From 4e15dae38c66c57e20aa14f4f51c2a76450dd2b2 Mon Sep 17 00:00:00 2001 From: Benjamin Schimke Date: Tue, 30 Jul 2024 21:06:06 +0200 Subject: [PATCH] Update microcluster version and adapt to API changes (#562) --------- Co-authored-by: Mateo Florido <32885896+mateoflorido@users.noreply.github.com> --- src/k8s/api/v1/version.go | 8 + src/k8s/go.mod | 66 ++++---- src/k8s/go.sum | 150 ++++++++--------- src/k8s/pkg/client/dqlite/remove.go | 4 + src/k8s/pkg/client/k8sd/cluster.go | 8 +- src/k8s/pkg/client/k8sd/clusterapi.go | 2 +- src/k8s/pkg/client/k8sd/config.go | 4 +- src/k8s/pkg/client/k8sd/status.go | 4 +- src/k8s/pkg/client/k8sd/user.go | 2 +- src/k8s/pkg/k8sd/api/capi_access_handler.go | 14 +- src/k8s/pkg/k8sd/api/capi_auth.go | 4 +- src/k8s/pkg/k8sd/api/cluster.go | 14 +- src/k8s/pkg/k8sd/api/cluster_bootstrap.go | 2 +- src/k8s/pkg/k8sd/api/cluster_config.go | 6 +- src/k8s/pkg/k8sd/api/cluster_join.go | 2 +- src/k8s/pkg/k8sd/api/cluster_remove.go | 8 +- src/k8s/pkg/k8sd/api/cluster_tokens.go | 6 +- src/k8s/pkg/k8sd/api/endpoints.go | 31 +++- src/k8s/pkg/k8sd/api/impl/k8sd.go | 4 +- src/k8s/pkg/k8sd/api/kubeconfig.go | 2 +- .../pkg/k8sd/api/kubernetes_auth_tokens.go | 14 +- src/k8s/pkg/k8sd/api/node.go | 2 +- src/k8s/pkg/k8sd/api/worker.go | 10 +- src/k8s/pkg/k8sd/api/worker_access_handler.go | 26 +-- src/k8s/pkg/k8sd/app/app.go | 15 +- src/k8s/pkg/k8sd/app/cluster_util.go | 2 +- src/k8s/pkg/k8sd/app/hooks_bootstrap.go | 151 +----------------- src/k8s/pkg/k8sd/app/hooks_join.go | 145 +---------------- src/k8s/pkg/k8sd/app/hooks_remove.go | 126 +++++++++++++++ src/k8s/pkg/k8sd/app/hooks_start.go | 18 +-- src/k8s/pkg/k8sd/database/util/cluster.go | 4 +- .../database/util/kubernetes_auth_tokens.go | 8 +- src/k8s/pkg/k8sd/database/util_test.go | 9 +- src/k8s/pkg/utils/node/node.go | 4 +- 34 files changed, 386 insertions(+), 489 deletions(-) create mode 100644 src/k8s/api/v1/version.go create mode 100644 src/k8s/pkg/k8sd/app/hooks_remove.go diff --git a/src/k8s/api/v1/version.go b/src/k8s/api/v1/version.go new file mode 100644 index 000000000..6aa4f7227 --- /dev/null +++ b/src/k8s/api/v1/version.go @@ -0,0 +1,8 @@ +package apiv1 + +import "github.com/canonical/microcluster/rest/types" + +const ( + // K8sdAPIVersion is the path prefix that will be used for the k8sd endpoints for this api version. + K8sdAPIVersion types.EndpointPrefix = "1.0" +) diff --git a/src/k8s/go.mod b/src/k8s/go.mod index d6387051a..5061d4eac 100644 --- a/src/k8s/go.mod +++ b/src/k8s/go.mod @@ -1,19 +1,19 @@ module github.com/canonical/k8s -go 1.22.0 +go 1.22.5 require ( github.com/canonical/go-dqlite v1.21.0 - github.com/canonical/lxd v0.0.0-20240403135607-df45915ce961 - github.com/canonical/microcluster v0.0.0-20240418162032-e0f837527e02 - github.com/go-logr/logr v1.4.1 + github.com/canonical/lxd v0.0.0-20240709081608-9df996e36bac + github.com/canonical/microcluster v0.0.0-20240725000112-da36ecbd845e + github.com/go-logr/logr v1.4.2 github.com/mitchellh/mapstructure v1.5.0 github.com/moby/sys/mountinfo v0.7.1 github.com/onsi/gomega v1.32.0 github.com/pelletier/go-toml v1.9.5 - github.com/spf13/cobra v1.8.0 - golang.org/x/net v0.23.0 - golang.org/x/sys v0.19.0 + github.com/spf13/cobra v1.8.1 + golang.org/x/net v0.27.0 + golang.org/x/sys v0.22.0 gopkg.in/yaml.v2 v2.4.0 helm.sh/helm/v3 v3.14.2 k8s.io/api v0.30.1 @@ -38,7 +38,7 @@ require ( github.com/armon/go-proxyproto v0.1.0 // indirect github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect github.com/containerd/containerd v1.7.13 // indirect github.com/containerd/continuity v0.4.3 // indirect @@ -63,6 +63,7 @@ require ( github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-gorp/gorp/v3 v3.1.0 // indirect + github.com/go-jose/go-jose/v4 v4.0.2 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect @@ -79,9 +80,8 @@ require ( github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.6.0 // indirect github.com/gorilla/mux v1.8.1 // indirect - github.com/gorilla/schema v1.4.1 // indirect github.com/gorilla/securecookie v1.1.2 // indirect - github.com/gorilla/websocket v1.5.1 // indirect + github.com/gorilla/websocket v1.5.3 // indirect github.com/gosuri/uitable v0.0.4 // indirect github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -92,7 +92,8 @@ require ( github.com/jmoiron/sqlx v1.3.5 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/klauspost/compress v1.17.7 // indirect + github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect + github.com/klauspost/compress v1.17.9 // indirect github.com/kr/fs v0.1.0 // indirect github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect @@ -122,11 +123,12 @@ require ( github.com/pkg/errors v0.9.1 // indirect github.com/pkg/sftp v1.13.6 // indirect github.com/pkg/xattr v0.4.9 // indirect - github.com/prometheus/client_golang v1.19.0 // indirect - github.com/prometheus/client_model v0.6.0 // indirect - github.com/prometheus/common v0.51.1 // indirect - github.com/prometheus/procfs v0.13.0 // indirect + github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.54.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect github.com/rivo/uniseg v0.4.7 // indirect + github.com/robfig/cron/v3 v3.0.1 // indirect github.com/rubenv/sql-migrate v1.5.2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/shopspring/decimal v1.3.1 // indirect @@ -138,26 +140,26 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xlab/treeprint v1.2.0 // indirect - github.com/zitadel/oidc/v2 v2.12.0 // indirect + github.com/zitadel/logging v0.6.0 // indirect + github.com/zitadel/oidc/v3 v3.25.1 // indirect + github.com/zitadel/schema v1.3.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0 // indirect - go.opentelemetry.io/otel v1.24.0 // indirect - go.opentelemetry.io/otel/metric v1.24.0 // indirect - go.opentelemetry.io/otel/trace v1.24.0 // indirect - go.starlark.net v0.0.0-20240329153429-e6e8e7ce1b7a // indirect - golang.org/x/crypto v0.21.0 // indirect - golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 // indirect - golang.org/x/oauth2 v0.18.0 // indirect - golang.org/x/sync v0.6.0 // indirect - golang.org/x/term v0.18.0 // indirect - golang.org/x/text v0.14.0 // indirect + go.opentelemetry.io/otel v1.28.0 // indirect + go.opentelemetry.io/otel/metric v1.28.0 // indirect + go.opentelemetry.io/otel/trace v1.28.0 // indirect + go.starlark.net v0.0.0-20240520160348-046347dcd104 // indirect + golang.org/x/crypto v0.25.0 // indirect + golang.org/x/exp v0.0.0-20240707233637-46b078467d37 // indirect + golang.org/x/oauth2 v0.21.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/term v0.22.0 // indirect + golang.org/x/text v0.16.0 // indirect golang.org/x/time v0.5.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda // indirect - google.golang.org/grpc v1.62.1 // indirect - google.golang.org/protobuf v1.33.0 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240617180043-68d350f18fd4 // indirect + google.golang.org/grpc v1.64.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/square/go-jose.v2 v2.6.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect gotest.tools/v3 v3.5.1 // indirect k8s.io/apiextensions-apiserver v0.30.1 // indirect @@ -165,7 +167,7 @@ require ( k8s.io/component-base v0.30.1 // indirect k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect k8s.io/kubectl v0.29.0 // indirect - k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect + k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 // indirect oras.land/oras-go v1.2.4 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect diff --git a/src/k8s/go.sum b/src/k8s/go.sum index aae56ab0e..5c2a60575 100644 --- a/src/k8s/go.sum +++ b/src/k8s/go.sum @@ -85,6 +85,8 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= +github.com/bmatcuk/doublestar/v4 v4.6.1 h1:FH9SifrbvJhnlQpztAx++wlkk70QBf0iBWDwNy7PA4I= +github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTSPVIjEY1Wr7jzc= github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70= github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd h1:rFt+Y/IK1aEZkEHchZRSq9OQbsSzIT/OrI8YFFmRIng= @@ -95,13 +97,13 @@ github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 h1:nvj0OLI3YqYXe github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/canonical/go-dqlite v1.21.0 h1:4gLDdV2GF+vg0yv9Ff+mfZZNQ1JGhnQ3GnS2GeZPHfA= github.com/canonical/go-dqlite v1.21.0/go.mod h1:Uvy943N8R4CFUAs59A1NVaziWY9nJ686lScY7ywurfg= -github.com/canonical/lxd v0.0.0-20240403135607-df45915ce961 h1:+eoRA8TtK91gJ+tATEGc6gB3JVcL/iVisYdPJcY3JMw= -github.com/canonical/lxd v0.0.0-20240403135607-df45915ce961/go.mod h1:s1LkR97/qS2CubzhGKjx/6jZGJW8RFARBCnnVp1WnK4= -github.com/canonical/microcluster v0.0.0-20240418162032-e0f837527e02 h1:hKJ9sHz1qgMAjZWJZtKUtiS2DR7aGVszwkKfHqaRvSw= -github.com/canonical/microcluster v0.0.0-20240418162032-e0f837527e02/go.mod h1:AB0V5ZHbOdh0TyAdIu45ZDg4zVm0jbjmMfge5PnONd8= +github.com/canonical/lxd v0.0.0-20240709081608-9df996e36bac h1:WqXeS0uyAAmFB9aflCucb/pPZzIdivO9uG4tWw7CEAw= +github.com/canonical/lxd v0.0.0-20240709081608-9df996e36bac/go.mod h1:S2MXobHv9Wh6cpr3biLo2Kq0vqK2/PxpFuE/8ZsNDic= +github.com/canonical/microcluster v0.0.0-20240725000112-da36ecbd845e h1:a/YDYYSWFO/Z1AJAKnfkVLBunLLSauuCBRU23Jzd/Do= +github.com/canonical/microcluster v0.0.0-20240725000112-da36ecbd845e/go.mod h1:lNqWvK6yu9NZuZs7kvYsRlpK/lmOTEJsOxplgfzyais= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -122,7 +124,6 @@ github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3 github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= @@ -184,6 +185,8 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4 github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-chi/chi/v5 v5.1.0 h1:acVI1TYaD+hhedDJ3r54HyA6sExp3HfXq7QWEEY/xMw= +github.com/go-chi/chi/v5 v5.1.0/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= @@ -191,12 +194,14 @@ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gorp/gorp/v3 v3.1.0 h1:ItKF/Vbuj31dmV4jxA1qblpSwkl9g1typ24xoe70IGs= github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw= +github.com/go-jose/go-jose/v4 v4.0.2 h1:R3l3kkBds16bO7ZFAEEcofK0MkrAJt3jlJznWZG0nvk= +github.com/go-jose/go-jose/v4 