diff --git a/baton-devolutions/.gitignore b/baton-devolutions/.gitignore new file mode 100644 index 0000000..736c00c --- /dev/null +++ b/baton-devolutions/.gitignore @@ -0,0 +1,5 @@ +dist/ +baton-devolutions +*.exe +.env +*.c1z diff --git a/baton-devolutions/CLAUDE.md b/baton-devolutions/CLAUDE.md new file mode 100644 index 0000000..0321acb --- /dev/null +++ b/baton-devolutions/CLAUDE.md @@ -0,0 +1,41 @@ +# CLAUDE.md + +Instructions for AI assistants working with this Baton connector. + +## What This Is + +A ConductorOne Baton connector that syncs identity and access data from Devolutions Server (DVLS). Connectors implement the `ResourceSyncer` interface to expose users, groups, roles, and their relationships. + +## Build & Test + +```bash +go build ./cmd/baton-devolutions # Build connector +go test ./... # Run tests +go test -v ./... -count=1 # Verbose, no cache +``` + +## Architecture + +- **REST API Client** (`pkg/client/`): HTTP client for DVLS REST API with Application Identity auth (appKey + appSecret). Token auto-refreshes on expiry (5 min TTL). +- **Connector** (`pkg/connector/`): Resource syncers for Users, Groups, Roles, and Vaults. +- **Config** (`pkg/config/`): CLI configuration fields (server-url, app-key, app-secret). + +## Resource Types + +| Type | Trait | Description | +|------|-------|-------------| +| User | TRAIT_USER | DVLS users with email, username, status | +| Group | TRAIT_GROUP | User groups with membership | +| Role | TRAIT_ROLE | Permission sets (Contributor/Operator/Reader) | +| Vault | (none) | Vaults with permission-based access | + +## Configuration + +```bash +baton-devolutions --server-url="https://dvls.example.com" --app-key="..." --app-secret="..." +``` + +Or via environment variables: +- `BATON_SERVER_URL` +- `BATON_APP_KEY` +- `BATON_APP_SECRET` diff --git a/baton-devolutions/Makefile b/baton-devolutions/Makefile new file mode 100644 index 0000000..b96f738 --- /dev/null +++ b/baton-devolutions/Makefile @@ -0,0 +1,26 @@ +GOOS = $(shell go env GOOS) +GOARCH = $(shell go env GOARCH) + +ifeq ($(GOOS),windows) +OUTPUT = dist/baton-devolutions.exe +else +OUTPUT = dist/baton-devolutions +endif + +.PHONY: build test lint update-deps + +build: + go build -o $(OUTPUT) ./cmd/baton-devolutions + +test: + go test -v ./... + +lint: + golangci-lint run --timeout 3m + +update-deps: + go get -d -u ./... + go mod tidy + +clean: + rm -rf dist/ diff --git a/baton-devolutions/go.mod b/baton-devolutions/go.mod new file mode 100644 index 0000000..a522b79 --- /dev/null +++ b/baton-devolutions/go.mod @@ -0,0 +1,121 @@ +module github.com/conductorone/baton-devolutions + +go 1.23.4 + +toolchain go1.24.2 + +require ( + github.com/conductorone/baton-sdk v0.3.10 + github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 + github.com/spf13/viper v1.19.0 + go.uber.org/zap v1.27.0 +) + +require ( + filippo.io/age v1.2.1 // indirect + filippo.io/edwards25519 v1.1.0 // indirect + github.com/aws/aws-lambda-go v1.47.0 // indirect + github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.10 // indirect + github.com/aws/aws-sdk-go-v2/config v1.29.2 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.17.55 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.25 // indirect + github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.55 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.8.2 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.29 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.2 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.5.3 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.10 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.10 // indirect + github.com/aws/aws-sdk-go-v2/service/lambda v1.71.0 // indirect + github.com/aws/aws-sdk-go-v2/service/s3 v1.75.0 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.24.12 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.11 // indirect + github.com/aws/aws-sdk-go-v2/service/sts v1.33.10 // indirect + github.com/aws/smithy-go v1.22.2 // indirect + github.com/benbjohnson/clock v1.3.5 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect + github.com/conductorone/dpop v0.2.3 // indirect + github.com/conductorone/dpop/integrations/dpop_grpc v0.2.3 // indirect + github.com/conductorone/dpop/integrations/dpop_oauth2 v0.2.3 // indirect + github.com/deckarep/golang-set/v2 v2.7.0 // indirect + github.com/dolthub/maphash v0.1.0 // indirect + github.com/doug-martin/goqu/v9 v9.19.0 // indirect + github.com/dustin/go-humanize v1.0.1 // indirect + github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect + github.com/fsnotify/fsnotify v1.8.0 // indirect + github.com/gammazero/deque v1.0.0 // indirect + github.com/glebarez/go-sqlite v1.22.0 // indirect + github.com/go-jose/go-jose/v4 v4.0.5 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-logr/stdr v1.2.2 // indirect + github.com/go-ole/go-ole v1.3.0 // indirect + github.com/golang/protobuf v1.5.4 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/jellydator/ttlcache/v3 v3.3.0 // indirect + github.com/klauspost/compress v1.17.11 // indirect + github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 // indirect + github.com/magiconair/properties v1.8.9 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/maypok86/otter v1.2.4 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect + github.com/ncruces/go-strftime v0.1.9 // indirect + github.com/pelletier/go-toml/v2 v2.2.3 // indirect + github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect + github.com/pquerna/cachecontrol v0.2.0 // indirect + github.com/pquerna/xjwt v0.3.0 // indirect + github.com/pquerna/xjwt/xkeyset v0.0.0-20241217022915-10fc997b2a9f // indirect + github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect + github.com/sagikazarmark/locafero v0.7.0 // indirect + github.com/sagikazarmark/slog-shim v0.1.0 // indirect + github.com/segmentio/ksuid v1.0.4 // indirect + github.com/shirou/gopsutil/v3 v3.24.5 // indirect + github.com/shoenig/go-m1cpu v0.1.6 // indirect + github.com/sourcegraph/conc v0.3.0 // indirect + github.com/spf13/afero v1.12.0 // indirect + github.com/spf13/cast v1.7.1 // indirect + github.com/spf13/cobra v1.8.1 // indirect + github.com/spf13/pflag v1.0.6 // indirect + github.com/subosito/gotenv v1.6.0 // indirect + github.com/tklauser/go-sysconf v0.3.14 // indirect + github.com/tklauser/numcpus v0.9.0 // indirect + github.com/yusufpapurcu/wmi v1.2.4 // indirect + go.opentelemetry.io/auto/sdk v1.1.0 // indirect + go.opentelemetry.io/contrib/bridges/otelzap v0.10.0 // indirect + go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.59.0 // indirect + go.opentelemetry.io/otel v1.35.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.11.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0 // indirect + go.opentelemetry.io/otel/log v0.11.0 // indirect + go.opentelemetry.io/otel/metric v1.35.0 // indirect + go.opentelemetry.io/otel/sdk v1.35.0 // indirect + go.opentelemetry.io/otel/sdk/log v0.11.0 // indirect + go.opentelemetry.io/otel/trace v1.35.0 // indirect + go.opentelemetry.io/proto/otlp v1.5.0 // indirect + go.uber.org/multierr v1.11.0 // indirect + go.uber.org/ratelimit v0.3.1 // indirect + golang.org/x/crypto v0.34.0 // indirect + golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c // indirect + golang.org/x/net v0.35.0 // indirect + golang.org/x/oauth2 v0.26.0 // indirect + golang.org/x/sync v0.11.0 // indirect + golang.org/x/sys v0.30.0 // indirect + golang.org/x/text v0.22.