From f71e894f7ccc18087d5dfb78e593474375dfe435 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 18:38:31 +0200 Subject: [PATCH 01/28] Adding the new workflow --- deploy/weekly-environment/manifest.yaml | 268 ++++++++++++++++++++++++ 1 file changed, 268 insertions(+) create mode 100644 deploy/weekly-environment/manifest.yaml diff --git a/deploy/weekly-environment/manifest.yaml b/deploy/weekly-environment/manifest.yaml new file mode 100644 index 0000000000..17ec3106a8 --- /dev/null +++ b/deploy/weekly-environment/manifest.yaml @@ -0,0 +1,268 @@ +# For more information refer to https://www.elastic.co/guide/en/fleet/current/running-on-kubernetes-managed-by-fleet.html +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: elastic-agent + namespace: kube-system + labels: + app: elastic-agent +spec: + selector: + matchLabels: + app: elastic-agent + template: + metadata: + labels: + app: elastic-agent + spec: + # Tolerations are needed to run Elastic Agent on Kubernetes control-plane nodes. + # Agents running on control-plane nodes collect metrics from the control plane components (scheduler, controller manager) of Kubernetes + tolerations: + - key: node-role.kubernetes.io/control-plane + effect: NoSchedule + - key: node-role.kubernetes.io/master + effect: NoSchedule + serviceAccountName: elastic-agent + hostNetwork: true + # 'hostPID: true' enables the Elastic Security integration to observe all process exec events on the host. + # Sharing the host process ID namespace gives visibility of all processes running on the same host. + hostPID: true + dnsPolicy: ClusterFirstWithHostNet + containers: + - name: elastic-agent + image: docker.elastic.co/beats/elastic-agent:8.6.1 + env: + # Set to 1 for enrollment into Fleet server. If not set, Elastic Agent is run in standalone mode + - name: FLEET_ENROLL + value: "1" + # Set to true to communicate with Fleet with either insecure HTTP or unverified HTTPS + - name: FLEET_INSECURE + value: "true" + # Fleet Server URL to enroll the Elastic Agent into + # FLEET_URL can be found in Kibana, go to Management > Fleet > Settings + - name: FLEET_URL + value: "blabla" + # Elasticsearch API key used to enroll Elastic Agents in Fleet (https://www.elastic.co/guide/en/fleet/current/fleet-enrollment-tokens.html#fleet-enrollment-tokens) + # If FLEET_ENROLLMENT_TOKEN is empty then KIBANA_HOST, KIBANA_FLEET_USERNAME, KIBANA_FLEET_PASSWORD are needed + - name: FLEET_ENROLLMENT_TOKEN + value: "blabla==" + - name: KIBANA_HOST + value: "http://kibana:5601" + # The basic authentication username used to connect to Kibana and retrieve a service_token to enable Fleet + - name: KIBANA_FLEET_USERNAME + value: "elastic" + # The basic authentication password used to connect to Kibana and retrieve a service_token to enable Fleet + - name: KIBANA_FLEET_PASSWORD + value: "changeme" + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + securityContext: + runAsUser: 0 + resources: + limits: + memory: 500Mi + requests: + cpu: 100m + memory: 200Mi + volumeMounts: + - name: proc + mountPath: /hostfs/proc + readOnly: true + - name: cgroup + mountPath: /hostfs/sys/fs/cgroup + readOnly: true + - name: varlibdockercontainers + mountPath: /var/lib/docker/containers + readOnly: true + - name: varlog + mountPath: /var/log + readOnly: true + - name: etc-full + mountPath: /hostfs/etc + readOnly: true + - name: var-lib + mountPath: /hostfs/var/lib + readOnly: true + - name: etc-mid + mountPath: /etc/machine-id + readOnly: true + volumes: + - name: proc + hostPath: + path: /proc + - name: cgroup + hostPath: + path: /sys/fs/cgroup + - name: varlibdockercontainers + hostPath: + path: /var/lib/docker/containers + - name: varlog + hostPath: + path: /var/log + # The following volumes are needed for Cloud Security Posture integration (cloudbeat) + # If you are not using this integration, then these volumes and the corresponding + # mounts can be removed. + - name: etc-full + hostPath: + path: /etc + - name: var-lib + hostPath: + path: /var/lib + # Mount /etc/machine-id from the host to determine host ID + # Needed for Elastic Security integration + - name: etc-mid + hostPath: + path: /etc/machine-id + type: File +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: elastic-agent +subjects: + - kind: ServiceAccount + name: elastic-agent + namespace: kube-system +roleRef: + kind: ClusterRole + name: elastic-agent + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + namespace: kube-system + name: elastic-agent +subjects: + - kind: ServiceAccount + name: elastic-agent + namespace: kube-system +roleRef: + kind: Role + name: elastic-agent + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: elastic-agent-kubeadm-config + namespace: kube-system +subjects: + - kind: ServiceAccount + name: elastic-agent + namespace: kube-system +roleRef: + kind: Role + name: elastic-agent-kubeadm-config + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: elastic-agent + labels: + k8s-app: elastic-agent +rules: + - apiGroups: [""] + resources: + - nodes + - namespaces + - events + - pods + - services + - configmaps + # Needed for cloudbeat + - serviceaccounts + - persistentvolumes + - persistentvolumeclaims + verbs: ["get", "list", "watch"] + # Enable this rule only if planing to use kubernetes_secrets provider + #- apiGroups: [""] + # resources: + # - secrets + # verbs: ["get"] + - apiGroups: ["extensions"] + resources: + - replicasets + verbs: ["get", "list", "watch"] + - apiGroups: ["apps"] + resources: + - statefulsets + - deployments + - replicasets + - daemonsets + verbs: ["get", "list", "watch"] + - apiGroups: + - "" + resources: + - nodes/stats + verbs: + - get + - apiGroups: [ "batch" ] + resources: + - jobs + - cronjobs + verbs: [ "get", "list", "watch" ] + # Needed for apiserver + - nonResourceURLs: + - "/metrics" + verbs: + - get + # Needed for cloudbeat + - apiGroups: ["rbac.authorization.k8s.io"] + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: ["get", "list", "watch"] + # Needed for cloudbeat + - apiGroups: ["policy"] + resources: + - podsecuritypolicies + verbs: ["get", "list", "watch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: elastic-agent + # Should be the namespace where elastic-agent is running + namespace: kube-system + labels: + k8s-app: elastic-agent +rules: + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: ["get", "create", "update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: elastic-agent-kubeadm-config + namespace: kube-system + labels: + k8s-app: elastic-agent +rules: + - apiGroups: [""] + resources: + - configmaps + resourceNames: + - kubeadm-config + verbs: ["get"] +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: elastic-agent + namespace: kube-system + labels: + k8s-app: elastic-agent +--- From cf305201dbd26182131c9dba2b6d326a1224b232 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 18:44:11 +0200 Subject: [PATCH 02/28] Add image replacement step --- .github/workflows/weekly-enviroment.yml | 186 +++++++++++++----------- 1 file changed, 99 insertions(+), 87 deletions(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 3b7b392eb5..8ce38e5257 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -45,97 +45,109 @@ jobs: terraform_version: 1.3.5 terraform_wrapper: false - - name: Terraform fmt - id: fmt - run: terraform fmt -check - continue-on-error: true +# - name: Terraform fmt +# id: fmt +# run: terraform fmt -check +# continue-on-error: true +# +# - name: Terraform Init +# id: init +# run: terraform init -no-color +# +# - name: Terraform Validate +# id: validate +# run: terraform validate -no-color +# +# - name: Deploy Elastic Cloud +# id: apply +# run: terraform apply --auto-approve +# +# - name: Set terraform output as env variable +# id: kibana_url +# run: | +# echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV +# +# - name: Set sensitive terraform output as env variable +# id: set_sensitive_output +# run: | +# export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) +# echo "::add-mask::$ELASTICSEARCH_USERNAME" +# echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV +# +# export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) +# echo "::add-mask::$ELASTICSEARCH_PASSWORD" +# echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV +# +# - name: Install KSPM vanilla integration +# id: install_vanilla_integration +# working-directory: ${{ env.SCRIPTS_DIR }} +# run: | +# ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} - - name: Terraform Init - id: init - run: terraform init -no-color - - - name: Terraform Validate - id: validate - run: terraform validate -no-color - - - name: Deploy Elastic Cloud - id: apply - run: terraform apply --auto-approve - - - name: Set terraform output as env variable - id: kibana_url - run: | - echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV - - - name: Set sensitive terraform output as env variable - id: set_sensitive_output - run: | - export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) - echo "::add-mask::$ELASTICSEARCH_USERNAME" - echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV - - export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) - echo "::add-mask::$ELASTICSEARCH_PASSWORD" - echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV - - - name: Install KSPM vanilla integration - id: install_vanilla_integration + - name : Replace the manifest file with the correct values + id: replace_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} + sed -i '' "s/^\( *image: *\).*/\1ofir_image/" manifest.yaml - - name: Deploy agent on EC2 - id: deploy_agent_on_ec2 + - name: cat manifest file + id: cat_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_SECRET }}" > weekly-key.pem - chmod 600 weekly-key.pem - # Copy the manifest file to the EC2 instance - scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." - # Apply the manifest file - ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" + cat manifest.yaml - # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file - - name: Send custom JSON data to Slack workflow - id: slack - uses: slackapi/slack-github-action@v1.23.0 - with: - payload: | - { - "text": "A new deployment job has been triggered", - "attachments": [ - { - "color": "#36a64f", - "fields": [ - { - "title": "Environment", - "value": "${{ github.event.inputs.environment }}", - "short": true - }, - { - "title": "Log level", - "value": "${{ github.event.inputs.logLevel }}", - "short": true - }, - { - "title": "Kibana URL", - "value": ${{ env.KIBANA_URL }}, - "short": false - }, - { - "title": "ElasticSearch username", - "value": ${{ env.ELASTICSEARCH_USERNAME }}, - "short": false - }, - { - "title": "ElasticSearch password", - "value": ${{ env.ELASTICSEARCH_PASSWORD }}, - "short": false - } - ] - } - ] - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK +# - name: Deploy agent on EC2 +# id: deploy_agent_on_ec2 +# working-directory: ${{ env.SCRIPTS_DIR }} +# run: | +# echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_SECRET }}" > weekly-key.pem +# chmod 600 weekly-key.pem +# # Copy the manifest file to the EC2 instance +# scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." +# # Apply the manifest file +# ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" +# +# # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file +# - name: Send custom JSON data to Slack workflow +# id: slack +# uses: slackapi/slack-github-action@v1.23.0 +# with: +# payload: | +# { +# "text": "A new deployment job has been triggered", +# "attachments": [ +# { +# "color": "#36a64f", +# "fields": [ +# { +# "title": "Environment", +# "value": "${{ github.event.inputs.environment }}", +# "short": true +# }, +# { +# "title": "Log level", +# "value": "${{ github.event.inputs.logLevel }}", +# "short": true +# }, +# { +# "title": "Kibana URL", +# "value": ${{ env.KIBANA_URL }}, +# "short": false +# }, +# { +# "title": "ElasticSearch username", +# "value": ${{ env.ELASTICSEARCH_USERNAME }}, +# "short": false +# }, +# { +# "title": "ElasticSearch password", +# "value": ${{ env.ELASTICSEARCH_PASSWORD }}, +# "short": false +# } +# ] +# } +# ] +# } +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK From fb4c41a48e12a9565a05e806f6d74ff6612570df Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 18:50:35 +0200 Subject: [PATCH 03/28] Update actions checkout --- .github/workflows/weekly-enviroment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 8ce38e5257..1b6cc5f6f8 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -37,7 +37,7 @@ jobs: working-directory: ${{ env.WORKING_DIR }} steps: - name: Check out the repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup Terraform uses: hashicorp/setup-terraform@v2 From 9908a764f292afd5622bff002ca803f27005bea1 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 18:53:49 +0200 Subject: [PATCH 04/28] Different format --- .github/workflows/weekly-enviroment.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 1b6cc5f6f8..a89e52f3bf 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -88,7 +88,9 @@ jobs: id: replace_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - sed -i '' "s/^\( *image: *\).*/\1ofir_image/" manifest.yaml + sed -i '' "s/^\( *image: *\).*/\\1ofir_image/" manifest.yaml + + - name: cat manifest file id: cat_manifest_file From fd344eb654b00d4fb0fa4a9639afa02e24d655a7 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 18:56:17 +0200 Subject: [PATCH 05/28] adding cat before --- .github/workflows/weekly-enviroment.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index a89e52f3bf..ddae33b401 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -84,12 +84,17 @@ jobs: # run: | # ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} + - name: cat manifest file + id: cat_manifest_file_1 + working-directory: ${{ env.SCRIPTS_DIR }} + run: | + cat manifest.yaml + - name : Replace the manifest file with the correct values id: replace_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - sed -i '' "s/^\( *image: *\).*/\\1ofir_image/" manifest.yaml - + sed -i '' "s/^\( *image: *\).*/\1ofir_image/" manifest.yaml - name: cat manifest file From abac56c2a7da6e74a4178c735e63bddcc19d0ef9 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 18:57:37 +0200 Subject: [PATCH 06/28] Moving the image to manifest.yaml --- .../{ => scripts/benchmarks/kspm_vanilla}/manifest.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename deploy/weekly-environment/{ => scripts/benchmarks/kspm_vanilla}/manifest.yaml (100%) diff --git a/deploy/weekly-environment/manifest.yaml b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/manifest.yaml similarity index 100% rename from deploy/weekly-environment/manifest.yaml rename to deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/manifest.yaml From 124178bd28390ab63a3b9dc42af54273de6e665c Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 19:03:04 +0200 Subject: [PATCH 07/28] trying to edit the command --- .github/workflows/weekly-enviroment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index ddae33b401..24acc1b23a 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -94,7 +94,7 @@ jobs: id: replace_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - sed -i '' "s/^\( *image: *\).*/\1ofir_image/" manifest.yaml + sed -i "s/^\( *image: *\).*/\1ofir_image/" manifest.yaml - name: cat manifest file From 85b00c5b027caedd1826f70e9a0ce9c2aa98c628 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 19:06:28 +0200 Subject: [PATCH 08/28] Trying to use environment variable for it --- .github/workflows/weekly-enviroment.