest(gc.imgStore, repo, desc.Digest, gc.log) if err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repo", repo). @@ -675,15 +674,14 @@ func (gc GarbageCollect) removeUnreferencedBlobs(repo string, delay time.Duratio func (gc GarbageCollect) addIndexBlobsToReferences(repo string, index ispec.Index, refBlobs map[string]bool, ) error { for _, desc := range index.Manifests { - switch desc.MediaType { - case ispec.MediaTypeImageIndex: + if (desc.MediaType == ispec.MediaTypeImageIndex) || compat.IsCompatibleManifestListMediaType(desc.MediaType) { if err := gc.addImageIndexBlobsToReferences(repo, desc.Digest, refBlobs); err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repository", repo). Str("digest", desc.Digest.String()).Msg("failed to read blobs in multiarch(index) image") return err } - case ispec.MediaTypeImageManifest: + } else if (desc.MediaType == ispec.MediaTypeImageManifest) || compat.IsCompatibleManifestMediaType(desc.MediaType) { if err := gc.addImageManifestBlobsToReferences(repo, desc.Digest, refBlobs); err != nil { gc.log.Error().Err(err).Str("module", "gc").Str("repository", repo). Str("digest", desc.Digest.String()).Msg("failed to read blobs in image manifest") diff --git a/pkg/storage/gc/gc_internal_test.go b/pkg/storage/gc/gc_internal_test.go index 3bd40287..59ef0d76 100644 --- a/pkg/storage/gc/gc_internal_test.go +++ b/pkg/storage/gc/gc_internal_test.go @@ -47,7 +47,7 @@ func TestGarbageCollectManifestErrors(t *testing.T) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) gc := NewGarbageCollect(imgStore, mocks.MetaDBMock{}, Options{ Delay: storageConstants.DefaultGCDelay, @@ -171,7 +171,7 @@ func TestGarbageCollectIndexErrors(t *testing.T) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) gc := NewGarbageCollect(imgStore, mocks.MetaDBMock{}, Options{ Delay: storageConstants.DefaultGCDelay, diff --git a/pkg/storage/gc/gc_test.go b/pkg/storage/gc/gc_test.go index b43da73c..bcec4a67 100644 --- a/pkg/storage/gc/gc_test.go +++ b/pkg/storage/gc/gc_test.go @@ -3,6 +3,7 @@ package gc_test import ( "bytes" "context" + "encoding/json" "fmt" "os" "path" @@ -12,6 +13,9 @@ import ( "github.com/distribution/distribution/v3/registry/storage/driver/factory" _ "github.com/distribution/distribution/v3/registry/storage/driver/s3-aws" guuid "github.com/gofrs/uuid" + godigest "github.com/opencontainers/go-digest" + "github.com/opencontainers/image-spec/specs-go" + ispec "github.com/opencontainers/image-spec/specs-go/v1" . "github.com/smartystreets/goconvey/convey" "gopkg.in/resty.v1" @@ -136,13 +140,13 @@ func TestGarbageCollectAndRetention(t *testing.T) { panic(err) } - imgStore = s3.NewImageStore(rootDir, cacheDir, true, false, log, metrics, nil, store, nil) + imgStore = s3.NewImageStore(rootDir, cacheDir, true, false, log, metrics, nil, store, nil, nil) } else { // Create temporary directory rootDir := t.TempDir() // Create ImageStore - imgStore = local.NewImageStore(rootDir, false, false, log, metrics, nil, nil) + imgStore = local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) // init metaDB params := boltdb.DBParameters{ @@ -184,6 +188,10 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = WriteImageToFileSystem(gcTest3, "gc-test3", "0.0.1", storeController) So(err, ShouldBeNil) + gcTest4 := CreateRandomMultiarch() + err = WriteMultiArchImageToFileSystem(gcTest4, "gc-test4", "0.0.1", storeController) + So(err, ShouldBeNil) + // referrers ref1 := CreateRandomImageWith().Subject(gcTest1.DescriptorRef()).Build() err = WriteImageToFileSystem(ref1, "gc-test1", ref1.DigestStr(), storeController) @@ -197,6 +205,10 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = WriteImageToFileSystem(ref3, "gc-test3", ref3.DigestStr(), storeController) So(err, ShouldBeNil) + ref4 := CreateMultiarchWith().RandomImages(3).Subject(gcTest4.DescriptorRef()).Build() + err = WriteMultiArchImageToFileSystem(ref4, "gc-test4", ref4.DigestStr(), storeController) + So(err, ShouldBeNil) + // referrers pointing to referrers refOfRef1 := CreateRandomImageWith().Subject(ref1.DescriptorRef()).Build() err = WriteImageToFileSystem(refOfRef1, "gc-test1", refOfRef1.DigestStr(), storeController) @@ -210,6 +222,10 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = WriteImageToFileSystem(refOfRef3, "gc-test3", refOfRef3.DigestStr(), storeController) So(err, ShouldBeNil) + refOfRef4 := CreateMultiarchWith().RandomImages(3).Subject(ref4.DescriptorRef()).Build() + err = WriteMultiArchImageToFileSystem(refOfRef4, "gc-test4", refOfRef4.DigestStr(), storeController) + So(err, ShouldBeNil) + // untagged images gcUntagged1 := CreateRandomImage() err = WriteImageToFileSystem(gcUntagged1, "gc-test1", gcUntagged1.DigestStr(), storeController) @@ -223,6 +239,10 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = WriteImageToFileSystem(gcUntagged3, "gc-test3", gcUntagged3.DigestStr(), storeController) So(err, ShouldBeNil) + gcUntagged4 := CreateRandomMultiarch() + err = WriteMultiArchImageToFileSystem(gcUntagged4, "gc-test4", gcUntagged4.DigestStr(), storeController) + So(err, ShouldBeNil) + // for image retention testing // old images gcOld1 := CreateRandomImage() @@ -237,6 +257,10 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = WriteImageToFileSystem(gcOld3, "retention", "0.0.3", storeController) So(err, ShouldBeNil) + gcOld4 := CreateRandomMultiarch() + err = WriteMultiArchImageToFileSystem(gcOld4, "retention", "0.0.7", storeController) + So(err, ShouldBeNil) + // new images gcNew1 := CreateRandomImage() err = WriteImageToFileSystem(gcNew1, "retention", "0.0.4", storeController) @@ -250,6 +274,10 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = WriteImageToFileSystem(gcNew3, "retention", "0.0.6", storeController) So(err, ShouldBeNil) + gcNew4 := CreateRandomMultiarch() + err = WriteMultiArchImageToFileSystem(gcNew4, "retention", "0.0.8", storeController) + So(err, ShouldBeNil) + err = meta.ParseStorage(metaDB, storeController, log) //nolint: contextcheck So(err, ShouldBeNil) @@ -269,6 +297,10 @@ func TestGarbageCollectAndRetention(t *testing.T) { gcOld3Stats.PushTimestamp = time.Now().Add(-12 * 24 * time.Hour) gcOld3Stats.LastPullTimestamp = time.Now().Add(-12 * 24 * time.Hour) + gcOld4Stats := retentionMeta.Statistics[gcOld4.DigestStr()] + gcOld4Stats.PushTimestamp = time.Now().Add(-13 * 24 * time.Hour) + gcOld4Stats.LastPullTimestamp = time.Now().Add(-13 * 24 * time.Hour) + gcNew1Stats := retentionMeta.Statistics[gcNew1.DigestStr()] gcNew1Stats.PushTimestamp = time.Now().Add(-1 * 24 * time.Hour) gcNew1Stats.LastPullTimestamp = time.Now().Add(-1 * 24 * time.Hour) @@ -281,13 +313,19 @@ func TestGarbageCollectAndRetention(t *testing.T) { gcNew3Stats.PushTimestamp = time.Now().Add(-3 * 24 * time.Hour) gcNew3Stats.LastPullTimestamp = time.Now().Add(-2 * 24 * time.Hour) + gcNew4Stats := retentionMeta.Statistics[gcNew4.DigestStr()] + gcNew4Stats.PushTimestamp = time.Now().Add(-4 * 24 * time.Hour) + gcNew4Stats.LastPullTimestamp = time.Now().Add(-4 * 24 * time.Hour) + retentionMeta.Statistics[gcOld1.DigestStr()] = gcOld1Stats retentionMeta.Statistics[gcOld2.DigestStr()] = gcOld2Stats retentionMeta.Statistics[gcOld3.DigestStr()] = gcOld3Stats + retentionMeta.Statistics[gcOld4.DigestStr()] = gcOld4Stats retentionMeta.Statistics[gcNew1.DigestStr()] = gcNew1Stats retentionMeta.Statistics[gcNew2.DigestStr()] = gcNew2Stats retentionMeta.Statistics[gcNew3.DigestStr()] = gcNew3Stats + retentionMeta.Statistics[gcNew4.DigestStr()] = gcNew4Stats // update repo meta err = metaDB.SetRepoMeta("retention", retentionMeta) @@ -320,6 +358,9 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = gc.CleanRepo(ctx, "gc-test3") So(err, ShouldBeNil) + err = gc.CleanRepo(ctx, "gc-test4") + So(err, ShouldBeNil) + err = gc.CleanRepo(ctx, "retention") So(err, ShouldBeNil) @@ -359,6 +400,18 @@ func TestGarbageCollectAndRetention(t *testing.T) { _, _, _, err = imgStore.GetImageManifest("gc-test3", refOfRef3.DigestStr()) So(err, ShouldBeNil) + _, _, _, err = imgStore.GetImageManifest("gc-test4", gcTest4.DigestStr()) + So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("gc-test4", gcUntagged4.DigestStr()) + So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("gc-test4", ref4.DigestStr()) + So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("gc-test4", refOfRef4.DigestStr()) + So(err, ShouldBeNil) + _, _, _, err = imgStore.GetImageManifest("retention", "0.0.1") So(err, ShouldBeNil) @@ -376,6 +429,12 @@ func TestGarbageCollectAndRetention(t *testing.T) { _, _, _, err = imgStore.GetImageManifest("retention", "0.0.6") So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("retention", "0.0.7") + So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("retention", "0.0.8") + So(err, ShouldBeNil) }) Convey("gc untagged manifests", func() { @@ -403,6 +462,9 @@ func TestGarbageCollectAndRetention(t *testing.T) { err = gc.CleanRepo(ctx, "gc-test3") So(err, ShouldBeNil) + err = gc.CleanRepo(ctx, "gc-test4") + So(err, ShouldBeNil) + err = gc.CleanRepo(ctx, "retention") So(err, ShouldBeNil) @@ -441,6 +503,18 @@ func TestGarbageCollectAndRetention(t *testing.T) { _, _, _, err = imgStore.GetImageManifest("gc-test3", refOfRef3.DigestStr()) So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("gc-test4", gcTest4.DigestStr()) + So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("gc-test4", gcUntagged4.DigestStr()) + So(err, ShouldNotBeNil) + + _, _, _, err = imgStore.GetImageManifest("gc-test4", ref4.DigestStr()) + So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("gc-test4", refOfRef4.DigestStr()) + So(err, ShouldBeNil) }) Convey("gc all tags, untagged, and afterwards referrers", func() { @@ -485,6 +559,7 @@ func TestGarbageCollectAndRetention(t *testing.T) { So(repos, ShouldNotContain, "gc-test1") So(repos, ShouldContain, "gc-test2") So(repos, ShouldContain, "gc-test3") + So(repos, ShouldContain, "gc-test4") So(repos, ShouldContain, "retention") }) @@ -527,6 +602,7 @@ func TestGarbageCollectAndRetention(t *testing.T) { So(repos, ShouldContain, "gc-test1") So(repos, ShouldContain, "gc-test2") So(repos, ShouldContain, "gc-test3") + So(repos, ShouldContain, "gc-test4") So(repos, ShouldContain, "retention") tags, err := imgStore.GetImageTags("gc-test1") @@ -587,6 +663,12 @@ func TestGarbageCollectAndRetention(t *testing.T) { _, _, _, err = imgStore.GetImageManifest("retention", "0.0.6") So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("retention", "0.0.7") + So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("retention", "0.0.8") + So(err, ShouldBeNil) }) Convey("retain new tags", func() { @@ -622,10 +704,12 @@ func TestGarbageCollectAndRetention(t *testing.T) { So(tags, ShouldContain, "0.0.4") So(tags, ShouldContain, "0.0.5") So(tags, ShouldContain, "0.0.6") + So(tags, ShouldContain, "0.0.8") So(tags, ShouldNotContain, "0.0.1") So(tags, ShouldNotContain, "0.0.2") So(tags, ShouldNotContain, "0.0.3") + So(tags, ShouldNotContain, "0.0.7") }) Convey("retain 3 most recently pushed images", func() { @@ -662,6 +746,8 @@ func TestGarbageCollectAndRetention(t *testing.T) { So(tags, ShouldNotContain, "0.0.1") So(tags, ShouldNotContain, "0.0.2") So(tags, ShouldNotContain, "0.0.3") + So(tags, ShouldNotContain, "0.0.7") + So(tags, ShouldNotContain, "0.0.8") }) Convey("retain 3 most recently pulled images", func() { @@ -698,6 +784,8 @@ func TestGarbageCollectAndRetention(t *testing.T) { So(tags, ShouldNotContain, "0.0.1") So(tags, ShouldNotContain, "0.0.2") So(tags, ShouldNotContain, "0.0.3") + So(tags, ShouldNotContain, "0.0.7") + So(tags, ShouldNotContain, "0.0.8") }) Convey("retain 3 most recently pulled OR 4 most recently pushed images", func() { @@ -728,13 +816,15 @@ func TestGarbageCollectAndRetention(t *testing.T) { tags, err := imgStore.GetImageTags("retention") So(err, ShouldBeNil) - So(tags, ShouldContain, "0.0.1") So(tags, ShouldContain, "0.0.4") So(tags, ShouldContain, "0.0.5") So(tags, ShouldContain, "0.0.6") + So(tags, ShouldContain, "0.0.8") + So(tags, ShouldNotContain, "0.0.1") So(tags, ShouldNotContain, "0.0.2") So(tags, ShouldNotContain, "0.0.3") + So(tags, ShouldNotContain, "0.0.7") }) Convey("test if first match rule logic works", func() { @@ -778,6 +868,8 @@ func TestGarbageCollectAndRetention(t *testing.T) { So(tags, ShouldNotContain, "0.0.3") So(tags, ShouldNotContain, "0.0.5") So(tags, ShouldNotContain, "0.0.6") + So(tags, ShouldNotContain, "0.0.7") + So(tags, ShouldNotContain, "0.0.8") }) Convey("gc - do not match any repo", func() { @@ -817,7 +909,7 @@ func TestGarbageCollectAndRetention(t *testing.T) { Convey("remove one tag because it didn't match, preserve tags without statistics in metaDB", func() { // add new tag in retention repo which can not be found in metaDB, should be always retained - err = WriteImageToFileSystem(CreateRandomImage(), "retention", "0.0.7", storeController) + err = WriteImageToFileSystem(CreateRandomImage(), "retention", "0.0.9", storeController) So(err, ShouldBeNil) gc := gc.NewGarbageCollect(imgStore, metaDB, gc.Options{ @@ -831,7 +923,7 @@ func TestGarbageCollectAndRetention(t *testing.T) { DeleteUntagged: &trueVal, KeepTags: []config.KeepTagsPolicy{ { - Patterns: []string{"0.0.[1-5]"}, + Patterns: []string{"0.0.[1-5]", "0.0.7"}, }, }, }, @@ -862,6 +954,12 @@ func TestGarbageCollectAndRetention(t *testing.T) { _, _, _, err = imgStore.GetImageManifest("retention", "0.0.7") So(err, ShouldBeNil) + + _, _, _, err = imgStore.GetImageManifest("retention", "0.0.8") + So(err, ShouldNotBeNil) + + _, _, _, err = imgStore.GetImageManifest("retention", "0.0.9") + So(err, ShouldBeNil) }) Convey("gc with context done", func() { @@ -993,3 +1091,367 @@ func TestGarbageCollectAndRetention(t *testing.T) { }) } } + +func TestGarbageCollectDeletion(t *testing.T) { + Convey("setup store", t, func() { + log := zlog.NewLogger("debug", "") + audit := zlog.NewAuditLogger("debug", "/dev/null") + + metrics := monitoring.NewMetricsServer(false, log) + + trueVal := true + + // Create temporary directory + rootDir := t.TempDir() + + // Create ImageStore + imgStore := local.NewImageStore(rootDir, false, false, log, metrics, nil, nil, nil) + + // init metaDB + params := boltdb.DBParameters{ + RootDir: rootDir, + } + + boltDriver, err := boltdb.GetBoltDriver(params) + So(err, ShouldBeNil) + + metaDB, err := boltdb.New(boltDriver, log) + So(err, ShouldBeNil) + + storeController := storage.StoreController{} + storeController.DefaultStore = imgStore + + ctx := context.Background() + + repoName := "multiarch" + blobsDir := path.Join(rootDir, repoName, "blobs") + + Convey("Create test data", func() { + image1 := CreateRandomImage() + image2 := CreateRandomImage() + image3 := CreateRandomImage() + bottomIndex1 := CreateMultiarchWith().Images([]Image{image1, image2}).Build() + bottomIndex2 := CreateMultiarchWith().Images([]Image{image3}).Build() + + err = WriteImageToFileSystem(image2, repoName, "manifest2", storeController) + So(err, ShouldBeNil) + + err = WriteMultiArchImageToFileSystem(bottomIndex1, repoName, bottomIndex1.Digest().String(), storeController) + So(err, ShouldBeNil) + + err = WriteMultiArchImageToFileSystem(bottomIndex2, repoName, "bottomIndex2", storeController) + So(err, ShouldBeNil) + + topIndex := ispec.Index{ + Versioned: specs.Versioned{SchemaVersion: 2}, + MediaType: ispec.MediaTypeImageIndex, + Manifests: []ispec.Descriptor{ + { + Digest: bottomIndex1.IndexDescriptor.Digest, + Size: bottomIndex1.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + { + Digest: bottomIndex2.IndexDescriptor.Digest, + Size: bottomIndex2.IndexDescriptor.Size, + MediaType: ispec.MediaTypeImageIndex, + }, + }, + } + + topIndexBlob, err := json.Marshal(topIndex) + So(err, ShouldBeNil) + + rootIndexDigest, _, err := imgStore.PutImageManifest(repoName, "topindex", ispec.MediaTypeImageIndex, + topIndexBlob) + So(err, ShouldBeNil) + + bottomIndex1Digest := bottomIndex1.IndexDescriptor.Digest + bottomIndex2Digest := bottomIndex2.IndexDescriptor.Digest + manifest1Digest := image1.Digest() + manifest2Digest := image2.Digest() + manifest3Digest := image3.Digest() + + err = meta.ParseStorage(metaDB, storeController, log) //nolint: contextcheck + So(err, ShouldBeNil) + + Convey("gc untagged manifests should not do anything, as all images refer to one another", func() { + gc := gc.NewGarbageCollect(imgStore, metaDB, gc.Options{ + Delay: 1 * time.Millisecond, + ImageRetention: config.ImageRetention{ + Delay: 1 * time.Millisecond, + Policies: []config.RetentionPolicy{ + { + Repositories: []string{"**"}, + DeleteReferrers: true, + DeleteUntagged: &trueVal, + KeepTags: []config.KeepTagsPolicy{}, + }, + }, + }, + }, audit, log) + + err = gc.CleanRepo(ctx, repoName) + So(err, ShouldBeNil) + + // All indexes and manifests refer to one another, so none should be missing + tags, err := readTagsFromStorage(rootDir, repoName, manifest1Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, manifest1Digest.Algorithm().String(), manifest1Digest.Encoded())) + So(err, ShouldBeNil) + + tags, err = readTagsFromStorage(rootDir, repoName, manifest2Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "manifest2") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, manifest2Digest.Algorithm().String(), manifest2Digest.Encoded())) + So(err, ShouldBeNil) + + tags, err = readTagsFromStorage(rootDir, repoName, manifest3Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, manifest3Digest.Algorithm().String(), manifest3Digest.Encoded())) + So(err, ShouldBeNil) + + tags, err = readTagsFromStorage(rootDir, repoName, bottomIndex1Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, bottomIndex1Digest.Algorithm().String(), bottomIndex1Digest.Encoded())) + So(err, ShouldBeNil) + + tags, err = readTagsFromStorage(rootDir, repoName, bottomIndex2Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "bottomIndex2") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, bottomIndex2Digest.Algorithm().String(), bottomIndex2Digest.Encoded())) + So(err, ShouldBeNil) + + tags, err = readTagsFromStorage(rootDir, repoName, rootIndexDigest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "topindex") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, rootIndexDigest.Algorithm().String(), rootIndexDigest.Encoded())) + So(err, ShouldBeNil) + }) + + Convey("gc untagged manifests after deleting the tag of the top index", func() { + gc := gc.NewGarbageCollect(imgStore, metaDB, gc.Options{ + Delay: 1 * time.Millisecond, + ImageRetention: config.ImageRetention{ + Delay: 1 * time.Millisecond, + Policies: []config.RetentionPolicy{ + { + Repositories: []string{"**"}, + DeleteReferrers: true, + DeleteUntagged: &trueVal, + KeepTags: []config.KeepTagsPolicy{}, + }, + }, + }, + }, audit, log) + + err = deleteTagInStorage(rootDir, repoName, "topindex") + + err = gc.CleanRepo(ctx, repoName) + So(err, ShouldBeNil) + + // manifest1, bottomIndex1 and topIndex are untagged, so manifest1 should be deleted + tags, err := readTagsFromStorage(rootDir, repoName, manifest1Digest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, manifest1Digest.Algorithm().String(), manifest1Digest.Encoded())) + So(err, ShouldNotBeNil) + + // manifest2 is has a tag, so it should not be deleted + tags, err = readTagsFromStorage(rootDir, repoName, manifest2Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "manifest2") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, manifest2Digest.Algorithm().String(), manifest2Digest.Encoded())) + So(err, ShouldBeNil) + + // manifest3 is referenced by tagged bottomIndex2, so it should not be deleted + tags, err = readTagsFromStorage(rootDir, repoName, manifest3Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, manifest3Digest.Algorithm().String(), manifest3Digest.Encoded())) + So(err, ShouldBeNil) + + // bottomIndex1 