From f1b4865c7a79bfec40c536f7a5f1bd04e09f826c Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Thu, 9 Dec 2021 10:00:35 +0000 Subject: [PATCH 01/17] initial commit of insanity --- Makefile | 2 +- .../{common => traefik}/traefik-tls.yaml | 0 assets/manifests/traefik/traefik.yaml | 36 +++ assets/misc/empty-file | 0 assets/misc/registries.yaml | 12 +- .../{k3s-remove.sh => zarf-clean-k3s.sh} | 0 cli/cmd/destroy.go | 14 +- cli/cmd/initialize.go | 83 +++--- cli/cmd/pki.go | 30 ++- cli/cmd/tools.go | 20 +- cli/config/config.go | 68 +++-- cli/config/types.go | 68 +++-- cli/internal/git/push.go | 4 +- cli/internal/git/utils.go | 4 +- cli/internal/images/push.go | 27 +- cli/internal/k3s/install.go | 90 ------- cli/internal/k3s/rhel.go | 15 -- cli/internal/k8s/secrets.go | 10 +- cli/internal/packager/common.go | 173 +++++++++++++ cli/internal/packager/create.go | 16 +- cli/internal/packager/deploy.go | 209 ++++++++------- cli/internal/packager/initialize.go | 48 ++++ cli/internal/packager/inspect.go | 2 +- cli/internal/{utils => pki}/pki.go | 80 ++---- cli/internal/utils/exec.go | 7 +- cli/internal/utils/io.go | 12 +- cli/internal/utils/preflight.go | 65 +---- cli/internal/utils/random.go | 26 ++ cli/internal/utils/yaml.go | 25 ++ go.mod | 23 +- go.sum | 209 ++++++++++----- zarf.schema.json | 245 ++++++++++++++++++ zarf.yaml | 98 ++++--- 33 files changed, 1144 insertions(+), 577 deletions(-) rename assets/manifests/{common => traefik}/traefik-tls.yaml (100%) create mode 100644 assets/manifests/traefik/traefik.yaml create mode 100644 assets/misc/empty-file rename assets/scripts/{k3s-remove.sh => zarf-clean-k3s.sh} (100%) delete mode 100644 cli/internal/k3s/install.go delete mode 100644 cli/internal/k3s/rhel.go create mode 100644 cli/internal/packager/initialize.go rename cli/internal/{utils => pki}/pki.go (72%) create mode 100644 cli/internal/utils/random.go create mode 100644 zarf.schema.json diff --git a/Makefile b/Makefile index 642f9521d9..52b9a73423 100644 --- a/Makefile +++ b/Makefile @@ -51,7 +51,7 @@ build-cli: clean build-cli-linux build-cli-mac ## Build the CLI init-package: ## Create the zarf init package $(ZARF_BIN) package create --confirm mv zarf-init.tar.zst build - cd build && sha256sum -b zarf* > zarf.sha256 + cd build && shasum -a 256 -b zarf* > zarf.sha256 ls -lh build build-test: build-cli init-package ## Build the CLI and create the init package diff --git a/assets/manifests/common/traefik-tls.yaml b/assets/manifests/traefik/traefik-tls.yaml similarity index 100% rename from assets/manifests/common/traefik-tls.yaml rename to assets/manifests/traefik/traefik-tls.yaml diff --git a/assets/manifests/traefik/traefik.yaml b/assets/manifests/traefik/traefik.yaml new file mode 100644 index 0000000000..cebf7f9089 --- /dev/null +++ b/assets/manifests/traefik/traefik.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: helm.cattle.io/v1 +kind: HelmChart +metadata: + name: traefik + namespace: kube-system +spec: + chart: https://%{KUBERNETES_API}%/static/charts/traefik-9.18.2.tgz + targetNamespace: kube-system + valuesContent: |- + rbac: + enabled: true + ports: + websecure: + tls: + enabled: true + podAnnotations: + prometheus.io/port: "8082" + prometheus.io/scrape: "true" + providers: + kubernetesIngress: + publishedService: + enabled: true + priorityClassName: "system-cluster-critical" + image: + name: "rancher/library-traefik" + tolerations: + - key: "CriticalAddonsOnly" + operator: "Exists" + - key: "node-role.kubernetes.io/control-plane" + operator: "Exists" + effect: "NoSchedule" + - key: "node-role.kubernetes.io/master" + operator: "Exists" + effect: "NoSchedule" + diff --git a/assets/misc/empty-file b/assets/misc/empty-file new file mode 100644 index 0000000000..e69de29bb2 diff --git a/assets/misc/registries.yaml b/assets/misc/registries.yaml index ee68ff688f..16840c3507 100644 --- a/assets/misc/registries.yaml +++ b/assets/misc/registries.yaml @@ -1,19 +1,19 @@ mirrors: registry.dso.mil: endpoint: - - "https://127.0.0.1" + - "https://###ZARF_TARGET_ENDPOINT###" registry1.dso.mil: endpoint: - - "https://127.0.0.1" + - "https://###ZARF_TARGET_ENDPOINT###" docker.io: endpoint: - - "https://127.0.0.1" + - "https://###ZARF_TARGET_ENDPOINT###" registry-1.docker.io: endpoint: - - "https://127.0.0.1" + - "https://###ZARF_TARGET_ENDPOINT###" ghcr.io: endpoint: - - "https://127.0.0.1" + - "https://###ZARF_TARGET_ENDPOINT###" registry.opensource.zalan.do: endpoint: - - "https://127.0.0.1" + - "https://###ZARF_TARGET_ENDPOINT###" diff --git a/assets/scripts/k3s-remove.sh b/assets/scripts/zarf-clean-k3s.sh similarity index 100% rename from assets/scripts/k3s-remove.sh rename to assets/scripts/zarf-clean-k3s.sh diff --git a/cli/cmd/destroy.go b/cli/cmd/destroy.go index 830ccc21a6..be38b9374c 100644 --- a/cli/cmd/destroy.go +++ b/cli/cmd/destroy.go @@ -2,7 +2,10 @@ package cmd import ( "fmt" + "os" + "regexp" + "github.com/defenseunicorns/zarf/cli/config" "github.com/defenseunicorns/zarf/cli/internal/utils" "github.com/spf13/cobra" @@ -15,7 +18,16 @@ var destroyCmd = &cobra.Command{ Short: "Tear it all down, we'll miss you Zarf...", Run: func(cmd *cobra.Command, args []string) { burn() - _, _ = utils.ExecCommand(nil, "/usr/local/bin/k3s-remove.sh") + _ = os.Remove(config.ZarfStatePath) + pattern := regexp.MustCompile(`(?mi)zarf-clean-.+\.sh$`) + scripts := utils.RecursiveFileList("/usr/local/bin", pattern) + // Iterate over al matching zarf-clean scripts and exec them + for _, script := range scripts { + // Run the matched script + _, _ = utils.ExecCommand(true, nil, script) + // Try to remove the script, but ignore any errors + _ = os.Remove(script) + } burn() }, } diff --git a/cli/cmd/initialize.go b/cli/cmd/initialize.go index b526a45412..6e451b5d2e 100644 --- a/cli/cmd/initialize.go +++ b/cli/cmd/initialize.go @@ -3,7 +3,10 @@ package cmd import ( "path/filepath" - "github.com/defenseunicorns/zarf/cli/internal/k3s" + "github.com/defenseunicorns/zarf/cli/config" + "github.com/defenseunicorns/zarf/cli/internal/packager" + + "github.com/defenseunicorns/zarf/cli/internal/pki" "github.com/defenseunicorns/zarf/cli/internal/utils" "github.com/AlecAivazis/survey/v2" @@ -11,7 +14,10 @@ import ( "github.com/spf13/cobra" ) -var initOptions = k3s.InstallOptions{} +var initOptions = packager.InstallOptions{} +var state = config.ZarfState{ + Kind: "ZarfState", +} // initCmd represents the init command var initCmd = &cobra.Command{ @@ -20,18 +26,19 @@ var initCmd = &cobra.Command{ Long: "Flags are only required if running via automation, otherwise the init command will prompt you for your configuration choices", Run: func(cmd *cobra.Command, args []string) { handleTLSOptions() - k3s.Install(initOptions) + pki.HandlePKI() + packager.Install(&initOptions) }, } func handleTLSOptions() { - // Check to see if the certpaths or host entries are set as flags first - if initOptions.PKI.CertPublicPath == "" && initOptions.PKI.Host == "" { - - const Generate = 0 - var tlsMode int + const Generate = 0 + const Import = 1 + var tlsMode int + // Check to see if the certpaths or host entries are set as flags first + if state.TLS.CertPublicPath == "" && state.TLS.Host == "" { // Determine flow for generate or import modePrompt := &survey.Select{ Message: "Will Zarf be generating a TLS chain or importing an existing ingress cert?", @@ -41,39 +48,51 @@ func handleTLSOptions() { }, } _ = survey.AskOne(modePrompt, &tlsMode) + } else { + tlsMode = Import + } - if tlsMode == Generate { - // Generate mode requires a host entry - prompt := &survey.Input{ - Message: "Enter a host DNS entry or IP Address for the cluster ingress", - } - _ = survey.AskOne(prompt, &initOptions.PKI.Host, survey.WithValidator(survey.Required)) - } else { - // Import mode requires the public and private key paths - prompt := &survey.Input{ - Message: "Enter a file path to the ingress public key", - Suggest: func(toComplete string) []string { - // Give some suggestions to users - files, _ := filepath.Glob(toComplete + "*") - return files - }, - } - _ = survey.AskOne(prompt, &initOptions.PKI.CertPublicPath, survey.WithValidator(survey.Required)) + // Always ask for a host entry to avoid having to guess which entry in a cert if provided + prompt := &survey.Input{ + Message: "Enter a host DNS entry or IP Address for the cluster ingress", + } + _ = survey.AskOne(prompt, &state.TLS.Host, survey.WithValidator(survey.Required)) - prompt.Message = "Enter a file path to the ingress private key" - _ = survey.AskOne(prompt, &initOptions.PKI.CertPrivatePath, survey.WithValidator(survey.Required)) + if tlsMode != Generate { + // Import mode requires the public and private key paths + prompt := &survey.Input{ + Message: "Enter a file path to the ingress public key", + Suggest: func(toComplete string) []string { + // Give some suggestions to users + files, _ := filepath.Glob(toComplete + "*") + return files + }, } + _ = survey.AskOne(prompt, &state.TLS.CertPublicPath, survey.WithValidator(survey.Required)) + + prompt.Message = "Enter a file path to the ingress private key" + _ = survey.AskOne(prompt, &state.TLS.CertPrivatePath, survey.WithValidator(survey.Required)) } - if !utils.CheckHostName(initOptions.PKI.Host) { - logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters.\n", initOptions.PKI.Host) + + if !utils.CheckHostName(state.TLS.Host) { + // On error warn user and cycle the function + logrus.Warnf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. Any form of localhost is also invalid.\n", state.TLS.Host) + handleTLSOptions() + } else { + if err := config.WriteState(state); err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to save the zarf state file.") + } } } func init() { + state := config.GetState() + rootCmd.AddCommand(initCmd) initCmd.Flags().BoolVar(&initOptions.Confirmed, "confirm", false, "Confirm the install without prompting") - initCmd.Flags().StringVar(&initOptions.PKI.Host, "host", "", "Specify the host or IP for the gitops service ingress. E.g. host=10.10.10.5 or host=gitops.domain.com") - initCmd.Flags().StringVar(&initOptions.PKI.CertPublicPath, "server-crt", "", "Path to the server public key if not generating unique PKI") - initCmd.Flags().StringVar(&initOptions.PKI.CertPrivatePath, "server-key", "", "Path to the server private key if not generating unique PKI") + initCmd.Flags().StringVar(&state.TLS.Host, "host", "", "Specify the host or IP for the gitops service ingress. E.g. host=10.10.10.5 or host=gitops.domain.com") + initCmd.Flags().StringVar(&state.TLS.CertPublicPath, "server-crt", "", "Path to the server public key if not generating unique PKI") + initCmd.Flags().StringVar(&state.TLS.CertPrivatePath, "server-key", "", "Path to the server private key if not generating unique PKI") initCmd.Flags().StringVar(&initOptions.Components, "components", "", "Comma-separated list of components to install. Adding this flag will skip the init prompts for which components to install") } diff --git a/cli/cmd/pki.go b/cli/cmd/pki.go index 43cb8be254..3a17302875 100644 --- a/cli/cmd/pki.go +++ b/cli/cmd/pki.go @@ -2,12 +2,14 @@ package cmd import ( "github.com/AlecAivazis/survey/v2" + "github.com/defenseunicorns/zarf/cli/config" + "github.com/defenseunicorns/zarf/cli/internal/pki" "github.com/defenseunicorns/zarf/cli/internal/utils" "github.com/sirupsen/logrus" "github.com/spf13/cobra" ) -var pkiOptions = utils.PKIConfig{} +var tempState config.ZarfState var pkiCmd = &cobra.Command{ Use: "pki", @@ -19,19 +21,23 @@ var pkiRegenerate = &cobra.Command{ Short: "Regenerate the pki certs for the cluster ingress", Run: func(cmd *cobra.Command, args []string) { // Prompt for a hostname if it wasn't provided as a command flag - if pkiOptions.Host == "" { + if tempState.TLS.Host == "" { prompt := &survey.Input{ Message: "Enter a host DNS entry or IP Address for the gitops service ingress", } - _ = survey.AskOne(prompt, &pkiOptions.Host, survey.WithValidator(survey.Required)) + _ = survey.AskOne(prompt, &tempState.TLS.Host, survey.WithValidator(survey.Required)) } // Verify the hostname provided is valid - if !utils.CheckHostName(pkiOptions.Host) { - logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters.\n", pkiOptions.Host) + if !utils.CheckHostName(tempState.TLS.Host) { + logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. Any form of localhost is also invalid.\n", tempState.TLS.Host) } - utils.GeneratePKI(pkiOptions) + pki.GeneratePKI() + if err := config.WriteState(state); err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to save the zarf state file.") + } }, } @@ -39,7 +45,11 @@ var pkiImport = &cobra.Command{ Use: "import", Short: "Import an existing key pair for the cluster ingress", Run: func(cmd *cobra.Command, args []string) { - utils.HandlePKI(pkiOptions) + pki.HandlePKI() + if err := config.WriteState(state); err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to save the zarf state file.") + } }, } @@ -48,8 +58,8 @@ func init() { pkiCmd.AddCommand(pkiRegenerate) pkiCmd.AddCommand(pkiImport) - pkiRegenerate.Flags().StringVar(&pkiOptions.Host, "host", "", "Specify the host or IP for the gitops service ingress") + pkiRegenerate.Flags().StringVar(&tempState.TLS.Host, "host", "", "Specify the host or IP for the gitops service ingress") - pkiImport.Flags().StringVar(&pkiOptions.CertPublicPath, "server-crt", "", "Path to the server public key if not generating unique PKI") - pkiImport.Flags().StringVar(&pkiOptions.CertPrivatePath, "server-key", "", "Path to the server private key if not generating unique PKI") + pkiImport.Flags().StringVar(&tempState.TLS.CertPublicPath, "server-crt", "", "Path to the server public key if not generating unique PKI") + pkiImport.Flags().StringVar(&tempState.TLS.CertPrivatePath, "server-key", "", "Path to the server private key if not generating unique PKI") } diff --git a/cli/cmd/tools.go b/cli/cmd/tools.go index 192740efad..c194d9016e 100644 --- a/cli/cmd/tools.go +++ b/cli/cmd/tools.go @@ -1,7 +1,10 @@ package cmd import ( + "encoding/json" + "fmt" + "github.com/alecthomas/jsonschema" "github.com/defenseunicorns/zarf/cli/config" "github.com/defenseunicorns/zarf/cli/internal/git" @@ -59,16 +62,31 @@ var readCredsCmd = &cobra.Command{ Use: "get-admin-password", Short: "Returns the Zarf admin password read from ~/.git-credentials", Run: func(cmd *cobra.Command, args []string) { - authInfo := git.FindAuthForHost(config.ZarfLocalIP) + authInfo := git.FindAuthForHost(config.GetTargetEndpoint()) fmt.Println(authInfo.Auth.Password) }, } +var configSchemaCmd = &cobra.Command{ + Use: "config-schema", + Short: "Generates a JSON schema for the zarf.yaml configuration", + Run: func(cmd *cobra.Command, args []string) { + schema := jsonschema.Reflect(&config.ZarfPackage{}) + output, err := json.MarshalIndent(schema, "", " ") + if err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to generate the zarf config schema") + } + fmt.Print(string(output)) + }, +} + func init() { rootCmd.AddCommand(toolsCmd) toolsCmd.AddCommand(archiverCmd) toolsCmd.AddCommand(readCredsCmd) + toolsCmd.AddCommand(configSchemaCmd) archiverCmd.AddCommand(archiverCompressCmd) archiverCmd.AddCommand(archiverDecompressCmd) diff --git a/cli/config/config.go b/cli/config/config.go index 77485fc99e..8acbdcc469 100644 --- a/cli/config/config.go +++ b/cli/config/config.go @@ -1,13 +1,12 @@ package config import ( - "io/ioutil" "os" "os/user" "strings" "time" - "github.com/goccy/go-yaml" + "github.com/defenseunicorns/zarf/cli/internal/utils" "github.com/sirupsen/logrus" ) @@ -17,12 +16,18 @@ const K3sManifestPath = "/var/lib/rancher/k3s/server/manifests" const K3sImagePath = "/var/lib/rancher/k3s/agent/images" const PackageInitName = "zarf-init.tar.zst" const PackagePrefix = "zarf-package-" -const ZarfLocalIP = "127.0.0.1" const ZarfGitUser = "zarf-git-user" +const ZarfStatePath = ".zarf-state.yaml" var CLIVersion = "unset" +var config ZarfPackage +var state ZarfState -var config ZarfConfig +func init() { + if err := utils.ReadYaml(ZarfStatePath, &state); err != nil { + state.Kind = "ZarfState" + } +} func IsZarfInitConfig() bool { return strings.ToLower(config.Kind) == "zarfinitconfig" @@ -41,7 +46,7 @@ func GetDataInjections() []ZarfData { return config.Data } -func GetMetaData() ZarfMetatdata { +func GetMetaData() ZarfMetadata { return config.Metadata } @@ -50,62 +55,51 @@ func GetComponents() []ZarfComponent { } func GetBuildData() ZarfBuildData { - return config.Package + return config.Build } func GetValidPackageExtensions() [3]string { return [...]string{".tar.zst", ".tar", ".zip"} } -func Load(path string) { - logContext := logrus.WithField("path", path) - logContext.Info("Loading dynamic config") - file, err := ioutil.ReadFile(path) +func GetState() ZarfState { + return state +} - if err != nil { - logContext.Debug(err) - logContext.Fatal("Unable to load the config file") - } +func GetTargetEndpoint() string { + return state.TLS.Host +} - err = yaml.Unmarshal(file, &config) - if err != nil { - logContext.Debug(err) - logContext.Fatal("Unable to parse the config file") - } +func