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 24acc1b23a..40d035ec11 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -23,6 +23,7 @@ on: env: WORKING_DIR: deploy/weekly-environment SCRIPTS_DIR: deploy/weekly-environment/scripts/benchmarks/kspm_vanilla + AGENT_IMAGE: cisofir/elastic-agent:8.0.0-SNAPSHOT TF_VAR_ec_api_key: ${{ secrets.WEEKLY_ENVIRONMENT_KIBANA_API_KEY }} TF_VAR_environment: ${{ github.event.inputs.logLevel }} TF_LOG: ${{ github.event.inputs.logLevel }} @@ -84,6 +85,7 @@ jobs: # run: | # ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} + - name: cat manifest file id: cat_manifest_file_1 working-directory: ${{ env.SCRIPTS_DIR }} @@ -94,7 +96,7 @@ jobs: id: replace_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - sed -i "s/^\( *image: *\).*/\1ofir_image/" manifest.yaml + sed -i "s/^\( *image: *\).*/\1${{env.AGENT_IMAGE}}/" manifest.yaml - name: cat manifest file From cd1ccd97a27fb6a2210057beee25d46169d4ceed Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Tue, 14 Feb 2023 19:09:30 +0200 Subject: [PATCH 09/28] Trying to use environment variable for it --- .github/workflows/weekly-enviroment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 40d035ec11..abb34eaf03 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -96,7 +96,7 @@ jobs: id: replace_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - sed -i "s/^\( *image: *\).*/\1${{env.AGENT_IMAGE}}/" manifest.yaml + sed -i "s/^\( *image: *\).*/\1${{ env.IMAGE_NAME }}/" manifest.yaml - name: cat manifest file From ea5285a7546a5cf0c1e63b805ec7eb590e16cfbb Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 15 Feb 2023 12:25:40 +0200 Subject: [PATCH 10/28] merge vanilla to mine --- .github/workflows/weekly-enviroment.yml | 188 +++++++++++------------- 1 file changed, 84 insertions(+), 104 deletions(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 5454c0a2ba..261a999b31 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -46,117 +46,97 @@ jobs: terraform_version: 1.3.5 terraform_wrapper: false -# - name: Terraform fmt -# id: fmt -# run: terraform fmt -check -# continue-on-error: true -# -# - name: Terraform Init -# id: init -# run: terraform init -no-color -# -# - name: Terraform Validate -# id: validate -# run: terraform validate -no-color -# -# - name: Deploy Elastic Cloud -# id: apply -# run: terraform apply --auto-approve -# -# - name: Set terraform output as env variable -# id: kibana_url -# run: | -# echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV -# -# - name: Set sensitive terraform output as env variable -# id: set_sensitive_output -# run: | -# export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) -# echo "::add-mask::$ELASTICSEARCH_USERNAME" -# echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV -# -# export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) -# echo "::add-mask::$ELASTICSEARCH_PASSWORD" -# echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV -# -# - name: Install KSPM vanilla integration -# id: install_vanilla_integration -# working-directory: ${{ env.SCRIPTS_DIR }} -# run: | -# ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} + - name: Terraform fmt + id: fmt + run: terraform fmt -check + continue-on-error: true + - name: Terraform Init + id: init + run: terraform init -no-color - - name: cat manifest file - id: cat_manifest_file_1 - working-directory: ${{ env.SCRIPTS_DIR }} + - name: Terraform Validate + id: validate + run: terraform validate -no-color + + - name: Deploy Elastic Cloud + id: apply + run: terraform apply --auto-approve + + - name: Set terraform output as env variable + id: kibana_url run: | - cat manifest.yaml + echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV - - name : Replace the manifest file with the correct values - id: replace_manifest_file - working-directory: ${{ env.SCRIPTS_DIR }} + - name: Set sensitive terraform output as env variable + id: set_sensitive_output run: | - sed -i "s/^\( *image: *\).*/\1${{ env.IMAGE_NAME }}/" manifest.yaml + export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) + echo "::add-mask::$ELASTICSEARCH_USERNAME" + echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV + export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) + echo "::add-mask::$ELASTICSEARCH_PASSWORD" + echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV - - name: cat manifest file - id: cat_manifest_file + - name: Install KSPM vanilla integration + id: install_vanilla_integration working-directory: ${{ env.SCRIPTS_DIR }} run: | - cat manifest.yaml + ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} -# - name: Deploy agent on EC2 -# id: deploy_agent_on_ec2 -# working-directory: ${{ env.SCRIPTS_DIR }} -# run: | -# echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_SECRET }}" > weekly-key.pem -# chmod 600 weekly-key.pem -# # Copy the manifest file to the EC2 instance -# scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." -# # Apply the manifest file -# ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" -# -# # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file -# - name: Send custom JSON data to Slack workflow -# id: slack -# uses: slackapi/slack-github-action@v1.23.0 -# with: -# payload: | -# { -# "text": "A new deployment job has been triggered", -# "attachments": [ -# { -# "color": "#36a64f", -# "fields": [ -# { -# "title": "Environment", -# "value": "${{ github.event.inputs.environment }}", -# "short": true -# }, -# { -# "title": "Log level", -# "value": "${{ github.event.inputs.logLevel }}", -# "short": true -# }, -# { -# "title": "Kibana URL", -# "value": ${{ env.KIBANA_URL }}, -# "short": false -# }, -# { -# "title": "ElasticSearch username", -# "value": ${{ env.ELASTICSEARCH_USERNAME }}, -# "short": false -# }, -# { -# "title": "ElasticSearch password", -# "value": ${{ env.ELASTICSEARCH_PASSWORD }}, -# "short": false -# } -# ] -# } -# ] -# } -# env: -# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} -# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + - name: Deploy agent on EC2 + id: deploy_agent_on_ec2 + working-directory: ${{ env.SCRIPTS_DIR }} + run: | + echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_PRIVATE_KEY }}" > weekly-key.pem + chmod 600 weekly-key.pem + # Copy the manifest file to the EC2 instance + scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." + # Apply the manifest file + ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" + + # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file + - name: Send custom JSON data to Slack workflow + id: slack + uses: slackapi/slack-github-action@v1.23.0 + with: + payload: | + { + "text": "A new deployment job has been triggered", + "attachments": [ + { + "color": "#36a64f", + "fields": [ + { + "title": "Environment", + "value": "${{ github.event.inputs.environment }}", + "short": true + }, + { + "title": "Log level", + "value": "${{ github.event.inputs.logLevel }}", + "short": true + }, + { + "title": "Kibana URL", + "value": ${{ env.KIBANA_URL }}, + "short": false + }, + { + "title": "ElasticSearch username", + "value": ${{ env.ELASTICSEARCH_USERNAME }}, + "short": false + }, + { + "title": "ElasticSearch password", + "value": ${{ env.ELASTICSEARCH_PASSWORD }}, + "short": false + } + ] + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK From 5067c19cfaa92ffa2c61f1ca0f97c0654c334e66 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 15 Feb 2023 12:34:11 +0200 Subject: [PATCH 11/28] adding the image replace flow --- .github/workflows/weekly-enviroment.yml | 200 +++++++++++++----------- 1 file changed, 109 insertions(+), 91 deletions(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 261a999b31..516981011e 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -40,103 +40,121 @@ jobs: - name: Check out the repo uses: actions/checkout@v2 - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - terraform_version: 1.3.5 - terraform_wrapper: false +# - name: Setup Terraform +# uses: hashicorp/setup-terraform@v2 +# with: +# terraform_version: 1.3.5 +# terraform_wrapper: false +# +# - name: Terraform fmt +# id: fmt +# run: terraform fmt -check +# continue-on-error: true +# +# - name: Terraform Init +# id: init +# run: terraform init -no-color +# +# - name: Terraform Validate +# id: validate +# run: terraform validate -no-color +# +# - name: Deploy Elastic Cloud +# id: apply +# run: terraform apply --auto-approve +# +# - name: Set terraform output as env variable +# id: kibana_url +# run: | +# echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV +# +# - name: Set sensitive terraform output as env variable +# id: set_sensitive_output +# run: | +# export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) +# echo "::add-mask::$ELASTICSEARCH_USERNAME" +# echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV +# +# export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) +# echo "::add-mask::$ELASTICSEARCH_PASSWORD" +# echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV +# +# - name: Install KSPM vanilla integration +# id: install_vanilla_integration +# working-directory: ${{ env.SCRIPTS_DIR }} +# run: | +# ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} - - name: Terraform fmt - id: fmt - run: terraform fmt -check - continue-on-error: true - - - name: Terraform Init - id: init - run: terraform init -no-color - - - name: Terraform Validate - id: validate - run: terraform validate -no-color - - - name: Deploy Elastic Cloud - id: apply - run: terraform apply --auto-approve - - - name: Set terraform output as env variable - id: kibana_url - run: | - echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV - - - name: Set sensitive terraform output as env variable - id: set_sensitive_output + - name: cat manifest file + id: cat_manifest_file_1 + working-directory: ${{ env.SCRIPTS_DIR }} run: | - export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) - echo "::add-mask::$ELASTICSEARCH_USERNAME" - echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV + cat manifest.yaml - export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) - echo "::add-mask::$ELASTICSEARCH_PASSWORD" - echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV - - - name: Install KSPM vanilla integration - id: install_vanilla_integration + - name : Replace the manifest file with the correct values + id: replace_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} + sed -i "s/^\( *image: *\).*/\1${{ env.IMAGE_NAME }}/" manifest.yaml + - - name: Deploy agent on EC2 - id: deploy_agent_on_ec2 + - name: cat manifest file + id: cat_manifest_file working-directory: ${{ env.SCRIPTS_DIR }} run: | - echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_PRIVATE_KEY }}" > weekly-key.pem - chmod 600 weekly-key.pem - # Copy the manifest file to the EC2 instance - scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." - # Apply the manifest file - ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" + cat manifest.yaml +# - name: Deploy agent on EC2 +# id: deploy_agent_on_ec2 +# working-directory: ${{ env.SCRIPTS_DIR }} +# run: | +# echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_PRIVATE_KEY }}" > weekly-key.pem +# chmod 600 weekly-key.pem +# # Copy the manifest file to the EC2 instance +# scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." +# # Apply the manifest file +# ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" - # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file - - name: Send custom JSON data to Slack workflow - id: slack - uses: slackapi/slack-github-action@v1.23.0 - with: - payload: | - { - "text": "A new deployment job has been triggered", - "attachments": [ - { - "color": "#36a64f", - "fields": [ - { - "title": "Environment", - "value": "${{ github.event.inputs.environment }}", - "short": true - }, - { - "title": "Log level", - "value": "${{ github.event.inputs.logLevel }}", - "short": true - }, - { - "title": "Kibana URL", - "value": ${{ env.KIBANA_URL }}, - "short": false - }, - { - "title": "ElasticSearch username", - "value": ${{ env.ELASTICSEARCH_USERNAME }}, - "short": false - }, - { - "title": "ElasticSearch password", - "value": ${{ env.ELASTICSEARCH_PASSWORD }}, - "short": false - } - ] - } - ] - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK +# # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file +# - name: Send custom JSON data to Slack workflow +# id: slack +# uses: slackapi/slack-github-action@v1.23.0 +# with: +# payload: | +# { +# "text": "A new deployment job has been triggered", +# "attachments": [ +# { +# "color": "#36a64f", +# "fields": [ +# { +# "title": "Environment", +# "value": "${{ github.event.inputs.environment }}", +# "short": true +# }, +# { +# "title": "Log level", +# "value": "${{ github.event.inputs.logLevel }}", +# "short": true +# }, +# { +# "title": "Kibana URL", +# "value": ${{ env.KIBANA_URL }}, +# "short": false +# }, +# { +# "title": "ElasticSearch username", +# "value": ${{ env.ELASTICSEARCH_USERNAME }}, +# "short": false +# }, +# { +# "title": "ElasticSearch password", +# "value": ${{ env.ELASTICSEARCH_PASSWORD }}, +# "short": false +# } +# ] +# } +# ] +# } +# env: +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} +# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK From c649c6f1966d84960ae1ac56b1fc73f4b4b8f516 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 15 Feb 2023 14:50:51 +0200 Subject: [PATCH 12/28] Revert weekly environment to use same image --- .github/workflows/weekly-enviroment.yml | 201 +++++++++++------------- 1 file changed, 91 insertions(+), 110 deletions(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 516981011e..0a1feeef9e 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -23,7 +23,6 @@ on: env: WORKING_DIR: deploy/weekly-environment SCRIPTS_DIR: deploy/weekly-environment/scripts/benchmarks/kspm_vanilla - AGENT_IMAGE: cisofir/elastic-agent:8.0.0-SNAPSHOT TF_VAR_ec_api_key: ${{ secrets.WEEKLY_ENVIRONMENT_EC_API_KEY }} TF_VAR_environment: ${{ github.event.inputs.logLevel }} TF_LOG: ${{ github.event.inputs.logLevel }} @@ -40,121 +39,103 @@ jobs: - name: Check out the repo uses: actions/checkout@v2 -# - name: Setup Terraform -# uses: hashicorp/setup-terraform@v2 -# with: -# terraform_version: 1.3.5 -# terraform_wrapper: false -# -# - name: Terraform fmt -# id: fmt -# run: terraform fmt -check -# continue-on-error: true -# -# - name: Terraform Init -# id: init -# run: terraform init -no-color -# -# - name: Terraform Validate -# id: validate -# run: terraform validate -no-color -# -# - name: Deploy Elastic Cloud -# id: apply -# run: terraform apply --auto-approve -# -# - name: Set terraform output as env variable -# id: kibana_url -# run: | -# echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV -# -# - name: Set sensitive terraform output as env variable -# id: set_sensitive_output -# run: | -# export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) -# echo "::add-mask::$ELASTICSEARCH_USERNAME" -# echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV -# -# export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) -# echo "::add-mask::$ELASTICSEARCH_PASSWORD" -# echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV -# -# - name: Install KSPM vanilla integration -# id: install_vanilla_integration -# working-directory: ${{ env.SCRIPTS_DIR }} -# run: | -# ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.3.5 + terraform_wrapper: false - - name: cat manifest file - id: cat_manifest_file_1 - working-directory: ${{ env.SCRIPTS_DIR }} + - name: Terraform fmt + id: fmt + run: terraform fmt -check + continue-on-error: true + + - name: Terraform Init + id: init + run: terraform init -no-color + + - name: Terraform Validate + id: validate + run: terraform validate -no-color + + - name: Deploy Elastic Cloud + id: apply + run: terraform apply --auto-approve + + - name: Set terraform output as env variable + id: kibana_url run: | - cat manifest.yaml + echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV - - name : Replace the manifest file with the correct values - id: replace_manifest_file - working-directory: ${{ env.SCRIPTS_DIR }} + - name: Set sensitive terraform output as env variable + id: set_sensitive_output run: | - sed -i "s/^\( *image: *\).