and topIndex are untagged, so bottomIndex1 should be deleted + tags, err = readTagsFromStorage(rootDir, repoName, bottomIndex1Digest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, bottomIndex1Digest.Algorithm().String(), bottomIndex1Digest.Encoded())) + So(err, ShouldNotBeNil) + + // bottomIndex2 is has a tag, so it should not be deleted + tags, err = readTagsFromStorage(rootDir, repoName, bottomIndex2Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "bottomIndex2") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, bottomIndex2Digest.Algorithm().String(), bottomIndex2Digest.Encoded())) + So(err, ShouldBeNil) + + // topIndex is untagged, so it should be deleted + tags, err = readTagsFromStorage(rootDir, repoName, rootIndexDigest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, rootIndexDigest.Algorithm().String(), rootIndexDigest.Encoded())) + So(err, ShouldNotBeNil) + }) + + Convey("gc unmatching tags", func() { + gc := gc.NewGarbageCollect(imgStore, metaDB, gc.Options{ + Delay: 1 * time.Millisecond, + ImageRetention: config.ImageRetention{ + Delay: 1 * time.Millisecond, + Policies: []config.RetentionPolicy{ + { + Repositories: []string{"**"}, + DeleteReferrers: true, + DeleteUntagged: &trueVal, + KeepTags: []config.KeepTagsPolicy{ + { + Patterns: []string{"manifest2"}, + }, + }, + }, + }, + }, + }, audit, log) + + err = gc.CleanRepo(ctx, repoName) + So(err, ShouldBeNil) + + // manifest1, bottomIndex1 and topIndex are untagged or don't have matching tags + tags, err := readTagsFromStorage(rootDir, repoName, manifest1Digest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, manifest1Digest.Algorithm().String(), manifest1Digest.Encoded())) + So(err, ShouldNotBeNil) + + // manifest2 has a matching tag, so it should not be deleted + tags, err = readTagsFromStorage(rootDir, repoName, manifest2Digest) + So(err, ShouldBeNil) + So(tags, ShouldContain, "manifest2") + So(len(tags), ShouldEqual, 1) + + _, err = os.Stat(path.Join(blobsDir, manifest2Digest.Algorithm().String(), manifest2Digest.Encoded())) + So(err, ShouldBeNil) + + // manifest3, bottomIndex2 and topIndex are untagged or don't have matching tags + tags, err = readTagsFromStorage(rootDir, repoName, manifest3Digest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, manifest3Digest.Algorithm().String(), manifest3Digest.Encoded())) + So(err, ShouldNotBeNil) + + // bottomIndex1 and topIndex are untagged, so bottomIndex1 should be deleted + tags, err = readTagsFromStorage(rootDir, repoName, bottomIndex1Digest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, bottomIndex1Digest.Algorithm().String(), bottomIndex1Digest.Encoded())) + So(err, ShouldNotBeNil) + + // bottomIndex2 and topIndex are untagged, so bottomIndex1 should be deleted + tags, err = readTagsFromStorage(rootDir, repoName, bottomIndex2Digest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, bottomIndex2Digest.Algorithm().String(), bottomIndex2Digest.Encoded())) + So(err, ShouldNotBeNil) + + // topIndex is untagged, so it should be deleted + tags, err = readTagsFromStorage(rootDir, repoName, rootIndexDigest) + So(err, ShouldBeNil) + So(len(tags), ShouldEqual, 0) + + _, err = os.Stat(path.Join(blobsDir, rootIndexDigest.Algorithm().String(), rootIndexDigest.Encoded())) + So(err, ShouldNotBeNil) + }) + }) + }) +} + +func deleteTagInStorage(rootDir, repoName, tag string) error { + indexJSONBuf, err := os.ReadFile(path.Join(rootDir, repoName, "index.json")) + if err != nil { + return err + } + + var indexJSON ispec.Index + + err = json.Unmarshal(indexJSONBuf, &indexJSON) + if err != nil { + return err + } + + for _, desc := range indexJSON.Manifests { + if desc.Annotations[ispec.AnnotationRefName] == tag { + delete(desc.Annotations, ispec.AnnotationRefName) + } + } + + indexJSONBuf, err = json.Marshal(indexJSON) + if err != nil { + return err + } + + err = os.WriteFile(path.Join(rootDir, repoName, "index.json"), indexJSONBuf, 0o600) + if err != nil { + return err + } + + return nil +} + +func readTagsFromStorage(rootDir, repoName string, digest godigest.Digest) ([]string, error) { + result := []string{} + + indexJSONBuf, err := os.ReadFile(path.Join(rootDir, repoName, "index.json")) + if err != nil { + return result, err + } + + var indexJSON ispec.Index + + err = json.Unmarshal(indexJSONBuf, &indexJSON) + if err != nil { + return result, err + } + + for _, desc := range indexJSON.Manifests { + if desc.Digest != digest { + continue + } + + name := desc.Annotations[ispec.AnnotationRefName] + // There is a special case where there is an entry in + // the index.json without tags, in this case name is an empty string + // Also we should not have duplicates + // Do these checks in the actual test cases, not here + result = append(result, name) + } + + return result, nil +} diff --git a/pkg/storage/imagestore/imagestore.go b/pkg/storage/imagestore/imagestore.go index 22db78cd..d37842e0 100644 --- a/pkg/storage/imagestore/imagestore.go +++ b/pkg/storage/imagestore/imagestore.go @@ -21,6 +21,7 @@ import ( zerr "zotregistry.dev/zot/errors" zcommon "zotregistry.dev/zot/pkg/common" + "zotregistry.dev/zot/pkg/compat" "zotregistry.dev/zot/pkg/extensions/monitoring" syncConstants "zotregistry.dev/zot/pkg/extensions/sync/constants" zlog "zotregistry.dev/zot/pkg/log" @@ -49,6 +50,7 @@ type ImageStore struct { dedupe bool linter common.Lint commit bool + compat []compat.MediaCompatibility } func (is *ImageStore) Name() string { @@ -67,7 +69,8 @@ func (is *ImageStore) DirExists(d string) bool { // see https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers // Use the last argument to properly set a cache database, or it will default to boltDB local storage. func NewImageStore(rootDir string, cacheDir string, dedupe, commit bool, log zlog.Logger, - metrics monitoring.MetricServer, linter common.Lint, storeDriver storageTypes.Driver, cacheDriver cache.Cache, + metrics monitoring.MetricServer, linter common.Lint, storeDriver storageTypes.Driver, + cacheDriver cache.Cache, compat []compat.MediaCompatibility, ) storageTypes.ImageStore { if err := storeDriver.EnsureDir(rootDir); err != nil { log.Error().Err(err).Str("rootDir", rootDir).Msg("failed to create root dir") @@ -85,6 +88,7 @@ func NewImageStore(rootDir string, cacheDir string, dedupe, commit bool, log zlo linter: linter, commit: commit, cache: cacheDriver, + compat: compat, } return imgStore @@ -261,6 +265,89 @@ func (is *ImageStore) ValidateRepo(name string) (bool, error) { return true, nil } +func (is *ImageStore) GetNextRepositories(lastRepo string, maxEntries int, filterFn storageTypes.FilterRepoFunc, +) ([]string, bool, error) { + var lockLatency time.Time + + dir := is.rootDir + + is.RLock(&lockLatency) + defer is.RUnlock(&lockLatency) + + stores := make([]string, 0) + + moreEntries := false + entries := 0 + found := false + err := is.storeDriver.Walk(dir, func(fileInfo driver.FileInfo) error { + if entries == maxEntries { + moreEntries = true + + return io.EOF + } + + if !fileInfo.IsDir() { + return nil + } + + // skip .sync and .uploads dirs no need to try to validate them + if strings.HasSuffix(fileInfo.Path(), syncConstants.SyncBlobUploadDir) || + strings.HasSuffix(fileInfo.Path(), ispec.ImageBlobsDir) || + strings.HasSuffix(fileInfo.Path(), storageConstants.BlobUploadDir) { + return driver.ErrSkipDir + } + + rel, err := filepath.Rel(is.rootDir, fileInfo.Path()) + if err != nil { + return nil //nolint:nilerr // ignore paths that are not under root dir + } + + if ok, err := is.ValidateRepo(rel); !ok || err != nil { + return nil //nolint:nilerr // ignore invalid repos + } + + if lastRepo == rel { + found = true + + return nil + } + + if lastRepo == "" { + found = true + } + + ok, err := filterFn(rel) + if err != nil { + return err + } + + if found && ok { + entries++ + + stores = append(stores, rel) + } + + return nil + }) + + // if the root directory is not yet created then return an empty slice of repositories + + driverErr := &driver.Error{} + + if errors.As(err, &driver.PathNotFoundError{}) { + is.log.Debug().Msg("empty rootDir") + + return stores, false, nil + } + + if errors.Is(err, io.EOF) || + (errors.As(err, driverErr) && errors.Is(driverErr.Detail, io.EOF)) { + return stores, moreEntries, nil + } + + return stores, moreEntries, err +} + // GetRepositories returns a list of all the repositories under this store. func (is *ImageStore) GetRepositories() ([]string, error) { var lockLatency time.Time @@ -490,7 +577,7 @@ func (is *ImageStore) PutImageManifest(repo, reference, mediaType string, //noli refIsDigest = false } - err = common.ValidateManifest(is, repo, reference, mediaType, body, is.log) + err = common.ValidateManifest(is, repo, reference, mediaType, body, is.compat, is.log) if err != nil { return mDigest, "", err } @@ -1804,17 +1891,28 @@ func (is *ImageStore) GetNextDigestWithBlobPaths(repos []string, lastDigests []g if fileInfo.IsDir() { // skip repositories not found in repos - repo := path.Base(fileInfo.Path()) - if !zcommon.Contains(repos, repo) && repo != ispec.ImageBlobsDir { - candidateAlgorithm := godigest.Algorithm(repo) + baseName := path.Base(fileInfo.Path()) + if zcommon.Contains(repos, baseName) || baseName == ispec.ImageBlobsDir { + return nil + } - if !candidateAlgorithm.Available() { - return driver.ErrSkipDir - } + candidateAlgorithm := godigest.Algorithm(baseName) + + if !candidateAlgorithm.Available() { + return driver.ErrSkipDir } + + return nil + } + + baseName := path.Base(fileInfo.Path()) + + skippedFiles := []string{ispec.ImageLayoutFile, ispec.ImageIndexFile, "meta.db", "cache.db"} + if zcommon.Contains(skippedFiles, baseName) { + return nil } - digestHash := path.Base(fileInfo.Path()) + digestHash := baseName digestAlgorithm := godigest.Algorithm(path.Base(path.Dir(fileInfo.Path()))) blobDigest := godigest.NewDigestFromEncoded(digestAlgorithm, digestHash) diff --git a/pkg/storage/local/local.go b/pkg/storage/local/local.go index ecf1ffd1..3309415c 100644 --- a/pkg/storage/local/local.go +++ b/pkg/storage/local/local.go @@ -1,6 +1,7 @@ package local import ( + "zotregistry.dev/zot/pkg/compat" "zotregistry.dev/zot/pkg/extensions/monitoring" zlog "zotregistry.dev/zot/pkg/log" "zotregistry.dev/zot/pkg/storage/cache" @@ -13,6 +14,7 @@ import ( // Use the last argument to properly set a cache database, or it will default to boltDB local storage. func NewImageStore(rootDir string, dedupe, commit bool, log zlog.Logger, metrics monitoring.MetricServer, linter common.Lint, cacheDriver cache.Cache, + compat []compat.MediaCompatibility, ) storageTypes.ImageStore { return imagestore.NewImageStore( rootDir, @@ -24,5 +26,6 @@ func NewImageStore(rootDir string, dedupe, commit bool, log zlog.Logger, linter, New(commit), cacheDriver, + compat, ) } diff --git a/pkg/storage/local/local_elevated_test.go b/pkg/storage/local/local_elevated_test.go index 0ea8ffb2..9c75ac61 100644 --- a/pkg/storage/local/local_elevated_test.go +++ b/pkg/storage/local/local_elevated_test.go @@ -35,7 +35,7 @@ func TestElevatedPrivilegesInvalidDedupe(t *testing.T) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) upload, err := imgStore.NewBlobUpload("dedupe1") So(err, ShouldBeNil) diff --git a/pkg/storage/local/local_test.go b/pkg/storage/local/local_test.go index 610b6804..e38c9848 100644 --- a/pkg/storage/local/local_test.go +++ b/pkg/storage/local/local_test.go @@ -83,7 +83,7 @@ func TestStorageFSAPIs(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) Convey("Repo layout", t, func(c C) { Convey("Bad image manifest", func() { @@ -217,7 +217,7 @@ func FuzzNewBlobUpload(f *testing.F) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) _, err := imgStore.NewBlobUpload(data) if err != nil { @@ -244,7 +244,7 @@ func FuzzPutBlobChunk(f *testing.F) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := data @@ -280,7 +280,7 @@ func FuzzPutBlobChunkStreamed(f *testing.F) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := data @@ -314,7 +314,7 @@ func FuzzGetBlobUpload(f *testing.F) { UseRelPaths: true, }, log) imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, - cacheDriver) + cacheDriver, nil) _, err := imgStore.GetBlobUpload(data1, data2) if err != nil { @@ -340,7 +340,7 @@ func FuzzTestPutGetImageManifest(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) cblob, cdigest := GetRandomImageConfig() @@ -396,7 +396,7 @@ func FuzzTestPutDeleteImageManifest(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) cblob, cdigest := GetRandomImageConfig() @@ -457,7 +457,7 @@ func FuzzTestDeleteImageManifest(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) digest, _, err := newRandomBlobForFuzz(data) if err != nil { @@ -494,7 +494,7 @@ func FuzzInitRepo(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) err := imgStore.InitRepo(data) if err != nil { @@ -520,7 +520,7 @@ func FuzzInitValidateRepo(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) err := imgStore.InitRepo(data) if err != nil { @@ -555,7 +555,7 @@ func FuzzGetImageTags(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) _, err := imgStore.GetImageTags(data) if err != nil { @@ -581,7 +581,7 @@ func FuzzBlobUploadPath(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) _ = imgStore.BlobUploadPath(repo, uuid) }) @@ -600,7 +600,7 @@ func FuzzBlobUploadInfo(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) repo := data _, err := imgStore.BlobUploadInfo(repo, uuid) @@ -626,7 +626,7 @@ func FuzzTestGetImageManifest(f *testing.F) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := data @@ -655,7 +655,7 @@ func FuzzFinishBlobUpload(f *testing.F) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := data @@ -707,7 +707,7 @@ func FuzzFullBlobUpload(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) ldigest, lblob, err := newRandomBlobForFuzz(data) if err != nil { @@ -750,7 +750,7 @@ func TestStorageCacheErrors(t *testing.T) { GetBlobFn: func(digest godigest.Digest) (string, error) { return getBlobPath, nil }, - }) + }, nil) err := imgStore.InitRepo(originRepo) So(err, ShouldBeNil) @@ -780,7 +780,7 @@ func FuzzDedupeBlob(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) blobDigest := godigest.FromString(data) @@ -821,7 +821,7 @@ func FuzzDeleteBlobUpload(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) uuid, err := imgStore.NewBlobUpload(repoName) if err != nil { @@ -853,7 +853,7 @@ func FuzzBlobPath(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) digest := godigest.FromString(data) _ = imgStore.BlobPath(repoName, digest) @@ -874,7 +874,7 @@ func FuzzCheckBlob(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) digest := godigest.FromString(data) _, _, err := imgStore.FullBlobUpload(repoName, bytes.NewReader([]byte(data)), digest) @@ -907,7 +907,7 @@ func FuzzGetBlob(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) digest := godigest.FromString(data) _, _, err := imgStore.FullBlobUpload(repoName, bytes.NewReader([]byte(data)), digest) @@ -948,7 +948,7 @@ func FuzzDeleteBlob(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) digest := godigest.FromString(data) _, _, err := imgStore.FullBlobUpload(repoName, bytes.NewReader([]byte(data)), digest) @@ -985,7 +985,7 @@ func FuzzGetIndexContent(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) digest := godigest.FromString(data) _, _, err := imgStore.FullBlobUpload(repoName, bytes.NewReader([]byte(data)), digest) @@ -1022,7 +1022,7 @@ func FuzzGetBlobContent(f *testing.F) { Name: "cache", UseRelPaths: true, }, *log) - imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, *log, metrics, nil, cacheDriver, nil) digest := godigest.FromString(data) _, _, err := imgStore.FullBlobUpload(repoName, bytes.NewReader([]byte(data)), digest) @@ -1060,7 +1060,7 @@ func FuzzRunGCRepo(f *testing.F) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ Delay: storageConstants.DefaultGCDelay, @@ -1104,9 +1104,9 @@ func TestDedupeLinks(t *testing.T) { var imgStore storageTypes.ImageStore if testCase.dedupe { - imgStore = local.NewImageStore(dir, testCase.dedupe, true, log, metrics, nil, cacheDriver) + imgStore = local.NewImageStore(dir, testCase.dedupe, true, log, metrics, nil, cacheDriver, nil) } else { - imgStore = local.NewImageStore(dir, testCase.dedupe, true, log, metrics, nil, nil) + imgStore = local.NewImageStore(dir, testCase.dedupe, true, log, metrics, nil, nil, nil) } // run on empty image store @@ -1282,7 +1282,7 @@ func TestDedupeLinks(t *testing.T) { Convey("test RunDedupeForDigest directly, trigger stat error on original blob", func() { // rebuild with dedupe true - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) duplicateBlobs := []string{ path.Join(dir, "dedupe1", "blobs", "sha256", blobDigest1), @@ -1303,7 +1303,7 @@ func TestDedupeLinks(t *testing.T) { defer taskScheduler.Shutdown() // rebuild with dedupe true - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) imgStore.RunDedupeBlobs(time.Duration(0), taskScheduler) @@ -1317,7 +1317,7 @@ func TestDedupeLinks(t *testing.T) { defer taskScheduler.Shutdown() // rebuild with dedupe true - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) imgStore.RunDedupeBlobs(time.Duration(0), taskScheduler) // wait until rebuild finishes @@ -1337,7 +1337,7 @@ func TestDedupeLinks(t *testing.T) { taskScheduler := runAndGetScheduler() defer taskScheduler.Shutdown() - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, nil) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, nil, nil) // rebuild with dedupe true imgStore.RunDedupeBlobs(time.Duration(0), taskScheduler) @@ -1367,7 +1367,7 @@ func TestDedupeLinks(t *testing.T) { PutBlobFn: func(digest godigest.Digest, path string) error { return errCache }, - }) + }, nil) // rebuild with dedupe true, should have samefile blobs imgStore.RunDedupeBlobs(time.Duration(0), taskScheduler) // wait until rebuild finishes @@ -1400,7 +1400,7 @@ func TestDedupeLinks(t *testing.T) { return nil }, - }) + }, nil) // rebuild with dedupe true, should have samefile blobs imgStore.RunDedupeBlobs(time.Duration(0), taskScheduler) // wait until rebuild finishes @@ -1495,7 +1495,7 @@ func TestDedupe(t *testing.T) { UseRelPaths: true, }, log) - il := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + il := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) So(il.DedupeBlob("", "", "", ""), ShouldNotBeNil) }) @@ -1516,7 +1516,7 @@ func TestNegativeCases(t *testing.T) { }, log) So(local.NewImageStore(dir, true, - true, log, metrics, nil, cacheDriver), ShouldNotBeNil) + true, log, metrics, nil, cacheDriver, nil), ShouldNotBeNil) if os.Geteuid() != 0 { cacheDriver, _ := storage.Create("boltdb", cache.BoltDBDriverParameters{ @@ -1524,7 +1524,7 @@ func TestNegativeCases(t *testing.T) { Name: "cache", UseRelPaths: true, }, log) - So(local.NewImageStore("/deadBEEF", true, true, log, metrics, nil, cacheDriver), ShouldBeNil) + So(local.NewImageStore("/deadBEEF", true, true, log, metrics, nil, cacheDriver, nil), ShouldBeNil) } }) @@ -1539,7 +1539,7 @@ func TestNegativeCases(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) err := os.Chmod(dir, 0o000) // remove all perms if err != nil { @@ -1589,7 +1589,7 @@ func TestNegativeCases(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) So(imgStore, ShouldNotBeNil) So(imgStore.InitRepo("test"), ShouldBeNil) @@ -1703,7 +1703,7 @@ func TestNegativeCases(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) So(imgStore, ShouldNotBeNil) So(imgStore.InitRepo("test"), ShouldBeNil) @@ -1730,7 +1730,7 @@ func TestNegativeCases(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) So(imgStore, ShouldNotBeNil) So(imgStore.InitRepo("test"), ShouldBeNil) @@ -1778,7 +1778,7 @@ func TestNegativeCases(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) So(imgStore, ShouldNotBeNil) So(imgStore.InitRepo("test"), ShouldBeNil) @@ -1956,7 +1956,7 @@ func TestInjectWriteFile(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, false, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, false, log, metrics, nil, cacheDriver, nil) Convey("Failure path not reached", func() { err := imgStore.InitRepo("repo1") @@ -1987,7 +1987,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := "gc-all-repos-short" //nolint:goconst // test data gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2035,7 +2035,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := "gc-all-repos-short" gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2073,7 +2073,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { Name: "cache", UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := "gc-sig" gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2151,7 +2151,7 @@ func TestGarbageCollectForImageStore(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := "gc-all-repos-short" gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2226,7 +2226,7 @@ func TestGarbageCollectImageUnknownManifest(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) storeController := storage.StoreController{ DefaultStore: imgStore, @@ -2409,7 +2409,7 @@ func TestGarbageCollectErrors(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := "gc-index" gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2656,7 +2656,7 @@ func TestInitRepo(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) err := os.Mkdir(path.Join(dir, "test-dir"), 0o000) So(err, ShouldBeNil) @@ -2678,7 +2678,7 @@ func TestValidateRepo(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) err := os.Mkdir(path.Join(dir, "test-dir"), 0o000) So(err, ShouldBeNil) @@ -2698,7 +2698,7 @@ func TestValidateRepo(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) _, err := imgStore.ValidateRepo(".") So(err, ShouldNotBeNil) @@ -2743,7 +2743,7 @@ func TestGetRepositories(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) // Create valid directory with permissions err := os.Mkdir(path.Join(dir, "test-dir"), 0o755) //nolint: gosec @@ -2838,7 +2838,7 @@ func TestGetRepositories(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) // Root dir does not contain repos repos, err := imgStore.GetRepositories() @@ -2885,7 +2885,7 @@ func TestGetRepositories(t *testing.T) { }, log) imgStore := local.NewImageStore(rootDir, - true, true, log, metrics, nil, cacheDriver, + true, true, log, metrics, nil, cacheDriver, nil, ) // Root dir does not contain repos @@ -2928,7 +2928,7 @@ func TestGetNextRepository(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) firstRepoName := "repo1" secondRepoName := "repo2" @@ -2981,7 +2981,7 @@ func TestPutBlobChunkStreamed(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) uuid, err := imgStore.NewBlobUpload("test") So(err, ShouldBeNil) @@ -3011,7 +3011,7 @@ func TestPullRange(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) repoName := "pull-range" upload, err := imgStore.NewBlobUpload(repoName) @@ -3053,7 +3053,7 @@ func TestStatIndex(t *testing.T) { dir := t.TempDir() log := zlog.Logger{Logger: zerolog.New(os.Stdout)} metrics := monitoring.NewMetricsServer(false, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, nil) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, nil, nil) err := WriteImageToFileSystem(CreateRandomImage(), "repo", "tag", storage.StoreController{DefaultStore: imgStore}) @@ -3077,7 +3077,7 @@ func TestStorageDriverErr(t *testing.T) { UseRelPaths: true, }, log) - imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(dir, true, true, log, metrics, nil, cacheDriver, nil) Convey("Init repo", t, func() { err := imgStore.InitRepo(repoName) diff --git a/pkg/storage/s3/s3.go b/pkg/storage/s3/s3.go index a3ebc64a..41a8915c 100644 --- a/pkg/storage/s3/s3.go +++ b/pkg/storage/s3/s3.go @@ -6,6 +6,7 @@ import ( // Load s3 driver. _ "github.com/distribution/distribution/v3/registry/storage/driver/s3-aws" + "zotregistry.dev/zot/pkg/compat" "zotregistry.dev/zot/pkg/extensions/monitoring" zlog "zotregistry.dev/zot/pkg/log" "zotregistry.dev/zot/pkg/storage/cache" @@ -18,7 +19,8 @@ import ( // see https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers // Use the last argument to properly set a cache database, or it will default to boltDB local storage. func NewImageStore(rootDir string, cacheDir string, dedupe, commit bool, log zlog.Logger, - metrics monitoring.MetricServer, linter common.Lint, store driver.StorageDriver, cacheDriver cache.Cache, + metrics monitoring.MetricServer, linter common.Lint, store driver.StorageDriver, + cacheDriver cache.Cache, compat []compat.MediaCompatibility, ) storageTypes.ImageStore { return imagestore.NewImageStore( rootDir, @@ -30,5 +32,6 @@ func NewImageStore(rootDir string, cacheDir string, dedupe, commit bool, log zlo linter, New(store), cacheDriver, + compat, ) } diff --git a/pkg/storage/s3/s3_test.go b/pkg/storage/s3/s3_test.go index 39798ee1..f21b3ffc 100644 --- a/pkg/storage/s3/s3_test.go +++ b/pkg/storage/s3/s3_test.go @@ -75,7 +75,7 @@ func createMockStorage(rootDir string, cacheDir string, dedupe bool, store drive }, log) } - il := s3.NewImageStore(rootDir, cacheDir, dedupe, false, log, metrics, nil, store, cacheDriver) + il := s3.NewImageStore(rootDir, cacheDir, dedupe, false, log, metrics, nil, store, cacheDriver, nil) return il } @@ -86,7 +86,7 @@ func createMockStorageWithMockCache(rootDir string, dedupe bool, store driver.St log := log.Logger{Logger: zerolog.New(os.Stdout)} metrics := monitoring.NewMetricsServer(false, log) - il := s3.NewImageStore(rootDir, "", dedupe, false, log, metrics, nil, store, cacheDriver) + il := s3.NewImageStore(rootDir, "", dedupe, false, log, metrics, nil, store, cacheDriver, nil) return il } @@ -147,7 +147,7 @@ func createObjectsStore(rootDir string, cacheDir string, dedupe bool) ( }, log) } - il := s3.NewImageStore(rootDir, cacheDir, dedupe, false, log, metrics, nil, store, cacheDriver) + il := s3.NewImageStore(rootDir, cacheDir, dedupe, false, log, metrics, nil, store, cacheDriver, nil) return store, il, err } @@ -181,7 +181,7 @@ func createObjectsStoreDynamo(rootDir string, cacheDir string, dedupe bool, tabl panic(err) } - il := s3.NewImageStore(rootDir, cacheDir, dedupe, false, log, metrics, nil, store, cacheDriver) + il := s3.NewImageStore(rootDir, cacheDir, dedupe, false, log, metrics, nil, store, cacheDriver, nil) return store, il, err } diff --git a/pkg/storage/scrub_test.go b/pkg/storage/scrub_test.go index 66617146..468b7a00 100644 --- a/pkg/storage/scrub_test.go +++ b/pkg/storage/scrub_test.go @@ -49,7 +49,7 @@ func TestLocalCheckAllBlobsIntegrity(t *testing.T) { UseRelPaths: true, }, log) driver := local.New(true) - imgStore := local.NewImageStore(tdir, true, true, log, metrics, nil, cacheDriver) + imgStore := local.NewImageStore(tdir, true, true, log, metrics, nil, cacheDriver, nil) RunCheckAllBlobsIntegrityTests(t, imgStore, driver, log) }) diff --git a/pkg/storage/storage.go b/pkg/storage/storage.go index edb36601..e76b2c61 100644 --- a/pkg/storage/storage.go +++ b/pkg/storage/storage.go @@ -58,7 +58,7 @@ func New(config *config.Config, linter common.Lint, metrics monitoring.MetricSer //nolint:typecheck,contextcheck rootDir := config.Storage.RootDirectory defaultStore = local.NewImageStore(rootDir, - config.Storage.Dedupe, config.Storage.Commit, log, metrics, linter, cacheDriver, + config.Storage.Dedupe, config.Storage.Commit, log, metrics, linter, cacheDriver, config.HTTP.Compat, ) } else { storeName := fmt.Sprintf("%v", config.Storage.StorageDriver["name"]) @@ -92,7 +92,7 @@ func New(config *config.Config, linter common.Lint, metrics monitoring.MetricSer // false positive lint - linter does not implement Lint method //nolint: typecheck,contextcheck defaultStore = s3.NewImageStore(rootDir, config.Storage.RootDirectory, - config.Storage.Dedupe, config.Storage.Commit, log, metrics, linter, store, cacheDriver) + config.Storage.Dedupe, config.Storage.Commit, log, metrics, linter, store, cacheDriver, config.HTTP.Compat) } storeController.DefaultStore = defaultStore @@ -170,7 +170,7 @@ func getSubStore(cfg *config.Config, subPaths map[string]config.StorageConfig, rootDir := storageConfig.RootDirectory imgStoreMap[storageConfig.RootDirectory] = local.NewImageStore(rootDir, - storageConfig.Dedupe, storageConfig.Commit, log, metrics, linter, cacheDriver, + storageConfig.Dedupe, storageConfig.Commit, log, metrics, linter, cacheDriver, cfg.HTTP.Compat, ) subImageStore[route] = imgStoreMap[storageConfig.RootDirectory] @@ -210,7 +210,7 @@ func getSubStore(cfg *config.Config, subPaths map[string]config.StorageConfig, // false positive lint - linter does not implement Lint method //nolint: typecheck subImageStore[route] = s3.NewImageStore(rootDir, storageConfig.RootDirectory, - storageConfig.Dedupe, storageConfig.Commit, log, metrics, linter, store, cacheDriver, + storageConfig.Dedupe, storageConfig.Commit, log, metrics, linter, store, cacheDriver, cfg.HTTP.Compat, ) } } diff --git a/pkg/storage/storage_controller.go b/pkg/storage/storage_controller.go index 721a1a60..75f10f91 100644 --- a/pkg/storage/storage_controller.go +++ b/pkg/storage/storage_controller.go @@ -7,8 +7,9 @@ import ( ) const ( - CosignType = "cosign" - NotationType = "notation" + CosignType = "cosign" + NotationType = "notation" + DefaultStorePath = "/" ) type StoreController struct { @@ -29,6 +30,21 @@ func GetRoutePrefix(name string) string { return "/" + names[0] } +func (sc StoreController) GetStorePath(name string) string { + if sc.SubStore != nil && name != "" { + subStorePath := GetRoutePrefix(name) + + _, ok := sc.SubStore[subStorePath] + if !ok { + return DefaultStorePath + } + + return