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2 // indirect + google.golang.org/grpc v1.71.0 // indirect + google.golang.org/protobuf v1.36.5 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect + modernc.org/libc v1.61.10 // indirect + modernc.org/mathutil v1.7.1 // indirect + modernc.org/memory v1.8.2 // indirect + modernc.org/sqlite v1.34.5 // indirect +) diff --git a/baton-devolutions/go.sum b/baton-devolutions/go.sum new file mode 100644 index 0000000..a44ed70 --- /dev/null +++ b/baton-devolutions/go.sum @@ -0,0 +1,407 @@ +c2sp.org/CCTV/age v0.0.0-20240306222714-3ec4d716e805 h1:u2qwJeEvnypw+OCPUHmoZE3IqwfuN5kgDfo5MLzpNM0= +c2sp.org/CCTV/age v0.0.0-20240306222714-3ec4d716e805/go.mod h1:FomMrUJ2Lxt5jCLmZkG3FHa72zUprnhd3v/Z18Snm4w= +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +filippo.io/age v1.2.1 h1:X0TZjehAZylOIj4DubWYU1vWQxv9bJpo+Uu2/LGhi1o= +filippo.io/age v1.2.1/go.mod h1:JL9ew2lTN+Pyft4RiNGguFfOpewKwSHm5ayKD/A4004= +filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= +filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= +github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= +github.com/aws/aws-lambda-go v1.47.0 h1:0H8s0vumYx/YKs4sE7YM0ktwL2eWse+kfopsRI1sXVI= +github.com/aws/aws-lambda-go v1.47.0/go.mod h1:dpMpZgvWx5vuQJfBt0zqBha60q7Dd7RfgJv23DymV8A= +github.com/aws/aws-sdk-go-v2 v1.36.3 h1:mJoei2CxPutQVxaATCzDUjcZEjVRdpsiiXi2o38yqWM= +github.com/aws/aws-sdk-go-v2 v1.36.3/go.mod h1:LLXuLpgzEbD766Z5ECcRmi8AzSwfZItDtmABVkRLGzg= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.10 h1:zAybnyUQXIZ5mok5Jqwlf58/TFE7uvd3IAsa1aF9cXs= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.10/go.mod h1:qqvMj6gHLR/EXWZw4ZbqlPbQUyenf4h82UQUlKc+l14= +github.com/aws/aws-sdk-go-v2/config v1.29.2 h1:JuIxOEPcSKpMB0J+khMjznG9LIhIBdmqNiEcPclnwqc= +github.com/aws/aws-sdk-go-v2/config v1.29.2/go.mod h1:HktTHregOZwNSM/e7WTfVSu9RCX+3eOv+6ij27PtaYs= +github.com/aws/aws-sdk-go-v2/credentials v1.17.55 h1:CDhKnDEaGkLA5ZszV/qw5uwN5M8rbv9Cl0JRN+PRsaM= +github.com/aws/aws-sdk-go-v2/credentials v1.17.55/go.mod h1:kPD/vj+RB5MREDUky376+zdnjZpR+WgdBBvwrmnlmKE= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.25 h1:kU7tmXNaJ07LsyN3BUgGqAmVmQtq0w6duVIHAKfp0/w= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.25/go.mod h1:OiC8+OiqrURb1wrwmr/UbOVLFSWEGxjinj5C299VQdo= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.55 h1:yfz56qEKO2MqTV0m81KtZS7swlP335FMrmoC1GBgU5k= +github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.55/go.mod h1:O/fEJxrOLSCbhA8jL1xHwo8gzbN/iNcT+y7aq7c6KHE= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 h1:ZK5jHhnrioRkUNOc+hOgQKlUL5JeC3S6JgLxtQ+Rm0Q= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34/go.mod h1:p4VfIceZokChbA9FzMbRGz5OV+lekcVtHlPKEO0gSZY= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 h1:SZwFm17ZUNNg5Np0ioo/gq8Mn6u9w19Mri8DnJ15Jf0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34/go.mod h1:dFZsC0BLo346mvKQLWmoJxT+Sjp+qcVR1tRVHQGOH9Q= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.2 h1:Pg9URiobXy85kgFev3og2CuOZ8JZUBENF+dcgWBaYNk= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.2/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.29 h1:g9OUETuxA8i/Www5Cby0R3WSTe7ppFTZXHVLNskNS4w= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.29/go.mod h1:CQk+koLR1QeY1+vm7lqNfFii07DEderKq6T3F1L2pyc= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.2 h1:D4oz8/CzT9bAEYtVhSBmFj2dNOtaHOtMKc2vHBwYizA= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.2/go.mod h1:Za3IHqTQ+yNcRHxu1OFucBh0ACZT4j4VQFF0BqpZcLY= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.5.3 h1:EP1ITDgYVPM2dL1bBBntJ7AW5yTjuWGz9XO+CZwpALU= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.5.3/go.mod h1:5lWNWeAgWenJ/BZ/CP9k9DjLbC0pjnM045WjXRPPi14= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.10 h1:hN4yJBGswmFTOVYqmbz1GBs9ZMtQe8SrYxPwrkrlRv8= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.10/go.mod h1:TsxON4fEZXyrKY+D+3d2gSTyJkGORexIYab9PTf56DA= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.10 h1:fXoWC2gi7tdJYNTPnnlSGzEVwewUchOi8xVq/dkg8Qs= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.10/go.mod h1:cvzBApD5dVazHU8C2rbBQzzzsKc8m5+wNJ9mCRZLKPc= +github.com/aws/aws-sdk-go-v2/service/lambda v1.71.0 h1:8PjrcaqDZKar6ivI8c6vwNADOURebrRZQms3SxggRgU= +github.com/aws/aws-sdk-go-v2/service/lambda v1.71.0/go.mod h1:c27kk10S36lBYgbG1jR3opn4OAS5Y/4wjJa1GiHK/X4= +github.com/aws/aws-sdk-go-v2/service/s3 v1.75.0 h1:UPQJDyqUXICUt60X4PwbiEf+2QQ4VfXUhDk8OEiGtik= +github.com/aws/aws-sdk-go-v2/service/s3 v1.75.0/go.mod h1:hHnELVnIHltd8EOF3YzahVX6F6y2C6dNqpRj1IMkS5I= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.12 h1:kznaW4f81mNMlREkU9w3jUuJvU5g/KsqDV43ab7Rp6s= +github.com/aws/aws-sdk-go-v2/service/sso v1.24.12/go.mod h1:bZy9r8e0/s0P7BSDHgMLXK2KvdyRRBIQ2blKlvLt0IU= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.11 h1:mUwIpAvILeKFnRx4h1dEgGEFGuV8KJ3pEScZWVFYuZA= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.11/go.mod h1:JDJtD+b8HNVv71axz8+S5492KM8wTzHRFpMKQbPlYxw= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.10 h1:g9d+TOsu3ac7SgmY2dUf1qMgu/uJVTlQ4VCbH6hRxSw= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.10/go.mod h1:WZfNmntu92HO44MVZAubQaz3qCuIdeOdog2sADfU6hU= +github.com/aws/smithy-go v1.22.2 h1:6D9hW43xKFrRx/tXXfAlIZc4JI+yQe6snnWcQyxSyLQ= +github.com/aws/smithy-go v1.22.2/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= +github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/benbjohnson/clock v1.3.5 h1:VvXlSJBzZpA/zum6Sj74hxwYI2DIxRWuNIoXAzHZz5o= +github.com/benbjohnson/clock v1.3.5/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= +github.com/conductorone/baton-sdk v0.3.10 h1:e1J0Y2knHTbzn9bAsjElmhv5lRpYwI6ixw0Ak+gx0JY= +github.com/conductorone/baton-sdk v0.3.10/go.mod h1:lWZHgu025Rsgs5jvBrhilGti0zWF2+YfaFY/bWOS/g0= +github.com/conductorone/dpop v0.2.3 h1:s91U3845GHQ6P6FWrdNr2SEOy1ES/jcFs1JtKSl2S+o= +github.com/conductorone/dpop v0.2.3/go.mod h1:gyo8TtzB9SCFCsjsICH4IaLZ7y64CcrDXMOPBwfq/3s= +github.com/conductorone/dpop/integrations/dpop_grpc v0.2.3 h1:kLMCNIh0Mo2vbvvkCmJ3ixsPbXEJ6HPcW53Ku9yje3s= +github.com/conductorone/dpop/integrations/dpop_grpc v0.2.3/go.mod h1:LYNoUc1lkvozk9HBio+xI2w8YyfYy0v2cAJtIgrkj8o= +github.com/conductorone/dpop/integrations/dpop_oauth2 v0.2.3 h1:KhFaxiTzj9FteI9IE2tIGdSjJKyFW5ZcUF2SrgLnA28= +github.com/conductorone/dpop/integrations/dpop_oauth2 v0.2.3/go.mod h1:2eI0qv+XaEhoCw0GKFF1yH4X8Mp4KLVEVnQKRFEy4zs= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/deckarep/golang-set/v2 v2.7.0 h1:gIloKvD7yH2oip4VLhsv3JyLLFnC0Y2mlusgcvJYW5k= +github.com/deckarep/golang-set/v2 v2.7.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4= +github.com/denisenkom/go-mssqldb v0.10.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= +github.com/dolthub/maphash v0.1.0 h1:bsQ7JsF4FkkWyrP3oCnFJgrCUAFbFf3kOl4L/QxPDyQ= +github.com/dolthub/maphash v0.1.0/go.mod h1:gkg4Ch4CdCDu5h6PMriVLawB7koZ+5ijb9puGMV50a4= +github.com/doug-martin/goqu/v9 v9.19.0 h1:PD7t1X3tRcUiSdc5TEyOFKujZA5gs3VSA7wxSvBx7qo= +github.com/doug-martin/goqu/v9 v9.19.0/go.mod h1:nf0Wc2/hV3gYK9LiyqIrzBEVGlI8qW3GuDCEobC4wBQ= +github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= +github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= +github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= +github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= +github.com/envoyproxy/protoc-gen-validate v1.2.1 h1:DEo3O99U8j4hBFwbJfrz9VtgcDfUKS7KJ7spH3d86P8= +github.com/envoyproxy/protoc-gen-validate v1.2.1/go.mod h1:d/C80l/jxXLdfEIhX1W2TmLfsJ31lvEjwamM4DxlWXU= +github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= +github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= +github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M= +github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= +github.com/gammazero/deque v1.0.0 h1:LTmimT8H7bXkkCy6gZX7zNLtkbz4NdS2z8LZuor3j34= +github.com/gammazero/deque v1.0.0/go.mod h1:iflpYvtGfM3U8S8j+sZEKIak3SAKYpA5/SQewgfXDKo= +github.com/glebarez/go-sqlite v1.22.0 h1:uAcMJhaA6r3LHMTFgP0SifzgXg46yJkgxqyuyec+ruQ= +github.com/glebarez/go-sqlite v1.22.0/go.mod h1:PlBIdHe0+aUEFn+r2/uthrWq4FxbzugL0L8Li6yQJbc= +github.com/go-jose/go-jose/v4 v4.0.5 h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE= +github.com/go-jose/go-jose/v4 v4.0.5/go.mod