v4.0.2/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= -github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= @@ -314,13 +319,11 @@ github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= -github.com/gorilla/schema v1.4.1 h1:jUg5hUjCSDZpNGLuXQOgIWGdlgrIdYvgQ0wZtdK1M3E= -github.com/gorilla/schema v1.4.1/go.mod h1:Dg5SSm5PV60mhF2NFaTV1xuYYj8tV8NOPRo4FggUMnM= github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA= github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= -github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= -github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= +github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg= +github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= @@ -380,10 +383,12 @@ github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfV github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw= github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.17.7 h1:ehO88t2UGzQK66LMdE8tibEd1ErmzZjNEqWkjLAKQQg= -github.com/klauspost/compress v1.17.7/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/fs v0.1.0 h1:Jskdu9ieNAYnjxsi0LbQp1ulIKZV1LAFgK1tWhpZgl8= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= @@ -431,8 +436,8 @@ github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= -github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= +github.com/miekg/dns v1.1.61 h1:nLxbwF3XxhwVSm8g9Dghm9MHPaUZuqhPiGL+675ZmEs= +github.com/miekg/dns v1.1.61/go.mod h1:mnAarhS3nWaW+NVP2wTkYVIZyHNJ098SJZUki3eykwQ= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= @@ -515,31 +520,33 @@ github.com/poy/onpar v1.1.2/go.mod h1:6X8FLNoxyr9kkmnlqpK6LSoiOtrO6MICtWwEuWkLjz github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= -github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= +github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= +github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.6.0 h1:k1v3CzpSRUTrKMppY35TLwPvxHqBu0bYgxZzqGIgaos= -github.com/prometheus/client_model v0.6.0/go.mod h1:NTQHnmxFpouOD0DpvP4XujX3CdOAGQPoaGhyTchlyt8= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.51.1 h1:eIjN50Bwglz6a/c3hAgSMcofL3nD+nFQkV6Dd4DsQCw= -github.com/prometheus/common v0.51.1/go.mod h1:lrWtQx+iDfn2mbH5GUzlH9TSHyfZpHkSiG1W7y3sF2Q= +github.com/prometheus/common v0.54.0 h1:ZlZy0BgJhTwVZUn7dLOkwCZHUkrAqd3WYtcFCWnM1D8= +github.com/prometheus/common v0.54.0/go.mod h1:/TQgMJP5CuVYveyT7n/0Ix8yLNNXy9yRSkhnLTHPDIQ= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.13.0 h1:GqzLlQyfsPbaEHaQkO7tbDlriv/4o5Hudv6OXHGKX7o= -github.com/prometheus/procfs v0.13.0/go.mod h1:cd4PFCR54QLnGKPaKGA6l+cfuNXtht43ZKY6tow0Y1g= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= +github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= -github.com/rs/cors v1.10.1 h1:L0uuZVXIKlI1SShY2nhFfo44TYvDPQ1w4oFkUJNfhyo= -github.com/rs/cors v1.10.1/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= +github.com/rs/cors v1.11.0 h1:0B9GE/r9Bc2UxRMMtymBkHTenPkHDv0CW4Y98GBY+po= +github.com/rs/cors v1.11.0/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/rubenv/sql-migrate v1.5.2 h1:bMDqOnrJVV/6JQgQ/MxOpU+AdO8uzYYA/TxFUBzFtS0= github.com/rubenv/sql-migrate v1.5.2/go.mod h1:H38GW8Vqf8F0Su5XignRyaRcbXbJunSWxs+kmzlg0Is= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -563,8 +570,8 @@ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= -github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= -github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= @@ -608,8 +615,12 @@ github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50 h1:hlE8//ciYMzt github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f h1:ERexzlUfuTvpE74urLSbIQW0Z/6hF9t8U4NsJLaioAY= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= -github.com/zitadel/oidc/v2 v2.12.0 h1:4aMTAy99/4pqNwrawEyJqhRb3yY3PtcDxnoDSryhpn4= -github.com/zitadel/oidc/v2 v2.12.0/go.mod h1:LrRav74IiThHGapQgCHZOUNtnqJG0tcZKHro/91rtLw= +github.com/zitadel/logging v0.6.0 h1:t5Nnt//r+m2ZhhoTmoPX+c96pbMarqJvW1Vq6xFTank= +github.com/zitadel/logging v0.6.0/go.mod h1:Y4CyAXHpl3Mig6JOszcV5Rqqsojj+3n7y2F591Mp/ow= +github.com/zitadel/oidc/v3 v3.25.1 h1:mkGimTWzbb8wARUewIqr6LhTPZnZeL6WOeXWy+iz1aI= +github.com/zitadel/oidc/v3 v3.25.1/go.mod h1:UDwD+PRFbUBzabyPd9JORrakty3/wec7VpKZYi9Ahh0= +github.com/zitadel/schema v1.3.0 h1:kQ9W9tvIwZICCKWcMvCEweXET1OcOyGEuFbHs4o5kg0= +github.com/zitadel/schema v1.3.0/go.mod h1:NptN6mkBDFvERUCvZHlvWmmME+gmZ44xzwRXwhzsbtc= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g= go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ= @@ -624,14 +635,14 @@ go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0 h1:doUP+ExOpH3spVTLS0FcWGLnQrPct/hD/bCPbDRUEAU= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.48.0/go.mod h1:rdENBZMT2OE6Ne/KLwpiXudnAsbdrdBaqBvTN8M8BgA= -go.opentelemetry.io/otel v1.24.0 h1:0LAOdjNmQeSTzGBzduGe/rU4tZhMwL5rWgtp9Ku5Jfo= -go.opentelemetry.io/otel v1.24.0/go.mod h1:W7b9Ozg4nkF5tWI5zsXkaKKDjdVjpD4oAt9Qi/MArHo= -go.opentelemetry.io/otel/metric v1.24.0 h1:6EhoGWWK28x1fbpA4tYTOWBkPefTDQnb8WSGXlc88kI= -go.opentelemetry.io/otel/metric v1.24.0/go.mod h1:VYhLe1rFfxuTXLgj4CBiyz+9WYBA8pNGJgDcSFRKBco= -go.opentelemetry.io/otel/trace v1.24.0 h1:CsKnnL4dUAr/0llH9FKuc698G04IrpWV0MQA/Y1YELI= -go.opentelemetry.io/otel/trace v1.24.0/go.mod h1:HPc3Xr/cOApsBI154IU0OI0HJexz+aw5uPdbs3UCjNU= -go.starlark.net v0.0.0-20240329153429-e6e8e7ce1b7a h1:Oe+v9w90BBIxQZ4U39+axR8KxrBbxqnRudPPcBIlP3o= -go.starlark.net v0.0.0-20240329153429-e6e8e7ce1b7a/go.mod h1:YKMCv9b1WrfWmeqdV5MAuEHWsu5iC+fe6kYl2sQjdI8= +go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= +go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= +go.opentelemetry.io/otel/metric v1.28.0 h1:f0HGvSl1KRAU1DLgLGFjrwVyismPlnuU6JD6bOeuA5Q= +go.opentelemetry.io/otel/metric v1.28.0/go.mod h1:Fb1eVBFZmLVTMb6PPohq3TO9IIhUisDsbJoL/+uQW4s= +go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+lkx9g= +go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= +go.starlark.net v0.0.0-20240520160348-046347dcd104 h1:3qhteRISupnJvaWshOmeqEUs2y9oc/+/ePPvDh3Eygg= +go.starlark.net v0.0.0-20240520160348-046347dcd104/go.mod h1:YKMCv9b1WrfWmeqdV5MAuEHWsu5iC+fe6kYl2sQjdI8= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= @@ -652,8 +663,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30= +golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -664,8 +675,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8 h1:aAcj0Da7eBAtrTp03QXWvm88pSyOt+UgdZw2BFZ+lEw= -golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8/go.mod h1:CQ1k9gNrJ50XIzaKCRR2hssIjF07kZFEiieALBM/ARQ= +golang.org/x/exp v0.0.0-20240707233637-46b078467d37 h1:uLDX+AfeFCct3a2C7uIWBKMJIR3CJMhcgfrUAqjRK6w= +golang.org/x/exp v0.0.0-20240707233637-46b078467d37/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -692,8 +703,8 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic= -golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8= +golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -735,8 +746,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= +golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -749,8 +760,8 @@ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.18.0 h1:09qnuIAgzdx1XplqJvW6CQqMCtGZykZWcXzPMPUusvI= -golang.org/x/oauth2 v0.18.0/go.mod h1:Wf7knwG0MPoWIMMBgFlEaSUDaKskp0dCfrlJRJXbBi8= +golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= +golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -763,8 +774,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= -golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -819,14 +830,14 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= -golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI= +golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk= +golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -835,10 +846,9 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4= +golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -896,8 +906,8 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw= -golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc= +golang.org/x/tools v0.23.0 h1:SGsXPZ+2l4JsgaCKkx+FQ9YZ5XEtA1GZYuoDjenLjvg= +golang.org/x/tools v0.23.0/go.mod h1:pnu6ufv6vQkll6szChhK3C3L/ruaIv5eBeztNG8wtsI= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -933,8 +943,6 @@ google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= @@ -976,8 +984,8 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda h1:LI5DOvAxUPMv/50agcLLoo+AdWc1irS9Rzz4vPuD1V4= -google.golang.org/genproto/googleapis/rpc v0.0.0-20240401170217-c3f982113cda/go.mod h1:WtryC6hu0hhx87FDGxWCDptyssuo68sk10vYjF+T9fY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240617180043-68d350f18fd4 h1:Di6ANFilr+S60a4S61ZM00vLdw0IrQOSMS2/6mrnOU0= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240617180043-68d350f18fd4/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -998,8 +1006,8 @@ google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.62.1 h1:B4n+nfKzOICUXMgyrNd19h/I9oH0L1pizfk1d4zSgTk= -google.golang.org/grpc v1.62.1/go.mod h1:IWTG0VlJLCh1SkC58F7np9ka9mx/WNkjl4PGJaiq+QE= +google.golang.org/grpc v1.64.0 h1:KH3VH9y/MgNQg1dE7b3XfVK0GsPSIzJwdF617gUSbvY= +google.golang.org/grpc v1.64.0/go.mod h1:oxjF8E3FBnjp+/gVFYdWacaLDx9na1aqy9oovLpxQYg= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1012,8 +1020,8 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1024,8 +1032,6 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= -gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= @@ -1069,8 +1075,8 @@ k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7F k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= k8s.io/kubectl v0.29.0 h1:Oqi48gXjikDhrBF67AYuZRTcJV4lg2l42GmvsP7FmYI= k8s.io/kubectl v0.29.0/go.mod h1:0jMjGWIcMIQzmUaMgAzhSELv5WtHo2a8pq67DtviAJs= -k8s.io/utils v0.0.0-20240310230437-4693a0247e57 h1:gbqbevonBh57eILzModw6mrkbwM0gQBEuevE/AaBsHY= -k8s.io/utils v0.0.0-20240310230437-4693a0247e57/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 h1:jgGTlFYnhF1PM1Ax/lAlxUPE+KfCIXHaathvJg1C3ak= +k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= oras.land/oras-go