*/\1${{ env.IMAGE_NAME }}/" manifest.yaml + export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) + echo "::add-mask::$ELASTICSEARCH_USERNAME" + echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV + + export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) + echo "::add-mask::$ELASTICSEARCH_PASSWORD" + echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV + - name: Install KSPM vanilla integration + id: install_vanilla_integration + working-directory: ${{ env.SCRIPTS_DIR }} + run: | + ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} - - name: cat manifest file - id: cat_manifest_file + - name: Deploy agent on EC2 + id: deploy_agent_on_ec2 working-directory: ${{ env.SCRIPTS_DIR }} run: | - cat manifest.yaml -# - name: Deploy agent on EC2 -# id: deploy_agent_on_ec2 -# working-directory: ${{ env.SCRIPTS_DIR }} -# run: | -# echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_PRIVATE_KEY }}" > weekly-key.pem -# chmod 600 weekly-key.pem -# # Copy the manifest file to the EC2 instance -# scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." -# # Apply the manifest file -# ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" + echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_PRIVATE_KEY }}" > weekly-key.pem + chmod 600 weekly-key.pem + # Copy the manifest file to the EC2 instance + scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." + # Apply the manifest file + ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" -# # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file -# - name: Send custom JSON data to Slack workflow -# id: slack -# uses: slackapi/slack-github-action@v1.23.0 -# with: -# payload: | -# { -# "text": "A new deployment job has been triggered", -# "attachments": [ -# { -# "color": "#36a64f", -# "fields": [ -# { -# "title": "Environment", -# "value": "${{ github.event.inputs.environment }}", -# "short": true -# }, -# { -# "title": "Log level", -# "value": "${{ github.event.inputs.logLevel }}", -# "short": true -# }, -# { -# "title": "Kibana URL", -# "value": ${{ env.KIBANA_URL }}, -# "short": false -# }, -# { -# "title": "ElasticSearch username", -# "value": ${{ env.ELASTICSEARCH_USERNAME }}, -# "short": false -# }, -# { -# "title": "ElasticSearch password", -# "value": ${{ env.ELASTICSEARCH_PASSWORD }}, -# "short": false -# } -# ] -# } -# ] -# } -# env: -# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} -# SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file + - name: Send custom JSON data to Slack workflow + id: slack + uses: slackapi/slack-github-action@v1.23.0 + with: + payload: | + { + "text": "A new deployment job has been triggered", + "attachments": [ + { + "color": "#36a64f", + "fields": [ + { + "title": "Environment", + "value": "${{ github.event.inputs.environment }}", + "short": true + }, + { + "title": "Log level", + "value": "${{ github.event.inputs.logLevel }}", + "short": true + }, + { + "title": "Kibana URL", + "value": ${{ env.KIBANA_URL }}, + "short": false + }, + { + "title": "ElasticSearch username", + "value": ${{ env.ELASTICSEARCH_USERNAME }}, + "short": false + }, + { + "title": "ElasticSearch password", + "value": ${{ env.ELASTICSEARCH_PASSWORD }}, + "short": false + } + ] + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK From 6c9a3a65fa1abf78872b637cd9a3df359915bce0 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 15 Feb 2023 14:58:32 +0200 Subject: [PATCH 13/28] Trying to upgrade the flow to SNAPSHOT 8.7 --- .github/workflows/weekly-enviroment.yml | 2 +- .../data/package_policy_vanilla.json | 86 +++++++++++++++++-- deploy/weekly-environment/variables.tf | 4 +- 3 files changed, 84 insertions(+), 8 deletions(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 0a1feeef9e..81f05fa222 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -26,7 +26,7 @@ env: TF_VAR_ec_api_key: ${{ secrets.WEEKLY_ENVIRONMENT_EC_API_KEY }} TF_VAR_environment: ${{ github.event.inputs.logLevel }} TF_LOG: ${{ github.event.inputs.logLevel }} - TF_VAR: 8.6.1 + TF_VAR_stack_version: 8.7.1-SNAPSHOT jobs: terraform: diff --git a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json index 452a5c06ea..a35803b2ef 100644 --- a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json +++ b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json @@ -15,8 +15,7 @@ "data_stream": { "type": "logs", "dataset": "cloud_security_posture.findings" - }, - "release": "ga" + } } ] }, @@ -31,7 +30,6 @@ "type": "logs", "dataset": "cloud_security_posture.findings" }, - "release": "ga", "vars": { "access_key_id": { "type": "text" @@ -50,15 +48,93 @@ }, "role_arn": { "type": "text" + }, + "aws.credentials.type": { + "type": "text" + } + } + } + ] + }, + { + "type": "cloudbeat/cis_aws", + "policy_template": "cspm", + "enabled": false, + "streams": [ + { + "enabled": false, + "data_stream": { + "type": "logs", + "dataset": "cloud_security_posture.findings" + }, + "vars": { + "access_key_id": { + "type": "text" + }, + "secret_access_key": { + "type": "text" + }, + "session_token": { + "type": "text" + }, + "shared_credential_file": { + "type": "text" + }, + "credential_profile_name": { + "type": "text" + }, + "role_arn": { + "type": "text" + }, + "aws.credentials.type": { + "type": "text" } } } ] + }, + { + "type": "cloudbeat/cis_gcp", + "policy_template": "cspm", + "enabled": false, + "streams": [ + { + "enabled": false, + "data_stream": { + "type": "logs", + "dataset": "cloud_security_posture.findings" + } + } + ] + }, + { + "type": "cloudbeat/cis_azure", + "policy_template": "cspm", + "enabled": false, + "streams": [ + { + "enabled": false, + "data_stream": { + "type": "logs", + "dataset": "cloud_security_posture.findings" + } + } + ] } ], "package": { "name": "cloud_security_posture", - "title": "Kubernetes Security Posture Management (KSPM)", - "version": "1.1.1" + "title": "Security Posture Management (CSPM/KSPM)", + "version": "1.2.10" + }, + "vars": { + "posture": { + "value": "kspm", + "type": "text" + }, + "deployment": { + "value": "cloudbeat/cis_k8s", + "type": "text" + } } } diff --git a/deploy/weekly-environment/variables.tf b/deploy/weekly-environment/variables.tf index 0dac9f064a..03bfeccdc1 100644 --- a/deploy/weekly-environment/variables.tf +++ b/deploy/weekly-environment/variables.tf @@ -1,12 +1,12 @@ ## Deployment configuration -variable "ec_api_key" { + variable "ec_api_key" { description = "Elastic cloud API key" type = string } variable "ess_region" { - default = "gcp-us-central1" + default = "gcp-us-west2" description = "Optional ESS region where the deployment will be created. Defaults to gcp-us-west2" type = string } From b797ae88fcbdb3ad051937ad8b924b5d9899fc9b Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 15 Feb 2023 15:01:29 +0200 Subject: [PATCH 14/28] removing manifest file --- .../benchmarks/kspm_vanilla/manifest.yaml | 268 ------------------ 1 file changed, 268 deletions(-) delete mode 100644 deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/manifest.yaml diff --git a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/manifest.yaml b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/manifest.yaml deleted file mode 100644 index 17ec3106a8..0000000000 --- a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/manifest.yaml +++ /dev/null @@ -1,268 +0,0 @@ -# For more information refer to https://www.elastic.co/guide/en/fleet/current/running-on-kubernetes-managed-by-fleet.html -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: elastic-agent - namespace: kube-system - labels: - app: elastic-agent -spec: - selector: - matchLabels: - app: elastic-agent - template: - metadata: - labels: - app: elastic-agent - spec: - # Tolerations are needed to