h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA= +github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= +github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= +github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= +github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE= +github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78= +github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= +github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd h1:gbpYu9NMq8jhDVbvlGkMFWCjLFlqqEZjEmObmhUy6Vo= +github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI= +github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1 h1:e9Rjr40Z98/clHv5Yg79Is0NtosR5LXRvdr7o/6NwbA= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.1/go.mod h1:tIxuGz/9mpox++sgp9fJjHO0+q1X9/UOWd798aAm22M= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jellydator/ttlcache/v3 v3.3.0 h1:BdoC9cE81qXfrxeb9eoJi9dWrdhSuwXMAnHTbnBm4Wc= +github.com/jellydator/ttlcache/v3 v3.3.0/go.mod h1:bj2/e0l4jRnQdrnSTaGTsh4GSXvMjQcy41i7th0GVGw= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= +github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/lib/pq v1.10.1 h1:6VXZrLU0jHBYyAqrSPa+MgPfnSvTPuMgK+k0o5kVFWo= +github.com/lib/pq v1.10.1/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 h1:7UMa6KCCMjZEMDtTVdcGu0B1GmmC7QJKiCCjyTAWQy0= +github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683/go.mod h1:ilwx/Dta8jXAgpFYFvSWEMwxmbWXyiUHkd5FwyKhb5k= +github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM= +github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/mattn/go-sqlite3 v1.14.7/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= +github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= +github.com/maypok86/otter v1.2.4 h1:HhW1Pq6VdJkmWwcZZq19BlEQkHtI8xgsQzBVXJU0nfc= +github.com/maypok86/otter v1.2.4/go.mod h1:mKLfoI7v1HOmQMwFgX4QkRk23mX6ge3RDvjdHOWG4R4= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4= +github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls= +github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= +github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M= +github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU= +github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= +github.com/pquerna/cachecontrol v0.2.0 h1:vBXSNuE5MYP9IJ5kjsdo8uq+w41jSPgvba2DEnkRx9k= +github.com/pquerna/cachecontrol v0.2.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= +github.com/pquerna/xjwt v0.3.0 h1:Ij21n2sUdDA1+ybybB1CAxLhSNmhsKhBnZ+UXUV+ytM= +github.com/pquerna/xjwt v0.3.0/go.mod h1:Gb5PNug9MopYlFiYubUuIYPGobzVsDUKtdkJcCxEzIw= +github.com/pquerna/xjwt/xkeyset v0.0.0-20241217022915-10fc997b2a9f h1:FIJuoMcz7dutr9TC0wSrWNA4lvn7lZJhc2L5NXuk71s= +github.com/pquerna/xjwt/xkeyset v0.0.0-20241217022915-10fc997b2a9f/go.mod h1:zLKgl1t/lY3NuaQmDQknoP2wpDSuoWrnYo3SG4ry0do= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= +github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/sagikazarmark/locafero v0.7.0 h1:5MqpDsTGNDhY8sGp0Aowyf0qKsPrhewaLSsFaodPcyo= +github.com/sagikazarmark/locafero v0.7.0/go.mod h1:2za3Cg5rMaTMoG/2Ulr9AwtFaIppKXTRYnozin4aB5k= +github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= +github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= +github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c= +github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE= +github.com/shirou/gopsutil/v3 v3.24.5 h1:i0t8kL+kQTvpAYToeuiVk3TgDeKOFioZO3Ztz/iZ9pI= +github.com/shirou/gopsutil/v3 v3.24.5/go.mod h1:bsoOS1aStSs9ErQ1WWfxllSeS1K5D+U30r2NfcubMVk= +github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM= +github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ= +github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU= +github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= +github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= +github.com/spf13/afero v1.12.0 h1:UcOPyRBYczmFn6yvphxkn9ZEOY65cpwGKb5mL36mrqs= +github.com/spf13/afero v1.12.0/go.mod h1:ZTlWwG4/ahT8W7T0WQ5uYmjI9duaLQGy3Q2OAl4sk/4= +github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y= +github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= +github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.19.0 h1:RWq5SEjt8o25SROyN3z2OrDB9l7RPd3lwTWU8EcEdcI= +github.com/spf13/viper v1.19.0/go.mod h1:GQUN9bilAbhU/jgc1bKs99f/suXKeUMct8Adx5+Ntkg= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= +github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= +github.com/tklauser/go-sysconf v0.3.14 h1:g5vzr9iPFFz24v2KZXs/pvpvh8/V9Fw6vQK5ZZb78yU= +github.com/tklauser/go-sysconf v0.3.14/go.mod h1:1ym4lWMLUOhuBOPGtRcJm7tEGX4SCYNEEEtghGG/8uY= +github.com/tklauser/numcpus v0.9.0 h1:lmyCHtANi8aRUgkckBgoDk1nHCux3n2cgkJLXdQGPDo= +github.com/tklauser/numcpus v0.9.0/go.mod h1:SN6Nq1O3VychhC1npsWostA+oW+VOQTxZrS604NSRyI= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0= +github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= +go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= +go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= +go.opentelemetry.io/contrib/bridges/otelzap v0.10.0 h1:ojdSRDvjrnm30beHOmwsSvLpoRF40MlwNCA+Oo93kXU= +go.opentelemetry.io/contrib/bridges/otelzap v0.10.0/go.mod h1:oTTm4g7NEtHSV2i/0FeVdPaPgUIZPfQkFbq0vbzqnv0= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.59.0 h1:rgMkmiGfix9vFJDcDi1PK8WEQP4FLQwLDfhp5ZLpFeE= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.59.0/go.mod h1:ijPqXp5P6IRRByFVVg9DY8P5HkxkHE5ARIa+86aXPf4= +go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ= +go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y= +go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.11.0 h1:HMUytBT3uGhPKYY/u/G5MR9itrlSO2SMOsSD3Tk3k7A= +go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.11.0/go.mod h1:hdDXsiNLmdW/9BF2jQpnHHlhFajpWCEYfM6e5m2OAZg= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 h1:OeNbIYk/2C15ckl7glBlOBp5+WlYsOElzTNmiPW/x60= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0/go.mod h1:7Bept48yIeqxP2OZ9/AqIpYS94h2or0aB4FypJTc8ZM= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0 h1:tgJ0uaNS4c98WRNUEx5U3aDlrDOI5Rs+1Vifcw4DJ8U= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0/go.mod h1:U7HYyW0zt/a9x5J1Kjs+r1f/d4ZHnYFclhYY2+YbeoE= +go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.27.0 h1:/jlt1Y8gXWiHG9FBx6cJaIC5hYx5Fe64nC8w5Cylt/0= +go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.27.0/go.mod h1:bmToOGOBZ4hA9ghphIc1PAf66VA8KOtsuy3+ScStG20= +go.opentelemetry.io/otel/log v0.11.0 h1:c24Hrlk5WJ8JWcwbQxdBqxZdOK7PcP/LFtOtwpDTe3Y= +go.opentelemetry.io/otel/log v0.11.0/go.mod h1:U/sxQ83FPmT29trrifhQg+Zj2lo1/IPN1PF6RTFqdwc= +go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M= +go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE= +go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY= +go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg= +go.opentelemetry.io/otel/sdk/log v0.11.0 h1:7bAOpjpGglWhdEzP8z0VXc4jObOiDEwr3IYbhBnjk2c= +go.opentelemetry.io/otel/sdk/log v0.11.0/go.mod h1:dndLTxZbwBstZoqsJB3kGsRPkpAgaJrWfQg3lhlHFFY= +go.opentelemetry.io/otel/sdk/metric v1.34.0 h1:5CeK9ujjbFVL5c1PhLuStg1wxA7vQv7ce1EK0Gyvahk= +go.opentelemetry.io/otel/sdk/metric v1.34.0/go.mod h1:jQ/r8Ze28zRKoNRdkjCZxfs6YvBTG1+YIqyFVFYec5w= +go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs= +go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc= +go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4= +go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4= +go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= +go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= +go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= +go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/ratelimit v0.3.1 h1:K4qVE+byfv/B3tC+4nYWP7v/6SimcO7HzHekoMNBma0= +go.uber.org/ratelimit v0.3.1/go.mod h1:6euWsTB6U/Nb3X++xEUXA8ciPJvr19Q/0h1+oDcJhRk= +go.uber.org/zap v1.18.1/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.34.0 h1:+/C6tk6rf/+t5DhUketUbD1aNGqiSX3j15Z6xuIDlBA= +golang.org/x/crypto v0.34.0/go.mod