v1.2.4 h1:djpBY2/2Cs1PV87GSJlxv4voajVOMZxqqtq9AB8YNvY= oras.land/oras-go v1.2.4/go.mod h1:DYcGfb3YF1nKjcezfX2SNlDAeQFKSXmf+qrFmrh4324= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= diff --git a/src/k8s/pkg/client/dqlite/remove.go b/src/k8s/pkg/client/dqlite/remove.go index c9a03365c..ab266e02f 100644 --- a/src/k8s/pkg/client/dqlite/remove.go +++ b/src/k8s/pkg/client/dqlite/remove.go @@ -20,6 +20,10 @@ func (c *Client) RemoveNodeByAddress(ctx context.Context, address string) error return fmt.Errorf("failed to retrieve cluster nodes") } + if len(members) == 1 { + return fmt.Errorf("only node in cluster cannot be removed") + } + var ( memberExists, clusterHasOtherVoters bool memberToRemove NodeInfo diff --git a/src/k8s/pkg/client/k8sd/cluster.go b/src/k8s/pkg/client/k8sd/cluster.go index eb0ebba08..47c1aaaa9 100644 --- a/src/k8s/pkg/client/k8sd/cluster.go +++ b/src/k8s/pkg/client/k8sd/cluster.go @@ -20,7 +20,7 @@ func (c *k8sd) BootstrapCluster(ctx context.Context, request apiv1.PostClusterBo defer cancel() var response apiv1.NodeStatus - if err := c.client.Query(ctx, "POST", api.NewURL().Path("k8sd", "cluster"), request, &response); err != nil { + if err := c.client.Query(ctx, "POST", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "cluster"), request, &response); err != nil { return apiv1.NodeStatus{}, fmt.Errorf("failed to POST /k8sd/cluster: %w", err) } @@ -37,7 +37,7 @@ func (c *k8sd) JoinCluster(ctx context.Context, request apiv1.JoinClusterRequest ctx, cancel := context.WithTimeout(ctx, request.Timeout+30*time.Second) defer cancel() - if err := c.client.Query(ctx, "POST", api.NewURL().Path("k8sd", "cluster", "join"), request, nil); err != nil { + if err := c.client.Query(ctx, "POST", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "cluster", "join"), request, nil); err != nil { return fmt.Errorf("failed to POST /k8sd/cluster/join: %w", err) } @@ -50,7 +50,7 @@ func (c *k8sd) RemoveNode(ctx context.Context, request apiv1.RemoveNodeRequest) ctx, cancel := context.WithTimeout(ctx, request.Timeout+30*time.Second) defer cancel() - if err := c.client.Query(ctx, "POST", api.NewURL().Path("k8sd", "cluster", "remove"), request, nil); err != nil { + if err := c.client.Query(ctx, "POST", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "cluster", "remove"), request, nil); err != nil { return fmt.Errorf("failed to POST /k8sd/cluster/remove: %w", err) } return nil @@ -58,7 +58,7 @@ func (c *k8sd) RemoveNode(ctx context.Context, request apiv1.RemoveNodeRequest) func (c *k8sd) GetJoinToken(ctx context.Context, request apiv1.GetJoinTokenRequest) (apiv1.GetJoinTokenResponse, error) { var response apiv1.GetJoinTokenResponse - if err := c.client.Query(ctx, "POST", api.NewURL().Path("k8sd", "cluster", "tokens"), request, &response); err != nil { + if err := c.client.Query(ctx, "POST", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "cluster", "tokens"), request, &response); err != nil { return apiv1.GetJoinTokenResponse{}, fmt.Errorf("failed to POST /k8sd/cluster/tokens: %w", err) } return response, nil diff --git a/src/k8s/pkg/client/k8sd/clusterapi.go b/src/k8s/pkg/client/k8sd/clusterapi.go index d65fdd9af..99fee22ab 100644 --- a/src/k8s/pkg/client/k8sd/clusterapi.go +++ b/src/k8s/pkg/client/k8sd/clusterapi.go @@ -9,7 +9,7 @@ import ( ) func (c *k8sd) SetClusterAPIAuthToken(ctx context.Context, request apiv1.SetClusterAPIAuthTokenRequest) error { - if err := c.client.Query(ctx, "POST", api.NewURL().Path("x", "capi", "set-auth-token"), request, nil); err != nil { + if err := c.client.Query(ctx, "POST", apiv1.K8sdAPIVersion, api.NewURL().Path("x", "capi", "set-auth-token"), request, nil); err != nil { return fmt.Errorf("failed to POST /x/capi/set-auth-token: %w", err) } return nil diff --git a/src/k8s/pkg/client/k8sd/config.go b/src/k8s/pkg/client/k8sd/config.go index 8bf524fde..b31254530 100644 --- a/src/k8s/pkg/client/k8sd/config.go +++ b/src/k8s/pkg/client/k8sd/config.go @@ -9,7 +9,7 @@ import ( ) func (c *k8sd) SetClusterConfig(ctx context.Context, request apiv1.UpdateClusterConfigRequest) error { - if err := c.client.Query(ctx, "PUT", api.NewURL().Path("k8sd", "cluster", "config"), request, nil); err != nil { + if err := c.client.Query(ctx, "PUT", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "cluster", "config"), request, nil); err != nil { return fmt.Errorf("failed to PUT /k8sd/cluster/config: %w", err) } return nil @@ -17,7 +17,7 @@ func (c *k8sd) SetClusterConfig(ctx context.Context, request apiv1.UpdateCluster func (c *k8sd) GetClusterConfig(ctx context.Context) (apiv1.UserFacingClusterConfig, error) { var response apiv1.GetClusterConfigResponse - if err := c.client.Query(ctx, "GET", api.NewURL().Path("k8sd", "cluster", "config"), nil, &response); err != nil { + if err := c.client.Query(ctx, "GET", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "cluster", "config"), nil, &response); err != nil { return apiv1.UserFacingClusterConfig{}, fmt.Errorf("failed to GET /k8sd/cluster/config: %w", err) } diff --git a/src/k8s/pkg/client/k8sd/status.go b/src/k8s/pkg/client/k8sd/status.go index 21ee5a464..572b3178e 100644 --- a/src/k8s/pkg/client/k8sd/status.go +++ b/src/k8s/pkg/client/k8sd/status.go @@ -11,7 +11,7 @@ import ( func (c *k8sd) NodeStatus(ctx context.Context) (apiv1.NodeStatus, error) { var response apiv1.GetNodeStatusResponse - if err := c.client.Query(ctx, "GET", api.NewURL().Path("k8sd", "node"), nil, &response); err != nil { + if err := c.client.Query(ctx, "GET", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "node"), nil, &response); err != nil { return apiv1.NodeStatus{}, fmt.Errorf("failed to GET /k8sd/node: %w", err) } return response.NodeStatus, nil @@ -20,7 +20,7 @@ func (c *k8sd) NodeStatus(ctx context.Context) (apiv1.NodeStatus, error) { func (c *k8sd) ClusterStatus(ctx context.Context, waitReady bool) (apiv1.ClusterStatus, error) { var response apiv1.GetClusterStatusResponse if err := control.WaitUntilReady(ctx, func() (bool, error) { - if err := c.client.Query(ctx, "GET", api.NewURL().Path("k8sd", "cluster"), nil, &response); err != nil { + if err := c.client.Query(ctx, "GET", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "cluster"), nil, &response); err != nil { return false, fmt.Errorf("failed to GET /k8sd/cluster: %w", err) } return !waitReady || response.ClusterStatus.Ready, nil diff --git a/src/k8s/pkg/client/k8sd/user.go b/src/k8s/pkg/client/k8sd/user.go index e7e8a4a79..6f8e71f71 100644 --- a/src/k8s/pkg/client/k8sd/user.go +++ b/src/k8s/pkg/client/k8sd/user.go @@ -10,7 +10,7 @@ import ( func (c *k8sd) KubeConfig(ctx context.Context, request apiv1.GetKubeConfigRequest) (string, error) { var response apiv1.GetKubeConfigResponse - if err := c.client.Query(ctx, "GET", api.NewURL().Path("k8sd", "kubeconfig"), request, &response); err != nil { + if err := c.client.Query(ctx, "GET", apiv1.K8sdAPIVersion, api.NewURL().Path("k8sd", "kubeconfig"), request, &response); err != nil { return "", fmt.Errorf("failed to GET /k8sd/kubeconfig: %w", err) } return response.KubeConfig, nil diff --git a/src/k8s/pkg/k8sd/api/capi_access_handler.go b/src/k8s/pkg/k8sd/api/capi_access_handler.go index 97bfd8a9e..01cc9f39d 100644 --- a/src/k8s/pkg/k8sd/api/capi_access_handler.go +++ b/src/k8s/pkg/k8sd/api/capi_access_handler.go @@ -11,15 +11,15 @@ import ( "github.com/canonical/microcluster/state" ) -func ValidateCAPIAuthTokenAccessHandler(tokenHeaderName string) func(s *state.State, r *http.Request) response.Response { - return func(s *state.State, r *http.Request) response.Response { +func ValidateCAPIAuthTokenAccessHandler(tokenHeaderName string) func(s state.State, r *http.Request) (bool, response.Response) { + return func(s state.State, r *http.Request) (bool, response.Response) { token := r.Header.Get(tokenHeaderName) if token == "" { - return response.Unauthorized(fmt.Errorf("missing header %q", tokenHeaderName)) + return false, response.Unauthorized(fmt.Errorf("missing header %q", tokenHeaderName)) } var tokenIsValid bool - if err := s.Database.Transaction(s.Context, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { var err error tokenIsValid, err = database.ValidateClusterAPIToken(ctx, tx, token) if err != nil { @@ -27,12 +27,12 @@ func ValidateCAPIAuthTokenAccessHandler(tokenHeaderName string) func(s *state.St } return nil }); err != nil { - return response.InternalError(fmt.Errorf("check CAPI auth token database transaction failed: %w", err)) + return false, response.InternalError(fmt.Errorf("check CAPI auth token database transaction failed: %w", err)) } if !tokenIsValid { - return response.Unauthorized(fmt.Errorf("invalid token")) + return false, response.Unauthorized(fmt.Errorf("invalid token")) } - return response.EmptySyncResponse + return true, nil } } diff --git a/src/k8s/pkg/k8sd/api/capi_auth.go b/src/k8s/pkg/k8sd/api/capi_auth.go index 4e4b1af7a..de54fecb9 100644 --- a/src/k8s/pkg/k8sd/api/capi_auth.go +++ b/src/k8s/pkg/k8sd/api/capi_auth.go @@ -13,13 +13,13 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) postSetClusterAPIAuthToken(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postSetClusterAPIAuthToken(s state.State, r *http.Request) response.Response { request := apiv1.SetClusterAPIAuthTokenRequest{} if err := json.NewDecoder(r.Body).Decode(&request); err != nil { return response.BadRequest(fmt.Errorf("failed to parse request: %w", err)) } - if err := s.Database.Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { return database.SetClusterAPIToken(ctx, tx, request.Token) }); err != nil { return response.InternalError(err) diff --git a/src/k8s/pkg/k8sd/api/cluster.go b/src/k8s/pkg/k8sd/api/cluster.go index d3837c0e2..a257e96bf 100644 --- a/src/k8s/pkg/k8sd/api/cluster.go +++ b/src/k8s/pkg/k8sd/api/cluster.go @@ -15,17 +15,17 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) getClusterStatus(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) getClusterStatus(s state.State, r *http.Request) response.Response { // fail if node is not initialized yet - if !s.Database.IsOpen() { + if err := s.Database().IsOpen(r.Context()); err != nil { return response.Unavailable(fmt.Errorf("daemon not yet initialized")) } - members, err := impl.GetClusterMembers(s.Context, s) + members, err := impl.GetClusterMembers(r.Context(), s) if err != nil { return response.InternalError(fmt.Errorf("failed to get cluster members: %w", err)) } - config, err := databaseutil.GetClusterConfig(s.Context, s) + config, err := databaseutil.GetClusterConfig(r.Context(), s) if err != nil { return response.InternalError(fmt.Errorf("failed to get cluster config: %w", err)) } @@ -35,15 +35,15 @@ func (e *Endpoints) getClusterStatus(s *state.State, r *http.Request) response.R return response.InternalError(fmt.Errorf("failed to create k8s client: %w", err)) } - ready, err := client.HasReadyNodes(s.Context) + ready, err := client.HasReadyNodes(r.Context()) if err != nil { return response.InternalError(fmt.Errorf("failed to check if cluster has ready nodes: %w", err)) } var statuses map[string]types.FeatureStatus - if err := s.Database.Transaction(s.Context, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { var err error - statuses, err = database.GetFeatureStatuses(s.Context, tx) + statuses, err = database.GetFeatureStatuses(r.Context(), tx) if err != nil { return fmt.Errorf("failed to get feature statuses: %w", err) } diff --git a/src/k8s/pkg/k8sd/api/cluster_bootstrap.go b/src/k8s/pkg/k8sd/api/cluster_bootstrap.go index d7455156a..5c6a18536 100644 --- a/src/k8s/pkg/k8sd/api/cluster_bootstrap.go +++ b/src/k8s/pkg/k8sd/api/cluster_bootstrap.go @@ -12,7 +12,7 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) postClusterBootstrap(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postClusterBootstrap(_ state.State, r *http.Request) response.Response { req := apiv1.PostClusterBootstrapRequest{} if err := utils.NewStrictJSONDecoder(r.Body).Decode(&req); err != nil { return response.BadRequest(fmt.Errorf("failed to parse request: %w", err)) diff --git a/src/k8s/pkg/k8sd/api/cluster_config.go b/src/k8s/pkg/k8sd/api/cluster_config.go index 45c4e2265..8a7b2e223 100644 --- a/src/k8s/pkg/k8sd/api/cluster_config.go +++ b/src/k8s/pkg/k8sd/api/cluster_config.go @@ -15,7 +15,7 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) putClusterConfig(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) putClusterConfig(s state.State, r *http.Request) response.Response { var req api.UpdateClusterConfigRequest if err := utils.NewStrictJSONDecoder(r.Body).Decode(&req); err != nil { @@ -30,7 +30,7 @@ func (e *Endpoints) putClusterConfig(s *state.State, r *http.Request) response.R return response.BadRequest(fmt.Errorf("failed to parse datastore config: %w", err)) } - if err := s.Database.Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { if _, err := database.SetClusterConfig(ctx, tx, requestedConfig); err != nil { return fmt.Errorf("failed to update cluster configuration: %w", err) } @@ -53,7 +53,7 @@ func (e *Endpoints) putClusterConfig(s *state.State, r *http.Request) response.R return response.SyncResponse(true, &api.UpdateClusterConfigResponse{}) } -func (e *Endpoints) getClusterConfig(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) getClusterConfig(s state.State, r *http.Request) response.Response { config, err := databaseutil.GetClusterConfig(r.Context(), s) if err != nil { return response.InternalError(fmt.Errorf("failed to retrieve cluster configuration: %w", err)) diff --git a/src/k8s/pkg/k8sd/api/cluster_join.go b/src/k8s/pkg/k8sd/api/cluster_join.go index b762e528d..469f506a0 100644 --- a/src/k8s/pkg/k8sd/api/cluster_join.go +++ b/src/k8s/pkg/k8sd/api/cluster_join.go @@ -13,7 +13,7 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) postClusterJoin(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postClusterJoin(s state.State, r *http.Request) response.Response { req := apiv1.JoinClusterRequest{} if err := utils.NewStrictJSONDecoder(r.Body).Decode(&req); err != nil { return response.BadRequest(fmt.Errorf("failed to parse request: %w", err)) diff --git a/src/k8s/pkg/k8sd/api/cluster_remove.go b/src/k8s/pkg/k8sd/api/cluster_remove.go index 6816e53f2..bd8b6e60b 100644 --- a/src/k8s/pkg/k8sd/api/cluster_remove.go +++ b/src/k8s/pkg/k8sd/api/cluster_remove.go @@ -17,7 +17,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -func (e *Endpoints) postClusterRemove(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postClusterRemove(s state.State, r *http.Request) response.Response { snap := e.provider.Snap() req := apiv1.RemoveNodeRequest{} @@ -32,7 +32,7 @@ func (e *Endpoints) postClusterRemove(s *state.State, r *http.Request) response. defer cancel() } - log := log.FromContext(s.Context).WithValues("name", req.Name) + log := log.FromContext(ctx).WithValues("name", req.Name) isControlPlane, err := nodeutil.IsControlPlaneNode(ctx, s, req.Name) if err != nil { @@ -42,8 +42,8 @@ func (e *Endpoints) postClusterRemove(s *state.State, r *http.Request) response. log.Info("Waiting for node to not be pending") control.WaitUntilReady(ctx, func() (bool, error) { var notPending bool - if err := s.Database.Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { - member, err := cluster.GetInternalClusterMember(ctx, tx, req.Name) + if err := s.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { + member, err := cluster.GetCoreClusterMember(ctx, tx, req.Name) if err != nil { log.Error(err, "Failed to get member") return nil diff --git a/src/k8s/pkg/k8sd/api/cluster_tokens.go b/src/k8s/pkg/k8sd/api/cluster_tokens.go index 1bb7eb3be..107469741 100644 --- a/src/k8s/pkg/k8sd/api/cluster_tokens.go +++ b/src/k8s/pkg/k8sd/api/cluster_tokens.go @@ -15,7 +15,7 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) postClusterJoinTokens(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postClusterJoinTokens(s state.State, r *http.Request) response.Response { req := apiv1.GetJoinTokenRequest{} if err := utils.NewStrictJSONDecoder(r.Body).Decode(&req); err != nil { return response.BadRequest(fmt.Errorf("failed to parse request: %w", err)) @@ -61,9 +61,9 @@ func getOrCreateJoinToken(ctx context.Context, m *microcluster.MicroCluster, tok return token, nil } -func getOrCreateWorkerToken(ctx context.Context, s *state.State, nodeName string) (string, error) { +func getOrCreateWorkerToken(ctx context.Context, s state.State, nodeName string) (string, error) { var token string - if err := s.Database.Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { var err error token, err = database.GetOrCreateWorkerNodeToken(ctx, tx, nodeName) if err != nil { diff --git a/src/k8s/pkg/k8sd/api/endpoints.go b/src/k8s/pkg/k8sd/api/endpoints.go index b277ccc27..ea798cc36 100644 --- a/src/k8s/pkg/k8sd/api/endpoints.go +++ b/src/k8s/pkg/k8sd/api/endpoints.go @@ -2,16 +2,41 @@ package api import ( + "context" + + apiv1 "github.com/canonical/k8s/api/v1" "github.com/canonical/microcluster/rest" ) type Endpoints struct { + context context.Context provider Provider } -// New creates a new Endpoints instance. -func New(provider Provider) *Endpoints { - return &Endpoints{provider: provider} +// New creates a new API server instance. +// Context is the context to use for the API servers endpoints. +func New(ctx context.Context, provider Provider) map[string]rest.Server { + k8sd := &Endpoints{ + context: ctx, + provider: provider, + } + return map[string]rest.Server{ + "k8sd": { + CoreAPI: true, + ServeUnix: true, + PreInit: true, + Resources: []rest.Resources{ + { + PathPrefix: apiv1.K8sdAPIVersion, + Endpoints: k8sd.Endpoints(), + }, + }, + }, + } +} + +func (e *Endpoints) Context() context.Context { + return e.context } // Endpoints returns the list of endpoints for a given microcluster app. diff --git a/src/k8s/pkg/k8sd/api/impl/k8sd.go b/src/k8s/pkg/k8sd/api/impl/k8sd.go index 8751ddefd..165b1ce78 100644 --- a/src/k8s/pkg/k8sd/api/impl/k8sd.go +++ b/src/k8s/pkg/k8sd/api/impl/k8sd.go @@ -12,7 +12,7 @@ import ( ) // GetClusterMembers retrieves information about the members of the cluster. -func GetClusterMembers(ctx context.Context, s *state.State) ([]apiv1.NodeStatus, error) { +func GetClusterMembers(ctx context.Context, s state.State) ([]apiv1.NodeStatus, error) { c, err := s.Leader() if err != nil { return nil, fmt.Errorf("failed to get leader client: %w", err) @@ -38,7 +38,7 @@ func GetClusterMembers(ctx context.Context, s *state.State) ([]apiv1.NodeStatus, // GetLocalNodeStatus retrieves the status of the local node, including its roles within the cluster. // Unlike "GetClusterMembers" this also works on a worker node. -func GetLocalNodeStatus(ctx context.Context, s *state.State, snap snap.Snap) (apiv1.NodeStatus, error) { +func GetLocalNodeStatus(ctx context.Context, s state.State, snap snap.Snap) (apiv1.NodeStatus, error) { // Determine cluster role. clusterRole := apiv1.ClusterRoleUnknown isWorker, err := snaputil.IsWorker(snap) diff --git a/src/k8s/pkg/k8sd/api/kubeconfig.go b/src/k8s/pkg/k8sd/api/kubeconfig.go index 6f12e1eb6..c12905b2d 100644 --- a/src/k8s/pkg/k8sd/api/kubeconfig.go +++ b/src/k8s/pkg/k8sd/api/kubeconfig.go @@ -12,7 +12,7 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) getKubeconfig(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) getKubeconfig(s state.State, r *http.Request) response.Response { req := apiv1.GetKubeConfigRequest{} if err := utils.NewStrictJSONDecoder(r.Body).Decode(&req); err != nil { return response.BadRequest(fmt.Errorf("failed to parse request: %w", err)) diff --git a/src/k8s/pkg/k8sd/api/kubernetes_auth_tokens.go b/src/k8s/pkg/k8sd/api/kubernetes_auth_tokens.go index ec7ad8bfd..5e492ab44 100644 --- a/src/k8s/pkg/k8sd/api/kubernetes_auth_tokens.go +++ b/src/k8s/pkg/k8sd/api/kubernetes_auth_tokens.go @@ -6,22 +6,22 @@ import ( "encoding/json" "errors" "fmt" - databaseutil "github.com/canonical/k8s/pkg/k8sd/database/util" "net/http" apiv1 "github.com/canonical/k8s/api/v1" "github.com/canonical/k8s/pkg/k8sd/database" + databaseutil "github.com/canonical/k8s/pkg/k8sd/database/util" "github.com/canonical/k8s/pkg/utils" "github.com/canonical/lxd/lxd/response" "github.com/canonical/microcluster/state" ) -func (e *Endpoints) getKubernetesAuthTokens(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) getKubernetesAuthTokens(s state.State, r *http.Request) response.Response { token := r.Header.Get("token") var username string var groups []string - if err := s.Database.Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { var err error username, groups, err = database.CheckToken(ctx, tx, token) return err @@ -32,7 +32,7 @@ func (e *Endpoints) getKubernetesAuthTokens(s *state.State, r *http.Request) res return response.SyncResponse(true, apiv1.CheckKubernetesAuthTokenResponse{Username: username, Groups: groups}) } -func (e *Endpoints) postKubernetesAuthTokens(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postKubernetesAuthTokens(s state.State, r *http.Request) response.Response { request := apiv1.GenerateKubernetesAuthTokenRequest{} if err := json.NewDecoder(r.Body).Decode(&request); err != nil { return response.BadRequest(fmt.Errorf("failed to parse request: %w", err)) @@ -46,7 +46,7 @@ func (e *Endpoints) postKubernetesAuthTokens(s *state.State, r *http.Request) re return response.SyncResponse(true, apiv1.CreateKubernetesAuthTokenResponse{Token: token}) } -func (e *Endpoints) deleteKubernetesAuthTokens(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) deleteKubernetesAuthTokens(s state.State, r *http.Request) response.Response { request := apiv1.RevokeKubernetesAuthTokenRequest{} if err := json.NewDecoder(r.Body).Decode(&request); err != nil { return response.BadRequest(fmt.Errorf("failed to parse request: %w", err)) @@ -62,7 +62,7 @@ func (e *Endpoints) deleteKubernetesAuthTokens(s *state.State, r *http.Request) // postKubernetesAuthWebhook is used by kube-apiserver to handle TokenReview objects. // Note that we do not use the normal response.SyncResponse here, because it breaks the response format that kube-apiserver expects. -func (e *Endpoints) postKubernetesAuthWebhook(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postKubernetesAuthWebhook(s state.State, r *http.Request) response.Response { review := apiv1.TokenReview{ APIVersion: "authentication.k8s.io/v1", Kind: "TokenReview", @@ -96,7 +96,7 @@ func (e *Endpoints) postKubernetesAuthWebhook(s *state.State, r *http.Request) r // check token var username string var groups []string - if err := s.Database.Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { var err error username, groups, err = database.CheckToken(ctx, tx, review.Spec.Token) return err diff --git a/src/k8s/pkg/k8sd/api/node.go b/src/k8s/pkg/k8sd/api/node.go index eb6ea1c03..0d6bae9a4 100644 --- a/src/k8s/pkg/k8sd/api/node.go +++ b/src/k8s/pkg/k8sd/api/node.go @@ -9,7 +9,7 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) getNodeStatus(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) getNodeStatus(s state.State, r *http.Request) response.Response { snap := e.provider.Snap() status, err := impl.GetLocalNodeStatus(r.Context(), s, snap) diff --git a/src/k8s/pkg/k8sd/api/worker.go b/src/k8s/pkg/k8sd/api/worker.go index d4dd38e30..565d2fe4d 100644 --- a/src/k8s/pkg/k8sd/api/worker.go +++ b/src/k8s/pkg/k8sd/api/worker.go @@ -16,7 +16,7 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) postWorkerInfo(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) postWorkerInfo(s state.State, r *http.Request) response.Response { snap := e.provider.Snap() req := apiv1.WorkerNodeInfoRequest{} @@ -31,7 +31,7 @@ func (e *Endpoints) postWorkerInfo(s *state.State, r *http.Request) response.Res return response.BadRequest(fmt.Errorf("failed to parse node IP address %s", req.Address)) } - cfg, err := databaseutil.GetClusterConfig(s.Context, s) + cfg, err := databaseutil.GetClusterConfig(r.Context(), s) if err != nil { return response.InternalError(fmt.Errorf("failed to get cluster config: %w", err)) } @@ -50,16 +50,16 @@ func (e *Endpoints) postWorkerInfo(s *state.State, r *http.Request) response.Res if err != nil { return response.InternalError(fmt.Errorf("failed to create kubernetes client: %w", err)) } - if err := client.WaitKubernetesEndpointAvailable(s.Context); err != nil { + if err := client.WaitKubernetesEndpointAvailable(r.Context()); err != nil { return response.InternalError(fmt.Errorf("kubernetes endpoints not ready yet: %w", err)) } - servers, err := client.GetKubeAPIServerEndpoints(s.Context) + servers, err := client.GetKubeAPIServerEndpoints(r.Context()) if err != nil { return response.InternalError(fmt.Errorf("failed to retrieve list of known kube-apiserver endpoints: %w", err)) } workerToken := r.Header.Get("worker-token") - if err := s.Database.Transaction(s.Context, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { return database.DeleteWorkerNodeToken(ctx, tx, workerToken) }); err != nil { return response.InternalError(fmt.Errorf("delete worker node token transaction failed: %w", err)) diff --git a/src/k8s/pkg/k8sd/api/worker_access_handler.go b/src/k8s/pkg/k8sd/api/worker_access_handler.go index fad76a43f..446a4d0b5 100644 --- a/src/k8s/pkg/k8sd/api/worker_access_handler.go +++ b/src/k8s/pkg/k8sd/api/worker_access_handler.go @@ -13,40 +13,40 @@ import ( "github.com/canonical/microcluster/state" ) -func (e *Endpoints) restrictWorkers(s *state.State, r *http.Request) response.Response { +func (e *Endpoints) restrictWorkers(s state.State, r *http.Request) (bool, response.Response) { snap := e.provider.Snap() isWorker, err := snaputil.IsWorker(snap) if err != nil { - return response.InternalError(fmt.Errorf("failed to check if node is a worker: %w", err)) + return false, response.InternalError(fmt.Errorf("failed to check if node is a worker: %w", err)) } if isWorker { - return response.Forbidden(fmt.Errorf("this action is restricted on workers")) + return false, response.Forbidden(fmt.Errorf("this action is restricted on workers")) } - return response.EmptySyncResponse + return true, nil } // ValidateWorkerInfoAccessHandler access handler checks if the worker is allowed to access this endpoint with the provided token. -func ValidateWorkerInfoAccessHandler(nodeHeaderName string, tokenHeaderName string) func(s *state.State, r *http.Request) response.Response { - return func(s *state.State, r *http.Request) response.Response { +func ValidateWorkerInfoAccessHandler(nodeHeaderName string, tokenHeaderName string) func(s state.State, r *http.Request) (bool, response.Response) { + return func(s state.State, r *http.Request) (bool, response.Response) { name := r.Header.Get(nodeHeaderName) if name == "" { - return response.Unauthorized(fmt.Errorf("missing header %q", nodeHeaderName)) + return false, response.Unauthorized(fmt.Errorf("missing header %q", nodeHeaderName)) } hostname, err := utils.CleanHostname(name) if err != nil { - return response.BadRequest(fmt.Errorf("invalid hostname %q: %w", hostname, err)) + return false, response.BadRequest(fmt.Errorf("invalid hostname %q: %w", hostname, err)) } token := r.Header.Get(tokenHeaderName) if token == "" { - return response.Unauthorized(fmt.Errorf("invalid token")) + return false, response.Unauthorized(fmt.Errorf("invalid token")) } var tokenIsValid bool - if err := s.Database.Transaction(s.Context, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(r.Context(), func(ctx context.Context, tx *sql.Tx) error { var err error tokenIsValid, err = database.CheckWorkerNodeToken(ctx, tx, hostname, token) if err != nil { @@ -54,12 +54,12 @@ func ValidateWorkerInfoAccessHandler(nodeHeaderName string, tokenHeaderName stri } return nil }); err != nil { - return response.InternalError(fmt.Errorf("check token database transaction failed: %w", err)) + return false, response.InternalError(fmt.Errorf("check token database transaction failed: %w", err)) } if !tokenIsValid { - return response.Unauthorized(fmt.Errorf("invalid token")) + return false, response.Unauthorized(fmt.Errorf("invalid token")) } - return response.EmptySyncResponse + return true, nil } } diff --git a/src/k8s/pkg/k8sd/app/app.go b/src/k8s/pkg/k8sd/app/app.go index c3a3f1500..182c55414 100644 --- a/src/k8s/pkg/k8sd/app/app.go +++ b/src/k8s/pkg/k8sd/app/app.go @@ -8,6 +8,7 @@ import ( "sync" "time" + apiv1 "github.com/canonical/k8s/api/v1" "github.com/canonical/k8s/pkg/k8sd/api" "github.com/canonical/k8s/pkg/k8sd/controllers" "github.com/canonical/k8s/pkg/k8sd/controllers/csrsigning" @@ -15,7 +16,6 @@ import ( "github.com/canonical/k8s/pkg/log" "github.com/canonical/k8s/pkg/snap" "github.com/canonical/microcluster/client" - "github.com/canonical/microcluster/config" "github.com/canonical/microcluster/microcluster" "github.com/canonical/microcluster/state" ) @@ -81,6 +81,7 @@ func New(cfg Config) (*App, error) { cfg.StateDir = cfg.Snap.K8sdStateDir() } cluster, err := microcluster.App(microcluster.Args{ + Version: string(apiv1.K8sdAPIVersion), Verbose: cfg.Verbose, Debug: cfg.Debug, StateDir: cfg.StateDir, @@ -171,9 +172,9 @@ func New(cfg Config) (*App, error) { // Run starts the microcluster node and waits until it terminates. // any non-nil customHooks override the default hooks. -func (a *App) Run(ctx context.Context, customHooks *config.Hooks) error { +func (a *App) Run(ctx context.Context, customHooks *state.Hooks) error { // TODO: consider improving API for overriding hooks. - hooks := &config.Hooks{ + hooks := &state.Hooks{ PostBootstrap: a.onBootstrap, PostJoin: a.onPostJoin, PreRemove: a.onPreRemove, @@ -214,16 +215,18 @@ func (a *App) Run(ctx context.Context, customHooks *config.Hooks) error { }() } - err := a.cluster.Start(ctx, api.New(a).Endpoints(), database.SchemaExtensions, hooks) + a.cluster.AddServers(api.New(ctx, a)) + + err := a.cluster.Start(ctx, database.SchemaExtensions, []string{}, hooks) if err != nil { return fmt.Errorf("failed to run microcluster: %w", err) } return nil } -func (a *App) markNodeReady(ctx context.Context, s *state.State) { +func (a *App) markNodeReady(ctx context.Context, s state.State) { for { - if s.Database.IsOpen() { + if err := s.Database().IsOpen(ctx); err == nil { a.readyWg.Done() return } diff --git a/src/k8s/pkg/k8sd/app/cluster_util.go b/src/k8s/pkg/k8sd/app/cluster_util.go index 878f715f9..f964b2067 100644 --- a/src/k8s/pkg/k8sd/app/cluster_util.go +++ b/src/k8s/pkg/k8sd/app/cluster_util.go @@ -12,7 +12,7 @@ import ( "github.com/canonical/microcluster/state" ) -func setupKubeconfigs(s *state.State, kubeConfigDir string, securePort int, pki pki.ControlPlanePKI) error { +func setupKubeconfigs(s state.State, kubeConfigDir string, securePort int, pki pki.ControlPlanePKI) error { // Generate kubeconfigs for _, kubeconfig := range []struct { file string diff --git a/src/k8s/pkg/k8sd/app/hooks_bootstrap.go b/src/k8s/pkg/k8sd/app/hooks_bootstrap.go index a8d0e4989..f8a27b03d 100644 --- a/src/k8s/pkg/k8sd/app/hooks_bootstrap.go +++ b/src/k8s/pkg/k8sd/app/hooks_bootstrap.go @@ -9,7 +9,6 @@ import ( "fmt" "net" "net/http" - "os" "path/filepath" apiv1 "github.com/canonical/k8s/api/v1" @@ -26,10 +25,10 @@ import ( // onBootstrap is called after we bootstrap the first cluster node. // onBootstrap configures local services then writes the cluster config on the database. -func (a *App) onBootstrap(s *state.State, initConfig map[string]string) error { +func (a *App) onBootstrap(ctx context.Context, s state.State, initConfig map[string]string) error { // NOTE(neoaggelos): context timeout is passed over configuration, so that hook failures are propagated to the client - ctx, cancel := context.WithCancel(s.Context) + ctx, cancel := context.WithCancel(ctx) defer cancel() if t := utils.MicroclusterTimeoutFromConfig(initConfig); t != 0 { ctx, cancel = context.WithTimeout(ctx, t) @@ -52,44 +51,11 @@ func (a *App) onBootstrap(s *state.State, initConfig map[string]string) error { return a.onBootstrapControlPlane(ctx, s, bootstrapConfig) } -func (a *App) onBootstrapWorkerNode(ctx context.Context, s *state.State, encodedToken string, joinConfig apiv1.WorkerNodeJoinConfig) (rerr error) { +func (a *App) onBootstrapWorkerNode(ctx context.Context, s state.State, encodedToken string, joinConfig apiv1.WorkerNodeJoinConfig) (rerr error) { snap := a.Snap() log := log.FromContext(ctx).WithValues("hook", "join") - // make sure to cleanup in case of errors - // the code can register cleanup hooks by appending to this slice - var cleanups []func(context.Context) error - defer func() { - // do not cleanup if bootstrap was successful - if rerr == nil { - log.Info("Joined cluster successfully") - return - } - - // annotate error with context cancellation - if err := ctx.Err(); err != nil { - rerr = fmt.Errorf("%w: %v", rerr, ctx.Err()) - } - - // start goroutine to cleanup on the background and return quickly - go func() { - log.Error(rerr, "Failed to join cluster") - log.Info("Cleaning up") - for i := len(cleanups) - 1; i >= 0; i-- { - // run cleanup functions in reverse order - if err := cleanups[i](s.Context); err != nil { - log.Error(err, fmt.Sprintf("Cleanup hook %d/%d failed", i, len(cleanups))) - } - } - log.Info("All cleanup hooks finished, resetting microcluster state") - - if err := a.client.ResetClusterMember(s.Context, s.Name(), true); err != nil { - log.Error(err, "Failed to ResetClusterMember") - } - }() - }() - token := &types.InternalWorkerNodeToken{} if err := token.Decode(encodedToken); err != nil { return fmt.Errorf("failed to parse worker token: %w", err) @@ -196,13 +162,7 @@ func (a *App) onBootstrapWorkerNode(ctx context.Context, s *state.State, encoded if err := certificates.CompleteCertificates(); err != nil { return fmt.Errorf("failed to initialize worker node certificates: %w", err) } - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Cleaning up worker certificates") - if _, err := setup.EnsureWorkerPKI(snap, &pki.WorkerNodePKI{}); err != nil { - return fmt.Errorf("failed to cleanup worker certificates: %w", err) - } - return nil - }) + if _, err := setup.EnsureWorkerPKI(snap, certificates); err != nil { return fmt.Errorf("failed to write worker node certificates: %w", err) } @@ -238,7 +198,7 @@ func (a *App) onBootstrapWorkerNode(ctx context.Context, s *state.State, encoded return fmt.Errorf("pre-init checks failed for worker node: %w", err) } - if err := s.Database.Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { if _, err := database.SetClusterConfig(ctx, tx, cfg); err != nil { return fmt.Errorf("failed to write cluster configuration: %w", err) } @@ -247,16 +207,6 @@ func (a *App) onBootstrapWorkerNode(ctx context.Context, s *state.State, encoded return fmt.Errorf("database transaction to set cluster configuration failed: %w", err) } - cleanups = append(cleanups, func(ctx context.Context) error { - for _, dir := range []string{snap.ServiceArgumentsDir()} { - log.WithValues("directory", dir).Info("Cleaning up config files") - if err := os.RemoveAll(dir); err != nil { - return fmt.Errorf("failed to delete %v: %w", dir, err) - } - } - return nil - }) - // Worker node services if err := setup.Containerd(snap, nil, joinConfig.ExtraNodeContainerdArgs); err != nil { return fmt.Errorf("failed to configure containerd: %w", err) @@ -274,25 +224,12 @@ func (a *App) onBootstrapWorkerNode(ctx context.Context, s *state.State, encoded return fmt.Errorf("failed to write extra node config files: %w", err) } - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Removing worker node mark") - if err := snaputil.MarkAsWorkerNode(snap, false); err != nil { - return fmt.Errorf("failed to unmark node as worker: %w", err) - } - return nil - }) if err := snaputil.MarkAsWorkerNode(snap, true); err != nil { return fmt.Errorf("failed to mark node as worker: %w", err) } // Start services - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Stopping worker services") - if err := snaputil.StopWorkerServices(ctx, snap); err != nil { - return fmt.Errorf("failed to start worker services: %w", err) - } - return nil - }) + log.Info("Starting worker services") if err := snaputil.StartWorkerServices(ctx, snap); err != nil { return fmt.Errorf("failed to start worker services: %w", err) } @@ -300,44 +237,9 @@ func (a *App) onBootstrapWorkerNode(ctx context.Context, s *state.State, encoded return nil } -func (a *App) onBootstrapControlPlane(ctx context.Context, s *state.State, bootstrapConfig apiv1.BootstrapConfig) (rerr error) { +func (a *App) onBootstrapControlPlane(ctx context.Context, s state.State, bootstrapConfig apiv1.BootstrapConfig) (rerr error) { snap := a.Snap() - log := log.FromContext(ctx).WithValues("hook", "bootstrap") - - // make sure to cleanup in case of errors - // the code can register cleanup hooks by appending to this slice - var cleanups []func(context.Context) error - defer func() { - // do not cleanup if bootstrap was successful - if rerr == nil { - log.Info("Bootstrapped cluster successfully") - return - } - - // annotate error with context cancellation - if err := ctx.Err(); err != nil { - rerr = fmt.Errorf("%w: %v", rerr, ctx.Err()) - } - - // start goroutine to cleanup on the background and return quickly - go func() { - log.Error(rerr, "Failed to bootstrap cluster") - log.Info("Cleaning up") - for i := len(cleanups) - 1; i >= 0; i-- { - // run cleanup functions in reverse order - if err := cleanups[i](s.Context); err != nil { - log.Error(err, fmt.Sprintf("Cleanup hook %d/%d failed", i, len(cleanups))) - } - } - log.Info("All cleanup hooks finished, resetting microcluster state") - - if err := a.client.ResetClusterMember(s.Context, s.Name(), true); err != nil { - log.Error(err, "Failed to ResetClusterMember") - } - }() - }() - cfg, err := types.ClusterConfigFromBootstrapConfig(bootstrapConfig) if err != nil { return fmt.Errorf("invalid bootstrap config: %w", err) @@ -389,13 +291,6 @@ func (a *App) onBootstrapControlPlane(ctx context.Context, s *state.State, boots if err := certificates.CheckCertificates(); err != nil { return fmt.Errorf("failed to initialize external datastore certificates: %w", err) } - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Cleaning up external datastore certificates") - if _, err := setup.EnsureExtDatastorePKI(snap, &pki.ExternalDatastorePKI{}); err != nil { - return fmt.Errorf("failed to cleanup external datastore certificates: %w", err) - } - return nil - }) if _, err := setup.EnsureExtDatastorePKI(snap, certificates); err != nil { return fmt.Errorf("failed to write external datastore certificates: %w", err) } @@ -445,13 +340,6 @@ func (a *App) onBootstrapControlPlane(ctx context.Context, s *state.State, boots return fmt.Errorf("failed to initialize control plane certificates: %w", err) } - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Cleaning up control plane certificates") - if _, err := setup.EnsureControlPlanePKI(snap, &pki.ControlPlanePKI{}); err != nil { - return fmt.Errorf("failed to cleanup control plane certificates: %w", err) - } - return nil - }) if _, err := setup.EnsureControlPlanePKI(snap, certificates); err != nil { return fmt.Errorf("failed to write control plane certificates: %w", err) } @@ -484,13 +372,6 @@ func (a *App) onBootstrapControlPlane(ctx context.Context, s *state.State, boots // Configure datastore switch cfg.Datastore.GetType() { case "k8s-dqlite": - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Cleaning up k8s-dqlite directory") - if err := os.RemoveAll(snap.K8sDqliteStateDir()); err != nil { - return fmt.Errorf("failed to cleanup k8s-dqlite state directory: %w", err) - } - return nil - }) if err := setup.K8sDqlite(snap, fmt.Sprintf("%s:%d", nodeIP.String(), cfg.Datastore.GetK8sDqlitePort()), nil, bootstrapConfig.ExtraNodeK8sDqliteArgs); err != nil { return fmt.Errorf("failed to configure k8s-dqlite: %w", err) } @@ -498,15 +379,6 @@ func (a *App) onBootstrapControlPlane(ctx context.Context, s *state.State, boots default: return fmt.Errorf("unsupported datastore %s, must be one of %v", cfg.Datastore.GetType(), setup.SupportedDatastores) } - cleanups = append(cleanups, func(ctx context.Context) error { - for _, dir := range []string{snap.ServiceArgumentsDir()} { - log.WithValues("directory", dir).Info("Cleaning up config files", dir) - if err := os.RemoveAll(dir); err != nil { - return fmt.Errorf("failed to delete %v: %w", dir, err) - } - } - return nil - }) // Configure services if err := setup.Containerd(snap, nil, bootstrapConfig.ExtraNodeContainerdArgs); err != nil { @@ -533,7 +405,7 @@ func (a *App) onBootstrapControlPlane(ctx context.Context, s *state.State, boots } // Write cluster configuration to dqlite - if err := s.Database.Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { if _, err := database.SetClusterConfig(ctx, tx, cfg); err != nil { return fmt.Errorf("failed to write cluster configuration: %w", err) } @@ -547,13 +419,6 @@ func (a *App) onBootstrapControlPlane(ctx context.Context, s *state.State, boots } // Start services - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Stopping control plane services") - if err := stopControlPlaneServices(ctx, snap, cfg.Datastore.GetType()); err != nil { - return fmt.Errorf("failed to stop services: %w", err) - } - return nil - }) if err := startControlPlaneServices(ctx, snap, cfg.Datastore.GetType()); err != nil { return fmt.Errorf("failed to start services: %w", err) } diff --git a/src/k8s/pkg/k8sd/app/hooks_join.go b/src/k8s/pkg/k8sd/app/hooks_join.go index e6bf41545..9f444ac0c 100644 --- a/src/k8s/pkg/k8sd/app/hooks_join.go +++ b/src/k8s/pkg/k8sd/app/hooks_join.go @@ -2,99 +2,31 @@ package app import ( "context" - "database/sql" "fmt" "net" - "os" apiv1 "github.com/canonical/k8s/api/v1" databaseutil "github.com/canonical/k8s/pkg/k8sd/database/util" "github.com/canonical/k8s/pkg/k8sd/pki" "github.com/canonical/k8s/pkg/k8sd/setup" - "github.com/canonical/k8s/pkg/log" "github.com/canonical/k8s/pkg/utils" - "github.com/canonical/k8s/pkg/utils/control" "github.com/canonical/k8s/pkg/utils/experimental/snapdconfig" - "github.com/canonical/microcluster/cluster" "github.com/canonical/microcluster/state" ) // onPostJoin is called when a control plane node joins the cluster. // onPostJoin retrieves the cluster config from the database and configures local services. -func (a *App) onPostJoin(s *state.State, initConfig map[string]string) (rerr error) { +func (a *App) onPostJoin(ctx context.Context, s state.State, initConfig map[string]string) (rerr error) { snap := a.Snap() - log := log.FromContext(s.Context).WithValues("hook", "join") - // NOTE(neoaggelos): context timeout is passed over configuration, so that hook failures are propagated to the client - ctx, cancel := context.WithCancel(s.Context) + ctx, cancel := context.WithCancel(ctx) defer cancel() if t := utils.MicroclusterTimeoutFromConfig(initConfig); t != 0 { ctx, cancel = context.WithTimeout(ctx, t) defer cancel() } - // make sure to cleanup in case of errors - // the code can register cleanup hooks by appending to this slice - var cleanups []func(context.Context) error - defer func() { - // do not cleanup if joining was successful - if rerr == nil { - log.Info("Joined cluster successfully") - return - } - - // annotate error with context cancellation - if err := ctx.Err(); err != nil { - rerr = fmt.Errorf("%w: %v", rerr, ctx.Err()) - } - - // start goroutine to cleanup on the background and return quickly - go func() { - log.Error(rerr, "Failed to join cluster") - - log.Info("Waiting for node to finish microcluster join before removing") - control.WaitUntilReady(s.Context, func() (bool, error) { - var notPending bool - if err := s.Database.Transaction(s.Context, func(ctx context.Context, tx *sql.Tx) error { - member, err := cluster.GetInternalClusterMember(ctx, tx, s.Name()) - if err != nil { - log.Error(err, "Failed to get member") - return nil - } - notPending = member.Role != cluster.Pending - return nil - }); err != nil { - log.Error(err, "Failed database transaction to check cluster member role") - } - return notPending, nil - }) - - log.Info("Cleaning up") - for i := len(cleanups) - 1; i >= 0; i-- { - // run cleanup functions in reverse order - if err := cleanups[i](s.Context); err != nil { - log.Error(err, fmt.Sprintf("Cleanup hook %d/%d failed", i, len(cleanups))) - } - } - log.Info("All cleanup hooks finished, removing node from microcluster") - - // NOTE(neoaggelos): this also runs the pre-remove hook and resets the cluster member - control.WaitUntilReady(s.Context, func() (bool, error) { - client, err := s.Leader() - if err != nil { - log.Error(err, "Failed to create client to dqlite leader") - return false, nil - } - if err := client.DeleteClusterMember(s.Context, s.Name(), true); err != nil { - log.Error(err, "Failed to DeleteClusterMember") - return false, nil - } - return true, nil - }) - }() - }() - joinConfig, err := apiv1.ControlPlaneJoinConfigFromMicrocluster(initConfig) if err != nil { return fmt.Errorf("failed to unmarshal control plane join config: %w", err) @@ -193,13 +125,6 @@ func (a *App) onPostJoin(s *state.State, initConfig map[string]string) (rerr err } // Write certificates to disk - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Cleaning up control plane certificates") - if _, err := setup.EnsureControlPlanePKI(snap, &pki.ControlPlanePKI{}); err != nil { - return fmt.Errorf("failed to cleanup control plane certificates: %w", err) - } - return nil - }) if _, err := setup.EnsureControlPlanePKI(snap, certificates); err != nil { return fmt.Errorf("failed to write control plane certificates: %w", err) } @@ -234,16 +159,6 @@ func (a *App) onPostJoin(s *state.State, initConfig map[string]string) (rerr err return fmt.Errorf("unsupported datastore %s, must be one of %v", cfg.Datastore.GetType(), setup.SupportedDatastores) } - cleanups = append(cleanups, func(ctx context.Context) error { - for _, dir := range []string{snap.ServiceArgumentsDir()} { - log.WithValues("directory", dir).Info("Cleaning up config files") - if err := os.RemoveAll(dir); err != nil { - return fmt.Errorf("failed to delete %v: %w", dir, err) - } - } - return nil - }) - // Configure services if err := setup.Containerd(snap, nil, joinConfig.ExtraNodeContainerdArgs); err != nil { return fmt.Errorf("failed to configure containerd: %w", err) @@ -273,13 +188,6 @@ func (a *App) onPostJoin(s *state.State, initConfig map[string]string) (rerr err } // Start services - cleanups = append(cleanups, func(ctx context.Context) error { - log.Info("Stopping control plane services") - if err := stopControlPlaneServices(ctx, snap, cfg.Datastore.GetType()); err != nil { - return fmt.Errorf("failed to stop services: %w", err) - } - return nil - }) if err := startControlPlaneServices(ctx, snap, cfg.Datastore.GetType()); err != nil { return fmt.Errorf("failed to start services: %w", err) } @@ -291,52 +199,3 @@ func (a *App) onPostJoin(s *state.State, initConfig map[string]string) (rerr err return nil } - -func (a *App) onPreRemove(s *state.State, force bool) (rerr error) { - snap := a.Snap() - - log := log.FromContext(s.Context).WithValues("hook", "preremove") - - // NOTE(neoaggelos): When the pre-remove hook fails, the microcluster node will - // be removed from the cluster members, but remains in the microcluster dqlite database. - // - // Log the error and proceed, such that the node is in fact removed. - defer func() { - if rerr != nil { - log.Error(rerr, "Failure during hook", rerr) - } - rerr = nil - }() - - cfg, err := databaseutil.GetClusterConfig(s.Context, s) - if err != nil { - return fmt.Errorf("failed to retrieve k8sd cluster config: %w", err) - } - - // configure datastore - switch cfg.Datastore.GetType() { - case "k8s-dqlite": - client, err := snap.K8sDqliteClient(s.Context) - if err != nil { - return fmt.Errorf("failed to create k8s-dqlite client: %w", err) - } - - nodeAddress := net.JoinHostPort(s.Address().Hostname(), fmt.Sprintf("%d", cfg.Datastore.GetK8sDqlitePort())) - if err := client.RemoveNodeByAddress(s.Context, nodeAddress); err != nil { - return fmt.Errorf("failed to remove node with address %s from k8s-dqlite cluster: %w", nodeAddress, err) - } - case "external": - default: - } - - c, err := snap.KubernetesClient("") - if err != nil { - return fmt.Errorf("failed to create Kubernetes client: %w", err) - } - - if err := c.DeleteNode(s.Context, s.Name()); err != nil { - return fmt.Errorf("failed to remove k8s node %q: %w", s.Name(), err) - } - - return nil -} diff --git a/src/k8s/pkg/k8sd/app/hooks_remove.go b/src/k8s/pkg/k8sd/app/hooks_remove.go new file mode 100644 index 000000000..1989b3f0b --- /dev/null +++ b/src/k8s/pkg/k8sd/app/hooks_remove.go @@ -0,0 +1,126 @@ +package app + +import ( + "context" + "database/sql" + "fmt" + "net" + "os" + + databaseutil "github.com/canonical/k8s/pkg/k8sd/database/util" + "github.com/canonical/k8s/pkg/k8sd/pki" + "github.com/canonical/k8s/pkg/k8sd/setup" + "github.com/canonical/k8s/pkg/log" + snaputil "github.com/canonical/k8s/pkg/snap/util" + "github.com/canonical/k8s/pkg/utils/control" + "github.com/canonical/microcluster/cluster" + "github.com/canonical/microcluster/state" +) + +// NOTE(ben): the pre-remove performs a series of cleanup steps on a best-effort basis. +// If any step fails, the error is logged, and the cleanup continues, skipping dependent tasks. +// All steps need to be blocking as the context is cancelled after the hook returned. +func (a *App) onPreRemove(ctx context.Context, s state.State, force bool) (rerr error) { + snap := a.Snap() + + log := log.FromContext(ctx).WithValues("hook", "preremove") + log.Info("Running preremove hook") + + log.Info("Waiting for node to finish microcluster join before removing") + control.WaitUntilReady(ctx, func() (bool, error) { + var notPending bool + if err := s.