WriteState(incomingState ZarfState) error { + logrus.Debug(incomingState) + state = incomingState + return utils.WriteYaml(ZarfStatePath, state, 0600) } -func WriteConfig(path string) { - logContext := logrus.WithField("path", path) +func LoadConfig(path string) error { + return utils.ReadYaml(path, &config) +} + +func BuildConfig(path string) error { now := time.Now() currentUser, userErr := user.Current() hostname, hostErr := os.Hostname() // Record the time of package creation - config.Package.Timestamp = now.Format(time.RFC1123Z) + config.Build.Timestamp = now.Format(time.RFC1123Z) // Record the Zarf Version the CLI was built with - config.Package.Version = CLIVersion + config.Build.Version = CLIVersion if hostErr == nil { // Record the hostname of the package creation terminal - config.Package.Terminal = hostname + config.Build.Terminal = hostname } if userErr == nil { // Record the name of the user creating the package - config.Package.User = currentUser.Username + config.Build.User = currentUser.Username } - // Save the parsed output to the config path given - content, err := yaml.Marshal(config) - if err != nil { - logContext.Debug(err) - logContext.Fatal("Unable to process the config data") - } - - err = ioutil.WriteFile(path, content, 0400) - if err != nil { - logContext.Debug(err) - logContext.Fatal("Unable to write the config file") - } + return utils.WriteYaml(path, config, 0400) } diff --git a/cli/config/types.go b/cli/config/types.go index e73316f838..6c172d5d5e 100644 --- a/cli/config/types.go +++ b/cli/config/types.go @@ -1,10 +1,12 @@ package config type ZarfFile struct { - Source string `yaml:"source"` - Shasum string `yaml:"shasum"` - Target string `yaml:"target"` - Executable bool `yaml:"executable"` + Source string `yaml:"source"` + Shasum string `yaml:"shasum,omitempty"` + Target string `yaml:"target"` + Executable bool `yaml:"executable,omitempty"` + Symlinks []string `yaml:"symlinks,omitempty"` + Template bool `yaml:"template,omitempty"` } type ZarfChart struct { @@ -14,28 +16,35 @@ type ZarfChart struct { } type ZarfComponent struct { - Name string `yaml:"name"` - Description string `yaml:"description"` - Default bool `yaml:"default"` - Required bool `yaml:"required"` - Manifests string `yaml:"manifests"` - Images []string `yaml:"images"` - Repos []string `yaml:"repos"` - Charts []ZarfChart `yaml:"charts"` - Files []ZarfFile `yaml:"files"` + Name string `yaml:"name"` + Description string `yaml:"description,omitempty"` + Default bool `yaml:"default,omitempty"` + Required bool `yaml:"required,omitempty"` + Files []ZarfFile `yaml:"files,omitempty"` + ManifestsPath string `yaml:"manifests,omitempty"` + Images []string `yaml:"images,omitempty"` + Charts []ZarfChart `yaml:"charts,omitempty"` + Repos []string `yaml:"repos,omitempty"` + Scripts ZarfComponentScripts `yaml:"scripts,omitempty"` } -type ZarfMetatdata struct { - Name string `yaml:"name"` - Description string `yaml:"description"` - Version string `yaml:"version"` - Uncompressed bool `yaml:"uncompressed"` +type ZarfComponentScripts struct { + Retry bool `yaml:"retry,omitempty"` + Before []string `yaml:"before,omitempty"` + After []string `yaml:"after,omitempty"` +} + +type ZarfMetadata struct { + Name string `yaml:"name,omitempty"` + Description string `yaml:"description,omitempty"` + Version string `yaml:"version,omitempty"` + Uncompressed bool `yaml:"uncompressed,omitempty"` } type ZarfContainerTarget struct { Namespace string `yaml:"namespace"` Selector string `yaml:"selector"` - Container string `yaml:"container"` + Container string `yaml:"container,omitempty"` Path string `yaml:"path"` } @@ -51,10 +60,19 @@ type ZarfBuildData struct { Version string `yaml:"string"` } -type ZarfConfig struct { - Kind string `yaml:"kind"` - Metadata ZarfMetatdata `yaml:"metadata"` - Package ZarfBuildData `yaml:"package"` - Data []ZarfData `yaml:"data"` - Components []ZarfComponent `yaml:"components"` +type ZarfPackage struct { + Kind string `yaml:"kind,omitempty"` + Metadata ZarfMetadata `yaml:"metadata,omitempty"` + Build ZarfBuildData `yaml:"build,omitempty"` + Data []ZarfData `yaml:"data,omitempty"` + Components []ZarfComponent `yaml:"components,omitempty"` +} + +type ZarfState struct { + Kind string `yaml:"kind"` + TLS struct { + CertPublicPath string `yaml:"certPublicPath"` + CertPrivatePath string `yaml:"certPrivatePath"` + Host string `yaml:"host"` + } `yaml:"tls"` } diff --git a/cli/internal/git/push.go b/cli/internal/git/push.go index ed0f46ea01..9b29f0c977 100644 --- a/cli/internal/git/push.go +++ b/cli/internal/git/push.go @@ -38,7 +38,7 @@ func push(localPath string) { return } remoteUrl := remote.Config().URLs[0] - targetUrl := transformURL("https://"+config.ZarfLocalIP, remoteUrl) + targetUrl := transformURL("https://"+config.GetTargetEndpoint(), remoteUrl) _, err = repo.CreateRemote(&goConfig.RemoteConfig{ Name: offlineRemoteName, @@ -50,7 +50,7 @@ func push(localPath string) { logContext.Fatal("Failed to create offline remote") } - gitCred := FindAuthForHost(config.ZarfLocalIP) + gitCred := FindAuthForHost(config.GetTargetEndpoint()) pushContext := logContext.WithField("target", targetUrl) diff --git a/cli/internal/git/utils.go b/cli/internal/git/utils.go index 2762f67184..55dfbfef6e 100644 --- a/cli/internal/git/utils.go +++ b/cli/internal/git/utils.go @@ -107,7 +107,7 @@ func FindAuthForHost(baseUrl string) Credential { func GetOrCreateZarfSecret() string { var gitSecret string - credentials := FindAuthForHost(config.ZarfLocalIP) + credentials := FindAuthForHost(config.GetTargetEndpoint()) if (credentials == Credential{}) { gitSecret = CredentialsGenerator() @@ -138,7 +138,7 @@ func CredentialsGenerator() string { zarfUrl := url.URL{ Scheme: "https", User: url.UserPassword(config.ZarfGitUser, gitSecret), - Host: config.ZarfLocalIP, + Host: config.GetTargetEndpoint(), } credentialsText := zarfUrl.String() + "\n" diff --git a/cli/internal/images/push.go b/cli/internal/images/push.go index bae896add3..f54c82a7d6 100644 --- a/cli/internal/images/push.go +++ b/cli/internal/images/push.go @@ -1,21 +1,21 @@ package images import ( - "strings" + "regexp" - "github.com/containerd/containerd/reference/docker" - "github.com/defenseunicorns/zarf/cli/config" "github.com/google/go-containerregistry/pkg/crane" v1 "github.com/google/go-containerregistry/pkg/v1" "github.com/sirupsen/logrus" ) -func PushAll(imageTarballPath string, buildImageList []string) { - logrus.Info("Loading images") +func PushAll(imageTarballPath string, buildImageList []string, targetHost string) { cranePlatformOptions := crane.WithPlatform(&v1.Platform{OS: "linux", Architecture: "amd64"}) for _, src := range buildImageList { - logContext := logrus.WithField("image", src) + logContext := logrus.WithFields(logrus.Fields{ + "source": src, + "target": targetHost, + }) logContext.Info("Updating image") img, err := crane.LoadTag(imageTarballPath, src, cranePlatformOptions) if err != nil { @@ -24,15 +24,8 @@ func PushAll(imageTarballPath string, buildImageList []string) { return } - onlineName, err := docker.ParseNormalizedNamed(src) - if err != nil { - logContext.Debug(err) - logContext.Warn("Unable to parse the image domain") - return - } + offlineName := SwapHost(src, targetHost) - offlineName := strings.Replace(src, docker.Domain(onlineName), config.ZarfLocalIP, 1) - logrus.Info(offlineName) err = crane.Push(img, offlineName, cranePlatformOptions) if err != nil { logContext.Debug(err) @@ -40,3 +33,9 @@ func PushAll(imageTarballPath string, buildImageList []string) { } } } + +func SwapHost(src string, targetHost string) string { + var parser = regexp.MustCompile(`(?im)^([a-z0-9\-.]+\.[a-z0-9\-]+:?[0-9]*)?/?(.+)$`) + var substitution = targetHost + "/$2" + return parser.ReplaceAllString(src, substitution) +} diff --git a/cli/internal/k3s/install.go b/cli/internal/k3s/install.go deleted file mode 100644 index a45ca37411..0000000000 --- a/cli/internal/k3s/install.go +++ /dev/null @@ -1,90 +0,0 @@ -package k3s - -import ( - "os" - - "github.com/defenseunicorns/zarf/cli/config" - "github.com/defenseunicorns/zarf/cli/internal/git" - "github.com/defenseunicorns/zarf/cli/internal/packager" - "github.com/defenseunicorns/zarf/cli/internal/utils" - "github.com/sirupsen/logrus" -) - -type InstallOptions struct { - PKI utils.PKIConfig - Confirmed bool - Components string -} - -func Install(options InstallOptions) { - utils.RunPreflightChecks() - - logrus.Info("Installing K3s") - - packager.Deploy(config.PackageInitName, options.Confirmed, options.Components) - - // Install RHEL RPMs if applicable - if utils.IsRHEL() { - configureRHEL() - } - - // Create the K3s systemd service - createService() - - createK3sSymlinks() - - utils.HandlePKI(options.PKI) - - gitSecret := git.GetOrCreateZarfSecret() - - // Now that we have what the password will be, we should add the login entry to the system's registry config - err := utils.Login(config.ZarfLocalIP, config.ZarfGitUser, gitSecret) - if err != nil { - logrus.Debug(err) - logrus.Fatal("Unable to add login credentials for the utility registry") - } - - logrus.Info("Installation complete. You can run \"/usr/local/bin/k9s\" to monitor the status of the deployment.") - logrus.WithFields(logrus.Fields{ - "Gitea Username (if installed)": config.ZarfGitUser, - "Grafana Username": "zarf-admin", - "Password (all)": gitSecret, - }).Warn("Credentials stored in ~/.git-credentials") -} - -func createK3sSymlinks() { - logrus.Info("Creating kube config symlink") - - // Make the k3s kubeconfig available to other standard K8s tools that bind to the default ~/.kube/config - err := utils.CreateDirectory("/root/.kube", 0700) - if err != nil { - logrus.Debug(err) - logrus.Warn("Unable to create the root kube config directory") - } else { - // Dont log an error for now since re-runs throw an invalid error - _ = os.Symlink("/etc/rancher/k3s/k3s.yaml", "/root/.kube/config") - } - - // Add aliases for k3s - _ = os.Symlink(config.K3sBinary, "/usr/local/bin/kubectl") - _ = os.Symlink(config.K3sBinary, "/usr/local/bin/ctr") - _ = os.Symlink(config.K3sBinary, "/usr/local/bin/crictl") -} - -func createService() { - servicePath := "/etc/systemd/system/k3s.service" - - _ = os.Symlink(servicePath, "/etc/systemd/system/multi-user.target.wants/k3s.service") - - _, err := utils.ExecCommand(nil, "systemctl", "daemon-reload") - if err != nil { - logrus.Debug(err) - logrus.Warn("Unable to reload systemd") - } - - _, err = utils.ExecCommand(nil, "systemctl", "enable", "--now", "k3s") - if err != nil { - logrus.Debug(err) - logrus.Warn("Unable to enable or start k3s via systemd") - } -} diff --git a/cli/internal/k3s/rhel.go b/cli/internal/k3s/rhel.go deleted file mode 100644 index 7efe56eabc..0000000000 --- a/cli/internal/k3s/rhel.go +++ /dev/null @@ -1,15 +0,0 @@ -package k3s - -import ( - "github.com/defenseunicorns/zarf/cli/internal/utils" - "github.com/sirupsen/logrus" -) - -func configureRHEL() { - // @todo: k3s docs recommend disabling this, but we should look at just tuning it appropriately - _, err := utils.ExecCommand(nil, "systemctl", "disable", "firewalld", "--now") - if err != nil { - logrus.Debug(err) - logrus.Warn("Unable to disable the firewall") - } -} diff --git a/cli/internal/k8s/secrets.go b/cli/internal/k8s/secrets.go index 9d94a930af..79c8fc6455 100644 --- a/cli/internal/k8s/secrets.go +++ b/cli/internal/k8s/secrets.go @@ -4,19 +4,21 @@ import ( "context" "crypto/tls" + "github.com/defenseunicorns/zarf/cli/config" "github.com/sirupsen/logrus" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -func ReplaceTLSSecret(namespace string, name string, certPath string, keyPath string) { +func ReplaceTLSSecret(namespace string, name string) { + state := config.GetState() clientSet := connect() logContext := logrus.WithFields(logrus.Fields{ "Namespace": namespace, "Name": name, - "Cert": certPath, + "Cert": state.TLS.CertPublicPath, }) namespaceSecrets := clientSet.CoreV1().Secrets(namespace) @@ -28,12 +30,12 @@ func ReplaceTLSSecret(namespace string, name string, certPath string, keyPath st logContext.Warn("Error deleting the secret") } - tlsCert, err := readFile(certPath) + tlsCert, err := readFile(state.TLS.CertPublicPath) if err != nil { logContext.Debug(err) logContext.Fatal("Unable to read the TLS public certificate") } - tlsKey, err := readFile(keyPath) + tlsKey, err := readFile(state.TLS.CertPrivatePath) if err != nil { logContext.Debug(err) logContext.Fatal("Unable to read the TLS private key") diff --git a/cli/internal/packager/common.go b/cli/internal/packager/common.go index b09514a67f..4638572fc4 100644 --- a/cli/internal/packager/common.go +++ b/cli/internal/packager/common.go @@ -1,8 +1,15 @@ package packager import ( + "crypto/sha256" + "encoding/hex" + "io" "io/ioutil" + "net/http" + "net/url" "os" + "strings" + "time" "github.com/AlecAivazis/survey/v2" "github.com/defenseunicorns/zarf/cli/config" @@ -74,3 +81,169 @@ func confirmAction(configPath string, confirm bool, message string) bool { return confirm } + +func getValidComponents(allComponents []config.ZarfComponent, requestedComponentNames []string) []config.ZarfComponent { + var validComponentsList []config.ZarfComponent + confirmedComponents := make([]bool, len(requestedComponentNames)) + for _, component := range allComponents { + confirmComponent := component.Required + + // If the component is not required check if the user wants it deployed + if !confirmComponent { + // Check if this is one of the components that has been requested + if len(requestedComponentNames) > 0 { + for index, requestedComponent := range requestedComponentNames { + if strings.ToLower(requestedComponent) == component.Name { + confirmComponent = true + confirmedComponents[index] = true + } + } + } else { + // Since no requested components were provided, prompt the user + prompt := &survey.Confirm{ + Message: "Deploy the " + component.Name + " component?", + Default: component.Default, + Help: component.Description, + } + _ = survey.AskOne(prompt, &confirmComponent) + } + } + + if confirmComponent { + validComponentsList = append(validComponentsList, component) + } + } + + // Verify that we were able to successfully identify all of the requested components + var nonMatchedComponents []string + for requestedComponentIndex, componentMatched := range confirmedComponents { + if !componentMatched { + nonMatchedComponents = append(nonMatchedComponents, requestedComponentNames[requestedComponentIndex]) + } + } + + if len(nonMatchedComponents) > 0 { + logrus.Fatalf("Unable to find these components to deploy: %v.", nonMatchedComponents) + } + + return validComponentsList +} + +// HandleIfURL If provided package is a URL download it to a temp directory +func HandleIfURL(packagePath string, shasum string, insecureDeploy bool) string { + // Check if the user gave us a remote package + providedURL, err := url.Parse(packagePath) + if err != nil || providedURL.Scheme == "" || providedURL.Host == "" { + logrus.WithField("archive", packagePath).Debug("The package provided is not a remote package.") + return packagePath + } + + if !insecureDeploy && shasum == "" { + logrus.Fatal("When deploying a remote package you must provide either a `--shasum` or the `--insecure` flag. Neither were provided.") + } + + // Check the extension on the package is what we expect + if !isValidFileExtension(providedURL.Path) { + logrus.Fatalf("Only %s file extensions are permitted.