run Elastic Agent on Kubernetes control-plane nodes. - # Agents running on control-plane nodes collect metrics from the control plane components (scheduler, controller manager) of Kubernetes - tolerations: - - key: node-role.kubernetes.io/control-plane - effect: NoSchedule - - key: node-role.kubernetes.io/master - effect: NoSchedule - serviceAccountName: elastic-agent - hostNetwork: true - # 'hostPID: true' enables the Elastic Security integration to observe all process exec events on the host. - # Sharing the host process ID namespace gives visibility of all processes running on the same host. - hostPID: true - dnsPolicy: ClusterFirstWithHostNet - containers: - - name: elastic-agent - image: docker.elastic.co/beats/elastic-agent:8.6.1 - env: - # Set to 1 for enrollment into Fleet server. If not set, Elastic Agent is run in standalone mode - - name: FLEET_ENROLL - value: "1" - # Set to true to communicate with Fleet with either insecure HTTP or unverified HTTPS - - name: FLEET_INSECURE - value: "true" - # Fleet Server URL to enroll the Elastic Agent into - # FLEET_URL can be found in Kibana, go to Management > Fleet > Settings - - name: FLEET_URL - value: "blabla" - # Elasticsearch API key used to enroll Elastic Agents in Fleet (https://www.elastic.co/guide/en/fleet/current/fleet-enrollment-tokens.html#fleet-enrollment-tokens) - # If FLEET_ENROLLMENT_TOKEN is empty then KIBANA_HOST, KIBANA_FLEET_USERNAME, KIBANA_FLEET_PASSWORD are needed - - name: FLEET_ENROLLMENT_TOKEN - value: "blabla==" - - name: KIBANA_HOST - value: "http://kibana:5601" - # The basic authentication username used to connect to Kibana and retrieve a service_token to enable Fleet - - name: KIBANA_FLEET_USERNAME - value: "elastic" - # The basic authentication password used to connect to Kibana and retrieve a service_token to enable Fleet - - name: KIBANA_FLEET_PASSWORD - value: "changeme" - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - securityContext: - runAsUser: 0 - resources: - limits: - memory: 500Mi - requests: - cpu: 100m - memory: 200Mi - volumeMounts: - - name: proc - mountPath: /hostfs/proc - readOnly: true - - name: cgroup - mountPath: /hostfs/sys/fs/cgroup - readOnly: true - - name: varlibdockercontainers - mountPath: /var/lib/docker/containers - readOnly: true - - name: varlog - mountPath: /var/log - readOnly: true - - name: etc-full - mountPath: /hostfs/etc - readOnly: true - - name: var-lib - mountPath: /hostfs/var/lib - readOnly: true - - name: etc-mid - mountPath: /etc/machine-id - readOnly: true - volumes: - - name: proc - hostPath: - path: /proc - - name: cgroup - hostPath: - path: /sys/fs/cgroup - - name: varlibdockercontainers - hostPath: - path: /var/lib/docker/containers - - name: varlog - hostPath: - path: /var/log - # The following volumes are needed for Cloud Security Posture integration (cloudbeat) - # If you are not using this integration, then these volumes and the corresponding - # mounts can be removed. - - name: etc-full - hostPath: - path: /etc - - name: var-lib - hostPath: - path: /var/lib - # Mount /etc/machine-id from the host to determine host ID - # Needed for Elastic Security integration - - name: etc-mid - hostPath: - path: /etc/machine-id - type: File ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: elastic-agent -subjects: - - kind: ServiceAccount - name: elastic-agent - namespace: kube-system -roleRef: - kind: ClusterRole - name: elastic-agent - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - namespace: kube-system - name: elastic-agent -subjects: - - kind: ServiceAccount - name: elastic-agent - namespace: kube-system -roleRef: - kind: Role - name: elastic-agent - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: elastic-agent-kubeadm-config - namespace: kube-system -subjects: - - kind: ServiceAccount - name: elastic-agent - namespace: kube-system -roleRef: - kind: Role - name: elastic-agent-kubeadm-config - apiGroup: rbac.authorization.k8s.io ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: elastic-agent - labels: - k8s-app: elastic-agent -rules: - - apiGroups: [""] - resources: - - nodes - - namespaces - - events - - pods - - services - - configmaps - # Needed for cloudbeat - - serviceaccounts - - persistentvolumes - - persistentvolumeclaims - verbs: ["get", "list", "watch"] - # Enable this rule only if planing to use kubernetes_secrets provider - #- apiGroups: [""] - # resources: - # - secrets - # verbs: ["get"] - - apiGroups: ["extensions"] - resources: - - replicasets - verbs: ["get", "list", "watch"] - - apiGroups: ["apps"] - resources: - - statefulsets - - deployments - - replicasets - - daemonsets - verbs: ["get", "list", "watch"] - - apiGroups: - - "" - resources: - - nodes/stats - verbs: - - get - - apiGroups: [ "batch" ] - resources: - - jobs - - cronjobs - verbs: [ "get", "list", "watch" ] - # Needed for apiserver - - nonResourceURLs: - - "/metrics" - verbs: - - get - # Needed for cloudbeat - - apiGroups: ["rbac.authorization.k8s.io"] - resources: - - clusterrolebindings - - clusterroles - - rolebindings - - roles - verbs: ["get", "list", "watch"] - # Needed for cloudbeat - - apiGroups: ["policy"] - resources: - - podsecuritypolicies - verbs: ["get", "list", "watch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: elastic-agent - # Should be the namespace where elastic-agent is running - namespace: kube-system - labels: - k8s-app: elastic-agent -rules: - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: ["get", "create", "update"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: elastic-agent-kubeadm-config - namespace: kube-system - labels: - k8s-app: elastic-agent -rules: - - apiGroups: [""] - resources: - - configmaps - resourceNames: - - kubeadm-config - verbs: ["get"] ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: elastic-agent - namespace: kube-system - labels: - k8s-app: elastic-agent ---- From 42e160c4108f2c408ec21e4c58746a07ece49b12 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 15 Feb 2023 15:02:40 +0200 Subject: [PATCH 15/28] fixing spaces --- deploy/weekly-environment/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/weekly-environment/variables.tf b/deploy/weekly-environment/variables.tf index 03bfeccdc1..2a5c32ca6b 100644 --- a/deploy/weekly-environment/variables.tf +++ b/deploy/weekly-environment/variables.tf @@ -1,6 +1,6 @@ ## Deployment configuration - variable "ec_api_key" { +variable "ec_api_key" { description = "Elastic cloud API key" type = string } From acc2af3fcff8d56a079b56b5adc68f50a741d2df Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 15 Feb 2023 18:49:28 +0200 Subject: [PATCH 16/28] Trying to upgrade the flow to SNAPSHOT 8.7.0 --- .github/workflows/weekly-enviroment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml index 81f05fa222..a9aea35ba6 100644 --- a/.github/workflows/weekly-enviroment.yml +++ b/.github/workflows/weekly-enviroment.yml @@ -26,7 +26,7 @@ env: TF_VAR_ec_api_key: ${{ secrets.WEEKLY_ENVIRONMENT_EC_API_KEY }} TF_VAR_environment: ${{ github.event.inputs.logLevel }} TF_LOG: ${{ github.event.inputs.logLevel }} - TF_VAR_stack_version: 8.7.1-SNAPSHOT + TF_VAR_stack_version: 8.7.0-SNAPSHOT jobs: terraform: From fdf4b4010f3c3c72aa69ebf5482add4770449f31 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Feb 2023 14:21:30 +0200 Subject: [PATCH 17/28] Bump oauthlib from 3.2.1 to 3.2.2 in /tests (#710) Bumps [oauthlib](https://github.com/oauthlib/oauthlib) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/oauthlib/oauthlib/releases) - [Changelog](https://github.com/oauthlib/oauthlib/blob/master/CHANGELOG.rst) - [Commits](https://github.com/oauthlib/oauthlib/compare/v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: oauthlib dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Oren Zohar <85433724+oren-zohar@users.noreply.github.com> Co-authored-by: Dmitry Gurevich <99176494+gurevichdmitry@users.noreply.github.com> --- tests/poetry.