subStorePath + } + + return DefaultStorePath +} + func (sc StoreController) GetImageStore(name string) storageTypes.ImageStore { if sc.SubStore != nil { // SubStore is being provided, now we need to find equivalent image store and this will be found by splitting name diff --git a/pkg/storage/storage_test.go b/pkg/storage/storage_test.go index a9459133..5a88621f 100644 --- a/pkg/storage/storage_test.go +++ b/pkg/storage/storage_test.go @@ -102,7 +102,7 @@ func createObjectsStore(rootDir string, cacheDir string) ( UseRelPaths: false, }, log) - il := s3.NewImageStore(rootDir, cacheDir, true, false, log, metrics, nil, store, cacheDriver) + il := s3.NewImageStore(rootDir, cacheDir, true, false, log, metrics, nil, store, cacheDriver, nil) return store, il, err } @@ -167,7 +167,7 @@ func TestGetAllDedupeReposCandidates(t *testing.T) { driver := local.New(true) - imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver) + imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver, nil) } Convey("Push repos with deduped blobs", t, func(c C) { @@ -237,7 +237,7 @@ func TestStorageAPIs(t *testing.T) { driver := local.New(true) - imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver) + imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver, nil) } Convey("Repo layout", t, func(c C) { @@ -283,6 +283,14 @@ func TestStorageAPIs(t *testing.T) { repos, err := imgStore.GetRepositories() So(err, ShouldBeNil) So(repos, ShouldNotBeEmpty) + + repos, more, err := imgStore.GetNextRepositories("", -1, func(repo string) (bool, error) { + return true, nil + }) + + So(more, ShouldBeFalse) + So(err, ShouldBeNil) + So(repos, ShouldNotBeEmpty) }) Convey("Get image tags", func() { @@ -564,6 +572,21 @@ func TestStorageAPIs(t *testing.T) { So(len(repos), ShouldEqual, 1) So(repos[0], ShouldEqual, "test") + repos, more, err := imgStore.GetNextRepositories("", -1, func(repo string) (bool, error) { + return true, nil + }) + So(err, ShouldBeNil) + So(more, ShouldBeFalse) + So(len(repos), ShouldEqual, 1) + So(repos[0], ShouldEqual, "test") + + repos, more, err = imgStore.GetNextRepositories("", -1, func(repo string) (bool, error) { + return false, nil + }) + So(err, ShouldBeNil) + So(more, ShouldBeFalse) + So(len(repos), ShouldEqual, 0) + // We deleted only one tag, make sure blob should not be removed. hasBlob, _, err = imgStore.CheckBlob("test", digest) So(err, ShouldBeNil) @@ -952,7 +975,7 @@ func TestMandatoryAnnotations(t *testing.T) { LintFn: func(repo string, manifestDigest godigest.Digest, imageStore storageTypes.ImageStore) (bool, error) { return false, nil }, - }, driver, nil) + }, driver, nil, nil) defer cleanupStorage(store, testDir) } else { @@ -968,7 +991,7 @@ func TestMandatoryAnnotations(t *testing.T) { LintFn: func(repo string, manifestDigest godigest.Digest, imageStore storageTypes.ImageStore) (bool, error) { return false, nil }, - }, driver, cacheDriver) + }, driver, cacheDriver, nil) } Convey("Setup manifest", t, func() { @@ -1022,7 +1045,7 @@ func TestMandatoryAnnotations(t *testing.T) { //nolint: goerr113 return false, errors.New("linter error") }, - }, driver, nil) + }, driver, nil, nil) } else { cacheDriver, _ := storage.Create("boltdb", cache.BoltDBDriverParameters{ RootDir: tdir, @@ -1036,7 +1059,7 @@ func TestMandatoryAnnotations(t *testing.T) { //nolint: goerr113 return false, errors.New("linter error") }, - }, driver, cacheDriver) + }, driver, cacheDriver, nil) } _, _, err = imgStore.PutImageManifest("test", "1.0.0", ispec.MediaTypeImageManifest, manifestBuf) @@ -1150,7 +1173,7 @@ func TestDeleteBlobsInUse(t *testing.T) { }, log) driver := local.New(true) imgStore = imagestore.NewImageStore(tdir, tdir, true, - true, log, metrics, nil, driver, cacheDriver) + true, log, metrics, nil, driver, cacheDriver, nil) } Convey("Setup manifest", t, func() { @@ -1458,7 +1481,7 @@ func TestReuploadCorruptedBlob(t *testing.T) { }, log) driver = local.New(true) imgStore = imagestore.NewImageStore(tdir, tdir, true, - true, log, metrics, nil, driver, cacheDriver) + true, log, metrics, nil, driver, cacheDriver, nil) } Convey("Test errors paths", t, func() { @@ -1604,11 +1627,14 @@ func TestStorageHandler(t *testing.T) { driver := local.New(true) // Create ImageStore - firstStore = imagestore.NewImageStore(firstRootDir, firstRootDir, false, false, log, metrics, nil, driver, nil) + firstStore = imagestore.NewImageStore(firstRootDir, firstRootDir, false, false, + log, metrics, nil, driver, nil, nil) - secondStore = imagestore.NewImageStore(secondRootDir, secondRootDir, false, false, log, metrics, nil, driver, nil) + secondStore = imagestore.NewImageStore(secondRootDir, secondRootDir, false, false, + log, metrics, nil, driver, nil, nil) - thirdStore = imagestore.NewImageStore(thirdRootDir, thirdRootDir, false, false, log, metrics, nil, driver, nil) + thirdStore = imagestore.NewImageStore(thirdRootDir, thirdRootDir, false, false, log, + metrics, nil, driver, nil, nil) } Convey("Test storage handler", t, func() { @@ -1693,7 +1719,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { driver := local.New(true) - imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver) + imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver, nil) } gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -1865,7 +1891,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { driver := local.New(true) imgStore = imagestore.NewImageStore(dir, dir, true, - true, log, metrics, nil, driver, cacheDriver) + true, log, metrics, nil, driver, cacheDriver, nil) } gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2150,7 +2176,7 @@ func TestGarbageCollectImageManifest(t *testing.T) { driver := local.New(true) - imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver) + imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver, nil) } gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2395,7 +2421,7 @@ func TestGarbageCollectImageIndex(t *testing.T) { driver := local.New(true) - imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver) + imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver, nil) } gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2524,7 +2550,7 @@ func TestGarbageCollectImageIndex(t *testing.T) { driver := local.New(true) - imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver) + imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver, nil) } gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ @@ -2812,7 +2838,7 @@ func TestGarbageCollectChainedImageIndexes(t *testing.T) { driver := local.New(true) - imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver) + imgStore = imagestore.NewImageStore(dir, dir, true, true, log, metrics, nil, driver, cacheDriver, nil) } gc := gc.NewGarbageCollect(imgStore, mocks.MetaDBMock{}, gc.Options{ diff --git a/pkg/storage/types/types.go b/pkg/storage/types/types.go index 9d5cd488..edc06707 100644 --- a/pkg/storage/types/types.go +++ b/pkg/storage/types/types.go @@ -12,6 +12,8 @@ import ( "zotregistry.dev/zot/pkg/scheduler" ) +type FilterRepoFunc func(repo string) (bool, error) + type StoreController interface { GetImageStore(name string) ImageStore GetDefaultImageStore() ImageStore @@ -30,6 +32,7 @@ type ImageStore interface { //nolint:interfacebloat ValidateRepo(name string) (bool, error) GetRepositories() ([]string, error) GetNextRepository(repo string) (string, error) + GetNextRepositories(repo string, maxEntries int, fn FilterRepoFunc) ([]string, bool, error) GetImageTags(repo string) ([]string, error) GetImageManifest(repo, reference string) ([]byte, godigest.Digest, string, error) PutImageManifest(repo, reference, mediaType string, body []byte) (godigest.Digest, godigest.Digest, error) diff --git a/pkg/test/image-utils/multiarch.go b/pkg/test/image-utils/multiarch.go index b7663951..aac41a65 100644 --- a/pkg/test/image-utils/multiarch.go +++ b/pkg/test/image-utils/multiarch.go @@ -37,6 +37,14 @@ func (mi *MultiarchImage) DigestStr() string { return mi.Digest().String() } +func (mi *MultiarchImage) DescriptorRef() *ispec.Descriptor { + return &ispec.Descriptor{ + MediaType: mi.IndexDescriptor.MediaType, + Digest: mi.IndexDescriptor.Digest, + Size: mi.IndexDescriptor.Size, + } +} + func (mi *MultiarchImage) DigestForAlgorithm(digestAlgorithm godigest.Algorithm) godigest.Digest { blob, err := json.Marshal(mi.Index) if err != nil { diff --git a/pkg/test/image-utils/utils.go b/pkg/test/image-utils/utils.go index 58018011..aa39e5a4 100644 --- a/pkg/test/image-utils/utils.go +++ b/pkg/test/image-utils/utils.go @@ -92,36 +92,36 @@ func GetDefaultConfig() ispec.Image { func DefaultTimeRef() *time.Time { var ( - year = 2010 - month = time.Month(1) - day = 1 - hour = 1 - min = 1 - sec = 1 - nsec = 0 + year = 2010 + month = time.Month(1) + day = 1 + hour = 1 + minute = 1 + sec = 1 + nsec = 0 ) - return DateRef(year, month, day, hour, min, sec, nsec, time.UTC) + return DateRef(year, month, day, hour, minute, sec, nsec, time.UTC) } -func DateRef(year int, month time.Month, day, hour, min, sec, nsec int, loc *time.Location) *time.Time { - date := time.Date(year, month, day, hour, min, sec, nsec, loc) +func DateRef(year int, month time.Month, day, hour, minute, sec, nsec int, loc *time.Location) *time.Time { + date := time.Date(year, month, day, hour, minute, sec, nsec, loc) return &date } func RandomDateRef(loc *time.Location) *time.Time { var ( - year = 1990 + mathRand.Intn(30) //nolint: gosec,mnd - month = time.Month(1 + mathRand.Intn(10)) //nolint: gosec,mnd - day = 1 + mathRand.Intn(5) //nolint: gosec,mnd - hour = 1 + mathRand.Intn(22) //nolint: gosec,mnd - min = 1 + mathRand.Intn(58) //nolint: gosec,mnd - sec = 1 + mathRand.Intn(58) //nolint: gosec,mnd - nsec = 1 + year = 1990 + mathRand.Intn(30) //nolint: gosec,mnd + month = time.Month(1 + mathRand.Intn(10)) //nolint: gosec,mnd + day = 1 + mathRand.Intn(5) //nolint: gosec,mnd + hour = 1 + mathRand.Intn(22) //nolint: gosec,mnd + minute = 1 + mathRand.Intn(58) //nolint: gosec,mnd + sec = 1 + mathRand.Intn(58) //nolint: gosec,mnd + nsec = 1 ) - return DateRef(year, month, day, hour, min, sec, nsec, time.UTC) + return DateRef(year, month, day, hour, minute, sec, nsec, time.UTC) } func GetDefaultVulnConfig() ispec.Image { diff --git a/pkg/test/mocks/ecr_credentials_helper_mock.go b/pkg/test/mocks/ecr_credentials_helper_mock.go new file mode 100644 index 00000000..29438b4d --- /dev/null +++ b/pkg/test/mocks/ecr_credentials_helper_mock.go @@ -0,0 +1,117 @@ +// mock_ecr_credentials_helper.go +package mocks + +import ( + "errors" + "fmt" + "strings" + "time" + + "zotregistry.dev/zot/pkg/extensions/config/sync" +) + +const ( + ExpiryWindow int = 1 + EcrURLSplitParts int = 6 + ExpiryDuration int = 12 +) + +var ( + ErrInvalidURLFormat = errors.New("invalid URL format") + ErrMockRemoteAddress = errors.New("mock error for remote address") +) + +type ECRCredential struct { + username string + password string + expiry time.Time + account string + region string +} + +// MockECRCredentialsHelper is a mock implementation of ECRCredentialsHelper. +type MockECRCredentialsHelper struct { + credentials map[string]ECRCredential +} + +// NewMockECRCredentialsHelper creates a new instance of MockECRCredentialsHelper. +func NewMockECRCredentialsHelper() *MockECRCredentialsHelper { + return &MockECRCredentialsHelper{ + credentials: make(map[string]ECRCredential), + } +} + +// extractAccountAndRegion extracts the account ID and region from the given ECR URL. +// Example URL format: account.dkr.ecr.region.amazonaws.com. +func extractAccountAndRegion(url string) (string, string, error) { + parts := strings.Split(url, ".") + if len(parts) < EcrURLSplitParts { + return "", "", fmt.Errorf("%w: %s", ErrInvalidURLFormat, url) + } + + accountID := parts[0] // First part is the account ID + region := parts[3] // Fourth part is the region + + return accountID, region, nil +} + +// Mock GetECRCredentials function. +func (m *MockECRCredentialsHelper) getECRCredentials(remoteAddress string) (ECRCredential, error) { + // Simulate extracting account ID and region. + accountID, region, err := extractAccountAndRegion(remoteAddress) + if err != nil { + return ECRCredential{}, err + } + + // Simulate returning mock credentials. + if accountID == "mockAccount" && region == "mockRegion" { + return ECRCredential{ + username: "mockUsername", + password: "mockPassword", + expiry: time.Now().Add(time.Duration(ExpiryDuration) * time.Hour), // Set a valid expiry + account: accountID, + region: region, + }, nil + } + + return ECRCredential{}, fmt.Errorf("%w: %s", ErrMockRemoteAddress, remoteAddress) +} + +// Mock method for getting credentials. +func (m *MockECRCredentialsHelper) GetCredentials(urls []string) (sync.CredentialsFile, error) { + ecrCredentials := make(sync.CredentialsFile) + + for _, url := range urls { + ecrCred, err := m.getECRCredentials(url) + if err != nil { + return sync.CredentialsFile{}, err + } + + ecrCredentials[url] = sync.Credentials{ + Username: ecrCred.username, + Password: ecrCred.password, + } + m.credentials[url] = ecrCred + } + + return ecrCredentials, nil +} + +// Mock method for checking if credentials are valid. +func (m *MockECRCredentialsHelper) IsCredentialsValid(remoteAddress string) bool { + if cred, exists := m.credentials[remoteAddress]; exists { + return time.Until(cred.expiry) > time.Duration(ExpiryWindow)*time.Hour + } + + return false +} + +// Mock method for refreshing credentials. +func (m *MockECRCredentialsHelper) RefreshCredentials(remoteAddress string) (sync.Credentials, error) { + ecrCred, err := m.getECRCredentials(remoteAddress) + if err != nil { + return sync.Credentials{}, err + } + + return sync.Credentials{Username: ecrCred.username, Password: ecrCred.password}, nil +} diff --git a/pkg/test/mocks/image_store_mock.go b/pkg/test/mocks/image_store_mock.go index d94b540d..5d125a93 100644 --- a/pkg/test/mocks/image_store_mock.go +++ b/pkg/test/mocks/image_store_mock.go @@ -9,19 +9,21 @@ import ( ispec "github.com/opencontainers/image-spec/specs-go/v1" "zotregistry.dev/zot/pkg/scheduler" + storageTypes "zotregistry.dev/zot/pkg/storage/types" ) type MockedImageStore struct { - NameFn func() string - DirExistsFn func(d string) bool - RootDirFn func() string - InitRepoFn func(name string) error - ValidateRepoFn func(name string) (bool, error) - GetRepositoriesFn func() ([]string, error) - GetNextRepositoryFn func(repo string) (string, error) - GetImageTagsFn func(repo string) ([]string, error) - GetImageManifestFn func(repo string, reference string) ([]byte, godigest.Digest, string, error) - PutImageManifestFn func(repo string, reference string, mediaType string, body []byte) (godigest.Digest, + NameFn func() string + DirExistsFn func(d string) bool + RootDirFn func() string + InitRepoFn func(name string) error + ValidateRepoFn func(name string) (bool, error) + GetRepositoriesFn func() ([]string, error) + GetNextRepositoryFn func(repo string) (string, error) + GetNextRepositoriesFn func(lastRepo string, maxEntries int, fn storageTypes.FilterRepoFunc) ([]string, bool, error) + GetImageTagsFn func(repo string) ([]string, error) + GetImageManifestFn func(repo string, reference string) ([]byte, godigest.Digest, string, error) + PutImageManifestFn func(repo string, reference string, mediaType string, body []byte) (godigest.Digest, godigest.Digest, error) DeleteImageManifestFn func(repo string, reference string, detectCollision bool) error BlobUploadPathFn func(repo string, uuid string) string @@ -138,6 +140,16 @@ func (is MockedImageStore) GetNextRepository(repo string) (string, error) { return "", nil } +func (is MockedImageStore) GetNextRepositories(lastRepo string, maxEntries int, + fn storageTypes.FilterRepoFunc, +) ([]string, bool, error) { + if is.GetNextRepositoriesFn != nil { + return is.GetNextRepositoriesFn(lastRepo, maxEntries, fn) + } + + return []string{}, false, nil +} + func (is MockedImageStore) GetImageManifest(repo string, reference string) ([]byte, godigest.Digest, string, error) { if is.GetImageManifestFn != nil { return is.GetImageManifestFn(repo, reference) diff --git a/pkg/test/mocks/sync_remote_mock.go b/pkg/test/mocks/sync_remote_mock.go index c22d74fd..3fb5d01c 100644 --- a/pkg/test/mocks/sync_remote_mock.go +++ b/pkg/test/mocks/sync_remote_mock.go @@ -75,3 +75,6 @@ func (remote SyncRemote) GetManifestContent(imageReference types.ImageReference) return nil, "", "", nil } + +func (remote SyncRemote) SetUpstreamAuthConfig(username, password string) { +} diff --git a/pkg/test/oci-utils/oci_layout.go b/pkg/test/oci-utils/oci_layout.go index f2a1cc54..43bead73 100644 --- a/pkg/test/oci-utils/oci_layout.go +++ b/pkg/test/oci-utils/oci_layout.go @@ -107,7 +107,7 @@ func (olu BaseOciLayoutUtils) GetImageManifests(repo string) ([]ispec.Descriptor buf, err := imageStore.GetIndexContent(repo) if err != nil { - if goerrors.Is(zerr.ErrRepoNotFound, err) { + if goerrors.Is(err, zerr.ErrRepoNotFound) { olu.Log.Error().Err(err).Msg("failed to get index.json contents because the file is missing") return nil, zerr.ErrRepoNotFound diff --git a/pkg/test/oci-utils/oci_layout_test.go b/pkg/test/oci-utils/oci_layout_test.go index 75908bfc..293822ab 100644 --- a/pkg/test/oci-utils/oci_layout_test.go +++ b/pkg/test/oci-utils/oci_layout_test.go @@ -433,7 +433,7 @@ func TestExtractImageDetails(t *testing.T) { dir := t.TempDir() testLogger := log.NewLogger("debug", "") imageStore := local.NewImageStore(dir, false, false, - testLogger, monitoring.NewMetricsServer(false, testLogger), nil, nil) + testLogger, monitoring.NewMetricsServer(false, testLogger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -457,7 +457,7 @@ func TestExtractImageDetails(t *testing.T) { dir := t.TempDir() testLogger := log.NewLogger("debug", "") imageStore := local.NewImageStore(dir, false, false, - testLogger, monitoring.NewMetricsServer(false, testLogger), nil, nil) + testLogger, monitoring.NewMetricsServer(false, testLogger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, @@ -477,7 +477,7 @@ func TestExtractImageDetails(t *testing.T) { dir := t.TempDir() testLogger := log.NewLogger("debug", "") imageStore := local.NewImageStore(dir, false, false, - testLogger, monitoring.NewMetricsServer(false, testLogger), nil, nil) + testLogger, monitoring.NewMetricsServer(false, testLogger), nil, nil, nil) storeController := storage.StoreController{ DefaultStore: imageStore, diff --git a/pkg/test/oci-utils/store.go b/pkg/test/oci-utils/store.go index afb0e913..2bb15e78 100644 --- a/pkg/test/oci-utils/store.go +++ b/pkg/test/oci-utils/store.go @@ -19,7 +19,7 @@ func GetDefaultImageStore(rootDir string, log zLog.Logger) stypes.ImageStore { return true, nil }, }, - mocks.CacheMock{}, + mocks.CacheMock{}, nil, ) } diff --git a/test/blackbox/ci.sh b/test/blackbox/ci.sh index 14974440..3820d195 100755 --- a/test/blackbox/ci.sh +++ b/test/blackbox/ci.sh @@ -9,7 +9,7 @@ PATH=$PATH:${SCRIPTPATH}/../../hack/tools/bin tests=("pushpull" "pushpull_authn" "delete_images" "referrers" "metadata" "anonymous_policy" "annotations" "detect_manifest_collision" "cve" "sync" "sync_docker" "sync_replica_cluster" - "scrub" "garbage_collect" "metrics" "metrics_minimal" "multiarch_index") + "scrub" "garbage_collect" "metrics" "metrics_minimal" "multiarch_index" "docker_compat") for test in ${tests[*]}; do ${BATS} ${BATS_FLAGS} ${SCRIPTPATH}/${test}.bats > ${test}.log & pids+=($!) diff --git a/test/blackbox/docker_compat.bats b/test/blackbox/docker_compat.bats new file mode 100644 index 00000000..1dea7d6f --- /dev/null +++ b/test/blackbox/docker_compat.bats @@ -0,0 +1,94 @@ +# Note: Intended to be run as "make run-blackbox-tests" or "make run-blackbox-ci" +# Makefile target installs & checks