\n", config.GetValidPackageExtensions) + } + + // Download the package + resp, err := http.Get(packagePath) + if err != nil { + logrus.Fatal("Unable to download the package: ", err) + } + defer resp.Body.Close() + + // Write the package to a local file + tempPath := createPaths() + localPackagePath := tempPath.base + providedURL.Path + logrus.Debug("Creating local package with the path: ", localPackagePath) + packageFile, _ := os.Create(localPackagePath) + _, err = io.Copy(packageFile, resp.Body) + if err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to copy the contents of the provided URL into a local file.") + } + + // Check the shasum if necessary + if !insecureDeploy { + hasher := sha256.New() + _, err = io.Copy(hasher, packageFile) + if err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to calculate the sha256 of the provided remote package.") + } + + value := hex.EncodeToString(hasher.Sum(nil)) + if value != shasum { + _ = os.Remove(localPackagePath) + logrus.Fatalf("Provided shasum (%s) of the package did not match what was downloaded (%s)\n", shasum, value) + } + } + + return localPackagePath +} + +func isValidFileExtension(filename string) bool { + for _, extension := range config.GetValidPackageExtensions() { + if strings.HasSuffix(filename, extension) { + logrus.WithField("packagePath", filename).Warn("Package extension is valid.") + return true + } + } + + return false +} + +func loopScriptUntilSuccess(script string, retry bool) { + logContext := logrus.WithField("script", script) + logContext.Info("Waiting for script to complete successfully") + + var output string + var err error + + // Try to patch the zarf binary path in case the name isn't exactly "./zarf" + binaryPath, err := os.Executable() + if err != nil { + logContext.Debug(err) + logContext.Warn("Unable to determine the current zarf binary path") + } else { + script = strings.ReplaceAll(script, "./zarf ", binaryPath+" ") + // Update since we may have a new parsed script + logContext = logrus.WithField("script", script) + } + + // 2 minutes per script (60 * 2 second waits) + tries := 60 + for { + tries-- + // If there are no more tries left, drop a warning and continue + if tries < 1 { + logContext.Warn("Script failed or timed out") + logContext.Print(output) + break + } + scriptEnvVars := []string{ + "ZARF_TARGET_ENDPOINT=" + config.GetTargetEndpoint(), + } + // Try to silently run the script + output, err = utils.ExecCommand(false, scriptEnvVars, "sh", "-c", script) + if err != nil { + logrus.Debug(err) + if retry { + // if retry is enabled, on error wait 2 seconds and try again + time.Sleep(time.Second * 2) + } else { + // No retry, abort + tries = 0 + } + continue + } else { + // Script successful, output results and continue + if output != "" { + logContext.Print(output) + } + break + } + } +} diff --git a/cli/internal/packager/create.go b/cli/internal/packager/create.go index 7f14d34136..aa4c3aed86 100644 --- a/cli/internal/packager/create.go +++ b/cli/internal/packager/create.go @@ -17,7 +17,10 @@ import ( func Create(confirm bool) { - config.Load("zarf.yaml") + if err := config.LoadConfig("zarf.yaml"); err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to read the zarf.yaml file") + } tempPath := createPaths() packageName := config.GetPackageName() @@ -26,7 +29,10 @@ func Create(confirm bool) { configFile := tempPath.base + "/zarf.yaml" // Save the transformed config - config.WriteConfig(configFile) + if err := config.BuildConfig(configFile); err != nil { + logrus.Debug(err) + logrus.WithField("path", configFile).Fatal("Unable to write the zarf.yaml file") + } confirm = confirmAction(configFile, confirm, "Create") @@ -108,9 +114,9 @@ func addLocalAssets(tempPath componentPaths, assets config.ZarfComponent) { images.PullAll(assets.Images, tempPath.images) } - if assets.Manifests != "" { - logrus.WithField("path", assets.Manifests).Info("Loading manifests for local install") - utils.CreatePathAndCopy(assets.Manifests, tempPath.manifests) + if assets.ManifestsPath != "" { + logrus.WithField("path", assets.ManifestsPath).Info("Loading manifests for local install") + utils.CreatePathAndCopy(assets.ManifestsPath, tempPath.manifests) } if len(assets.Repos) > 0 { diff --git a/cli/internal/packager/deploy.go b/cli/internal/packager/deploy.go index f57d436a2c..375ac103a7 100644 --- a/cli/internal/packager/deploy.go +++ b/cli/internal/packager/deploy.go @@ -1,15 +1,11 @@ package packager import ( - "crypto/sha256" "encoding/base64" - "encoding/hex" "fmt" - "io" - "net/http" - "net/url" "os" "path/filepath" + "regexp" "strconv" "strings" @@ -18,6 +14,7 @@ import ( "github.com/defenseunicorns/zarf/cli/internal/helm" "github.com/defenseunicorns/zarf/cli/internal/images" "github.com/defenseunicorns/zarf/cli/internal/k8s" + "github.com/defenseunicorns/zarf/cli/internal/pki" "github.com/defenseunicorns/zarf/cli/internal/utils" "github.com/mholt/archiver/v3" "github.com/otiai10/copy" @@ -29,17 +26,23 @@ func Deploy(packagePath string, confirm bool, componentRequest string) { _ = os.RemoveAll("/tmp/zarf*") tempPath := createPaths() + logContext := logrus.WithFields(logrus.Fields{ + "path": packagePath, + "confirm": confirm, + "components": componentRequest, + }) + // Make sure the user gave us a package we can work with if utils.InvalidPath(packagePath) { - logrus.WithField("localPackagePath", packagePath).Fatal("Was not able to find the package on the local system") + logContext.Fatal("Was not able to find the package on the local system") } // Extract the archive - logrus.Info("Extracting the package, this may take a few moments") + logContext.Info("Extracting the package, this may take a few moments") err := archiver.Unarchive(packagePath, tempPath.base) if err != nil { - logrus.Debug(err) - logrus.Fatal("Unable to extract the package contents") + logContext.Debug(err) + logContext.Fatal("Unable to extract the package contents") } configPath := tempPath.base + "/zarf.yaml" @@ -52,17 +55,20 @@ func Deploy(packagePath string, confirm bool, componentRequest string) { } // Load the config from the extracted archive zarf.yaml - config.Load(tempPath.base + "/zarf.yaml") + if err := config.LoadConfig(tempPath.base + "/zarf.yaml"); err != nil { + logContext.Debug(err) + logContext.Fatalf("Unable to read the zarf.yaml file from %s", tempPath.base) + } dataInjectionList := config.GetDataInjections() // Verify the components requested all exist components := config.GetComponents() - requestedComponents := []string{} + var requestedComponents []string if componentRequest != "" { requestedComponents = strings.Split(componentRequest, ",") } - componentsToDeploy := utils.GetValidComponents(components, requestedComponents) + componentsToDeploy := getValidComponents(components, requestedComponents) // Deploy all of the components for _, component := range componentsToDeploy { @@ -72,7 +78,7 @@ func Deploy(packagePath string, confirm bool, componentRequest string) { if !config.IsZarfInitConfig() { if len(dataInjectionList) > 0 { - logrus.Info("Loading data injections") + logContext.Info("Loading data injections") injectionCompletionMarker := tempPath.dataInjections + "/.zarf-sync-complete" utils.WriteFile(injectionCompletionMarker, []byte("🦄")) for _, data := range dataInjectionList { @@ -92,14 +98,14 @@ func Deploy(packagePath string, confirm bool, componentRequest string) { cpPodExecArgs = append(cpPodExecArgs, "-c", data.Target.Container) } - _, err = utils.ExecCommand(nil, config.K3sBinary, cpPodExecArgs...) + _, err = utils.ExecCommand(true, nil, config.K3sBinary, cpPodExecArgs...) if err != nil { logrus.Warn("Error copying data into the pod") } else { // Leave a marker in the target container for pods to track the sync action cpPodExecArgs[4] = injectionCompletionMarker cpPodExecArgs[5] = pod + ":" + data.Target.Path - _, err = utils.ExecCommand(nil, config.K3sBinary, cpPodExecArgs...) + _, err = utils.ExecCommand(true, nil, config.K3sBinary, cpPodExecArgs...) if err != nil { logrus.Warn("Error saving the zarf sync completion file") } @@ -115,146 +121,139 @@ func Deploy(packagePath string, confirm bool, componentRequest string) { cleanup(tempPath) } -func deployComponents(tempPath componentPaths, assets config.ZarfComponent) { - if assets.Name != "" { +func deployComponents(tempPath componentPaths, component config.ZarfComponent) { + values := generateTemplateValues() + + if component.Name != "" { // Only log this for named components - logrus.WithField("name", assets.Name).Info("Deploying Zarf component") + logrus.WithField("name", component.Name).Info("Deploying Zarf component") } else { - assets.Name = "core" + component.Name = "core" } - if len(assets.Files) > 0 { - logrus.Info("Loading files for local install") - for index, file := range assets.Files { - sourceFile := tempPath.files + "/" + strconv.Itoa(index) - // If a shasum is specified check it again on deployment as well - if file.Shasum != "" { - utils.ValidateSha256Sum(file.Shasum, sourceFile) - } - err := copy.Copy(sourceFile, file.Target) + + for _, script := range component.Scripts.Before { + loopScriptUntilSuccess(script, component.Scripts.Retry) + } + + for index, file := range component.Files { + sourceFile := tempPath.files + "/" + strconv.Itoa(index) + + // If a shasum is specified check it again on deployment as well + if file.Shasum != "" { + utils.ValidateSha256Sum(file.Shasum, sourceFile) + } + + // Perform secret injection if the file is marked as template + if file.Template { + templateFile(sourceFile, values) + } + + // Copy the file to the destination + err := copy.Copy(sourceFile, file.Target) + if err != nil { + logrus.Debug(err) + logrus.WithField("file", file.Target).Fatal("Unable to copy the contents of the asset") + } + + for _, link := range file.Symlinks { + // Try to remove the filepath if it exists + _ = os.RemoveAll(link) + // Make sure the parent directory exists + utils.CreateFilePath(link) + // Create the symlink + err := os.Symlink(file.Target, link) if err != nil { logrus.Debug(err) - logrus.WithField("file", file.Target).Fatal("Unable to copy the contents of the asset") + logrus.WithField("target", link).Fatal("Unable to create the symbolic link") } - // Cleanup now to reduce disk pressure - _ = os.RemoveAll(sourceFile) } + + // Cleanup now to reduce disk pressure + _ = os.RemoveAll(sourceFile) } - if len(assets.Charts) > 0 { + if len(component.Charts) > 0 { logrus.Info("Loading charts for local install") - for _, chart := range assets.Charts { + for _, chart := range component.Charts { sourceTarball := helm.StandardName(tempPath.charts, chart) destinationTarball := helm.StandardName(config.K3sChartPath, chart) utils.CreatePathAndCopy(sourceTarball, destinationTarball) } } - if len(assets.Images) > 0 { + if len(component.Images) > 0 { logrus.Info("Loading images for local install") if config.IsZarfInitConfig() { - utils.CreatePathAndCopy(tempPath.images, config.K3sImagePath+"/images-"+assets.Name+".tar") + _, err := utils.ExecCommand(true, nil, config.K3sBinary, "ctr", "images", "import", tempPath.images) + if err != nil { + logrus.Fatal("Unable to import the images into containerd") + } } else { logrus.Info("Loading images for gitops service transfer") // Push all images the images.tar file based on the zarf.yaml list - images.PushAll(tempPath.images, assets.Images) + images.PushAll(tempPath.images, component.Images, config.GetTargetEndpoint()) // Cleanup now to reduce disk pressure _ = os.RemoveAll(tempPath.images) } } - if assets.Manifests != "" { + if component.ManifestsPath != "" { logrus.Info("Loading manifests for local install, this may take a minute or so to reflect in k3s") - gitSecret := git.GetOrCreateZarfSecret() - - // Get a list of all the k3s manifest files - manifests := utils.RecursiveFileList(tempPath.manifests) + // Only pull in yml and yaml files + pattern := regexp.MustCompile(`(?mi)\.ya?ml$`) + manifests := utils.RecursiveFileList(tempPath.manifests, pattern) // Iterate through all the manifests and replace any ZARF_SECRET, ZARF_HTPASSWD, or ZARF_DOCKERAUTH values for _, manifest := range manifests { - logrus.WithField("path", manifest).Info("Processing manifest file") - utils.ReplaceText(manifest, "###ZARF_SECRET###", gitSecret) - htpasswd, err := utils.GetHtpasswdString(config.ZarfGitUser, gitSecret) - if err != nil { - logrus.Debug(err) - logrus.Fatal("Unable to define `htpasswd` string for the Zarf user") - } - utils.ReplaceText(manifest, "###ZARF_HTPASSWD###", htpasswd) - utils.ReplaceText(manifest, "###ZARF_DOCKERAUTH###", base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", config.ZarfGitUser, gitSecret)))) + templateFile(manifest, values) } utils.CreatePathAndCopy(tempPath.manifests, config.K3sManifestPath) } - if len(assets.Repos) > 0 { + if len(component.Repos) > 0 { logrus.Info("Loading git repos for gitops service transfer") // Push all the repos from the extracted archive git.PushAllDirectories(tempPath.repos) } -} -// If provided package is a URL download it to a temp directory -func HandleIfURL(packagePath string, shasum string, insecureDeploy bool) string { - // Check if the user gave us a remote package - providedURL, err := url.Parse(packagePath) - if err != nil || providedURL.Scheme == "" || providedURL.Host == "" { - logrus.WithField("archive", packagePath).Debug("The package provided is not a remote package.") - return packagePath + for _, script := range component.Scripts.After { + loopScriptUntilSuccess(script, component.Scripts.Retry) } - if !insecureDeploy && shasum == "" { - logrus.Fatal("When deploying a remote package you must provide either a `--shasum` or the `--insecure` flag. Neither were provided.") + if config.IsZarfInitConfig() && component.Name == "k3s" { + pki.InjectServerCert() } - // Check the extension on the package is what we expect - if !isValidFileExtension(providedURL.Path) { - logrus.Fatalf("Only %s file extensions are permitted.\n", config.GetValidPackageExtensions) - } +} - // Download the package - resp, err := http.Get(packagePath) - if err != nil { - logrus.Fatal("Unable to download the package: ", err) - } - defer resp.Body.Close() +type templateValues struct { + secret string + htpasswd string + dockerAuth string + endpoint string +} - // Write the package to a local file - tempPath := createPaths() - localPackagePath := tempPath.base + providedURL.Path - logrus.Debug("Creating local package with the path: ", localPackagePath) - packageFile, _ := os.Create(localPackagePath) - _, err = io.Copy(packageFile, resp.Body) +func generateTemplateValues() templateValues { + var generated templateValues + var err error + + generated.secret = git.GetOrCreateZarfSecret() + generated.htpasswd, err = utils.GetHtpasswdString(config.ZarfGitUser, generated.secret) if err != nil { logrus.Debug(err) - logrus.Fatal("Unable to copy the contents of the provided URL into a local file.") + logrus.Fatal("Unable to define `htpasswd` string for the Zarf user") } - - // Check the shasum if necessary - if !insecureDeploy { - hasher := sha256.New() - _, err = io.Copy(hasher, packageFile) - if err != nil { - logrus.Debug(err) - logrus.Fatal("Unable to calculate the sha256 of the provided remote package.") - } - - value := hex.EncodeToString(hasher.Sum(nil)) - if value != shasum { - os.Remove(localPackagePath) - logrus.Fatalf("Provided shasum (%s) of the package did not match what was downloaded (%s)\n", shasum, value) - } - } - - return localPackagePath + generated.dockerAuth = base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", config.ZarfGitUser, generated.secret))) + generated.endpoint = config.GetTargetEndpoint() + return generated } -func isValidFileExtension(filename string) bool { - for _, extension := range config.GetValidPackageExtensions() { - if strings.HasSuffix(filename, extension) { - logrus.WithField("packagePath", filename).Warn("Package extension is valid.") - return true - } - } - - return false +func templateFile(path string, values templateValues) { + logrus.WithField("path", path).Info("Processing file for templating") + utils.ReplaceText(path, "###ZARF_TARGET_ENDPOINT###", values.endpoint) + utils.ReplaceText(path, "###ZARF_SECRET###", values.secret) + utils.ReplaceText(path, "###ZARF_HTPASSWD###", values.htpasswd) + utils.ReplaceText(path, "###ZARF_DOCKERAUTH###", values.dockerAuth) } diff --git a/cli/internal/packager/initialize.go b/cli/internal/packager/initialize.go new file mode 100644 index 0000000000..2ff96d2976 --- /dev/null +++ b/cli/internal/packager/initialize.go @@ -0,0 +1,48 @@ +package packager + +import ( + "github.com/defenseunicorns/zarf/cli/config" + "github.com/defenseunicorns/zarf/cli/internal/git" + "github.com/defenseunicorns/zarf/cli/internal/utils" + "github.com/sirupsen/logrus" +) + +type InstallOptions struct { + Confirmed bool + Components string +} + +func Install(options *InstallOptions) { + utils.RunPreflightChecks() + + logrus.Info("Initializing a new zarf cluster") + + // Generate or create the zarf secret + gitSecret := git.GetOrCreateZarfSecret() + logrus.Debug("gitSecret", gitSecret) + + // Now that we have what the password will be, we should add the login entry to the system's registry config + if err := utils.Login(config.GetTargetEndpoint(), config.ZarfGitUser, gitSecret); err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to add login credentials for the gitops registry") + } + + // We really need to make sure this is still necessary.... + if utils.IsRHEL() { + // @todo: k3s docs recommend disabling this, but we should look at just tuning it appropriately + if _, err := utils.ExecCommand(true, nil, "systemctl", "disable", "firewalld", "--now"); err != nil { + logrus.Debug(err) + logrus.Warn("Unable to disable the firewall") + } + } + + // Continue running package deploy for all components like any other package + Deploy(config.PackageInitName, options.Confirmed, options.Components) + + logrus.Info("Installation complete. You can run \"/usr/local/bin/k9s\" to monitor the status of the deployment.") + logrus.WithFields(logrus.Fields{ + "Gitea Username (if installed)": config.ZarfGitUser, + "Grafana Username": "zarf-admin", + "Password (all)": gitSecret, + }).Warn("Credentials stored in ~/.git-credentials") +} diff --git a/cli/internal/packager/inspect.go b/cli/internal/packager/inspect.go index 1ba680a959..5071c4c051 100644 --- a/cli/internal/packager/inspect.go +++ b/cli/internal/packager/inspect.go @@ -32,7 +32,7 @@ func Inspect(packageName string) { utils.ColorPrintYAML(text) // Load the config to get the build version - config.Load(tempPath.base + "/zarf.yaml") + config.LoadConfig(tempPath.base + "/zarf.yaml") fmt.Printf("The package was built with Zarf CLI version %s\n", config.GetBuildData().Version) cleanup(tempPath) diff --git a/cli/internal/utils/pki.go b/cli/internal/pki/pki.go similarity index 72% rename from cli/internal/utils/pki.go rename to cli/internal/pki/pki.go index 081df9d8bd..6ad6999c81 100644 --- a/cli/internal/utils/pki.go +++ b/cli/internal/pki/pki.go @@ -1,4 +1,4 @@ -package utils +package pki import ( "crypto/rand" @@ -15,15 +15,10 @@ import ( "github.com/defenseunicorns/zarf/cli/config" "github.com/defenseunicorns/zarf/cli/internal/k8s" + "github.com/defenseunicorns/zarf/cli/internal/utils" "github.com/sirupsen/logrus" ) -type PKIConfig struct { - CertPublicPath string - CertPrivatePath string - Host string -} - // Based off of https://github.com/dmcgowan/quicktls/blob/master/main.go // Use 2048 because we are aiming for low-resource / max-compatibility @@ -33,42 +28,20 @@ const org = "Zarf Cluster" // 13 months is the max length allowed by browsers const validFor = time.Hour * 24 * 375 -// Very limited special chars for git / basic auth -// https://owasp.org/www-community/password-special-characters has complete list of safe chars -const randomStringChars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!