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/poetry.lock b/tests/poetry.lock index dfa47225ca..a31ba656e0 100644 --- a/tests/poetry.lock +++ b/tests/poetry.lock @@ -415,14 +415,14 @@ yaml = ["PyYAML (>=5.1.0)"] [[package]] name = "oauthlib" -version = "3.2.1" +version = "3.2.2" description = "A generic, spec-compliant, thorough implementation of the OAuth request-signing logic" category = "main" optional = false python-versions = ">=3.6" files = [ - {file = "oauthlib-3.2.1-py3-none-any.whl", hash = "sha256:88e912ca1ad915e1dcc1c06fc9259d19de8deacd6fd17cc2df266decc2e49066"}, - {file = "oauthlib-3.2.1.tar.gz", hash = "sha256:1565237372795bf6ee3e5aba5e2a85bd5a65d0e2aa5c628b9a97b7d7a0da3721"}, + {file = "oauthlib-3.2.2-py3-none-any.whl", hash = "sha256:8139f29aac13e25d502680e9e19963e83f16838d48a0d71c287fe40e7067fbca"}, + {file = "oauthlib-3.2.2.tar.gz", hash = "sha256:9859c40929662bec5d64f34d01c99e093149682a3f38915dc0655d5a633dd918"}, ] [package.extras] @@ -806,8 +806,8 @@ category = "main" optional = false python-versions = ">=3.7" files = [ - {file = "setuptools-65.3.0-py3-none-any.whl", hash = "sha256:2e24e0bec025f035a2e72cdd1961119f557d78ad331bb00ff82efb2ab8da8e82"}, - {file = "setuptools-65.3.0.tar.gz", hash = "sha256:7732871f4f7fa58fb6bdcaeadb0161b2bd046c85905dbaa066bdcbcc81953b57"}, + {file = "setuptools-65.5.1-py3-none-any.whl", hash = "sha256:d0b9a8433464d5800cbe05094acf5c6d52a91bfac9b52bcfc4d41382be5d5d31"}, + {file = "setuptools-65.5.1.tar.gz", hash = "sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f"}, ] [package.extras] From 46ea3b71b04a7b488bbdc36eee1a62fb73bad5eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 21 Feb 2023 08:13:32 +0200 Subject: [PATCH 18/28] Bump github.com/elastic/elastic-agent-libs from 0.3.0 to 0.3.1 (#751) Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.3.0 to 0.3.1. - [Release notes](https://github.com/elastic/elastic-agent-libs/releases) - [Commits](https://github.com/elastic/elastic-agent-libs/compare/v0.3.0...v0.3.1) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-libs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Oren Zohar <85433724+oren-zohar@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 5dc22c3ff6..c2bc623714 100644 --- a/go.mod +++ b/go.mod @@ -54,7 +54,7 @@ require ( github.com/djherbis/times v1.5.0 github.com/elastic/e2e-testing v1.99.2-0.20220117192005-d3365c99b9c4 github.com/elastic/elastic-agent-autodiscover v0.5.0 - github.com/elastic/elastic-agent-libs v0.3.0 + github.com/elastic/elastic-agent-libs v0.3.1 github.com/elastic/go-licenser v0.4.1 github.com/go-git/go-git/v5 v5.4.2 github.com/gocarina/gocsv v0.0.0-20170324095351-ffef3ffc77be diff --git a/go.sum b/go.sum index 9920f3e828..f6145322b4 100644 --- a/go.sum +++ b/go.sum @@ -548,8 +548,8 @@ github.com/elastic/elastic-agent-autodiscover v0.5.0/go.mod h1:p3MSf9813JEnolCTD github.com/elastic/elastic-agent-client/v7 v7.0.3 h1:YqZPnO7Z9rlj25sFZEUaxGGK3mZR4v0uSOcfO8GRv7s= github.com/elastic/elastic-agent-client/v7 v7.0.3/go.mod h1:cHviLpA5fAwMbfBIHBVNl16qp90bO7pKHMAQaG+9raU= github.com/elastic/elastic-agent-libs v0.2.11/go.mod h1:chO3rtcLyGlKi9S0iGVZhYCzDfdDsAQYBc+ui588AFE= -github.com/elastic/elastic-agent-libs v0.3.0 h1:cDq4aIP4sH+cMidlyU9M0POm1pfDE83RlG/Oh98tnC0= -github.com/elastic/elastic-agent-libs v0.3.0/go.mod h1:GC2VyFWlgQzaG9OZiVpsA9r6Ff/jcvgtx+/afBvbjmI= +github.com/elastic/elastic-agent-libs v0.3.1 h1:q/qlkrWQmMqSgeCR9oaHIz7OiJT2cZ8LvcowE1tVOIM= +github.com/elastic/elastic-agent-libs v0.3.1/go.mod h1:GC2VyFWlgQzaG9OZiVpsA9r6Ff/jcvgtx+/afBvbjmI= github.com/elastic/elastic-agent-shipper-client v0.4.0 h1:nsTJF9oo4RHLl+zxFUZqNHaE86C6Ba5aImfegcEf6Sk= github.com/elastic/elastic-agent-shipper-client v0.4.0/go.mod h1:OyI2W+Mv3JxlkEF3OeT7K0dbuxvwew8ke2Cf4HpLa9Q= github.com/elastic/elastic-agent-system-metrics v0.4.5-0.20220927192933-25a985b07d51 h1:ZFk7hC6eRPJkJNtOSG+GYbRlsgLjSD8rTj4gQq+7rsA= From cd58bc65b3384d62893760fa1233b8e2db99c29d Mon Sep 17 00:00:00 2001 From: Oleg Sucharevich Date: Tue, 21 Feb 2023 12:08:18 +0200 Subject: [PATCH 19/28] Fix concurrency (#748) * fix: concurrency in `awslib.MultiRegionFetch` The `awslib.MultiRegionFetch` function used to share the `error` from multiple go routines. Every go routine that called the `fetcher` function was able to update this variable. * feat: test cloudbeat also with -race flag 1. Add new step to UnitTest workflow with race detection flag in the `go test` command. 2. Increase the overall timeout of the CI as the new step adding requires more time. * fix: concurrency in `fetchersManager.Data` The `Data` used to use `sync.WaitGroup` in two usecases: 1. Waiting for all the fetchers to complete the work 2. When `Data.Stop` is called to make sure that it also waits for all the fetchers to complete Those two usecase used to share the same instance of `sync.WaitGroup` from different go routines. By removing the `wg.Wait` from `Data.Stop` the race was removed. To make sure aligment, the changes are: 1. Remove `Data.Stop` to allow it to be called twice. So `Data.Run` will return `Stop` funciton is a wrapper around `Data.stopData` and can ensure that it will be executed only once (the pattern is similar to ctx, cancel := context.WithTimeout) 2. Adding `Data.stopNotice` propery as channel to make sure that once the stop funciton is called, no more fetchers will be executed. 3. Running `Data.fetchIterantion` as separate go routine will make sure that it will not block. So that the `Data.fetchAndSleep` can still wait receive data from the channels 4. Stop function will get now grace period to wait before the fetchers are stopped. 5. Adding cancelable context to `Data.fetchAndSleep` and canceling it when the stop channel is closed will get the same result. * refactor: replace time.After with time.NewTimer `time.After` is using `time.NewTime` https://pkg.go.dev/time#example-Time.After. by using directly `time.NewTime` we can call the `Data.fetchIteration` in one place. The zero interval will make sure to trigger it immediatly and after that we reset it to the input interval * refactor: use atomic --- .github/workflows/unit-test.yml | 9 +- beater/cloudbeat.go | 18 +-- resources/fetchersManager/data.go | 78 ++++++---- resources/fetchersManager/data_test.go | 159 +++++++++++++++++---- resources/fetchersManager/mock_stop.go | 84 +++++++++++ resources/providers/awslib/multi_region.go | 15 +- 6 files changed, 292 insertions(+), 71 deletions(-) create mode 100644 resources/fetchersManager/mock_stop.go diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index 765890de55..3b1af03d7a 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -4,7 +4,7 @@ on: pull_request: branches: - main - - '[0-9]+.[0-9]+' + - "[0-9]+.[0-9]+" types: [opened, synchronize, reopened] push: branches: @@ -13,7 +13,6 @@ on: env: K8S_MANIFEST_DIR: deploy - concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true @@ -22,7 +21,7 @@ jobs: unit_tests: name: Unit Tests runs-on: ubuntu-20.04 - timeout-minutes: 15 + timeout-minutes: 20 steps: - name: Check out the repo uses: actions/checkout@v3 @@ -53,6 +52,10 @@ jobs: GOOS=linux go test -v -coverpkg=./... -coverprofile=cover.out.tmp ./... cat cover.out.tmp | grep -v "mock_.