all necessary tooling +# Extra tools that are not covered in Makefile target needs to be added in verify_prerequisites() + +load helpers_zot + +function verify_prerequisites { + if [ ! $(command -v curl) ]; then + echo "you need to install curl as a prerequisite to running the tests" >&3 + return 1 + fi + + if [ ! $(command -v jq) ]; then + echo "you need to install jq as a prerequisite to running the tests" >&3 + return 1 + fi + + return 0 +} + +function setup_file() { + # Verify prerequisites are available + if ! $(verify_prerequisites); then + exit 1 + fi + # Download test data to folder common for the entire suite, not just this file + skopeo --insecure-policy copy --format=oci docker://ghcr.io/project-zot/golang:1.20 oci:${TEST_DATA_DIR}/golang:1.20 + # Setup zot server + local zot_root_dir=${BATS_FILE_TMPDIR}/zot + local zot_config_file=${BATS_FILE_TMPDIR}/zot_config.json + local oci_data_dir=${BATS_FILE_TMPDIR}/oci + mkdir -p ${zot_root_dir} + mkdir -p ${oci_data_dir} + zot_port=$(get_free_port) + echo ${zot_port} > ${BATS_FILE_TMPDIR}/zot.port + cat > ${zot_config_file}< Dockerfile < /testfile +EOF + docker build -f Dockerfile . -t localhost:${zot_port}/test:latest + run docker push localhost:${zot_port}/test:latest + [ "$status" -eq 0 ] + [ $(cat ${zot_root_dir}/test/index.json | jq .manifests[0].mediaType) = '"application/vnd.docker.distribution.manifest.v2+json"' ] + run docker pull localhost:${zot_port}/test:latest + [ "$status" -eq 0 ] + # inspect and trigger a CVE scan + run skopeo inspect --tls-verify=false docker://localhost:${zot_port}/test:latest + [ "$status" -eq 0 ] + # delete + run skopeo delete --tls-verify=false docker://localhost:${zot_port}/test:latest + [ "$status" -eq 0 ] + run skopeo inspect --tls-verify=false docker://localhost:${zot_port}/test:latest + [ "$status" -ne 0 ] + # re-push + run docker push localhost:${zot_port}/test:latest + [ "$status" -eq 0 ] + run skopeo inspect --tls-verify=false docker://localhost:${zot_port}/test:latest + [ "$status" -eq 0 ] +} diff --git a/test/blackbox/garbage_collect.bats b/test/blackbox/garbage_collect.bats index ce40eb7a..336a4ad7 100644 --- a/test/blackbox/garbage_collect.bats +++ b/test/blackbox/garbage_collect.bats @@ -106,19 +106,19 @@ function teardown_file() { zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` # attach signature to image echo "{\"artifact\": \"\", \"signature\": \"pat hancock\"}" > signature.json - run oras attach --plain-http 127.0.0.1:${zot_port}/golang:1.20 --image-spec v1.1-image --artifact-type 'signature/example' ./signature.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:${zot_port}/golang:1.20 --artifact-type 'signature/example' ./signature.json:application/json [ "$status" -eq 0 ] # attach sbom to image echo "{\"version\": \"0.0.0.0\", \"artifact\": \"'127.0.0.1:${zot_port}/golang:1.20'\", \"contents\": \"good\"}" > sbom.json - run oras attach --plain-http 127.0.0.1:${zot_port}/golang:1.20 --image-spec v1.1-image --artifact-type 'sbom/example' ./sbom.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:${zot_port}/golang:1.20 --artifact-type 'sbom/example' ./sbom.json:application/json [ "$status" -eq 0 ] # attach signature to index image - run oras attach --plain-http 127.0.0.1:${zot_port}/busybox:latest --image-spec v1.1-image --artifact-type 'signature/example' ./signature.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:${zot_port}/busybox:latest --artifact-type 'signature/example' ./signature.json:application/json [ "$status" -eq 0 ] # attach sbom to index image echo "{\"version\": \"0.0.0.0\", \"artifact\": \"'127.0.0.1:${zot_port}/golang:1.20'\", \"contents\": \"good\"}" > sbom.json - run oras attach --plain-http 127.0.0.1:${zot_port}/busybox:latest --image-spec v1.1-image --artifact-type 'sbom/example' ./sbom.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:${zot_port}/busybox:latest --artifact-type 'sbom/example' ./sbom.json:application/json [ "$status" -eq 0 ] } diff --git a/test/blackbox/helpers_wait.bash b/test/blackbox/helpers_wait.bash index 12b95e19..2d24b78c 100644 --- a/test/blackbox/helpers_wait.bash +++ b/test/blackbox/helpers_wait.bash @@ -13,7 +13,7 @@ function wait_str() { local search_term="$2" local wait_time="${3:-2m}" - (timeout $wait_time tail -F -n0 "$filepath" &) | grep -q "$search_term" && return 0 + (timeout $wait_time tail -F -n +1 "$filepath" &) | grep -q "$search_term" && return 0 echo "timeout of $wait_time reached. unable to find '$search_term' in '$filepath'" diff --git a/test/blackbox/pushpull.bats b/test/blackbox/pushpull.bats index cebf1b4b..a92775af 100644 --- a/test/blackbox/pushpull.bats +++ b/test/blackbox/pushpull.bats @@ -149,17 +149,17 @@ function teardown_file() { zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` # attach signature echo "{\"artifact\": \"\", \"signature\": \"pat hancock\"}" > ${BATS_FILE_TMPDIR}/signature.json - run oras attach --plain-http 127.0.0.1:${zot_port}/golang:1.20 --image-spec v1.1-image --artifact-type 'signature/example' ${BATS_FILE_TMPDIR}/signature.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:${zot_port}/golang:1.20 --artifact-type 'signature/example' ${BATS_FILE_TMPDIR}/signature.json:application/json [ "$status" -eq 0 ] # attach sbom echo "{\"version\": \"0.0.0.0\", \"artifact\": \"'127.0.0.1:${zot_port}/golang:1.20'\", \"contents\": \"good\"}" > ${BATS_FILE_TMPDIR}/sbom.json - run oras attach --plain-http 127.0.0.1:${zot_port}/golang:1.20 --image-spec v1.1-image --artifact-type 'sbom/example' ${BATS_FILE_TMPDIR}/sbom.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:${zot_port}/golang:1.20 --artifact-type 'sbom/example' ${BATS_FILE_TMPDIR}/sbom.json:application/json [ "$status" -eq 0 ] } @test "discover oras artifacts" { zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` - run oras discover --plain-http -o json 127.0.0.1:${zot_port}/golang:1.20 + run oras discover --plain-http --format json 127.0.0.1:${zot_port}/golang:1.20 [ "$status" -eq 0 ] [ $(echo "$output" | jq -r ".manifests | length") -eq 2 ] } @@ -248,6 +248,19 @@ function teardown_file() { fi done [ "$found" -eq 1 ] + + run regctl repo ls --limit 2 localhost:${zot_port} + [ "$status" -eq 0 ] + echo "$output" + [ $(echo "$output" | wc -l) -eq 2 ] + [ "${lines[-2]}" == "busybox" ] + [ "${lines[-1]}" == "golang" ] + + run regctl repo ls --last busybox --limit 1 localhost:${zot_port} + [ "$status" -eq 0 ] + echo "$output" + [ $(echo "$output" | wc -l) -eq 1 ] + [ "${lines[-1]}" == "golang" ] } @test "list image tags with regclient" { @@ -359,3 +372,16 @@ EOF [ "$status" -eq 0 ] [ $(echo "${lines[-1]}" | jq '.manifests | length') -eq 0 ] } + +@test "push docker image" { + zot_port=`cat ${BATS_FILE_TMPDIR}/zot.port` + cat > Dockerfile < /testfile +EOF + docker build -f Dockerfile . -t localhost:${zot_port}/test + run docker push localhost:${zot_port}/test + [ "$status" -eq 1 ] + run docker pull localhost:${zot_port}/test + [ "$status" -eq 1 ] +} diff --git a/test/blackbox/pushpull_running_dedupe.bats b/test/blackbox/pushpull_running_dedupe.bats index f1fd6dac..5edbac0d 100644 --- a/test/blackbox/pushpull_running_dedupe.bats +++ b/test/blackbox/pushpull_running_dedupe.bats @@ -244,7 +244,7 @@ function teardown_file() { # attach signature echo "{\"artifact\": \"\", \"signature\": \"pat hancock\"}" > ${BATS_FILE_TMPDIR}/signature.json start=`date +%s` - run oras attach --plain-http 127.0.0.1:8080/alpine:1 --image-spec v1.1-image --artifact-type 'signature/example' ${BATS_FILE_TMPDIR}/signature.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:8080/alpine:1 --artifact-type 'signature/example' ${BATS_FILE_TMPDIR}/signature.json:application/json [ "$status" -eq 0 ] end=`date +%s` runtime=$((end-start)) @@ -253,7 +253,7 @@ function teardown_file() { # attach sbom echo "{\"version\": \"0.0.0.0\", \"artifact\": \"'127.0.0.1:8080/alpine:1'\", \"contents\": \"good\"}" > ${BATS_FILE_TMPDIR}/sbom.json start=`date +%s` - run oras attach --plain-http 127.0.0.1:8080/alpine:1 --image-spec v1.1-image --artifact-type 'sbom/example' ${BATS_FILE_TMPDIR}/sbom.json:application/json + run oras attach --disable-path-validation --plain-http 127.0.0.1:8080/alpine:1 --artifact-type 'sbom/example' ${BATS_FILE_TMPDIR}/sbom.json:application/json [ "$status" -eq 0 ] end=`date +%s` runtime=$((end-start)) @@ -263,7 +263,7 @@ function teardown_file() { @test "discover oras artifacts - dedupe running" { start=`date +%s` - run oras discover --plain-http -o json 127.0.0.1:8080/alpine:1 + run oras discover --plain-http --format json 127.0.0.1:8080/alpine:1 [ "$status" -eq 0 ] end=`date +%s` runtime=$((end-start)) diff --git a/test/blackbox/referrers.bats b/test/blackbox/referrers.bats index 3817abef..89c8097f 100644 --- a/test/blackbox/referrers.bats +++ b/test/blackbox/referrers.bats @@ -80,7 +80,7 @@ EOF [ "$status" -eq 0 ] [ $(echo "${lines[-1]}" | jq '.repositories[]') = '"golang"' ] - run oras attach --plain-http --image-spec v1.1-image --artifact-type image.artifact/type 127.0.0.1:${zot_port}/golang:1.20 ${IMAGE_MANIFEST_REFERRER} + run oras attach --disable-path-validation --plain-http --artifact-type image.artifact/type 127.0.0.1:${zot_port}/golang:1.20 ${IMAGE_MANIFEST_REFERRER} [ "$status" -eq 0 ] MANIFEST_DIGEST=$(skopeo inspect --tls-verify=false docker://localhost:${zot_port}/golang:1.20 | jq -r '.Digest') diff --git a/test/blackbox/restore_s3_blobs.bats b/test/blackbox/restore_s3_blobs.bats index 55758541..87f7a782 100644 --- a/test/blackbox/restore_s3_blobs.bats +++ b/test/blackbox/restore_s3_blobs.bats @@ -131,7 +131,7 @@ function teardown_file() { start=`date +%s` echo "waiting for restoring blobs task to finish" >&3 - run wait_for_string "no digests left, finished" ${ZOT_LOG_FILE} "5m" + run wait_for_string "no digests left, finished" ${ZOT_LOG_FILE} "6m" [ "$status" -eq 0 ] end=`date +%s`