~-" - -func RandomString(length int) string { - bytes := make([]byte, length) - - if _, err := rand.Read(bytes); err != nil { - logrus.Debug(err) - logrus.Fatal("unable to generate a random secret") - } - - for i, b := range bytes { - bytes[i] = randomStringChars[b%byte(len(randomStringChars))] - } - - return string(bytes) -} - -func HandlePKI(config PKIConfig) { - if config.CertPublicPath != "" && config.CertPrivatePath != "" { - logrus.WithFields(logrus.Fields{ - "public": config.CertPublicPath, - "private": config.CertPrivatePath, - }).Info("Injecting user-provided keypair for ingress TLS") - InjectServerCert(config) - } else { - GeneratePKI(config) +func HandlePKI() { + pkiConfig := config.GetState().TLS + if pkiConfig.CertPublicPath == "" || pkiConfig.CertPrivatePath == "" { + // No certs provided, so generate them with an ephemeral CA + GeneratePKI() } } // GeneratePKI create a CA and signed server keypair -func GeneratePKI(config PKIConfig) { +func GeneratePKI() { + state := config.GetState() directory := "zarf-pki" - _ = CreateDirectory(directory, 0700) + _ = utils.CreateDirectory(directory, 0700) caFile := filepath.Join(directory, "zarf-ca.crt") ca, caKey, err := generateCA(caFile, validFor) if err != nil { @@ -77,7 +50,7 @@ func GeneratePKI(config PKIConfig) { hostCert := filepath.Join(directory, "zarf-server.crt") hostKey := filepath.Join(directory, "zarf-server.key") - if err := generateCert(config.Host, hostCert, hostKey, ca, caKey, validFor); err != nil { + if err := generateCert(state.TLS.Host, hostCert, hostKey, ca, caKey, validFor); err != nil { logrus.Fatal(err) } @@ -88,18 +61,22 @@ func GeneratePKI(config PKIConfig) { publicKeyPem := string(pem.EncodeToMemory(&publicKeyBlock)) - config.CertPublicPath = directory + "/zarf-server.crt" - config.CertPrivatePath = directory + "/zarf-server.key" - InjectServerCert(config) + state.TLS.CertPublicPath = directory + "/zarf-server.crt" + state.TLS.CertPrivatePath = directory + "/zarf-server.key" addCAToTrustStore(caFile) fmt.Println("Ephemeral CA below and saved to " + caFile + "\n") fmt.Println(publicKeyPem) + + if err := config.WriteState(state); err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to save the zarf state file.") + } } -func InjectServerCert(pkiConfig PKIConfig) { - k8s.ReplaceTLSSecret("kube-system", "tls-pem", pkiConfig.CertPublicPath, pkiConfig.CertPrivatePath) +func InjectServerCert() { + k8s.ReplaceTLSSecret("kube-system", "tls-pem") } func addCAToTrustStore(caFilePath string) { @@ -108,16 +85,16 @@ func addCAToTrustStore(caFilePath string) { rhelBinary := "update-ca-trust" debianBinary := "update-ca-certificates" - if VerifyBinary(rhelBinary) { - CreatePathAndCopy(caFilePath, "/etc/pki/ca-trust/source/anchors/zarf-ca.crt") - _, err := ExecCommand(nil, rhelBinary, "extract") + if utils.VerifyBinary(rhelBinary) { + utils.CreatePathAndCopy(caFilePath, "/etc/pki/ca-trust/source/anchors/zarf-ca.crt") + _, err := utils.ExecCommand(true, nil, rhelBinary, "extract") if err != nil { logrus.Debug(err) logrus.Warn("Error adding the ephemeral CA to the RHEL root trust") } - } else if VerifyBinary(debianBinary) { - CreatePathAndCopy(caFilePath, "/usr/local/share/ca-certificates/extra/zarf-ca.crt") - _, err := ExecCommand(nil, debianBinary) + } else if utils.VerifyBinary(debianBinary) { + utils.CreatePathAndCopy(caFilePath, "/usr/local/share/ca-certificates/extra/zarf-ca.crt") + _, err := utils.ExecCommand(true, nil, debianBinary) if err != nil { logrus.Debug(err) logrus.Warn("Error adding the ephemeral CA to the trust store") @@ -197,14 +174,9 @@ func generateCA(caFile string, validFor time.Duration) (*x509.Certificate, *rsa. func generateCert(host string, certFile string, keyFile string, ca *x509.Certificate, caKey *rsa.PrivateKey, validFor time.Duration) error { template := newCertificate(validFor) - // Always add the Zarf local IP address to the cert - template.IPAddresses = []net.IP{net.ParseIP(config.ZarfLocalIP)} - if ip := net.ParseIP(host); ip != nil { template.IPAddresses = append(template.IPAddresses, ip) } else { - // Add localhost to make things cleaner - template.DNSNames = append(template.DNSNames, host, "localhost", "*.localhost") if template.Subject.CommonName == "" { template.Subject.CommonName = host } diff --git a/cli/internal/utils/exec.go b/cli/internal/utils/exec.go index 0d916574b1..1ff00e41fa 100644 --- a/cli/internal/utils/exec.go +++ b/cli/internal/utils/exec.go @@ -16,12 +16,7 @@ const colorGreen = "\x1b[32;1m" const colorCyan = "\x1b[36;1m" const colorWhite = "\x1b[37;1m" -// ExecCommand performs a process execution outside of Go -func ExecCommand(envVariables []string, commandName string, args ...string) (string, error) { - return execCommand(true, envVariables, commandName, args...) -} - -func execCommand(showLogs bool, envVariables []string, commandName string, args ...string) (string, error) { +func ExecCommand(showLogs bool, envVariables []string, commandName string, args ...string) (string, error) { if showLogs { fmt.Println() fmt.Printf("%s", colorGreen) diff --git a/cli/internal/utils/io.go b/cli/internal/utils/io.go index d034f0faa6..719a23a7d1 100644 --- a/cli/internal/utils/io.go +++ b/cli/internal/utils/io.go @@ -7,6 +7,7 @@ import ( "os/exec" "path" "path/filepath" + "regexp" "github.com/otiai10/copy" "github.com/sirupsen/logrus" @@ -105,7 +106,8 @@ func ReplaceText(path string, old string, new string) { } } -func RecursiveFileList(root string) []string { +// RecursiveFileList walks a path with an optional regex pattern and returns a slice of file paths +func RecursiveFileList(root string, pattern *regexp.Regexp) []string { var files []string err := filepath.Walk(root, @@ -114,7 +116,13 @@ func RecursiveFileList(root string) []string { return err } if !info.IsDir() { - files = append(files, path) + if pattern != nil { + if len(pattern.FindStringIndex(path)) > 0 { + files = append(files, path) + } + } else { + files = append(files, path) + } } return nil }) diff --git a/cli/internal/utils/preflight.go b/cli/internal/utils/preflight.go index 22197302da..31abc46023 100644 --- a/cli/internal/utils/preflight.go +++ b/cli/internal/utils/preflight.go @@ -4,20 +4,22 @@ import ( "os" "regexp" "runtime" - "strings" - "github.com/AlecAivazis/survey/v2" - "github.com/defenseunicorns/zarf/cli/config" "github.com/sirupsen/logrus" ) func CheckHostName(hostname string) bool { - expression := regexp.MustCompile(`^[a-zA-Z0-9\-.]+$`) - return expression.MatchString(hostname) + rfcDomain := regexp.MustCompile(`^[a-zA-Z0-9\-.]+$`) + localhost := regexp.MustCompile(`^localhost|127\.\d+\.\d+\.\d+|::1$`) + isValid := rfcDomain.MatchString(hostname) + if isValid { + isValid = !localhost.MatchString(hostname) + } + return isValid } func IsValidHostName() bool { - logrus.Info("Preflight check: validating hostname") + logrus.Debug("Preflight check: validating hostname") // Quick & dirty character validation instead of a complete RFC validation since the OS is already allowing it hostname, err := os.Hostname() @@ -29,12 +31,12 @@ func IsValidHostName() bool { } func IsUserRoot() bool { - logrus.Info("Preflight check: validating user is root") + logrus.Debug("Preflight check: validating user is root") return os.Getuid() == 0 } func IsAMD64() bool { - logrus.Info("Preflight check: validating AMD64 arch") + logrus.Debug("Preflight check: validating AMD64 arch") return runtime.GOARCH == "amd64" } @@ -47,53 +49,6 @@ func IsRHEL() bool { return !InvalidPath("/etc/redhat-release") } -func GetValidComponents(allComponents []config.ZarfComponent, requestedComponentNames []string) []config.ZarfComponent { - validComponentsList := []config.ZarfComponent{} - confirmedCompoonents := make([]bool, len(requestedComponentNames)) - for _, component := range allComponents { - confirmComponent := component.Required - - // If the component is not required check if the user wants it deployed - if !confirmComponent { - // Check if this is one of the components that has been requested - if len(requestedComponentNames) > 0 { - for index, requestedComponent := range requestedComponentNames { - if strings.ToLower(requestedComponent) == component.Name { - confirmComponent = true - confirmedCompoonents[index] = true - } - } - } else { - // Since no requested components were provided, prompt the user - prompt := &survey.Confirm{ - Message: "Deploy the " + component.Name + " component?", - Default: component.Default, - Help: component.Description, - } - _ = survey.AskOne(prompt, &confirmComponent) - } - } - - if confirmComponent { - validComponentsList = append(validComponentsList, component) - } - } - - // Verify that we were able to successfully identify all of the requested components - nonMatchedComponents := []string{} - for requestedComponentIndex, componentMatched := range confirmedCompoonents { - if componentMatched == false { - nonMatchedComponents = append(nonMatchedComponents, requestedComponentNames[requestedComponentIndex]) - } - } - - if len(nonMatchedComponents) > 0 { - logrus.Fatalf("Unable to find these components to deploy: %v.", nonMatchedComponents) - } - - return validComponentsList -} - func RunPreflightChecks() { if !IsLinux() { logrus.Fatal("This program requires a Linux OS") diff --git a/cli/internal/utils/random.go b/cli/internal/utils/random.go new file mode 100644 index 0000000000..d6e7135ecb --- /dev/null +++ b/cli/internal/utils/random.go @@ -0,0 +1,26 @@ +package utils + +import ( + "crypto/rand" + + "github.com/sirupsen/logrus" +) + +// Very limited special chars for git / basic auth +// https://owasp.org/www-community/password-special-characters has complete list of safe chars +const randomStringChars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!~-" + +func RandomString(length int) string { + bytes := make([]byte, length) + + if _, err := rand.Read(bytes); err != nil { + logrus.Debug(err) + logrus.Fatal("unable to generate a random secret") + } + + for i, b := range bytes { + bytes[i] = randomStringChars[b%byte(len(randomStringChars))] + } + + return string(bytes) +} diff --git a/cli/internal/utils/yaml.go b/cli/internal/utils/yaml.go index 238704b1e3..e72f0e1ce7 100644 --- a/cli/internal/utils/yaml.go +++ b/cli/internal/utils/yaml.go @@ -4,8 +4,11 @@ package utils import ( "fmt" + "io/fs" + "io/ioutil" "github.com/fatih/color" + "github.com/goccy/go-yaml" "github.com/goccy/go-yaml/lexer" "github.com/goccy/go-yaml/printer" "github.com/mattn/go-colorable" @@ -65,3 +68,25 @@ func ColorPrintYAML(text string) { logrus.Warn("Unable to print the config yaml contents") } } + +func ReadYaml(path string, destConfig interface{}) error { + logContext := logrus.WithField("path", path) + logContext.Info("Loading dynamic config") + file, err := ioutil.ReadFile(path) + + if err != nil { + return err + } + + return yaml.Unmarshal(file, destConfig) +} + +func WriteYaml(path string, srcConfig interface{}, perm fs.FileMode) error { + // Save the parsed output to the config path given + content, err := yaml.Marshal(srcConfig) + if err != nil { + return err + } + + return ioutil.WriteFile(path, content, perm) +} diff --git a/go.mod b/go.mod index 9f98b4103c..fcdd7fbc23 100644 --- a/go.mod +++ b/go.mod @@ -4,23 +4,22 @@ go 1.16 require ( github.com/AlecAivazis/survey/v2 v2.3.2 - github.com/containerd/containerd v1.5.7 - github.com/docker/cli v20.10.7+incompatible + github.com/alecthomas/jsonschema v0.0.0-20211022214203-8b29eab41725 + github.com/docker/cli v20.10.10+incompatible github.com/fatih/color v1.13.0 github.com/go-git/go-git/v5 v5.4.2 - github.com/goccy/go-yaml v1.9.3 - github.com/google/go-containerregistry v0.6.0 + github.com/goccy/go-yaml v1.9.4 + github.com/google/go-containerregistry v0.7.0 github.com/gruntwork-io/terratest v0.38.2 github.com/mattn/go-colorable v0.1.11 - github.com/mholt/archiver/v3 v3.5.0 - github.com/otiai10/copy v1.6.0 + github.com/mholt/archiver/v3 v3.5.1 + github.com/otiai10/copy v1.7.0 github.com/sirupsen/logrus v1.8.1 github.com/spf13/cobra v1.2.1 github.com/stretchr/testify v1.7.0 - github.com/ulikunitz/xz v0.5.8 // indirect; CVE-2020-16845 - golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a - helm.sh/helm/v3 v3.7.0 - k8s.io/api v0.22.1 - k8s.io/apimachinery v0.22.1 - k8s.io/client-go v0.22.1 + golang.org/x/crypto v0.0.0-20211202192323-5770296d904e + helm.sh/helm/v3 v3.7.2 + k8s.io/api v0.22.4 + k8s.io/apimachinery v0.22.4 + k8s.io/client-go v0.22.4 ) diff --git a/go.sum b/go.sum index 1336203fb9..7a3218d014 100644 --- a/go.sum +++ b/go.sum @@ -19,8 +19,14 @@ cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmW cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.83.0 h1:bAMqZidYkmIsUqe6PtkEPT7Q+vfizScn+jfNA6jwK9c= cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY= +cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM= +cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY= +cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ= +cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI= +cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4= +cloud.google.com/go v0.97.0 h1:3DXvAyifywvq64LfkKaMOmkWPS1CikIQdMe2lY9vxU8= +cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= @@ -86,8 +92,8 @@ github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZC github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= -github.com/Masterminds/squirrel v1.5.0 h1:JukIZisrUXadA9pl3rMkjhiamxiB0cXiu+HGp/Y8cY8= -github.com/Masterminds/squirrel v1.5.0/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= +github.com/Masterminds/squirrel v1.5.2 h1:UiOEi2ZX4RCSkpiNDQN5kro/XIBpSRk9iTqdIRPzUXE= +github.com/Masterminds/squirrel v1.5.2/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA= github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= @@ -97,8 +103,9 @@ github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugX github.com/Microsoft/go-winio v0.4.17-0.20210211115548-6eac466e5fa3/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17-0.20210324224401-5516f17a5958/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.4.17/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= -github.com/Microsoft/go-winio v0.5.0 h1:Elr9Wn+sGKPlkaBvwu4mTrxtmOp3F3yV9qhaHbXGjwU= github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= +github.com/Microsoft/go-winio v0.5.1 h1:aPJp2QD7OOrhO5tQXqQoGSJc+DjDtWTGLOmNyAm6FgY= +github.com/Microsoft/go-winio v0.5.1/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= @@ -106,7 +113,6 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= -github.com/Microsoft/hcsshim v0.8.18/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim v0.8.21 h1:btRfUDThBE5IKcvI8O8jOiIkujUsAMBSRsYDYmEi6oM= github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= @@ -129,14 +135,16 @@ github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= +github.com/alecthomas/jsonschema v0.0.0-20211022214203-8b29eab41725 h1:NjwIgLQlD46o79bheVG4SCdRnnOz4XtgUN1WABX5DLA= +github.com/alecthomas/jsonschema v0.0.0-20211022214203-8b29eab41725/go.mod h1:/n6+1/DWPltRLWL/VKyUxg6tzsl5kHUCcraimt4vr60= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= -github.com/andybalholm/brotli v1.0.0 h1:7UCwP93aiSfvWpapti8g88vVVGp2qqtGyePsSuDafo4= -github.com/andybalholm/brotli v1.0.0/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= +github.com/andybalholm/brotli v1.0.1 h1:KqhlKozYbRtJvsPrrEeXcO+N2l6NYT5A2QAFmSULpEc= +github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= @@ -207,6 +215,11 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= @@ -245,7 +258,6 @@ github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09Zvgq github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/containerd v1.5.4/go.mod h1:sx18RgvW6ABJ4iYUw7Q5x7bgFOAB9B6G7+yO0XBc4zw= github.com/containerd/containerd v1.5.7 h1:rQyoYtj4KddB3bxG6SAqd4+08gePNyJjRqvOIfV3rkM= github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -275,8 +287,9 @@ github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJ github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= -github.com/containerd/stargz-snapshotter/estargz v0.7.0 h1:1d/rydzTywc76lnjJb6qbPCiTiCwts49AzKps/Ecblw= github.com/containerd/stargz-snapshotter/estargz v0.7.0/go.mod h1:83VWDqHnurTKliEB0YvWMiCfLDwv4Cjj1X9Vk98GJZw= +github.com/containerd/stargz-snapshotter/estargz v0.10.0 h1:glqzafvxBBAMo+x2w2sdDjUDZeTqqLJmqZPY05qehCU= +github.com/containerd/stargz-snapshotter/estargz v0.10.0/go.mod h1:aE5PCyhFMwR8sbrErO5eM2GcvkyXTTJremG883D4qF0= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= @@ -316,8 +329,9 @@ github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/cpuguy83/go-md2man/v2 v2.0.0 h1:EoUDS0afbrsXAZ9YQ9jdu/mZ2sXgT1/2yyNng4PGlyM= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/cpuguy83/go-md2man/v2 v2.0.1 h1:r/myEWzV9lfsM1tFLgDyu0atFtJ1fXn261LKYj/3DxU= +github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.11 h1:07n33Z8lZxZ2qwegKbObQohDhXDQxiMMz1NOUGYlesw= @@ -328,6 +342,7 @@ github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1S github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= +github.com/danieljoos/wincred v1.1.0/go.mod h1:XYlo+eRTsVA9aHGp7NGjFkPla4m+DCL7hqDjlFjiygg= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -342,17 +357,20 @@ github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/ github.com/distribution/distribution/v3 v3.0.0-20210804104954-38ab4c606ee3 h1:rEK0juuU5idazw//KzUcL3yYwUU3DIe2OnfJwjDBqno= github.com/distribution/distribution/v3 v3.0.0-20210804104954-38ab4c606ee3/go.mod h1:gt38b7cvVKazi5XkHvINNytZXgTEntyhtyM3HQz46Nk= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v20.10.7+incompatible h1:pv/3NqibQKphWZiAskMzdz8w0PRbtTaEB+f6NwdU7Is= github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v20.10.10+incompatible h1:kcbwdgWbrBOH8QwQzaJmyriHwF7XIl4HT1qh0HTRys4= +github.com/docker/cli v20.10.10+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.7+incompatible h1:Z6O9Nhsjv+ayUEeI1IojKbYcsGdgYSNqxe1s2MYzUhQ= github.com/docker/docker v20.10.