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { + member, err := cluster.GetCoreClusterMember(ctx, tx, s.Name()) + if err != nil { + log.Error(err, "Failed to get member") + return nil + } + notPending = member.Role != cluster.Pending + return nil + }); err != nil { + log.Error(err, "Failed database transaction to check cluster member role") + } + return notPending, nil + }) + + cfg, clusterConfigErr := databaseutil.GetClusterConfig(ctx, s) + if clusterConfigErr == nil { + switch cfg.Datastore.GetType() { + case "k8s-dqlite": + client, err := snap.K8sDqliteClient(ctx) + if err == nil { + log.Info("Removing node from k8s-dqlite cluster") + nodeAddress := net.JoinHostPort(s.Address().Hostname(), fmt.Sprintf("%d", cfg.Datastore.GetK8sDqlitePort())) + if err := client.RemoveNodeByAddress(ctx, nodeAddress); err != nil { + // Removing the node might fail (e.g. if it is the only one in the cluster). + // We still want to continue with the file cleanup, hence we only log the error. + log.Error(err, "Failed to remove node from k8s-dqlite cluster") + } + } else { + log.Error(err, "Failed to create k8s-dqlite client: %w") + } + + log.Info("Cleaning up k8s-dqlite directory") + if err := os.RemoveAll(snap.K8sDqliteStateDir()); err != nil { + return fmt.Errorf("failed to cleanup k8s-dqlite state directory: %w", err) + } + case "external": + log.Info("Cleaning up external datastore certificates") + if _, err := setup.EnsureExtDatastorePKI(snap, &pki.ExternalDatastorePKI{}); err != nil { + log.Error(err, "Failed to cleanup external datastore certificates") + } + default: + } + } else { + log.Error(clusterConfigErr, "Failed to retrieve cluster config") + } + + c, err := snap.KubernetesClient("") + if err != nil { + log.Error(err, "Failed to create Kubernetes client", err) + } + + log.Info("Deleting node from Kubernetes cluster") + if err := c.DeleteNode(ctx, s.Name()); err != nil { + log.Error(err, "Failed to remove k8s node %q: %w", s.Name(), err) + } + + for _, dir := range []string{snap.ServiceArgumentsDir()} { + log.WithValues("directory", dir).Info("Cleaning up config files", dir) + if err := os.RemoveAll(dir); err != nil { + log.WithValues("dir", dir).Error(err, "failed to delete config files", err) + } + } + + // Perform all cleanup steps regardless of if this is a worker node or control plane. + // Trying to detect the node type is not reliable as the node might have been marked as worker + // or not, depending on which step it failed. + log.Info("Cleaning up worker certificates") + if _, err := setup.EnsureWorkerPKI(snap, &pki.WorkerNodePKI{}); err != nil { + log.Error(err, "failed to cleanup worker certificates") + } + + log.Info("Removing worker node mark") + if err := snaputil.MarkAsWorkerNode(snap, false); err != nil { + log.Error(err, "Failed to unmark node as worker") + } + + log.Info("Stopping worker services") + if err := snaputil.StopWorkerServices(ctx, snap); err != nil { + log.Error(err, "Failed to stop worker services") + } + + log.Info("Cleaning up control plane certificates") + if _, err := setup.EnsureControlPlanePKI(snap, &pki.ControlPlanePKI{}); err != nil { + log.Error(err, "failed to cleanup control plane certificates") + } + + if clusterConfigErr == nil { + log.Info("Stopping control plane services") + if err := snaputil.StopControlPlaneServices(ctx, snap); err != nil { + log.Error(err, "Failed to stop control-plane services") + } + } + + return nil +} diff --git a/src/k8s/pkg/k8sd/app/hooks_start.go b/src/k8s/pkg/k8sd/app/hooks_start.go index 4cad69855..47c7140a2 100644 --- a/src/k8s/pkg/k8sd/app/hooks_start.go +++ b/src/k8s/pkg/k8sd/app/hooks_start.go @@ -15,13 +15,13 @@ import ( "github.com/canonical/microcluster/state" ) -func (a *App) onStart(s *state.State) error { +func (a *App) onStart(ctx context.Context, s state.State) error { // start a goroutine to mark the node as running - go a.markNodeReady(s.Context, s) + go a.markNodeReady(ctx, s) // start node config controller if a.nodeConfigController != nil { - go a.nodeConfigController.Run(s.Context, func(ctx context.Context) (*rsa.PublicKey, error) { + go a.nodeConfigController.Run(ctx, func(ctx context.Context) (*rsa.PublicKey, error) { cfg, err := databaseutil.GetClusterConfig(ctx, s) if err != nil { return nil, fmt.Errorf("failed to load RSA key from configuration: %w", err) @@ -37,14 +37,14 @@ func (a *App) onStart(s *state.State) error { // start control plane config controller if a.controlPlaneConfigController != nil { - go a.controlPlaneConfigController.Run(s.Context, func(ctx context.Context) (types.ClusterConfig, error) { + go a.controlPlaneConfigController.Run(ctx, func(ctx context.Context) (types.ClusterConfig, error) { return databaseutil.GetClusterConfig(ctx, s) }) } // start update node config controller if a.updateNodeConfigController != nil { - go a.updateNodeConfigController.Run(s.Context, func(ctx context.Context) (types.ClusterConfig, error) { + go a.updateNodeConfigController.Run(ctx, func(ctx context.Context) (types.ClusterConfig, error) { return databaseutil.GetClusterConfig(ctx, s) }) } @@ -52,12 +52,12 @@ func (a *App) onStart(s *state.State) error { // start feature controller if a.featureController != nil { go a.featureController.Run( - s.Context, + ctx, func(ctx context.Context) (types.ClusterConfig, error) { return databaseutil.GetClusterConfig(ctx, s) }, func(ctx context.Context, dnsIP string) error { - if err := s.Database.Transaction(s.Context, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { if _, err := database.SetClusterConfig(ctx, tx, types.ClusterConfig{ Kubelet: types.Kubelet{ClusterDNS: utils.Pointer(dnsIP)}, }); err != nil { @@ -74,7 +74,7 @@ func (a *App) onStart(s *state.State) error { return nil }, func(ctx context.Context, name string, featureStatus types.FeatureStatus) error { - if err := s.Database.Transaction(s.Context, func(ctx context.Context, tx *sql.Tx) error { + if err := s.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { // we set timestamp here in order to reduce the clutter. otherwise we will need to // set .UpdatedAt field in a lot of places for every event/error. // this is not 100% accurate but should be good enough @@ -94,7 +94,7 @@ func (a *App) onStart(s *state.State) error { // start csrsigning controller if a.csrsigningController != nil { go a.csrsigningController.Run( - s.Context, + ctx, func(ctx context.Context) (types.ClusterConfig, error) { return databaseutil.GetClusterConfig(ctx, s) }, diff --git a/src/k8s/pkg/k8sd/database/util/cluster.go b/src/k8s/pkg/k8sd/database/util/cluster.go index 7336c7b07..4a54b616b 100644 --- a/src/k8s/pkg/k8sd/database/util/cluster.go +++ b/src/k8s/pkg/k8sd/database/util/cluster.go @@ -11,11 +11,11 @@ import ( ) // GetClusterConfig is a convenience wrapper around the database call to get the cluster config. -func GetClusterConfig(ctx context.Context, state *state.State) (types.ClusterConfig, error) { +func GetClusterConfig(ctx context.Context, state state.State) (types.ClusterConfig, error) { var clusterConfig types.ClusterConfig var err error - if err := state.Database.Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { + if err := state.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { clusterConfig, err = database.GetClusterConfig(ctx, tx) if err != nil { return fmt.Errorf("failed to get cluster config from database: %w", err) diff --git a/src/k8s/pkg/k8sd/database/util/kubernetes_auth_tokens.go b/src/k8s/pkg/k8sd/database/util/kubernetes_auth_tokens.go index 1d8f67367..35d6bd7e0 100644 --- a/src/k8s/pkg/k8sd/database/util/kubernetes_auth_tokens.go +++ b/src/k8s/pkg/k8sd/database/util/kubernetes_auth_tokens.go @@ -10,9 +10,9 @@ import ( ) // GetOrCreateAuthToken returns a k8s auth token based on the provided username/groups. -func GetOrCreateAuthToken(ctx context.Context, state *state.State, username string, groups []string) (string, error) { +func GetOrCreateAuthToken(ctx context.Context, state state.State, username string, groups []string) (string, error) { var token string - if err := state.Database.Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { + if err := state.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { var err error token, err = database.GetOrCreateToken(ctx, tx, username, groups) return err @@ -22,8 +22,8 @@ func GetOrCreateAuthToken(ctx context.Context, state *state.State, username stri return token, nil } -func RevokeAuthToken(ctx context.Context, state *state.State, token string) error { - if err := state.Database.Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { +func RevokeAuthToken(ctx context.Context, state state.State, token string) error { + if err := state.Database().Transaction(ctx, func(ctx context.Context, tx *sql.Tx) error { if err := database.DeleteToken(ctx, tx, token); err != nil { return fmt.Errorf("failed to delete token from database: %w", err) } diff --git a/src/k8s/pkg/k8sd/database/util_test.go b/src/k8s/pkg/k8sd/database/util_test.go index 5c4d02d22..8126c8aab 100644 --- a/src/k8s/pkg/k8sd/database/util_test.go +++ b/src/k8s/pkg/k8sd/database/util_test.go @@ -8,7 +8,6 @@ import ( "time" "github.com/canonical/k8s/pkg/k8sd/app" - "github.com/canonical/microcluster/config" "github.com/canonical/microcluster/state" ) @@ -67,12 +66,12 @@ func WithDB(t *testing.T, f func(context.Context, DB)) { // app.Run() is blocking, so we get the database handle through a channel go func() { - doneCh <- app.Run(ctx, &config.Hooks{ - PostBootstrap: func(s *state.State, initConfig map[string]string) error { - databaseCh <- s.Database + doneCh <- app.Run(ctx, &state.Hooks{ + PostBootstrap: func(ctx context.Context, s state.State, initConfig map[string]string) error { + databaseCh <- s.Database() return nil }, - OnStart: func(s *state.State) error { + OnStart: func(ctx context.Context, s state.State) error { return nil }, }) diff --git a/src/k8s/pkg/utils/node/node.go b/src/k8s/pkg/utils/node/node.go index 58d3d7147..f79e451b3 100644 --- a/src/k8s/pkg/utils/node/node.go +++ b/src/k8s/pkg/utils/node/node.go @@ -10,7 +10,7 @@ import ( // GetControlPlaneNode returns the node information if the given node name // belongs to a control-plane in the cluster or nil if not. -func GetControlPlaneNode(ctx context.Context, s *state.State, name string) (*apiv1.NodeStatus, error) { +func GetControlPlaneNode(ctx context.Context, s state.State, name string) (*apiv1.NodeStatus, error) { client, err := s.Leader() if err != nil { return nil, fmt.Errorf("failed to get microcluster leader client: %w", err) @@ -35,7 +35,7 @@ func GetControlPlaneNode(ctx context.Context, s *state.State, name string) (*api } // IsControlPlaneNode returns true if the given node name belongs to a control-plane node in the cluster. -func IsControlPlaneNode(ctx context.Context, s *state.State, name string) (bool, error) { +func IsControlPlaneNode(ctx context.Context, s state.State, name string) (bool, error) { node, err := GetControlPlaneNode(ctx, s, name) if err != nil { return false, fmt.Errorf("failed to get control-plane node: %w", err)