h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c h1:KL/ZBHXgKGVmuZBZ01Lt57yE5ws8ZPSkkihmEyq7FXc= +golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4= +golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8= +golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE= +golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= +golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.29.0 h1:L6pJp37ocefwRRtYPKSWOWzOtWSxVajvz2ldH/xi3iU= +golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= +golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE= +golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a h1:nwKuGPlUAt+aR+pcrkfFRrTU1BVrSmYyYMxYbUIVHr0= +google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a/go.mod h1:3kWAYMk1I75K4vykHtKt2ycnOgpA6974V7bREqbsenU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2 h1:DMTIbak9GhdaSxEjvVzAeNZvyc03I61duqNbnm3SU0M= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250219182151-9fdb1cabc7b2/go.mod h1:LuRYeWDFV6WOn90g357N17oMCaxpgCnbi/44qJvDn2I= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= +google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg= +google.golang.org/grpc v1.71.0/go.mod h1:H0GRtasmQOh9LkFoCPDu3ZrwUtD1YGE+b2vYBYd/8Ec= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +modernc.org/cc/v4 v4.24.4 h1:TFkx1s6dCkQpd6dKurBNmpo+G8Zl4Sq/ztJ+2+DEsh0= +modernc.org/cc/v4 v4.24.4/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0= +modernc.org/ccgo/v4 v4.23.15 h1:wFDan71KnYqeHz4eF63vmGE6Q6Pc0PUGDpP0PRMYjDc= +modernc.org/ccgo/v4 v4.23.15/go.mod h1:nJX30dks/IWuBOnVa7VRii9Me4/9TZ1SC9GNtmARTy0= +modernc.org/fileutil v1.3.0 h1:gQ5SIzK3H9kdfai/5x41oQiKValumqNTDXMvKo62HvE= +modernc.org/fileutil v1.3.0/go.mod h1:XatxS8fZi3pS8/hKG2GH/ArUogfxjpEKs3Ku3aK4JyQ= +modernc.org/gc/v2 v2.6.2 h1:YBXi5Kqp6aCK3fIxwKQ3/fErvawVKwjOLItxj1brGds= +modernc.org/gc/v2 v2.6.2/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito= +modernc.org/libc v1.61.10 h1:zPPaT7/dnMkTzG8b9HjIsvxWr4Ixk3Ce/WPuxakHj7Q= +modernc.org/libc v1.61.10/go.mod h1:HHX+srFdn839oaJRd0W8hBM3eg+mieyZCAjWwB08/nM= +modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU= +modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg= +modernc.org/memory v1.8.2 h1:cL9L4bcoAObu4NkxOlKWBWtNHIsnnACGF/TbqQ6sbcI= +modernc.org/memory v1.8.2/go.mod h1:ZbjSvMO5NQ1A2i3bWeDiVMxIorXwdClKE/0SZ+BMotU= +modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8= +modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns= +modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w= +modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE= +modernc.org/sqlite v1.34.5 h1:Bb6SR13/fjp15jt70CL4f18JIN7p7dnMExd+UFnF15g= +modernc.org/sqlite v1.34.5/go.mod h1:YLuNmX9NKs8wRNK2ko1LW1NGYcc9FkBO69JOt1AR9JE= +modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0= +modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A= +modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= +modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= diff --git a/baton-devolutions/pkg/client/client.go b/baton-devolutions/pkg/client/client.go new file mode 100644 index 0000000..491ff10 --- /dev/null +++ b/baton-devolutions/pkg/client/client.go @@ -0,0 +1,320 @@ +package client + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "io" + "net/http" + "net/url" + "sync" + "time" +) + +const ( + defaultPageSize = 50 + tokenHeader = "tokenId" +) + +// Client is a Devolutions Server REST API client that uses Application Identity +// authentication (appKey + appSecret). Tokens expire every 5 minutes and are +// automatically refreshed. +type Client struct { + httpClient *http.Client + baseURL string + appKey string + appSecret string + + mu sync.Mutex + token string +} + +// NewClient creates a new Devolutions Server client and authenticates. +func NewClient(ctx context.Context, baseURL, appKey, appSecret string) (*Client, error) { + c := &Client{ + httpClient: &http.Client{Timeout: 30 * time.Second}, + baseURL: baseURL, + appKey: appKey, + appSecret: appSecret, + } + + if err := c.login(ctx); err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to authenticate: %w", err) + } + + return c, nil +} + +type loginResponse struct { + Data struct { + TokenID string `json:"tokenId"` + } `json:"data"` + Result int `json:"result"` + Message string `json:"message"` +} + +func (c *Client) login(ctx context.Context) error { + form := url.Values{} + form.Set("AppKey", c.appKey) + form.Set("AppSecret", c.appSecret) + + reqURL := fmt.Sprintf("%s/api/v1/login", c.baseURL) + req, err := http.NewRequestWithContext(ctx, http.MethodPost, reqURL, bytes.NewBufferString(form.Encode())) + if err != nil { + return fmt.Errorf("baton-devolutions: failed to create login request: %w", err) + } + req.Header.Set("Content-Type", "application/x-www-form-urlencoded") + + resp, err := c.httpClient.Do(req) + if err != nil { + if resp != nil { + resp.Body.Close() + } + return fmt.Errorf("baton-devolutions: login request failed: %w", err) + } + defer resp.Body.Close() + + if resp.StatusCode != http.StatusOK { + body, _ := io.ReadAll(resp.Body) + return fmt.Errorf("baton-devolutions: login failed with status %d: %s", resp.StatusCode, string(body)) + } + + var loginResp loginResponse + if err := json.NewDecoder(resp.Body).Decode(&loginResp); err != nil { + return fmt.Errorf("baton-devolutions: failed to decode login response: %w", err) + } + + if loginResp.Data.TokenID == "" { + return fmt.Errorf("baton-devolutions: login returned empty token") + } + + c.mu.Lock() + c.token = loginResp.Data.TokenID + c.mu.Unlock() + + return nil +} + +func (c *Client) ensureAuthenticated(ctx context.Context) error { + reqURL := fmt.Sprintf("%s/api/is-logged", c.baseURL) + req, err := http.NewRequestWithContext(ctx, http.MethodGet, reqURL, nil) + if err != nil { + return err + } + + c.mu.Lock() + req.Header.Set(tokenHeader, c.token) + c.mu.Unlock() + + resp, err := c.httpClient.Do(req) + if err != nil { + if resp != nil { + resp.Body.Close() + } + return c.login(ctx) + } + defer resp.Body.Close() + + body, err := io.ReadAll(resp.Body) + if err != nil { + return c.login(ctx) + } + + // The is-logged endpoint returns a boolean. + if string(bytes.TrimSpace(body)) != "true" { + return c.login(ctx) + } + + return nil +} + +func (c *Client) doRequest(ctx context.Context, method, path string, body interface{}, result interface{}) error { + if err := c.ensureAuthenticated(ctx); err != nil { + return fmt.Errorf("baton-devolutions: authentication failed: %w", err) + } + + reqURL := fmt.Sprintf("%s%s", c.baseURL, path) + + var bodyReader io.Reader + if body != nil { + bodyBytes, err := json.Marshal(body) + if err != nil { + return fmt.Errorf("baton-devolutions: failed to marshal request body: %w", err) + } + bodyReader = bytes.NewReader(bodyBytes) + } + + req, err := http.NewRequestWithContext(ctx, method, reqURL, bodyReader) + if err != nil { + return fmt.Errorf("baton-devolutions: failed to create request: %w", err) + } + + c.mu.Lock() + req.Header.Set(tokenHeader, c.token) + c.mu.Unlock() + + if body != nil { + req.Header.Set("Content-Type", "application/json") + } + + resp, err := c.httpClient.Do(req) + if err != nil { + if resp != nil { + resp.Body.Close() + } + return fmt.Errorf("baton-devolutions: request to %s failed: %w", path, err) + } + defer resp.Body.Close() + + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + respBody, _ := io.ReadAll(resp.Body) + return fmt.Errorf("baton-devolutions: request to %s returned status %d: %s", path, resp.StatusCode, string(respBody)) + } + + if result != nil { + if err := json.NewDecoder(resp.Body).Decode(result); err != nil { + return fmt.Errorf("baton-devolutions: failed to decode response from %s: %w", path, err) + } + } + + return nil +} + +// PaginatedResponse wraps the standard DVLS paginated API response. +type PaginatedResponse[T any] struct { + Data []T `json:"data"` + CurrentPage int `json:"currentPage"` + PageSize int `json:"pageSize"` + TotalCount