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker-credential-helpers v0.6.3 h1:zI2p9+1NQYdnG6sMU26EX4aVGlqbInSQxQXLvzJ4RPQ= +github.com/docker/docker v20.10.10+incompatible h1:GKkP0T7U4ks6X3lmmHKC2QDprnpRJor2Z5a8m62R9ZM= +github.com/docker/docker v20.10.10+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= +github.com/docker/docker-credential-helpers v0.6.4 h1:axCks+yV+2MR3/kZhAmy07yC56WZ2Pwu/fKWtKuZB0o= +github.com/docker/docker-credential-helpers v0.6.4/go.mod h1:ofX3UI0Gz1TteYBjtgs07O36Pyasyp66D2uKT7H8W1c= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= @@ -368,8 +386,8 @@ github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNE github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= -github.com/dsnet/compress v0.0.1 h1:PlZu0n3Tuv04TzpfPbrnI0HW/YwodEXDS+oPKahKF0Q= -github.com/dsnet/compress v0.0.1/go.mod h1:Aw8dCMJ7RioblQeTqt88akK31OvO8Dhf5JflhBbQEHo= +github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 h1:iFaUwBSo5Svw6L7HYpRu/0lE3e0BaElwnNO1qkNQxBY= +github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5/go.mod h1:qssHWj60/X5sZFNxpG4HBPDHVqxNm4DfnCKgrbZOT+s= github.com/dsnet/golib v0.0.0-20171103203638-1ea166775780/go.mod h1:Lj+Z9rebOhdfkVLjJ8T6VcRQv3SXugXy999NBtR9aFY= github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= @@ -387,6 +405,8 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po= github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.11.0+incompatible h1:glyUF9yIYtMHzn8xaKw5rMhdWcwsYV8dZHIq5567/xs= @@ -478,15 +498,15 @@ github.com/gobuffalo/packr/v2 v2.8.1 h1:tkQpju6i3EtMXJ9uoF5GT6kB+LMTimDWD8Xvbz6z github.com/gobuffalo/packr/v2 v2.8.1/go.mod h1:c/PLlOuTU+p3SybaJATW3H6lX/iK7xEz5OeMf+NnJpg= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= -github.com/goccy/go-yaml v1.9.3 h1:9A7DkTBb7cZs5wqcqAhgR+2Ms8O7HTjT0SqOXO10HqM= -github.com/goccy/go-yaml v1.9.3/go.mod h1:U/jl18uSupI5rdI2jmuCswEA2htH9eXfferR3KfscvA= +github.com/goccy/go-yaml v1.9.4 h1:S0GCYjwHKVI6IHqio7QWNKNThUl6NLzFd/g8Z65Axw8= +github.com/goccy/go-yaml v1.9.4/go.mod h1:U/jl18uSupI5rdI2jmuCswEA2htH9eXfferR3KfscvA= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godror/godror v0.24.2/go.mod h1:wZv/9vPiUib6tkoDl+AZ/QLf5YZgMravZ7jxH2eQWAE= -github.com/gofrs/flock v0.8.0/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= +github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= @@ -513,6 +533,7 @@ github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -532,7 +553,7 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golang/snappy v0.0.2/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golangplus/testing v0.0.0-20180327235837-af21d9c3145e/go.mod h1:0AA//k/eakGydO4jKRoRL2j92ZKSzTgj9tclaCrvXHk= @@ -555,8 +576,9 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ= github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-containerregistry v0.6.0 h1:niQ+8XD//kKgArIFwDVBXsWVWbde16LPdHMyNwSC8h4= github.com/google/go-containerregistry v0.6.0/go.mod h1:euCCtNbZ6tKqi1E72vwDj2xZcN5ttKpZLfa/wSo5iLw= +github.com/google/go-containerregistry v0.7.0 h1:u0onUUOcyoCDHEiJoyR1R1gx5er1+r06V5DBhUU5ndk= +github.com/google/go-containerregistry v0.7.0/go.mod h1:2zaoelrL0d08gGbpdP3LqyUuBmhWbpD6IOe2s9nLS2k= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -576,6 +598,8 @@ github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= @@ -586,6 +610,7 @@ github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= +github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/googleapis/gnostic v0.5.5 h1:9fHAtK0uDfpveeqqo1hkEZJcFvYXAiCN3UutL8F9xHw= @@ -654,6 +679,8 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0 h1:i462o439ZjprVSFSZLZxcsoAe592sZB1rci2Z8j4wdk= +github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0/go.mod h1:N0Wam8K1arqPXNWjMo21EXnBPOPp36vB07FNRdD2geA= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= @@ -705,15 +732,16 @@ github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQL github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= -github.com/klauspost/compress v1.10.10/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= +github.com/klauspost/compress v1.11.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.0 h1:2T7tUoQrQT+fQWdaY5rjWztFGAFwbGD04iPJg90ZiOs= github.com/klauspost/compress v1.13.0/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/klauspost/compress v1.13.6 h1:P76CopJELS0TiO2mebmnzgWaajssP/EszplttgQxcgc= +github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= -github.com/klauspost/pgzip v1.2.4 h1:TQ7CNpYKovDOmqzRHKxJh0BeaBI7UdQZYc6p7pMQh1A= -github.com/klauspost/pgzip v1.2.4/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= +github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= +github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -794,8 +822,8 @@ github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182aff github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1fWh90gTKwiN4QCGoY9TWyyO4= github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= -github.com/mholt/archiver/v3 v3.5.0 h1:nE8gZIrw66cu4osS/U7UW7YDuGMHssxKutU8IfWxwWE= -github.com/mholt/archiver/v3 v3.5.0/go.mod h1:qqTTPUK/HZPFgFQ/TJ3BzvTpF/dPtFVJXdQbCmeMxwc= +github.com/mholt/archiver/v3 v3.5.1 h1:rDjOBX9JSF5BvoJGvjqK479aL70qh9DIpZCl+k7Clwo= +github.com/mholt/archiver/v3 v3.5.1/go.mod h1:e3dqJ7H78uzsRSEACH1joayhuSyhnonssnDhppzS1L4= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= @@ -884,8 +912,9 @@ github.com/opencontainers/go-digest v1.0.0-rc1.0.20180430190053-c9281466c8b2/go. github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 h1:axgApq2XShTLwQii2zAnIkMPlhGVHbAXHUcHezu5G/k= +github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= @@ -904,13 +933,13 @@ github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3 github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/oracle/oci-go-sdk v7.1.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888= -github.com/otiai10/copy v1.6.0 h1:IinKAryFFuPONZ7cm6T6E2QX/vcJwSnlaA5lfoaXIiQ= -github.com/otiai10/copy v1.6.0/go.mod h1:XWfuS3CrI0R6IE0FbgHsEazaXO8G0LpMp9o8tos0x4E= +github.com/otiai10/copy v1.7.0 h1:hVoPiN+t+7d2nzzwMiDHPSOogsWAStewq3TwU05+clE= +github.com/otiai10/copy v1.7.0/go.mod h1:rmRl6QPdJj6EiUqXQ/4Nn2lLXoNQjFCQbbNrxgc/t3U= github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= -github.com/otiai10/mint v1.3.2 h1:VYWnrP5fXmz1MXvjuUvcBrXSjGE6xjON+axB/UrpO3E= -github.com/otiai10/mint v1.3.2/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= +github.com/otiai10/mint v1.3.3 h1:7JgpsBaN0uMkyju4tbYHu0mnM55hNKVYLsXmwr15NQI= +github.com/otiai10/mint v1.3.3/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= @@ -919,8 +948,8 @@ github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+v github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2 h1:JhzVVoYvbOACxoUmOs6V/G4D5nPVUW73rKvXxP4XUJc= github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= -github.com/pierrec/lz4/v4 v4.0.3 h1:vNQKSVZNYUEAvRY9FaUXAF1XPbSOHJtDTiP41kzDz2E= -github.com/pierrec/lz4/v4 v4.0.3/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= +github.com/pierrec/lz4/v4 v4.1.2 h1:qvY3YFXRQE/XB8MlLzJH7mSzBs74eA2gg52YTk6jUPM= +github.com/pierrec/lz4/v4 v4.1.2/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -1043,6 +1072,7 @@ github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRci github.com/stretchr/testify v1.2.1/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.3.1-0.20190311161405-34c6fa2dc709/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= @@ -1059,15 +1089,17 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1 github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= github.com/tmccombs/hcl2json v0.3.3/go.mod h1:Y2chtz2x9bAeRTvSibVRVgbLJhLJXKlUeIvjeVdnm4w= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ulikunitz/xz v0.5.6/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= -github.com/ulikunitz/xz v0.5.7/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= -github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/ulikunitz/xz v0.5.9 h1:RsKRIA2MO8x56wkkcd3LbtcE/uMszhb6DpRf+3uwa3I= +github.com/ulikunitz/xz v0.5.9/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA= +github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME= +github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= @@ -1181,8 +1213,9 @@ golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= +golang.org/x/crypto v0.0.0-20211202192323-5770296d904e h1:MUP6MR3rJ7Gk9LEia0LP2ytiH6MuCfs7qYz+47jGdD8= +golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1274,8 +1307,10 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q= golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211111160137-58aab5ef257a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1288,8 +1323,12 @@ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c h1:pkQiBZBvdos9qq4wBAHqlzuZHEXo07pqV06ef90u1WI= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= +golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1394,10 +1433,15 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6 h1:foEbQz/B0Oz6YIqu/69kfXPYeFQAuuMYFkjaqXzl5Wo= +golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211110154304-99a53858aa08 h1:WecRHqgE09JBkh/584XIE6PMz5KKE/vER4izNUi30AQ= +golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -1480,6 +1524,9 @@ golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1509,6 +1556,12 @@ google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBz google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= +google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= +google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= +google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU= +google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k= +google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE= +google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -1564,8 +1617,22 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A= -google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c h1:wtujag7C+4D6KMoulW9YauvK2lgdvCMS260jsqqBXr0= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= +google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24= +google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k= +google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48= +google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w= +google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY= +google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20211111162719-482062a4217b h1:qvEQEwKjZRAg6rjY/jqfJ7T8/w/D7jTIFJGcaSka96k= +google.golang.org/genproto v0.0.0-20211111162719-482062a4217b/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= @@ -1591,8 +1658,12 @@ google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.38.0 h1:/9BgsAsa5nWe26HqOlvlgJnqBuktYOLCgjCPqsa56W0= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= +google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE= +google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.42.0 h1:XT2/MFpuPFsEX2fWh3YQtHkZ+WYZFQRfaUgLZYj/p6A= +google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= @@ -1605,8 +1676,9 @@ google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpAD google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ= +google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -1654,8 +1726,8 @@ gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81 gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= -helm.sh/helm/v3 v3.7.0 h1:jRZCCdrOEfJI1LgStRAbmDJQkAwZkFy6gr4OlwrE2Ro= -helm.sh/helm/v3 v3.7.0/go.mod h1:DajHtQTe8KrjNmvy5gxWkosFKaADrS3uRS5EkDtsmI4= +helm.sh/helm/v3 v3.7.2 h1:xn1OxcZEpgKpp4CCpPz1KKUyb9gAtTouXV2E3S8ChYQ= +helm.sh/helm/v3 v3.7.2/go.mod h1:UXuiAn0+FfBpqbiMuwWt8/aAKkfJvnWLBJ6f4HcFs0M= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -1666,34 +1738,34 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= -k8s.io/api v0.22.1 h1:ISu3tD/jRhYfSW8jI/Q1e+lRxkR7w9UwQEZ7FgslrwY= -k8s.io/api v0.22.1/go.mod h1:bh13rkTp3F1XEaLGykbyRD2QaTTzPm0e/BMd8ptFONY= -k8s.io/apiextensions-apiserver v0.22.1 h1:YSJYzlFNFSfUle+yeEXX0lSQyLEoxoPJySRupepb0gE= -k8s.io/apiextensions-apiserver v0.22.1/go.mod h1:HeGmorjtRmRLE+Q8dJu6AYRoZccvCMsghwS8XTUYb2c= +k8s.io/api v0.22.4 h1:UvyHW0ezB2oIgHAxlYoo6UJQObYXU7awuNarwoHEOjw= +k8s.io/api v0.22.4/go.mod h1:Rgs+9gIGYC5laXQSZZ9JqT5NevNgoGiOdVWi1BAB3qk= +k8s.io/apiextensions-apiserver v0.22.4 h1:2iGpcVyw4MnAyyXVJU2Xg6ZsbIxAOfRHo0LF5A5J0RA= +k8s.io/apiextensions-apiserver v0.22.4/go.mod h1:kH9lxD8dbJ+k0ZizGET55lFgdGjO8t45fgZnCVdZEpw= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= -k8s.io/apimachinery v0.22.1 h1:DTARnyzmdHMz7bFWFDDm22AM4pLWTQECMpRTFu2d2OM= -k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= +k8s.io/apimachinery v0.22.4 h1:9uwcvPpukBw/Ri0EUmWz+49cnFtaoiyEhQTK+xOe7Ck= +k8s.io/apimachinery v0.22.4/go.mod h1:yU6oA6Gnax9RrxGzVvPFFJ+mpnW6PBSqp0sx0I0HHW0= k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= -k8s.io/apiserver v0.22.1 h1:Ul9Iv8OMB2s45h2tl5XWPpAZo1VPIJ/6N+MESeed7L8= -k8s.io/apiserver v0.22.1/go.mod h1:2mcM6dzSt+XndzVQJX21Gx0/Klo7Aen7i0Ai6tIa400= -k8s.io/cli-runtime v0.22.1 h1:WIueieKvT+IiSVSFosRLI6rkM0tyBGEGH1WUEztVjho= -k8s.io/cli-runtime v0.22.1/go.mod h1:YqwGrlXeEk15Yn3em2xzr435UGwbrCw5x+COQoTYfoo= +k8s.io/apiserver v0.22.4 h1:L+220cy+94UWmyBl1kiVTklBXrBtKsbjlPV60eL2u6s= +k8s.io/apiserver v0.22.4/go.mod h1:38WmcUZiiy41A7Aty8/VorWRa8vDGqoUzDf2XYlku0E= +k8s.io/cli-runtime v0.22.4 h1:uFSVSdW14JP53BCtMRsw1hB9ba21TBuUb5m7RvEsH0Y= +k8s.io/cli-runtime v0.22.4/go.mod h1:x35r0ERHXr/MrbR1C6MPJxQ3xKG6+hXi9m2xLzlMPZA= k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= -k8s.io/client-go v0.22.1 h1:jW0ZSHi8wW260FvcXHkIa0NLxFBQszTlhiAVsU5mopw= -k8s.io/client-go v0.22.1/go.mod h1:BquC5A4UOo4qVDUtoc04/+Nxp1MeHcVc1HJm1KmG8kk= -k8s.io/code-generator v0.22.1/go.mod h1:eV77Y09IopzeXOJzndrDyCI88UBok2h6WxAlBwpxa+o= +k8s.io/client-go v0.22.4 h1:aAQ1Wk+I3bjCNk35YWUqbaueqrIonkfDPJSPDDe8Kfg= +k8s.io/client-go v0.22.4/go.mod h1:Yzw4e5e7h1LNHA4uqnMVrpEpUs1hJOiuBsJKIlRCHDA= +k8s.io/code-generator v0.22.4/go.mod h1:qjYl54pQ/emhkT0UxbufbREYJMWsHNNV/jSVwhYZQGw= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= -k8s.io/component-base v0.22.1 h1:SFqIXsEN3v3Kkr1bS6rstrs1wd45StJqbtgbQ4nRQdo= -k8s.io/component-base v0.22.1/go.mod h1:0D+Bl8rrnsPN9v0dyYvkqFfBeAd4u7n77ze+p8CMiPo= -k8s.io/component-helpers v0.22.1/go.mod h1:QvBcDbX+qU5I2tMZABBF5fRwAlQwiv771IGBHK9WYh4= +k8s.io/component-base v0.22.4 h1:7qwLJnua2ppGNZrRGDQ0vhsFebI39VGbZ4zdR5ArViI= +k8s.io/component-base v0.22.4/go.mod h1:MrSaQy4a3tFVViff8TZL6JHYSewNCLshZCwHYM58v5A= +k8s.io/component-helpers v0.22.4/go.mod h1:A50qTyczDFbhZDifIfS2zFrHuPk9UNOWPpvNZ+3RSIs= k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= @@ -1706,15 +1778,16 @@ k8s.io/klog/v2 v2.4.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.9.0 h1:D7HV+n1V57XeZ0m6tdRkfknthUaM06VFbWldOFh8kzM= k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= -k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e h1:KLHHjkdQFomZy8+06csTWZ0m1343QqxZhR2LJ1OxCYM= k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= -k8s.io/kubectl v0.22.1 h1:kpXO+ajPNTzAVLDM9pAzCsWH9MtCMr92zpcvXMt7P6E= -k8s.io/kubectl v0.22.1/go.mod h1:mjAOgEbMNMtZWxnfM6jd+nPjPsaoLqO5xanc78WcSbw= +k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c h1:jvamsI1tn9V0S8jicyX82qaFC0H/NKxv2e5mbqsgR80= +k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= +k8s.io/kubectl v0.22.4 h1:ECUO1QWyZ70DiIKEfgBx+8i9D98uspVOwgc1APs/07w= +k8s.io/kubectl v0.22.4/go.mod h1:ok2qRT6y2Gy4+y+mniJVyUMKeBHP4OWS9Rdtf/QTM5I= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= -k8s.io/metrics v0.22.1/go.mod h1:i/ZNap89UkV1gLa26dn7fhKAdheJaKy+moOqJbiif7E= +k8s.io/metrics v0.22.4/go.mod h1:6F/iwuYb1w2QDCoHkeMFLf4pwHBcYKLm4mPtVHKYrIw= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9 h1:imL9YgXQ9p7xmPzHFm/vVd/cF78jad+n4wK1ABwYtMM= -k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a h1:8dYfu/Fc9Gz2rNJKB9IQRGgQOh2clmRzNIPPY1xLY5g= +k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= oras.land/oras-go v0.4.0 h1:u6+7D+raZDYHwlz/uOwNANiRmyYDSSMW7A9E1xXycUQ= oras.land/oras-go v0.4.0/go.mod h1:VJcU+VE4rkclUbum5C0O7deEZbBYnsnpbGSACwTjOcg= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= diff --git a/zarf.schema.json b/zarf.schema.json new file mode 100644 index 0000000000..84a7ffcace --- /dev/null +++ b/zarf.schema.json @@ -0,0 +1,245 @@ +{ + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfPackage", + "definitions": { + "ZarfBuildData": { + "required": [ + "terminal", + "user", + "timestamp", + "string" + ], + "properties": { + "terminal": { + "type": "string" + }, + "user": { + "type": "string" + }, + "timestamp": { + "type": "string" + }, + "string": { + "type": "string" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfChart": { + "required": [ + "name", + "url", + "version" + ], + "properties": { + "name": { + "type": "string" + }, + "url": { + "type": "string" + }, + "version": { + "type": "string" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfComponent": { + "required": [ + "name" + ], + "properties": { + "name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "default": { + "type": "boolean" + }, + "required": { + "type": "boolean" + }, + "files": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfFile" + }, + "type": "array" + }, + "manifests": { + "type": "string" + }, + "images": { + "items": { + "type": "string" + }, + "type": "array" + }, + "charts": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfChart" + }, + "type": "array" + }, + "repos": { + "items": { + "type": "string" + }, + "type": "array" + }, + "scripts": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfComponentScripts" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfComponentScripts": { + "properties": { + "retry": { + "type": "boolean" + }, + "before": { + "items": { + "type": "string" + }, + "type": "array" + }, + "after": { + "items": { + "type": "string" + }, + "type": "array" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfContainerTarget": { + "required": [ + "namespace", + "selector", + "path" + ], + "properties": { + "namespace": { + "type": "string" + }, + "selector": { + "type": "string" + }, + "container": { + "type": "string" + }, + "path": { + "type": "string" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfData": { + "required": [ + "source", + "target" + ], + "properties": { + "source": { + "type": "string" + }, + "target": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfContainerTarget" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfFile": { + "required": [ + "source", + "target" + ], + "properties": { + "source": { + "type": "string" + }, + "shasum": { + "type": "string" + }, + "target": { + "type": "string" + }, + "executable": { + "type": "boolean" + }, + "symlinks": { + "items": { + "type": "string" + }, + "type": "array" + }, + "template": { + "type": "boolean" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfMetadata": { + "properties": { + "name": { + "type": "string" + }, + "description": { + "type": "string" + }, + "version": { + "type": "string" + }, + "uncompressed": { + "type": "boolean" + } + }, + "additionalProperties": false, + "type": "object" + }, + "ZarfPackage": { + "properties": { + "kind": { + "type": "string" + }, + "metadata": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfMetadata" + }, + "build": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfBuildData" + }, + "data": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfData" + }, + "type": "array" + }, + "components": { + "items": { + "$schema": "http://json-schema.org/draft-04/schema#", + "$ref": "#/definitions/ZarfComponent" + }, + "type": "array" + } + }, + "additionalProperties": false, + "type": "object" + } + } +} \ No newline at end of file diff --git a/zarf.yaml b/zarf.yaml index abc5e996f7..e299e7a708 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -2,34 +2,85 @@ kind: ZarfInitConfig components: - name: k3s - description: "Install K3s" + description: > + Install K3s, certified Kubernetes distribution built for IoT & Edge computing. + K3s provides the cluster need for Zarf running in Appliance MOde as well as can + host a low-resource Gitops Service if not using an existing Kubernetes platform. required: true - manifests: assets/manifests/common + scripts: + retry: true + after: + # Configure K3s systemd service + - "systemctl daemon-reload" + - "systemctl enable --now k3s" + # Wait for the K3s node to come up + - "/usr/local/bin/kubectl get nodes" files: - - source: https://github.com/k3s-io/k3s/releases/download/v1.21.2+k3s1/k3s - shasum: 5097d515e220f8e97ab13c56cb9142ee4526b4c9eade5ed098e2906c1db2a163 - target: "/usr/local/bin/k3s" + # Include the actual K3s binary + - source: https://github.com/k3s-io/k3s/releases/download/v1.21.6+k3s1/k3s + shasum: 89eb5f3d12524d0a9d5b56ba3e2707b106e1731dd0e6d2e7b898ac585f4959df + target: /usr/local/bin/k3s executable: true - - source: assets/scripts/k3s-remove.sh - target: "/usr/local/bin/k3s-remove.sh" + # K3s magic provides these tools when symlinking + symlinks: + - /usr/local/bin/kubectl + - /usr/local/bin/ctr + - /usr/local/bin/crictl + # Transfer the K3s images for containerd to pick them up + - source: https://github.com/k3s-io/k3s/releases/download/v1.21.6+k3s1/k3s-airgap-images-amd64.tar.zst + shasum: 772ae839f8c7718e2022d103076df53452d4f09d2a22afdf4b5796cf0cbce62c + target: /var/lib/rancher/k3s/agent/images/k3s.tar.zst + # K3s removal script + - source: assets/scripts/zarf-clean-k3s.sh + target: /usr/local/bin/zarf-clean-k3s.sh executable: true + # The K3s systemd service definition - source: assets/scripts/k3s.service - target: "/etc/systemd/system/k3s.service" + target: /etc/systemd/system/k3s.service + symlinks: + - /etc/systemd/system/multi-user.target.wants/k3s.service + # Containerd mirroring configuration with zarf string injection - source: assets/misc/registries.yaml target: "/etc/rancher/k3s/registries.yaml" - images: - # K3s images - - docker.io/rancher/coredns-coredns:1.8.3 - - docker.io/rancher/klipper-helm:v0.5.0-build20210505 - - docker.io/rancher/klipper-lb:v0.2.0 - - docker.io/rancher/library-busybox:1.32.1 - - docker.io/rancher/library-traefik:2.4.8 - - docker.io/rancher/local-path-provisioner:v0.0.19 - - docker.io/rancher/metrics-server:v0.3.6 - - docker.io/rancher/pause:3.1 + template: true + # Mock file for creating the kube config symlink + - source: assets/misc/empty-file + target: /etc/rancher/k3s/k3s.yaml + symlinks: + - /root/.kube/config + + - name: management + description: "Add the K9s terminal-based K8s UI for cluster management" + default: true + files: + # The zarf binary is hosted on govcloud since the release on https://github.com/derailed/k9s/ is a tarball + - source: https://zarf-public.s3-us-gov-west-1.amazonaws.com/k9s_Linux_x86_64_v0_24_11 + shasum: 18a5a33bbf58cb228e56a03380dcb6b9bb8624acab4ff63deb7364dc15d3c03f + target: /usr/local/bin/k9s + executable: true + # Simple theme file to make K9s colors similar to Zarfs UI colors + - source: assets/misc/k9s-theme.yaml + target: /root/.k9s/skin.yml + + - name: traefik-ingress + description: "Install the Traefik ingress (usually needed for appliance mode)" + required: true + scripts: + retry: true + after: + - "/usr/local/bin/kubectl get middleware" + manifests: assets/manifests/traefik + charts: + - name: traefik + url: https://helm.traefik.io/traefik + version: 9.18.2 - name: container-registry required: true + scripts: + retry: true + after: + - "./zarf tools registry catalog $ZARF_TARGET_ENDPOINT" manifests: assets/manifests/registry images: - registry1.dso.mil/ironbank/opensource/docker/registry-v2:2.7.1 @@ -38,17 +89,6 @@ components: url: https://helm.twun.io version: 1.10.1 - - name: management - description: "Add the K9s terminal-based K8s UI for cluster management" - default: true - files: - - source: https://zarf-public.s3-us-gov-west-1.amazonaws.com/k9s_Linux_x86_64_v0_24_11 - shasum: 18a5a33bbf58cb228e56a03380dcb6b9bb8624acab4ff63deb7364dc15d3c03f - target: "/usr/local/bin/k9s" - executable: true - - source: assets/misc/k9s-theme.yaml - target: "/root/.k9s/skin.yml" - - name: logging description: "Add Promtail, Grafana and Loki (PGL) to this cluster for log monitoring." default: true From 3c66e0d6ae2967c08d9ff9db8fff80d3585811e9 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Thu, 9 Dec 2021 18:19:16 +0000 Subject: [PATCH 02/17] allow localhost since cthat is only a native apply issue --- cli/cmd/initialize.go | 2 +- cli/cmd/pki.go | 2 +- cli/internal/utils/preflight.go | 7 +------ 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/cli/cmd/initialize.go b/cli/cmd/initialize.go index 6e451b5d2e..10bbe39993 100644 --- a/cli/cmd/initialize.go +++ b/cli/cmd/initialize.go @@ -76,7 +76,7 @@ func handleTLSOptions() { if !utils.CheckHostName(state.TLS.Host) { // On error warn user and cycle the function - logrus.Warnf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. Any form of localhost is also invalid.\n", state.TLS.Host) + logrus.Warnf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035.\n", state.TLS.Host) handleTLSOptions() } else { if err := config.WriteState(state); err != nil { diff --git a/cli/cmd/pki.go b/cli/cmd/pki.go index 3a17302875..d134184c25 100644 --- a/cli/cmd/pki.go +++ b/cli/cmd/pki.go @@ -30,7 +30,7 @@ var pkiRegenerate = &cobra.Command{ // Verify the hostname provided is valid if !utils.CheckHostName(tempState.TLS.Host) { - logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. Any form of localhost is also invalid.\n", tempState.TLS.Host) + logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035.\n", tempState.TLS.Host) } pki.GeneratePKI() diff --git a/cli/internal/utils/preflight.go b/cli/internal/utils/preflight.go index 31abc46023..eab656cb54 100644 --- a/cli/internal/utils/preflight.go +++ b/cli/internal/utils/preflight.go @@ -10,12 +10,7 @@ import ( func CheckHostName(hostname string) bool { rfcDomain := regexp.MustCompile(`^[a-zA-Z0-9\-.]+$`) - localhost := regexp.MustCompile(`^localhost|127\.\d+\.\d+\.\d+|::1$`) - isValid := rfcDomain.MatchString(hostname) - if isValid { - isValid = !localhost.MatchString(hostname) - } - return isValid + return rfcDomain.MatchString(hostname) } func IsValidHostName() bool { From cf0cce171f0c2d5a873f816c6604e24282a19ea6 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Thu, 9 Dec 2021 22:13:28 +0000 Subject: [PATCH 03/17] Add more details to image SwapHost function --- cli/internal/images/push.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cli/internal/images/push.go b/cli/internal/images/push.go index f54c82a7d6..b744fa71bb 100644 --- a/cli/internal/images/push.go +++ b/cli/internal/images/push.go @@ -34,7 +34,9 @@ func PushAll(imageTarballPath string, buildImageList []string, targetHost string } } +// SwapHost Perform base url replacment without the docker libs func SwapHost(src string, targetHost string) string { + // For further explanation see https://regex101.com/library/PiL191 and https://regex101.com/r/PiL191/1 var parser = regexp.MustCompile(`(?im)^([a-z0-9\-.]+\.[a-z0-9\-]+:?[0-9]*)?/?(.+)$`) var substitution = targetHost + "/$2" return parser.ReplaceAllString(src, substitution) From f6097775fb39f072a52a242273377b70dcc668d3 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Thu, 9 Dec 2021 22:32:47 +0000 Subject: [PATCH 04/17] block the use of localhost but not 127.0.0.1 --- cli/cmd/initialize.go | 4 ++-- cli/cmd/pki.go | 4 ++-- cli/internal/utils/preflight.go | 9 ++++++++- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/cli/cmd/initialize.go b/cli/cmd/initialize.go index 10bbe39993..1b1350dc91 100644 --- a/cli/cmd/initialize.go +++ b/cli/cmd/initialize.go @@ -54,7 +54,7 @@ func handleTLSOptions() { // Always ask for a host entry to avoid having to guess which entry in a cert if provided prompt := &survey.Input{ - Message: "Enter a host DNS entry or IP Address for the cluster ingress", + Message: "Enter a host DNS entry or IP Address for the cluster ingress. If using localhost, use 127.0.0.1", } _ = survey.AskOne(prompt, &state.TLS.Host, survey.WithValidator(survey.Required)) @@ -76,7 +76,7 @@ func handleTLSOptions() { if !utils.CheckHostName(state.TLS.Host) { // On error warn user and cycle the function - logrus.Warnf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035.\n", state.TLS.Host) + logrus.Warnf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. If using localhost, you must use the 127.0.0.1.\n", state.TLS.Host) handleTLSOptions() } else { if err := config.WriteState(state); err != nil { diff --git a/cli/cmd/pki.go b/cli/cmd/pki.go index d134184c25..5a1701c8b8 100644 --- a/cli/cmd/pki.go +++ b/cli/cmd/pki.go @@ -23,14 +23,14 @@ var pkiRegenerate = &cobra.Command{ // Prompt for a hostname if it wasn't provided as a command flag if tempState.TLS.Host == "" { prompt := &survey.Input{ - Message: "Enter a host DNS entry or IP Address for the gitops service ingress", + Message: "Enter a host DNS entry or IP Address for the gitops service ingress. If using localhost, use 127.0.0.1", } _ = survey.AskOne(prompt, &tempState.TLS.Host, survey.WithValidator(survey.Required)) } // Verify the hostname provided is valid if !utils.CheckHostName(tempState.TLS.Host) { - logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035.\n", tempState.TLS.Host) + logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. If using localhost, you must use the 127.0.0.1.\n", tempState.TLS.Host) } pki.GeneratePKI() diff --git a/cli/internal/utils/preflight.go b/cli/internal/utils/preflight.go index eab656cb54..5dd53c04d9 100644 --- a/cli/internal/utils/preflight.go +++ b/cli/internal/utils/preflight.go @@ -9,8 +9,15 @@ import ( ) func CheckHostName(hostname string) bool { + // Explanation: https://regex101.com/r/zUGqjP/1/ rfcDomain := regexp.MustCompile(`^[a-zA-Z0-9\-.]+$`) - return rfcDomain.MatchString(hostname) + // Explanation: https://regex101.com/r/vPGnzR/1/ + localhost := regexp.MustCompile(`\.?localhost$`) + isValid := rfcDomain.MatchString(hostname) + if isValid { + isValid = !localhost.MatchString(hostname) + } + return isValid } func IsValidHostName() bool { From c83765ce70b1779965216f8f07ced8ebc06a8e7a Mon Sep 17 00:00:00 2001 From: Andrew Roth Date: Thu, 9 Dec 2021 15:36:18 -0800 Subject: [PATCH 05/17] Change name of generated flux manifest so K3s will deploy it properly --- examples/Makefile | 2 +- examples/big-bang/manifests/.gitignore | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/Makefile b/examples/Makefile index 57789f59b6..28cfad4e74 100755 --- a/examples/Makefile +++ b/examples/Makefile @@ -70,7 +70,7 @@ vendor-big-bang-base: ## Grab the bigbang base kustomization so we don't need to .PHONY: package-example-big-bang package-example-big-bang: vendor-big-bang-base ## Create the Big Bang Core example - cd big-bang && kustomize build template/bigbang/vendor/bigbang/base/flux > manifests/flux/flux_generated.yaml && $(ZARF_BIN) package create --confirm && mv zarf-package-* ../sync/ + cd big-bang && kustomize build template/bigbang/vendor/bigbang/base/flux > manifests/flux/flux-generated.yaml && $(ZARF_BIN) package create --confirm && mv zarf-package-* ../sync/ .PHONY: package-example-data-injection package-example-data-injection: ## Create the Data Injection example diff --git a/examples/big-bang/manifests/.gitignore b/examples/big-bang/manifests/.gitignore index cffdaf2e63..f2d70df156 100644 --- a/examples/big-bang/manifests/.gitignore +++ b/examples/big-bang/manifests/.gitignore @@ -1 +1,2 @@ *_generated.yaml +*-generated.yaml From 888671c5052833549fe22b761f45147240aa956c Mon Sep 17 00:00:00 2001 From: Andrew Roth Date: Thu, 9 Dec 2021 15:51:53 -0800 Subject: [PATCH 06/17] In CI, install the shasum command before trying to build --- .github/workflows/test-command.