int `json:"totalCount"` + TotalPage int `json:"totalPage"` +} + +// User represents a DVLS user. +type User struct { + ID string `json:"id"` + Username string `json:"username"` + FirstName string `json:"firstName"` + LastName string `json:"lastName"` + Email string `json:"email"` + UserType string `json:"userType"` + AuthenticationType string `json:"authenticationType"` + IsEnabled bool `json:"isEnabled"` + IsAdministrator bool `json:"isAdministrator"` + Tags string `json:"tags"` + Audit *Audit `json:"audit"` +} + +// UserGroup represents a DVLS user group. +type UserGroup struct { + ID string `json:"id"` + Name string `json:"name"` + Description string `json:"description"` + Audit *Audit `json:"audit"` +} + +// GroupMember represents a user's membership in a group. +type GroupMember struct { + UserID string `json:"userId"` + Username string `json:"username"` +} + +// Vault represents a DVLS vault. +type Vault struct { + ID string `json:"id"` + Name string `json:"name"` + Description string `json:"description"` +} + +// VaultAccess represents a user or group's access to a vault. +type VaultAccess struct { + UserID string `json:"userId"` + GroupID string `json:"groupId"` + PermissionSet string `json:"permissionSet"` + Username string `json:"username"` + GroupName string `json:"groupName"` +} + +// Role represents a DVLS permission set / role. +type Role struct { + ID string `json:"id"` + Name string `json:"name"` + Description string `json:"description"` +} + +// Audit contains audit trail timestamps. +type Audit struct { + CreatedDate string `json:"createdDate"` + ModifiedDate string `json:"modifiedDate"` +} + +// ListUsers returns a page of users from DVLS. +func (c *Client) ListUsers(ctx context.Context, pageNumber, pageSize int) (*PaginatedResponse[User], error) { + path := fmt.Sprintf("/api/v3/users?pageNumber=%d&pageSize=%d", pageNumber, pageSize) + var resp PaginatedResponse[User] + if err := c.doRequest(ctx, http.MethodGet, path, nil, &resp); err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to list users: %w", err) + } + return &resp, nil +} + +// ListGroups returns a page of user groups from DVLS. +func (c *Client) ListGroups(ctx context.Context, pageNumber, pageSize int) (*PaginatedResponse[UserGroup], error) { + path := fmt.Sprintf("/api/v3/user-groups?pageNumber=%d&pageSize=%d", pageNumber, pageSize) + var resp PaginatedResponse[UserGroup] + if err := c.doRequest(ctx, http.MethodGet, path, nil, &resp); err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to list groups: %w", err) + } + return &resp, nil +} + +// GetGroupMembers returns the members of a user group. +func (c *Client) GetGroupMembers(ctx context.Context, groupID string) ([]GroupMember, error) { + path := fmt.Sprintf("/api/v3/user-groups/%s/members", groupID) + var resp struct { + Data []GroupMember `json:"data"` + } + if err := c.doRequest(ctx, http.MethodGet, path, nil, &resp); err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to get group members for %s: %w", groupID, err) + } + return resp.Data, nil +} + +// ListVaults returns a page of vaults from DVLS. +func (c *Client) ListVaults(ctx context.Context, pageNumber, pageSize int) (*PaginatedResponse[Vault], error) { + path := fmt.Sprintf("/api/v3/vaults?pageNumber=%d&pageSize=%d", pageNumber, pageSize) + var resp PaginatedResponse[Vault] + if err := c.doRequest(ctx, http.MethodGet, path, nil, &resp); err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to list vaults: %w", err) + } + return &resp, nil +} + +// GetVaultAccess returns the user and group access entries for a vault. +func (c *Client) GetVaultAccess(ctx context.Context, vaultID string) ([]VaultAccess, error) { + path := fmt.Sprintf("/api/v3/vaults/%s/access", vaultID) + var resp struct { + Data []VaultAccess `json:"data"` + } + if err := c.doRequest(ctx, http.MethodGet, path, nil, &resp); err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to get vault access for %s: %w", vaultID, err) + } + return resp.Data, nil +} + +// ListRoles returns the available roles/permission sets from DVLS. +func (c *Client) ListRoles(ctx context.Context) ([]Role, error) { + path := "/api/v3/roles" + var resp struct { + Data []Role `json:"data"` + } + if err := c.doRequest(ctx, http.MethodGet, path, nil, &resp); err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to list roles: %w", err) + } + return resp.Data, nil +} + +// Validate checks that the client can authenticate and make API calls. +func (c *Client) Validate(ctx context.Context) error { + return c.ensureAuthenticated(ctx) +} diff --git a/baton-devolutions/pkg/client/client_test.go b/baton-devolutions/pkg/client/client_test.go new file mode 100644 index 0000000..9925117 --- /dev/null +++ b/baton-devolutions/pkg/client/client_test.go @@ -0,0 +1,280 @@ +package client + +import ( + "context" + "encoding/json" + "fmt" + "net/http" + "net/http/httptest" + "testing" +) + +func newTestServer(t *testing.T, handler http.Handler) *httptest.Server { + t.Helper() + return httptest.NewServer(handler) +} + +func TestNewClient_LoginSuccess(t *testing.T) { + mux := http.NewServeMux() + mux.HandleFunc("/api/v1/login", func(w http.ResponseWriter, r *http.Request) { + if r.Method != http.MethodPost { + t.Errorf("expected POST, got %s", r.Method) + } + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(loginResponse{ + Data: struct { + TokenID string `json:"tokenId"` + }{TokenID: "test-token-123"}, + Result: 0, + }) + }) + + server := newTestServer(t, mux) + defer server.Close() + + client, err := NewClient(context.Background(), server.URL, "test-key", "test-secret") + if err != nil { + t.Fatalf("expected no error, got %v", err) + } + + if client.token != "test-token-123" { + t.Errorf("expected token 'test-token-123', got '%s'", client.token) + } +} + +func TestNewClient_LoginFailure(t *testing.T) { + mux := http.NewServeMux() + mux.HandleFunc("/api/v1/login", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(loginResponse{ + Data: struct { + TokenID string `json:"tokenId"` + }{TokenID: ""}, + Result: 1, + Message: "Invalid credentials", + }) + }) + + server := newTestServer(t, mux) + defer server.Close() + + _, err := NewClient(context.Background(), server.URL, "bad-key", "bad-secret") + if err == nil { + t.Fatal("expected error, got nil") + } +} + +func TestListUsers_Pagination(t *testing.T) { + mux := http.NewServeMux() + mux.HandleFunc("/api/v1/login", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(loginResponse{ + Data: struct { + TokenID string `json:"tokenId"` + }{TokenID: "test-token"}, + }) + }) + mux.HandleFunc("/api/is-logged", func(w http.ResponseWriter, r *http.Request) { + fmt.Fprint(w, "true") + }) + mux.HandleFunc("/api/v3/users", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(PaginatedResponse[User]{ + Data: []User{ + { + ID: "user-1", + Username: "jdoe", + FirstName: "John", + LastName: "Doe", + Email: "jdoe@example.com", + UserType: "User", + IsEnabled: true, + }, + { + ID: "user-2", + Username: "jsmith", + FirstName: "Jane", + LastName: "Smith", + Email: "jsmith@example.com", + UserType: "Admin", + IsEnabled: true, + }, + }, + CurrentPage: 1, + PageSize: 50, + TotalCount: 2, + TotalPage: 1, + }) + }) + + server := newTestServer(t, mux) + defer server.Close() + + client, err := NewClient(context.Background(), server.URL, "key", "secret") + if err != nil { + t.Fatalf("failed to create client: %v", err) + } + + resp, err := client.ListUsers(context.Background(), 1, 50) + if err != nil { + t.Fatalf("failed to list users: %v", err) + } + + if len(resp.Data) != 2 { + t.Errorf("expected 2 users, got %d", len(resp.Data)) + } + + if resp.Data[0].Username != "jdoe" { + t.Errorf("expected username 'jdoe', got '%s'", resp.Data[0].Username) + } + + if resp.TotalPage != 1 { + t.Errorf("expected 1 total page, got %d", resp.TotalPage) + } +} + +func TestListGroups(t *testing.T) { + mux := http.NewServeMux() + mux.HandleFunc("/api/v1/login", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(loginResponse{ + Data: struct { + TokenID string `json:"tokenId"` + }{TokenID: "test-token"}, + }) + }) + mux.HandleFunc("/api/is-logged", func(w http.ResponseWriter, r *http.Request) { + fmt.Fprint(w, "true") + }) + mux.HandleFunc("/api/v3/user-groups", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(PaginatedResponse[UserGroup]{ + Data: []UserGroup{ + { + ID: "group-1", + Name: "Admins", + Description: "Administrator group", + }, + }, + CurrentPage: 1, + PageSize: 50, + TotalCount: 1, + TotalPage: 1, + }) + }) + + server := newTestServer(t, mux) + defer server.Close() + + client, err := NewClient(context.Background(), server.URL, "key", "secret") + if err != nil { + t.Fatalf("failed to create client: %v", err) + } + + resp, err := client.ListGroups(context.Background(), 1, 50) + if err != nil { + t.Fatalf("failed to list groups: %v", err) + } + + if len(resp.Data) != 1 { + t.Errorf("expected 1 group, got %d", len(resp.Data)) + } + + if resp.Data[0].Name != "Admins" { + t.Errorf("expected group name 'Admins', got '%s'", resp.Data[0].Name) + } +} + +func TestGetGroupMembers(t *testing.T) { + mux := http.NewServeMux() + mux.HandleFunc("/api/v1/login", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(loginResponse{ + Data: struct { + TokenID string `json:"tokenId"` + }{TokenID: "test-token"}, + }) + }) + mux.HandleFunc("/api/is-logged", func(w http.ResponseWriter, r *http.Request) { + fmt.Fprint(w, "true") + }) + mux.HandleFunc("/api/v3/user-groups/group-1/members", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(struct { + Data []GroupMember `json:"data"` + }{ + Data: []GroupMember{ + {UserID: "user-1", Username: "jdoe"}, + {UserID: "user-2", Username: "jsmith"}, + }, + }) + }) + + server := newTestServer(t, mux) + defer server.Close() + + client, err := NewClient(context.Background(), server.URL, "key", "secret") + if err != nil { + t.Fatalf("failed to create client: %v", err) + } + + members, err := client.GetGroupMembers(context.Background(), "group-1") + if err != nil { + t.Fatalf("failed to get group members: %v", err) + } + + if len(members) != 2 { + t.Errorf("expected 2 members, got %d", len(members)) + } +} + +func TestTokenRefresh(t *testing.T) { + loginCount := 0 + mux := http.NewServeMux() + mux.HandleFunc("/api/v1/login", func(w http.ResponseWriter, r *http.Request) { + loginCount++ + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(loginResponse{ + Data: struct { + TokenID string `json:"tokenId"` + }{TokenID: fmt.Sprintf("token-%d", loginCount)}, + }) + }) + mux.HandleFunc("/api/is-logged", func(w http.ResponseWriter, r *http.Request) { + // Simulate expired token on first check. + if r.Header.Get(tokenHeader) == "token-1" { + fmt.Fprint(w, "false") + return + } + fmt.Fprint(w, "true") + }) + mux.HandleFunc("/api/v3/users", func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "application/json") + json.NewEncoder(w).Encode(PaginatedResponse[User]{ + Data: []User{}, + CurrentPage: 1, + PageSize: 50, + TotalCount: 0, + TotalPage: 1, + }) + }) + + server := newTestServer(t, mux) + defer server.Close() + + client, err := NewClient(context.Background(), server.URL, "key", "secret") + if err != nil { + t.Fatalf("failed to create client: %v", err) + } + + // First call should trigger re-auth because is-logged returns false for token-1. + _, err = client.ListUsers(context.Background(), 1, 50) + if err != nil { + t.Fatalf("failed to list users: %v", err) + } + + // login should have been called twice (initial + refresh). + if loginCount != 2 { + t.Errorf("expected 2 login calls, got %d", loginCount) + } +} diff --git a/baton-devolutions/pkg/config/config.go b/baton-devolutions/pkg/config/config.go new file mode 100644 index 0000000..2c0c526 --- /dev/null +++ b/baton-devolutions/pkg/config/config.go @@ -0,0 +1,34 @@ +package config + +import "github.com/conductorone/baton-sdk/pkg/field" + +var ( + ServerURLField = field.StringField( + "server-url", + field.WithDescription("Devolutions Server URL (e.g., https://dvls.example.com)"), + field.WithRequired(true), + ) + + AppKeyField = field.StringField( + "app-key", + field.WithDescription("Application Identity key for DVLS authentication"), + field.WithRequired(true), + ) + + AppSecretField = field.StringField( + "app-secret", + field.WithDescription("Application Identity secret for DVLS authentication"), + field.WithRequired(true), + field.WithIsSecret(true), + ) + + ConfigurationFields = []field.SchemaField{ + ServerURLField, + AppKeyField, + AppSecretField, + } + + ConfigurationSchema = field.Configuration{ + Fields: ConfigurationFields, + } +) diff --git a/baton-devolutions/pkg/connector/connector.go b/baton-devolutions/pkg/connector/connector.go new file mode 100644 index 0000000..ec4bdc0 --- /dev/null +++ b/baton-devolutions/pkg/connector/connector.go @@ -0,0 +1,47 @@ +package connector + +import ( + "context" + "fmt" + + "github.com/conductorone/baton-devolutions/pkg/client" + v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" + "github.com/conductorone/baton-sdk/pkg/annotations" + "github.com/conductorone/baton-sdk/pkg/connectorbuilder" +) + +type Devolutions struct { + client *client.Client +} + +func New(ctx context.Context, serverURL, appKey, appSecret string) (*Devolutions, error) { + c, err := client.NewClient(ctx, serverURL, appKey, appSecret) + if err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to create client: %w", err) + } + + return &Devolutions{client: c}, nil +} + +func (d *Devolutions) Metadata(_ context.Context) (*v2.ConnectorMetadata, error) { + return &v2.ConnectorMetadata{ + DisplayName: "Devolutions Server", + Description: "Connector syncing users, groups, roles, and vaults from Devolutions Server (DVLS) to ConductorOne.", + }, nil +} + +func (d *Devolutions) Validate(ctx context.Context) (annotations.Annotations, error) { + if err := d.client.Validate(ctx); err != nil { + return nil, fmt.Errorf("baton-devolutions: validation failed: %w", err) + } + return nil, nil +} + +func (d *Devolutions) ResourceSyncers(_ context.Context) []connectorbuilder.ResourceSyncer { + return []connectorbuilder.ResourceSyncer{ + newUserBuilder(d.client), + newGroupBuilder(d.client), + newRoleBuilder(d.client), + newVaultBuilder(d.client), + } +} diff --git a/baton-devolutions/pkg/connector/connector_test.go b/baton-devolutions/pkg/connector/connector_test.go new file mode 100644 index 0000000..6a43304 --- /dev/null +++ b/baton-devolutions/pkg/connector/connector_test.go @@ -0,0 +1,57 @@ +package connector + +import ( + "testing" + + "github.com/conductorone/baton-devolutions/pkg/client" +) + +func TestResourceTypes(t *testing.T) { + tests := []struct { + name string + rt string + expected string + }{ + {"user", resourceTypeUser.Id, "user"}, + {"group", resourceTypeGroup.Id, "group"}, + {"role", resourceTypeRole.Id, "role"}, + {"vault", resourceTypeVault.Id, "vault"}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if tt.rt != tt.expected { + t.Errorf("expected resource type ID '%s', got '%s'", tt.expected, tt.rt) + } + }) + } +} + +func TestDisplayName(t *testing.T) { + tests := []struct { + name string + firstName string + lastName string + username string + expected string + }{ + {"full name", "John", "Doe", "jdoe", "John Doe"}, + {"first only", "John", "", "jdoe", "John"}, + {"last only", "", "Doe", "jdoe", "Doe"}, + {"username fallback", "", "", "jdoe", "jdoe"}, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + user := client.User{ + FirstName: tt.firstName, + LastName: tt.lastName, + Username: tt.username, + } + result := displayName(user) + if result != tt.expected { + t.Errorf("expected '%s', got '%s'", tt.expected, result) + } + }) + } +} diff --git a/baton-devolutions/pkg/connector/groups.go b/baton-devolutions/pkg/connector/groups.go new file mode 100644 index 0000000..d504ae2 --- /dev/null +++ b/baton-devolutions/pkg/connector/groups.go @@ -0,0 +1,143 @@ +package connector + +import ( + "context" + "fmt" + "strconv" + + "github.com/conductorone/baton-devolutions/pkg/client" + v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" + "github.com/conductorone/baton-sdk/pkg/annotations" + "github.com/conductorone/baton-sdk/pkg/pagination" + ent "github.com/conductorone/baton-sdk/pkg/types/entitlement" + sdkGrant "github.com/conductorone/baton-sdk/pkg/types/grant" + rs "github.com/conductorone/baton-sdk/pkg/types/resource" +) + +const ( + groupsPageSize = 50 + memberEntitlement = "member" +) + +type groupBuilder struct { + resourceType *v2.ResourceType + client *client.Client +} + +func (g *groupBuilder) ResourceType(_ context.Context) *v2.ResourceType { + return g.resourceType +} + +func groupResource(group client.UserGroup) (*v2.Resource, error) { + profile := map[string]interface{}{ + "group_name": group.Name, + "group_id": group.ID, + } + + if group.Description != "" { + profile["description"] = group.Description + } + + ret, err := rs.NewGroupResource( + group.Name, + resourceTypeGroup, + group.ID, + []rs.GroupTraitOption{ + rs.WithGroupProfile(profile), + }, + ) + if err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to create group resource: %w", err) + } + + return ret, nil +} + +func (g *groupBuilder) List(ctx context.Context, _ *v2.ResourceId, pToken *pagination.Token) ([]*v2.Resource, string, annotations.Annotations, error) { + bag := &pagination.Bag{} + if err := bag.Unmarshal(pToken.Token); err != nil { + return nil, "", nil, err + } + + if bag.Current() == nil { + bag.Push(pagination.PageState{ + ResourceTypeID: resourceTypeGroup.Id, + ResourceID: "0", + }) + } + + pageNumber, err := strconv.Atoi(bag.ResourceID()) + if err != nil { + pageNumber = 0 + } + + resp, err := g.client.ListGroups(ctx, pageNumber, groupsPageSize) + if err != nil { + return nil, "", nil, fmt.Errorf("baton-devolutions: failed to list groups: %w", err) + } + + var resources []*v2.Resource + for _, group := range resp.Data { + r, err := groupResource(group) + if err != nil { + return nil, "", nil, err + } + resources = append(resources, r) + } + + var nextPageToken string + if resp.CurrentPage < resp.TotalPage { + bag.Pop() + bag.Push(pagination.PageState{ + ResourceTypeID: resourceTypeGroup.Id, + ResourceID: strconv.Itoa(resp.CurrentPage + 1), + }) + nextPageToken, err = bag.Marshal() + if err != nil { + return nil, "", nil, err + } + } + + return resources, nextPageToken, nil, nil +} + +func (g *groupBuilder) Entitlements(_ context.Context, resource *v2.Resource, _ *pagination.Token) ([]*v2.Entitlement, string, annotations.Annotations, error) { + memberEnt := ent.NewAssignmentEntitlement( + resource, + memberEntitlement, + ent.WithGrantableTo(resourceTypeUser), + ent.WithDescription(fmt.Sprintf("Member of %s group", resource.DisplayName)), + ent.WithDisplayName(fmt.Sprintf("%s Group Member", resource.DisplayName)), + ) + + return []*v2.Entitlement{memberEnt}, "", nil, nil +} + +func (g *groupBuilder) Grants(ctx context.Context, resource *v2.Resource, _ *pagination.Token) ([]*v2.Grant, string, annotations.Annotations, error) { + members, err := g.client.GetGroupMembers(ctx, resource.Id.Resource) + if err != nil { + return nil, "", nil, fmt.Errorf("baton-devolutions: failed to get group members: %w", err) + } + + var grants []*v2.Grant + for _, member := range members { + grant := sdkGrant.NewGrant( + resource, + memberEntitlement, + &v2.ResourceId{ + ResourceType: resourceTypeUser.Id, + Resource: member.UserID, + }, + ) + grants = append(grants, grant) + } + + return grants, "", nil, nil +} + +func newGroupBuilder(client *client.Client) *groupBuilder { + return &groupBuilder{ + resourceType: resourceTypeGroup, + client: client, + } +} diff --git a/baton-devolutions/pkg/connector/resource_types.go b/baton-devolutions/pkg/connector/resource_types.go new file mode 100644 index 0000000..ac88b6d --- /dev/null +++ b/baton-devolutions/pkg/connector/resource_types.go @@ -0,0 +1,44 @@ +package connector + +import ( + v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" + "github.com/conductorone/baton-sdk/pkg/annotations" +) + +var ( + resourceTypeUser = &v2.ResourceType{ + Id: "user", + DisplayName: "User", + Traits: []v2.ResourceType_Trait{ + v2.ResourceType_TRAIT_USER, + }, + Annotations: annotationsForUserResourceType(), + } + + resourceTypeGroup = &v2.ResourceType{ + Id: "group", + DisplayName: "Group", + Traits: []v2.ResourceType_Trait{ + v2.ResourceType_TRAIT_GROUP, + }, + } + + resourceTypeRole = &v2.ResourceType{ + Id: "role", + DisplayName: "Role", + Traits: []v2.ResourceType_Trait{ + v2.ResourceType_TRAIT_ROLE, + }, + } + + resourceTypeVault = &v2.ResourceType{ + Id: "vault", + DisplayName: "Vault", + } +) + +func annotationsForUserResourceType() annotations.Annotations { + annos := annotations.Annotations{} + annos.Update(&v2.SkipEntitlementsAndGrants{}) + return annos +} diff --git a/baton-devolutions/pkg/connector/roles.go b/baton-devolutions/pkg/connector/roles.go new file mode 100644 index 0000000..dd2c758 --- /dev/null +++ b/baton-devolutions/pkg/connector/roles.go @@ -0,0 +1,93 @@ +package connector + +import ( + "context" + "fmt" + + "github.com/conductorone/baton-devolutions/pkg/client" + v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" + "github.com/conductorone/baton-sdk/pkg/annotations" + "github.com/conductorone/baton-sdk/pkg/pagination" + ent "github.com/conductorone/baton-sdk/pkg/types/entitlement" + rs "github.com/conductorone/baton-sdk/pkg/types/resource" +) + +const assignedEntitlement = "assigned" + +type roleBuilder struct { + resourceType *v2.ResourceType + client *client.Client +} + +func (r *roleBuilder) ResourceType(_ context.Context) *v2.ResourceType { + return r.resourceType +} + +func roleResource(role client.Role) (*v2.Resource, error) { + profile := map[string]interface{}{ + "role_name": role.Name, + "role_id": role.ID, + } + + if role.Description != "" { + profile["description"] = role.Description + } + + ret, err := rs.NewRoleResource( + role.Name, + resourceTypeRole, + role.ID, + []rs.RoleTraitOption{ + rs.WithRoleProfile(profile), + }, + ) + if err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to create role resource: %w", err) + } + + return ret, nil +} + +func (r *roleBuilder) List(ctx context.Context, _ *v2.ResourceId, _ *pagination.Token) ([]*v2.Resource, string, annotations.Annotations, error) { + roles, err := r.client.ListRoles(ctx) + if err != nil { + return nil, "", nil, fmt.Errorf("baton-devolutions: failed to list roles: %w", err) + } + + var resources []*v2.Resource + for _, role := range roles { + res, err := roleResource(role) + if err != nil { + return nil, "", nil, err + } + resources = append(resources, res) + } + + return resources, "", nil, nil +} + +func (r *roleBuilder) Entitlements(_ context.Context, resource *v2.Resource, _ *pagination.Token) ([]*v2.Entitlement, string, annotations.Annotations, error) { + assignedEnt := ent.NewAssignmentEntitlement( + resource, + assignedEntitlement, + ent.WithGrantableTo(resourceTypeUser), + ent.WithDescription(fmt.Sprintf("Assigned the %s role", resource.DisplayName)), + ent.WithDisplayName(fmt.Sprintf("%s Role Assigned", resource.DisplayName)), + ) + + return []*v2.Entitlement{assignedEnt}, "", nil, nil +} + +func (r *roleBuilder) Grants(_ context.Context, _ *v2.Resource, _ *pagination.Token) ([]*v2.Grant, string, annotations.Annotations, error) { + // Role grants are expressed via vault access permission sets. + // Direct role-to-user mapping is not available through the DVLS API; + // instead, roles manifest as permission sets on vault access entries. + return nil, "", nil, nil +} + +func newRoleBuilder(client *client.Client) *roleBuilder { + return &roleBuilder{ + resourceType: resourceTypeRole, + client: client, + } +} diff --git a/baton-devolutions/pkg/connector/users.go b/baton-devolutions/pkg/connector/users.go new file mode 100644 index 0000000..a844039 --- /dev/null +++ b/baton-devolutions/pkg/connector/users.go @@ -0,0 +1,142 @@ +package connector + +import ( + "context" + "fmt" + "strconv" + + "github.com/conductorone/baton-devolutions/pkg/client" + v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" + "github.com/conductorone/baton-sdk/pkg/annotations" + "github.com/conductorone/baton-sdk/pkg/pagination" + rs "github.com/conductorone/baton-sdk/pkg/types/resource" +) + +const usersPageSize = 50 + +type userBuilder struct { + resourceType *v2.ResourceType + client *client.Client +} + +func (u *userBuilder) ResourceType(_ context.Context) *v2.ResourceType { + return u.resourceType +} + +func userResource(user client.User) (*v2.Resource, error) { + var userStatus v2.UserTrait_Status_Status + if user.IsEnabled { + userStatus = v2.UserTrait_Status_STATUS_ENABLED + } else { + userStatus = v2.UserTrait_Status_STATUS_DISABLED + } + + profile := map[string]interface{}{ + "first_name": user.FirstName, + "last_name": user.LastName, + "login": user.Username, + "user_id": user.ID, + "user_type": user.UserType, + "authentication_type": user.AuthenticationType, + "is_administrator": user.IsAdministrator, + } + + userTraitOptions := []rs.UserTraitOption{ + rs.WithUserProfile(profile), + rs.WithStatus(userStatus), + rs.WithUserLogin(user.Username), + } + + if user.Email != "" { + userTraitOptions = append(userTraitOptions, rs.WithEmail(user.Email, true)) + } + + ret, err := rs.NewUserResource( + displayName(user), + resourceTypeUser, + user.ID, + userTraitOptions, + ) + if err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to create user resource: %w", err) + } + + return ret, nil +} + +func displayName(user client.User) string { + if user.FirstName != "" || user.LastName != "" { + name := user.FirstName + if user.LastName != "" { + if name != "" { + name += " " + } + name += user.LastName + } + return name + } + return user.Username +} + +func (u *userBuilder) List(ctx context.Context, _ *v2.ResourceId, pToken *pagination.Token) ([]*v2.Resource, string, annotations.Annotations, error) { + bag := &pagination.Bag{} + if err := bag.Unmarshal(pToken.Token); err != nil { + return nil, "", nil, err + } + + if bag.Current() == nil { + bag.Push(pagination.PageState{ + ResourceTypeID: resourceTypeUser.Id, + ResourceID: "0", + }) + } + + pageNumber, err := strconv.Atoi(bag.ResourceID()) + if err != nil { + pageNumber = 0 + } + + resp, err := u.client.ListUsers(ctx, pageNumber, usersPageSize) + if err != nil { + return nil, "", nil, fmt.Errorf("baton-devolutions: failed to list users: %w", err) + } + + var resources []*v2.Resource + for _, user := range resp.Data { + r, err := userResource(user) + if err != nil { + return nil, "", nil, err + } + resources = append(resources, r) + } + + var nextPageToken string + if resp.CurrentPage < resp.TotalPage { + bag.Pop() + bag.Push(pagination.PageState{ + ResourceTypeID: resourceTypeUser.Id, + ResourceID: strconv.Itoa(resp.CurrentPage + 1), + }) + nextPageToken, err = bag.Marshal() + if err != nil { + return nil, "", nil, err + } + } + + return resources, nextPageToken, nil, nil +} + +func (u *userBuilder) Entitlements(_ context.Context, _ *v2.Resource, _ *pagination.Token) ([]*v2.Entitlement, string, annotations.Annotations, error) { + return nil, "", nil, nil +} + +func (u *userBuilder) Grants(_ context.Context, _ *v2.Resource, _ *pagination.Token) ([]*v2.Grant, string, annotations.Annotations, error) { + return nil, "", nil, nil +} + +func newUserBuilder(client *client.Client) *userBuilder { + return &userBuilder{ + resourceType: resourceTypeUser, + client: client, + } +} diff --git a/baton-devolutions/pkg/connector/vaults.go b/baton-devolutions/pkg/connector/vaults.go new file mode 100644 index 0000000..bbbbc71 --- /dev/null +++ b/baton-devolutions/pkg/connector/vaults.go @@ -0,0 +1,160 @@ +package connector + +import ( + "context" + "fmt" + "strconv" + + "github.com/conductorone/baton-devolutions/pkg/client" + v2 "github.com/conductorone/baton-sdk/pb/c1/connector/v2" + "github.com/conductorone/baton-sdk/pkg/annotations" + "github.com/conductorone/baton-sdk/pkg/pagination" + ent "github.com/conductorone/baton-sdk/pkg/types/entitlement" + sdkGrant "github.com/conductorone/baton-sdk/pkg/types/grant" + rs "github.com/conductorone/baton-sdk/pkg/types/resource" +) + +const ( + vaultsPageSize = 50 + + // DVLS permission sets for vault access. + permissionContributor = "Contributor" + permissionOperator = "Operator" + permissionReader = "Reader" +) + +var vaultPermissions = []string{ + permissionContributor, + permissionOperator, + permissionReader, +} + +type vaultBuilder struct { + resourceType *v2.ResourceType + client *client.Client +} + +func (v *vaultBuilder) ResourceType(_ context.Context) *v2.ResourceType { + return v.resourceType +} + +func vaultResource(vault client.Vault) (*v2.Resource, error) { + profile := map[string]interface{}{ + "vault_name": vault.Name, + "vault_id": vault.ID, + } + + if vault.Description != "" { + profile["description"] = vault.Description + } + + ret, err := rs.NewResource( + vault.Name, + resourceTypeVault, + vault.ID, + rs.WithAnnotation(&v2.ChildResourceType{ResourceTypeId: resourceTypeUser.Id}), + ) + if err != nil { + return nil, fmt.Errorf("baton-devolutions: failed to create vault resource: %w", err) + } + + return ret, nil +} + +func (v *vaultBuilder) List(ctx context.Context, _ *v2.ResourceId, pToken *pagination.Token) ([]*v2.Resource, string, annotations.Annotations, error) { + bag := &pagination.Bag{} + if err := bag.Unmarshal(pToken.Token); err != nil { + return nil, "", nil, err + } + + if bag.Current() == nil { + bag.Push(pagination.PageState{ + ResourceTypeID: resourceTypeVault.Id, + ResourceID: "0", + }) + } + + pageNumber, err := strconv.Atoi(bag.ResourceID()) + if err != nil { + pageNumber = 0 + } + + resp, err := v.client.ListVaults(ctx, pageNumber, vaultsPageSize) + if err != nil { + return nil, "", nil, fmt.Errorf("baton-devolutions: failed to list vaults: %w", err) + } + + var resources []*v2.Resource + for _, vault := range resp.Data { + r, err := vaultResource(vault) + if err != nil { + return nil, "", nil, err + } + resources = append(resources, r) + } + + var nextPageToken string + if resp.CurrentPage < resp.TotalPage { + bag.Pop() + bag.Push(pagination.PageState{ + ResourceTypeID: resourceTypeVault.Id, + ResourceID: strconv.Itoa(resp.CurrentPage + 1), + }) + nextPageToken, err = bag.Marshal() + if err != nil { + return nil, "", nil, err + } + } + + return resources, nextPageToken, nil, nil +} + +func (v *vaultBuilder) Entitlements(_ context.Context, resource *v2.Resource, _ *pagination.Token) ([]*v2.Entitlement, string, annotations.Annotations, error) { + var entitlements []*v2.Entitlement + + for _, perm := range vaultPermissions { + permEnt := ent.NewPermissionEntitlement( + resource, + perm, + ent.WithGrantableTo(resourceTypeUser), + ent.WithDescription(fmt.Sprintf("%s access to %s vault", perm, resource.DisplayName)), + ent.WithDisplayName(fmt.Sprintf("%s Vault %s", resource.DisplayName, perm)), + ) + entitlements = append(entitlements, permEnt) + } + + return entitlements, "", nil, nil +} + +func (v *vaultBuilder) Grants(ctx context.Context, resource *v2.Resource, _ *pagination.Token) ([]*v2.Grant, string, annotations.Annotations, error) { + accessEntries, err := v.client.GetVaultAccess(ctx, resource.Id.Resource) + if err != nil { + return nil, "", nil, fmt.Errorf("baton-devolutions: failed to get vault access: %w", err) + } + + var grants []*v2.Grant + for _, access := range accessEntries { + if access.UserID == "" || access.PermissionSet == "" { + continue + } + + grant := sdkGrant.NewGrant( + resource, + access.PermissionSet, + &v2.ResourceId{ + ResourceType: resourceTypeUser.Id, + Resource: access.UserID, + }, + ) + grants = append(grants, grant) + } + + return grants, "", nil, nil +} + +func newVaultBuilder(client *client.Client) *vaultBuilder { + return &vaultBuilder{ + resourceType: resourceTypeVault, + client: client, + } +}