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/test-command.yml b/.github/workflows/test-command.yml index 29b40c3fcd..f446b290ef 100644 --- a/.github/workflows/test-command.yml +++ b/.github/workflows/test-command.yml @@ -113,6 +113,8 @@ jobs: asdf global golang 1.16.7 export GOPATH="$HOME/go" export PATH="$PATH:$GOPATH/bin" + # Install the shasum tool + apk add shasum make build-cli-linux ./build/zarf tools registry login registry1.dso.mil --username "${{ secrets.REGISTRY1_USERNAME_ZARF_ROBOT }}" --password "${{ secrets.REGISTRY1_PASSWORD_ZARF_ROBOT }}" make init-package From b8ffc6db36f15f5545e16e975098e022fa22e6f8 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Fri, 10 Dec 2021 03:35:39 +0000 Subject: [PATCH 07/17] revert shasum change, add mac note --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 52b9a73423..0d633a798d 100644 --- a/Makefile +++ b/Makefile @@ -48,10 +48,10 @@ build-cli-mac: ## Build the Mac CLI build-cli: clean build-cli-linux build-cli-mac ## Build the CLI -init-package: ## Create the zarf init package +init-package: ## Create the zarf init package, macos "brew install coreutils" first $(ZARF_BIN) package create --confirm mv zarf-init.tar.zst build - cd build && shasum -a 256 -b zarf* > zarf.sha256 + cd build && sha256sum -b zarf* > zarf.sha256 ls -lh build build-test: build-cli init-package ## Build the CLI and create the init package From 5cc04cc733f8ff10725cc03b60901bd04c3e9a8a Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Fri, 10 Dec 2021 05:58:17 +0000 Subject: [PATCH 08/17] who needs a tf version anyway??? --- test/tf/public-ec2-instance/main.tf | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/tf/public-ec2-instance/main.tf b/test/tf/public-ec2-instance/main.tf index 7d1b94cde8..d2e677619c 100644 --- a/test/tf/public-ec2-instance/main.tf +++ b/test/tf/public-ec2-instance/main.tf @@ -1,5 +1,7 @@ terraform { - required_version = "1.0.11" + # Follow best practice for root module version constraing + # See https://www.terraform.io/docs/language/expressions/version-constraints.html + required_version = "~> 1.1.0" } locals { From 19dae3f8d25f1ff75b9c8aeca08cb5f829741eaf Mon Sep 17 00:00:00 2001 From: Andrew Roth Date: Fri, 10 Dec 2021 11:17:32 -0800 Subject: [PATCH 09/17] Revert adding the shasum tool to the CI job. We don't need it anymore. --- .github/workflows/test-command.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/test-command.yml b/.github/workflows/test-command.yml index f446b290ef..29b40c3fcd 100644 --- a/.github/workflows/test-command.yml +++ b/.github/workflows/test-command.yml @@ -113,8 +113,6 @@ jobs: asdf global golang 1.16.7 export GOPATH="$HOME/go" export PATH="$PATH:$GOPATH/bin" - # Install the shasum tool - apk add shasum make build-cli-linux ./build/zarf tools registry login registry1.dso.mil --username "${{ secrets.REGISTRY1_USERNAME_ZARF_ROBOT }}" --password "${{ secrets.REGISTRY1_PASSWORD_ZARF_ROBOT }}" make init-package From 568c474988ae8802e2d55c1685be2a4b07e5f3ee Mon Sep 17 00:00:00 2001 From: Jon Perry Date: Fri, 10 Dec 2021 15:25:06 -0500 Subject: [PATCH 10/17] Add --generate flag for init command and make init conditioning smoother --- cli/cmd/initialize.go | 30 ++++++++++++++++++----------- cli/internal/packager/initialize.go | 1 + 2 files changed, 20 insertions(+), 11 deletions(-) diff --git a/cli/cmd/initialize.go b/cli/cmd/initialize.go index 1b1350dc91..ddcea1a6d5 100644 --- a/cli/cmd/initialize.go +++ b/cli/cmd/initialize.go @@ -35,10 +35,17 @@ func handleTLSOptions() { const Generate = 0 const Import = 1 - var tlsMode int + var tlsMode int = -1 + + // If it's obvious what the user intended to do for TLS certs, set that config early + if initOptions.Generate == true { + tlsMode = Generate + } else if state.TLS.CertPrivatePath != "" { + tlsMode = Import + } // Check to see if the certpaths or host entries are set as flags first - if state.TLS.CertPublicPath == "" && state.TLS.Host == "" { + if tlsMode == -1 { // Determine flow for generate or import modePrompt := &survey.Select{ Message: "Will Zarf be generating a TLS chain or importing an existing ingress cert?", @@ -48,17 +55,17 @@ func handleTLSOptions() { }, } _ = survey.AskOne(modePrompt, &tlsMode) - } else { - tlsMode = Import } - // Always ask for a host entry to avoid having to guess which entry in a cert if provided - prompt := &survey.Input{ - Message: "Enter a host DNS entry or IP Address for the cluster ingress. If using localhost, use 127.0.0.1", + if state.TLS.Host == "" { + // If not provided, always ask for a host entry to avoid having to guess which entry in a cert if provided + prompt := &survey.Input{ + Message: "Enter a host DNS entry or IP Address for the cluster ingress. If using localhost, use 127.0.0.1", + } + _ = survey.AskOne(prompt, &state.TLS.Host, survey.WithValidator(survey.Required)) } - _ = survey.AskOne(prompt, &state.TLS.Host, survey.WithValidator(survey.Required)) - if tlsMode != Generate { + if tlsMode == Import && (state.TLS.CertPrivatePath == "" || state.TLS.CertPublicPath == "") { // Import mode requires the public and private key paths prompt := &survey.Input{ Message: "Enter a file path to the ingress public key", @@ -75,8 +82,9 @@ func handleTLSOptions() { } if !utils.CheckHostName(state.TLS.Host) { - // On error warn user and cycle the function + // On error warn user, reset the field, and cycle the function logrus.Warnf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. If using localhost, you must use the 127.0.0.1.\n", state.TLS.Host) + state.TLS.Host = "" handleTLSOptions() } else { if err := config.WriteState(state); err != nil { @@ -87,10 +95,10 @@ func handleTLSOptions() { } func init() { - state := config.GetState() rootCmd.AddCommand(initCmd) initCmd.Flags().BoolVar(&initOptions.Confirmed, "confirm", false, "Confirm the install without prompting") + initCmd.Flags().BoolVar(&initOptions.Generate, "generate", false, "Automatically generate the tls certs") initCmd.Flags().StringVar(&state.TLS.Host, "host", "", "Specify the host or IP for the gitops service ingress. E.g. host=10.10.10.5 or host=gitops.domain.com") initCmd.Flags().StringVar(&state.TLS.CertPublicPath, "server-crt", "", "Path to the server public key if not generating unique PKI") initCmd.Flags().StringVar(&state.TLS.CertPrivatePath, "server-key", "", "Path to the server private key if not generating unique PKI") diff --git a/cli/internal/packager/initialize.go b/cli/internal/packager/initialize.go index 2ff96d2976..4a5de8f700 100644 --- a/cli/internal/packager/initialize.go +++ b/cli/internal/packager/initialize.go @@ -10,6 +10,7 @@ import ( type InstallOptions struct { Confirmed bool Components string + Generate bool } func Install(options *InstallOptions) { From 505015f031a13710268c09bd09ba0344002ef358 Mon Sep 17 00:00:00 2001 From: Jon Perry Date: Fri, 10 Dec 2021 15:25:11 -0500 Subject: [PATCH 11/17] Fix e2e tests after invalidating localhost as ingress option --- test/e2e/e2e_example_game_test.go | 9 +++++---- test/e2e/e2e_general_cli_test.go | 7 ++++--- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/test/e2e/e2e_example_game_test.go b/test/e2e/e2e_example_game_test.go index e34f018101..893e245066 100644 --- a/test/e2e/e2e_example_game_test.go +++ b/test/e2e/e2e_example_game_test.go @@ -2,12 +2,13 @@ package test import ( "fmt" + "testing" + "github.com/gruntwork-io/terratest/modules/aws" "github.com/gruntwork-io/terratest/modules/ssh" "github.com/gruntwork-io/terratest/modules/terraform" teststructure "github.com/gruntwork-io/terratest/modules/test-structure" "github.com/stretchr/testify/require" - "testing" ) func TestE2eExampleGame(t *testing.T) { @@ -65,11 +66,11 @@ func testGameExample(t *testing.T, terraformOptions *terraform.Options, keyPair require.NoError(t, err, output) // run `zarf init` - output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("sudo bash -c 'cd /home/%s/build && ./zarf init --confirm --components management --host localhost'", username)) + output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("sudo bash -c 'cd /home/%s/build && ./zarf init --confirm --components management --host 127.0.0.1'", username)) require.NoError(t, err, output) // Wait until the Docker registry is ready - output, err = ssh.CheckSshCommandE(t, publicHost, "timeout 300 bash -c 'while [[ \"$(curl -sfSL --retry 15 --retry-connrefused --retry-delay 5 -o /dev/null -w \"%{http_code}\" \"https://localhost/v2/\")\" != \"401\" ]]; do sleep 1; done' || false") + output, err = ssh.CheckSshCommandE(t, publicHost, "timeout 300 bash -c 'while [[ \"$(curl -sfSL --retry 15 --retry-connrefused --retry-delay 5 -o /dev/null -w \"%{http_code}\" \"https://127.0.0.1/v2/\")\" != \"401\" ]]; do sleep 1; done' || false") require.NoError(t, err, output) // Deploy the game @@ -77,7 +78,7 @@ func testGameExample(t *testing.T, terraformOptions *terraform.Options, keyPair require.NoError(t, err, output) // Wait for the game to be live. Right now we're just checking that `curl` returns 0. It can be enhanced by scraping the HTML that gets returned or something. - output, err = ssh.CheckSshCommandE(t, publicHost, "timeout 300 bash -c 'while [[ \"$(curl -sfSL --retry 15 --retry-connrefused --retry-delay 5 -o /dev/null -w \"%{http_code}\" \"https://localhost\")\" != \"200\" ]]; do sleep 1; done' || false") + output, err = ssh.CheckSshCommandE(t, publicHost, "timeout 300 bash -c 'while [[ \"$(curl -sfSL --retry 15 --retry-connrefused --retry-delay 5 -o /dev/null -w \"%{http_code}\" \"https://127.0.0.1\")\" != \"200\" ]]; do sleep 1; done' || false") require.NoError(t, err, output) // Run `zarf destroy` to make sure that works correctly diff --git a/test/e2e/e2e_general_cli_test.go b/test/e2e/e2e_general_cli_test.go index 5908a880e1..d43cf0febd 100644 --- a/test/e2e/e2e_general_cli_test.go +++ b/test/e2e/e2e_general_cli_test.go @@ -83,12 +83,13 @@ func testGeneralCliStuff(t *testing.T, terraformOptions *terraform.Options, keyP assert.NotEqual(t, string(output), "UnknownVersion", "Zarf version should not be the default value") // Test for expected failure when given a bad component input - output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --components management,foo,logging", username)) + output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --host 127.0.0.1 --components management,foo,logging", username)) require.Error(t, err, output) // Test for expected failure when given invalid hostnames - output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --host bad!hostname", username)) - require.Error(t, err, output) + // output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --host bad!hostname", username)) + // require.Error(t, err, output) + output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf pki regenerate --host zarf@server", username)) require.Error(t, err, output) output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf pki regenerate --host some_unique_server", username)) From e082a6a0ed8e44d6141835cf8921072a9c0d90ba Mon Sep 17 00:00:00 2001 From: Andrew Roth Date: Fri, 10 Dec 2021 15:48:18 -0800 Subject: [PATCH 12/17] Add `--generate` wherever it is missing and ensure `--host=localhost` has been changed to `--host=127.0.0.1` everywhere --- docs/asciinema/scenarios/examples-game-logging.exp | 4 ++-- docs/asciinema/scenarios/examples-game-scripted.exp | 3 ++- e2e.sh | 2 +- examples/big-bang/README.md | 2 +- test/e2e/e2e_example_game_test.go | 2 +- 5 files changed, 7 insertions(+), 6 deletions(-) diff --git a/docs/asciinema/scenarios/examples-game-logging.exp b/docs/asciinema/scenarios/examples-game-logging.exp index 393cc2a056..87a4512d1c 100755 --- a/docs/asciinema/scenarios/examples-game-logging.exp +++ b/docs/asciinema/scenarios/examples-game-logging.exp @@ -94,7 +94,7 @@ setup # prep cluster spawn bash --norc -send -h "zarf init --host=localhost --components=management --confirm\r" +send -h "zarf init --host=127.0.0.1 --generate --components=management --confirm\r" expect -timeout 120 -re {.*Grafana Username[^=]*=([^\s]*)} set grafana_user $expect_out(1,string) expect -re {.*Password \(all\)[^=]*="([^"]*)"} @@ -128,7 +128,7 @@ comment "game running?" do "kubectl get pod -l app=game"; wait_input comment "install logging component" -send -h "zarf init --host=localhost --components=logging --confirm\r\r" +send -h "zarf init --host=127.0.0.1 --generate --components=logging --confirm\r\r" wait_input 120 comment "PLG stack up?" diff --git a/docs/asciinema/scenarios/examples-game-scripted.exp b/docs/asciinema/scenarios/examples-game-scripted.exp index 2f2c19a57e..89dceee5cf 100755 --- a/docs/asciinema/scenarios/examples-game-scripted.exp +++ b/docs/asciinema/scenarios/examples-game-scripted.exp @@ -98,7 +98,8 @@ do "which zarf" comment "create cluster" send -h "zarf init \\\n" -send -h " --host=localhost \\\n" +send -h " --host=127.0.0.1 \\\n" +send -h " --generate \\\n" send -h " --components=management \\\n" send -h " --confirm" sleep 1 ; send "\n\n" ; wait_input 120 diff --git a/e2e.sh b/e2e.sh index 26eafb3b21..0fba91c8e3 100755 --- a/e2e.sh +++ b/e2e.sh @@ -54,7 +54,7 @@ beforeAll() { _run "sudo zarf destroy --confirm" # Launch the gitops service with logging and management - _run "sudo zarf init --confirm --host=pipeline.zarf.dev --components=management,logging,gitops-service" + _run "sudo zarf init --confirm --generate --host=pipeline.zarf.dev --components=management,logging,gitops-service" _sleep 30 } diff --git a/examples/big-bang/README.md b/examples/big-bang/README.md index 9243b259b3..2ddd9aa622 100644 --- a/examples/big-bang/README.md +++ b/examples/big-bang/README.md @@ -16,7 +16,7 @@ Because the same cluster will be running both Traefik and Istio, Istio's Virtual 1. Run one of these two commands: - `make all` - Download the latest version of Zarf, build the deploy package, and start a VM with Vagrant - `make all-dev` - Build Zarf locally, build the deploy package, and start a VM with Vagrant -1. Run: `./zarf init --confirm --components management,gitops-service --host localhost` - Initialize Zarf, telling it to install the management component and gitops service and skip logging component (since BB has logging already) and tells Zarf to use `localhost` as the domain. If you want to use interactive mode instead just run `./zarf init`. +1. Run: `./zarf init --confirm --components management,gitops-service --host 127.0.0.1 --generate` - Initialize Zarf, telling it to install the management component and gitops service and skip logging component (since BB has logging already) and tells Zarf to use `localhost` as the domain. If you want to use interactive mode instead just run `./zarf init`. 1. Wait a bit, run `k9s` to see pods come up. Don't move on until everything is running 1. Run: `./zarf package deploy zarf-package-big-bang-core-demo.tar.zst --confirm` - Deploy Big Bang Core. If you want interactive mode instead just run `./zarf package deploy`, it will give you a picker to choose the package. 1. Wait several minutes. Run `k9s` to watch progress diff --git a/test/e2e/e2e_example_game_test.go b/test/e2e/e2e_example_game_test.go index 893e245066..93f51057b5 100644 --- a/test/e2e/e2e_example_game_test.go +++ b/test/e2e/e2e_example_game_test.go @@ -66,7 +66,7 @@ func testGameExample(t *testing.T, terraformOptions *terraform.Options, keyPair require.NoError(t, err, output) // run `zarf init` - output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("sudo bash -c 'cd /home/%s/build && ./zarf init --confirm --components management --host 127.0.0.1'", username)) + output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("sudo bash -c 'cd /home/%s/build && ./zarf init --confirm --components management --host 127.0.0.1 --generate'", username)) require.NoError(t, err, output) // Wait until the Docker registry is ready From f6e0893453edff8037ccfd65cbd26343e000d912 Mon Sep 17 00:00:00 2001 From: Andrew Roth Date: Fri, 10 Dec 2021 16:43:48 -0800 Subject: [PATCH 13/17] Remove `--generate` everywhere --- docs/asciinema/scenarios/examples-game-logging.exp | 4 ++-- docs/asciinema/scenarios/examples-game-scripted.exp | 1 - e2e.sh | 2 +- examples/big-bang/README.md | 2 +- test/e2e/e2e_example_game_test.go | 2 +- 5 files changed, 5 insertions(+), 6 deletions(-) diff --git a/docs/asciinema/scenarios/examples-game-logging.exp b/docs/asciinema/scenarios/examples-game-logging.exp index 87a4512d1c..c01b13f334 100755 --- a/docs/asciinema/scenarios/examples-game-logging.exp +++ b/docs/asciinema/scenarios/examples-game-logging.exp @@ -94,7 +94,7 @@ setup # prep cluster spawn bash --norc -send -h "zarf init --host=127.0.0.1 --generate --components=management --confirm\r" +send -h "zarf init --host=127.0.0.1 --components=management --confirm\r" expect -timeout 120 -re {.*Grafana Username[^=]*=([^\s]*)} set grafana_user $expect_out(1,string) expect -re {.*Password \(all\)[^=]*="([^"]*)"} @@ -128,7 +128,7 @@ comment "game running?" do "kubectl get pod -l app=game"; wait_input comment "install logging component" -send -h "zarf init --host=127.0.0.1 --generate --components=logging --confirm\r\r" +send -h "zarf init --host=127.0.0.1 --components=logging --confirm\r\r" wait_input 120 comment "PLG stack up?" diff --git a/docs/asciinema/scenarios/examples-game-scripted.exp b/docs/asciinema/scenarios/examples-game-scripted.exp index 89dceee5cf..189f31abe8 100755 --- a/docs/asciinema/scenarios/examples-game-scripted.exp +++ b/docs/asciinema/scenarios/examples-game-scripted.exp @@ -99,7 +99,6 @@ do "which zarf" comment "create cluster" send -h "zarf init \\\n" send -h " --host=127.0.0.1 \\\n" -send -h " --generate \\\n" send -h " --components=management \\\n" send -h " --confirm" sleep 1 ; send "\n\n" ; wait_input 120 diff --git a/e2e.sh b/e2e.sh index 0fba91c8e3..26eafb3b21 100755 --- a/e2e.sh +++ b/e2e.sh @@ -54,7 +54,7 @@ beforeAll() { _run "sudo zarf destroy --confirm" # Launch the gitops service with logging and management - _run "sudo zarf init --confirm --generate --host=pipeline.zarf.dev --components=management,logging,gitops-service" + _run "sudo zarf init --confirm --host=pipeline.zarf.dev --components=management,logging,gitops-service" _sleep 30 } diff --git a/examples/big-bang/README.md b/examples/big-bang/README.md index 2ddd9aa622..a216da0b03 100644 --- a/examples/big-bang/README.md +++ b/examples/big-bang/README.md @@ -16,7 +16,7 @@ Because the same cluster will be running both Traefik and Istio, Istio's Virtual 1. Run one of these two commands: - `make all` - Download the latest version of Zarf, build the deploy package, and start a VM with Vagrant - `make all-dev` - Build Zarf locally, build the deploy package, and start a VM with Vagrant -1. Run: `./zarf init --confirm --components management,gitops-service --host 127.0.0.1 --generate` - Initialize Zarf, telling it to install the management component and gitops service and skip logging component (since BB has logging already) and tells Zarf to use `localhost` as the domain. If you want to use interactive mode instead just run `./zarf init`. +1. Run: `./zarf init --confirm --components management,gitops-service --host 127.0.0.1` - Initialize Zarf, telling it to install the management component and gitops service and skip logging component (since BB has logging already) and tells Zarf to use `localhost` as the domain. If you want to use interactive mode instead just run `./zarf init`. 1. Wait a bit, run `k9s` to see pods come up. Don't move on until everything is running 1. Run: `./zarf package deploy zarf-package-big-bang-core-demo.tar.zst --confirm` - Deploy Big Bang Core. If you want interactive mode instead just run `./zarf package deploy`, it will give you a picker to choose the package. 1. Wait several minutes. Run `k9s` to watch progress diff --git a/test/e2e/e2e_example_game_test.go b/test/e2e/e2e_example_game_test.go index 93f51057b5..893e245066 100644 --- a/test/e2e/e2e_example_game_test.go +++ b/test/e2e/e2e_example_game_test.go @@ -66,7 +66,7 @@ func testGameExample(t *testing.T, terraformOptions *terraform.Options, keyPair require.NoError(t, err, output) // run `zarf init` - output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("sudo bash -c 'cd /home/%s/build && ./zarf init --confirm --components management --host 127.0.0.1 --generate'", username)) + output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("sudo bash -c 'cd /home/%s/build && ./zarf init --confirm --components management --host 127.0.0.1'", username)) require.NoError(t, err, output) // Wait until the Docker registry is ready From d4a903215f07fa9c9ed372126e6446dcbfc87c4c Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Sat, 11 Dec 2021 00:52:36 +0000 Subject: [PATCH 14/17] fix x509 generation bug --- cli/internal/pki/pki.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cli/internal/pki/pki.go b/cli/internal/pki/pki.go index 6ad6999c81..566853db19 100644 --- a/cli/internal/pki/pki.go +++ b/cli/internal/pki/pki.go @@ -174,12 +174,11 @@ func generateCA(caFile string, validFor time.Duration) (*x509.Certificate, *rsa. func generateCert(host string, certFile string, keyFile string, ca *x509.Certificate, caKey *rsa.PrivateKey, validFor time.Duration) error { template := newCertificate(validFor) + // Only use SANs to keep golang happy, https://go-review.googlesource.com/c/go/+/231379 if ip := net.ParseIP(host); ip != nil { template.IPAddresses = append(template.IPAddresses, ip) } else { - if template.Subject.CommonName == "" { - template.Subject.CommonName = host - } + template.DNSNames = append(template.DNSNames, host) } privateKey, err := newPrivateKey() From 8a1070cfbe60fbb9c9b9463d8f298f1745c7afd2 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Sat, 11 Dec 2021 00:53:22 +0000 Subject: [PATCH 15/17] introduce ip/host suggestions for tls options and cleanup tls prompt logic --- cli/cmd/initialize.go | 135 +++++++++++++++++++--------- cli/cmd/pki.go | 4 +- cli/internal/packager/initialize.go | 1 - cli/internal/utils/preflight.go | 4 +- 4 files changed, 95 insertions(+), 49 deletions(-) diff --git a/cli/cmd/initialize.go b/cli/cmd/initialize.go index ddcea1a6d5..99c8693c3c 100644 --- a/cli/cmd/initialize.go +++ b/cli/cmd/initialize.go @@ -1,6 +1,8 @@ package cmd import ( + "net" + "os" "path/filepath" "github.com/defenseunicorns/zarf/cli/config" @@ -14,6 +16,8 @@ import ( "github.com/spf13/cobra" ) +const invalidHostMessage = "The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. If using localhost, you must use the 127.0.0.1.\n" + var initOptions = packager.InstallOptions{} var state = config.ZarfState{ Kind: "ZarfState", @@ -31,66 +35,110 @@ var initCmd = &cobra.Command{ }, } -func handleTLSOptions() { +// Check for cert paths provided via automation (both required) +func hasCertPaths() bool { + return state.TLS.CertPrivatePath != "" && state.TLS.CertPublicPath != "" +} - const Generate = 0 - const Import = 1 - var tlsMode int = -1 +// Ask user if they will be importing or generating certs, return true if importing certs +func promptIsImportCerts() bool { + var mode int - // If it's obvious what the user intended to do for TLS certs, set that config early - if initOptions.Generate == true { - tlsMode = Generate - } else if state.TLS.CertPrivatePath != "" { - tlsMode = Import + if hasCertPaths() { + return true } - // Check to see if the certpaths or host entries are set as flags first - if tlsMode == -1 { - // Determine flow for generate or import - modePrompt := &survey.Select{ - Message: "Will Zarf be generating a TLS chain or importing an existing ingress cert?", - Options: []string{ - "Generate TLS chain with an ephemeral CA", - "Import user-provided cert keypair", - }, - } - _ = survey.AskOne(modePrompt, &tlsMode) + // Determine flow for generate or import + modePrompt := &survey.Select{ + Message: "Will Zarf be generating a TLS chain or importing an existing ingress cert?", + Options: []string{ + "Generate TLS chain with an ephemeral CA", + "Import user-provided cert keypair", + }, } + _ = survey.AskOne(modePrompt, &mode) + + return mode == 1 +} +// Ask user for the public and private key paths to import into the cluster +func promptCertPaths() { + prompt := &survey.Input{ + Message: "Enter a file path to the ingress public key", + Suggest: func(toComplete string) []string { + // Give some suggestions to users + files, _ := filepath.Glob(toComplete + "*") + return files + }, + } + _ = survey.AskOne(prompt, &state.TLS.CertPublicPath, survey.WithValidator(survey.Required)) + + prompt.Message = "Enter a file path to the ingress private key" + _ = survey.AskOne(prompt, &state.TLS.CertPrivatePath, survey.WithValidator(survey.Required)) +} + +// Ask user for the hostname or ip if not provided via automation and validate the input +func promptAndValidateHost() { if state.TLS.Host == "" { // If not provided, always ask for a host entry to avoid having to guess which entry in a cert if provided prompt := &survey.Input{ Message: "Enter a host DNS entry or IP Address for the cluster ingress. If using localhost, use 127.0.0.1", + Suggest: func(toComplete string) []string { + var suggestions []string + // Create a list of IPs to add to the suggestion box + interfaces, err := net.InterfaceAddrs() + if err == nil { + for _, iface := range interfaces { + // Conver the CIRD to the IP string if valid + ip, _, _ := net.ParseCIDR(iface.String()) + if iface.String() != "" { + suggestions = append(suggestions, ip.String()) + } + } + } + // Add the localhost hostname as well + hostname, _ := os.Hostname() + if hostname != "" { + suggestions = append(suggestions, hostname) + } + + return suggestions + }, + } + err := survey.AskOne(prompt, &state.TLS.Host, survey.WithValidator(survey.Required)) + if err.Error() == os.Interrupt.String() { + // Handle CTRL+C + os.Exit(0) } - _ = survey.AskOne(prompt, &state.TLS.Host, survey.WithValidator(survey.Required)) } - if tlsMode == Import && (state.TLS.CertPrivatePath == "" || state.TLS.CertPublicPath == "") { - // Import mode requires the public and private key paths - prompt := &survey.Input{ - Message: "Enter a file path to the ingress public key", - Suggest: func(toComplete string) []string { - // Give some suggestions to users - files, _ := filepath.Glob(toComplete + "*") - return files - }, + if !utils.ValidHostname(state.TLS.Host) { + // When hitting an invalid hostname... + if initOptions.Confirmed { + // ...if using automation end it all + logrus.Fatalf(invalidHostMessage, state.TLS.Host) } - _ = survey.AskOne(prompt, &state.TLS.CertPublicPath, survey.WithValidator(survey.Required)) + // ...otherwise, warn user, reset the field, and cycle the function + logrus.Warnf(invalidHostMessage, state.TLS.Host) + state.TLS.Host = "" + promptAndValidateHost() + } +} - prompt.Message = "Enter a file path to the ingress private key" - _ = survey.AskOne(prompt, &state.TLS.CertPrivatePath, survey.WithValidator(survey.Required)) +func handleTLSOptions() { + + // Get and validate host + promptAndValidateHost() + + // Get the cert path if this is an import + if promptIsImportCerts() && !hasCertPaths() { + promptCertPaths() } - if !utils.CheckHostName(state.TLS.Host) { - // On error warn user, reset the field, and cycle the function - logrus.Warnf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. If using localhost, you must use the 127.0.0.1.\n", state.TLS.Host) - state.TLS.Host = "" - handleTLSOptions() - } else { - if err := config.WriteState(state); err != nil { - logrus.Debug(err) - logrus.Fatal("Unable to save the zarf state file.") - } + // Persist the config the ZarfState + if err := config.WriteState(state); err != nil { + logrus.Debug(err) + logrus.Fatal("Unable to save the zarf state file.") } } @@ -98,7 +146,6 @@ func init() { rootCmd.AddCommand(initCmd) initCmd.Flags().BoolVar(&initOptions.Confirmed, "confirm", false, "Confirm the install without prompting") - initCmd.Flags().BoolVar(&initOptions.Generate, "generate", false, "Automatically generate the tls certs") initCmd.Flags().StringVar(&state.TLS.Host, "host", "", "Specify the host or IP for the gitops service ingress. E.g. host=10.10.10.5 or host=gitops.domain.com") initCmd.Flags().StringVar(&state.TLS.CertPublicPath, "server-crt", "", "Path to the server public key if not generating unique PKI") initCmd.Flags().StringVar(&state.TLS.CertPrivatePath, "server-key", "", "Path to the server private key if not generating unique PKI") diff --git a/cli/cmd/pki.go b/cli/cmd/pki.go index 5a1701c8b8..0b8018898d 100644 --- a/cli/cmd/pki.go +++ b/cli/cmd/pki.go @@ -29,8 +29,8 @@ var pkiRegenerate = &cobra.Command{ } // Verify the hostname provided is valid - if !utils.CheckHostName(tempState.TLS.Host) { - logrus.Fatalf("The hostname provided (%v) was not a valid hostname. The hostname can only contain: 'a-z', 'A-Z', '0-9', '-', and '.' characters as defined by RFC-1035. If using localhost, you must use the 127.0.0.1.\n", tempState.TLS.Host) + if !utils.ValidHostname(tempState.TLS.Host) { + logrus.Fatalf(invalidHostMessage, tempState.TLS.Host) } pki.GeneratePKI() diff --git a/cli/internal/packager/initialize.go b/cli/internal/packager/initialize.go index 4a5de8f700..2ff96d2976 100644 --- a/cli/internal/packager/initialize.go +++ b/cli/internal/packager/initialize.go @@ -10,7 +10,6 @@ import ( type InstallOptions struct { Confirmed bool Components string - Generate bool } func Install(options *InstallOptions) { diff --git a/cli/internal/utils/preflight.go b/cli/internal/utils/preflight.go index 5dd53c04d9..4fd5010158 100644 --- a/cli/internal/utils/preflight.go +++ b/cli/internal/utils/preflight.go @@ -8,7 +8,7 @@ import ( "github.com/sirupsen/logrus" ) -func CheckHostName(hostname string) bool { +func ValidHostname(hostname string) bool { // Explanation: https://regex101.com/r/zUGqjP/1/ rfcDomain := regexp.MustCompile(`^[a-zA-Z0-9\-.]+$`) // Explanation: https://regex101.com/r/vPGnzR/1/ @@ -29,7 +29,7 @@ func IsValidHostName() bool { return false } - return CheckHostName(hostname) + return ValidHostname(hostname) } func IsUserRoot() bool { From 30adce23f08b7d5dd52869ed17859edd8152db3b Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Sat, 11 Dec 2021 01:21:26 +0000 Subject: [PATCH 16/17] cleanup confirm flow for init --- cli/cmd/initialize.go | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/cli/cmd/initialize.go b/cli/cmd/initialize.go index 99c8693c3c..8eaae5eec4 100644 --- a/cli/cmd/initialize.go +++ b/cli/cmd/initialize.go @@ -29,6 +29,19 @@ var initCmd = &cobra.Command{ Short: "Deploys the gitops service or appliance cluster on a clean linux box", Long: "Flags are only required if running via automation, otherwise the init command will prompt you for your configuration choices", Run: func(cmd *cobra.Command, args []string) { + + if !initOptions.Confirmed { + var confirm bool + prompt := &survey.Confirm{ + Message: "⚠️ This will initialize a new Zarf deployment on this machine which will make changes to your filesystem. You should not run zarf init more than once without first running zarf destroy. Do you want to continue?", + } + _ = survey.AskOne(prompt, &confirm) + if !confirm { + // Gracefully exit because they didn't want to play after all :-/ + os.Exit(0) + } + } + handleTLSOptions() pki.HandlePKI() packager.Install(&initOptions) @@ -48,6 +61,11 @@ func promptIsImportCerts() bool { return true } + if initOptions.Confirmed { + // Assume generate on confirmed without cert paths + return false + } + // Determine flow for generate or import modePrompt := &survey.Select{ Message: "Will Zarf be generating a TLS chain or importing an existing ingress cert?", @@ -80,6 +98,11 @@ func promptCertPaths() { // Ask user for the hostname or ip if not provided via automation and validate the input func promptAndValidateHost() { if state.TLS.Host == "" { + if initOptions.Confirmed { + // Fail if host is not provided on confirm + logrus.Fatalf(invalidHostMessage, state.TLS.Host) + } + // If not provided, always ask for a host entry to avoid having to guess which entry in a cert if provided prompt := &survey.Input{ Message: "Enter a host DNS entry or IP Address for the cluster ingress. If using localhost, use 127.0.0.1", @@ -106,7 +129,7 @@ func promptAndValidateHost() { }, } err := survey.AskOne(prompt, &state.TLS.Host, survey.WithValidator(survey.Required)) - if err.Error() == os.Interrupt.String() { + if err != nil && err.Error() == os.Interrupt.String() { // Handle CTRL+C os.Exit(0) } From e461b2f65b7052adccc03a9585d16eb2364f7e43 Mon Sep 17 00:00:00 2001 From: Jeff McCoy Date: Sat, 11 Dec 2021 01:35:02 +0000 Subject: [PATCH 17/17] add missing --confirm to e2e tests --- test/e2e/e2e_general_cli_test.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/e2e/e2e_general_cli_test.go b/test/e2e/e2e_general_cli_test.go index d43cf0febd..bd2cc900d2 100644 --- a/test/e2e/e2e_general_cli_test.go +++ b/test/e2e/e2e_general_cli_test.go @@ -83,12 +83,12 @@ func testGeneralCliStuff(t *testing.T, terraformOptions *terraform.Options, keyP assert.NotEqual(t, string(output), "UnknownVersion", "Zarf version should not be the default value") // Test for expected failure when given a bad component input - output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --host 127.0.0.1 --components management,foo,logging", username)) + output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --confirm --host 127.0.0.1 --components management,foo,logging", username)) require.Error(t, err, output) // Test for expected failure when given invalid hostnames - // output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --host bad!hostname", username)) - // require.Error(t, err, output) + output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf init --confirm --host localhost", username)) + require.Error(t, err, output) output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf pki regenerate --host zarf@server", username)) require.Error(t, err, output) @@ -106,7 +106,7 @@ func testGeneralCliStuff(t *testing.T, terraformOptions *terraform.Options, keyP require.Error(t, err, output) // Test that changing the log level actually applies the requested level - output, err = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf version --log-level warn 2> /dev/null", username)) + output, _ = ssh.CheckSshCommandE(t, publicHost, fmt.Sprintf("cd /home/%s/build && ./zarf version --log-level warn 2> /dev/null", username)) expectedOutString := "The log level has been changed to: warning" logLevelOutput := strings.Split(output, "\n")[0] require.Equal(t, expectedOutString, logLevelOutput, "The log level should be changed to 'warn'")