*.go" > cover.out # remove mock files from coverage report + - name: Unit-Test with Race Detector + run: | + GOOS=linux go test -v -race ./... + - name: Upload coverage artifact uses: actions/upload-artifact@v3 with: diff --git a/beater/cloudbeat.go b/beater/cloudbeat.go index c7fa11c95d..755e9db216 100644 --- a/beater/cloudbeat.go +++ b/beater/cloudbeat.go @@ -43,10 +43,11 @@ import ( ) const ( - beaterName = "Cloudbeat" - flushInterval = 10 * time.Second - eventsThreshold = 75 - resourceChBuffer = 10000 + beaterName = "Cloudbeat" + flushInterval = 10 * time.Second + eventsThreshold = 75 + resourceChBuffer = 10000 + shutdownGracePeriod = 30 * time.Second ) // cloudbeat configuration. @@ -61,6 +62,7 @@ type cloudbeat struct { log *logp.Logger resourceCh chan fetching.ResourceInfo leader uniqueness.Manager + dataStop fetchersManager.Stop } func New(b *beat.Beat, cfg *agentconfig.C) (beat.Beater, error) { @@ -154,9 +156,7 @@ func (bt *cloudbeat) Run(b *beat.Beat) error { return err } - if err := bt.data.Run(bt.ctx); err != nil { - return err - } + bt.dataStop = bt.data.Run(bt.ctx) procs, err := bt.configureProcessors(bt.config.Processors) if err != nil { @@ -226,7 +226,9 @@ func initRegistry(log *logp.Logger, cfg *config.Config, ch chan fetching.Resourc // Stop stops cloudbeat. func (bt *cloudbeat) Stop() { - bt.data.Stop() + if bt.dataStop != nil { + bt.dataStop(bt.ctx, shutdownGracePeriod) + } bt.evaluator.Stop(bt.ctx) bt.leader.Stop() close(bt.resourceCh) diff --git a/resources/fetchersManager/data.go b/resources/fetchersManager/data.go index f3e589ff8a..0f4e7c383f 100644 --- a/resources/fetchersManager/data.go +++ b/resources/fetchersManager/data.go @@ -23,6 +23,7 @@ import ( "sync" "time" + "github.com/elastic/beats/v7/libbeat/common/atomic" "github.com/elastic/cloudbeat/resources/fetching" "github.com/elastic/elastic-agent-libs/logp" ) @@ -30,48 +31,72 @@ import ( // Data maintains a cache that is updated by Fetcher implementations registered // against it. It sends the cache to an output channel at the defined interval. type Data struct { - log *logp.Logger - timeout time.Duration - interval time.Duration - fetchers FetchersRegistry - // Wait for completion of fetcher's fetchSingle - wg sync.WaitGroup - stop chan struct{} + log *logp.Logger + timeout time.Duration + interval time.Duration + fetchers FetchersRegistry + stop chan struct{} + stopNotice chan time.Duration } +type Stop func(context.Context, time.Duration) + // NewData returns a new Data instance. // interval is the duration the manager wait between two consecutive cycles. // timeout is the maximum duration the manager wait for a single fetcher to return results. func NewData(log *logp.Logger, interval time.Duration, timeout time.Duration, fetchers FetchersRegistry) (*Data, error) { return &Data{ - log: log, - timeout: timeout, - interval: interval, - fetchers: fetchers, - wg: sync.WaitGroup{}, - stop: make(chan struct{}), + log: log, + timeout: timeout, + interval: interval, + fetchers: fetchers, + stop: make(chan struct{}), + stopNotice: make(chan time.Duration), }, nil } // Run starts all configured fetchers to collect resources. -func (d *Data) Run(ctx context.Context) error { +func (d *Data) Run(ctx context.Context) Stop { go d.fetchAndSleep(ctx) - return nil + called := atomic.NewBool(false) + return func(ctx context.Context, grace time.Duration) { + defer called.Store(true) + if called.Load() { + return + } + d.stopData(ctx, grace) + } } func (d *Data) fetchAndSleep(ctx context.Context) { - // Happens once in a lifetime of cloudbeat and then enters the loop - d.fetchIteration(ctx) + ctx, cancel := context.WithCancel(ctx) + // set immidiate exec for first time run + timer := time.NewTimer(0) + defer func() { + cancel() + timer.Stop() + }() + run := atomic.NewBool(true) for { select { + case grace := <-d.stopNotice: + d.log.Infof("Received stop notice with grace period of %s, fetchers will not be executing from now on", grace.String()) + run.Store(false) case <-d.stop: d.log.Info("Fetchers manager stopped") return case <-ctx.Done(): d.log.Info("Fetchers manager canceled") return - case <-time.After(d.interval): - d.fetchIteration(ctx) + case <-timer.C: + if !run.Load() { + return + } + // upadte the interval + timer.Reset(d.interval) + // this is blocking so the stop will not be called until all the fetchers are finished + // in case there is a blocking fetcher it will halt (til the d.timeout) + go d.fetchIteration(ctx) } } } @@ -85,11 +110,11 @@ func (d *Data) fetchIteration(ctx context.Context) { seq := time.Now().Unix() d.log.Infof("Cycle %d has started", seq) - + wg := &sync.WaitGroup{} for _, key := range d.fetchers.Keys() { - d.wg.Add(1) + wg.Add(1) go func(k string) { - defer d.wg.Done() + defer wg.Done() err := d.fetchSingle(ctx, k, fetching.CycleMetadata{Sequence: seq}) if err != nil { d.log.Errorf("Error running fetcher for key %s: %v", k, err) @@ -97,7 +122,7 @@ func (d *Data) fetchIteration(ctx context.Context) { }(key) } - d.wg.Wait() + wg.Wait() d.log.Infof("Manager finished waiting and sending data after %d milliseconds", time.Since(start).Milliseconds()) d.log.Infof("Cycle %d resource fetching has ended", seq) } @@ -138,8 +163,11 @@ func (d *Data) fetchProtected(ctx context.Context, k string, metadata fetching.C } // Stop cleans up Data resources gracefully. -func (d *Data) Stop() { +func (d *Data) stopData(ctx context.Context, grace time.Duration) { + d.stopNotice <- grace + ctx, cancel := context.WithTimeout(ctx, grace) + defer cancel() + <-ctx.Done() d.fetchers.Stop() close(d.stop) - d.wg.Wait() } diff --git a/resources/fetchersManager/data_test.go b/resources/fetchersManager/data_test.go index f0d1709e1b..8771a32c54 100644 --- a/resources/fetchersManager/data_test.go +++ b/resources/fetchersManager/data_test.go @@ -19,7 +19,6 @@ package fetchersManager import ( "context" - "fmt" "sync" "testing" "time" @@ -33,30 +32,36 @@ import ( ) type DelayFetcher struct { - delay time.Duration - stopCalled bool - resourceCh chan fetching.ResourceInfo - wg *sync.WaitGroup + delay time.Duration + stopCalled bool + resourceCh chan fetching.ResourceInfo + wg *sync.WaitGroup + isRunningChan chan bool + err error + execCounter int } -func newDelayFetcher(delay time.Duration, ch chan fetching.ResourceInfo, wg *sync.WaitGroup) fetching.Fetcher { - return &DelayFetcher{delay, false, ch, wg} +func newDelayFetcher(delay time.Duration, ch chan fetching.ResourceInfo, wg *sync.WaitGroup, isRunningChan chan bool) *DelayFetcher { + return &DelayFetcher{delay, false, ch, wg, isRunningChan, nil, 0} } -func (f *DelayFetcher) Fetch(ctx context.Context, cMetadata fetching.CycleMetadata) error { +func (f *DelayFetcher) Fetch(ctx context.Context, cMetadata fetching.CycleMetadata) (err error) { + f.execCounter++ defer f.wg.Done() select { case <-ctx.Done(): - return fmt.Errorf("reached timeout") + err = ctx.Err() + f.err = err + f.isRunningChan <- false + return case <-time.After(f.delay): f.resourceCh <- fetching.ResourceInfo{ Resource: fetchValue(int(f.delay.Seconds())), CycleMetadata: cMetadata, } + return nil } - - return nil } func (f *DelayFetcher) Stop() { @@ -131,9 +136,8 @@ func (s *DataTestSuite) TestDataRun() { d, err := NewData(s.log, interval, timeout, s.registry) s.NoError(err) - err = d.Run(s.ctx) - s.NoError(err) - defer d.Stop() + stop := d.Run(s.ctx) + defer stop(context.Background(), time.Second) s.wg.Wait() // waiting for all fetchers to complete results := testhelper.CollectResources(s.resourceCh) @@ -153,9 +157,9 @@ func (s *DataTestSuite) TestDataRunPanic() { d, err := NewData(s.log, interval, timeout, s.registry) s.NoError(err) - err = d.Run(s.ctx) + stop := d.Run(s.ctx) s.NoError(err) - defer d.Stop() + defer stop(context.Background(), time.Second) s.wg.Wait() results := testhelper.CollectResources(s.resourceCh) @@ -185,16 +189,16 @@ func (s *DataTestSuite) TestDataRunTimeout() { fetcherName := "delay_fetcher" s.wg.Add(1) - f := newDelayFetcher(fetcherDelay, s.resourceCh, s.wg) + f := newDelayFetcher(fetcherDelay, s.resourceCh, s.wg, make(chan bool, 1)) err := s.registry.Register(fetcherName, f) s.NoError(err) d, err := NewData(s.log, interval, timeout, s.registry) s.NoError(err) - err = d.Run(s.ctx) + stop := d.Run(s.ctx) s.NoError(err) - defer d.Stop() + defer stop(s.ctx, time.Second) s.wg.Wait() results := testhelper.CollectResources(s.resourceCh) @@ -208,7 +212,7 @@ func (s *DataTestSuite) TestDataFetchSingleTimeout() { fetcherName := "timeout_fetcher" s.wg.Add(1) - f := newDelayFetcher(fetcherDelay, s.resourceCh, s.wg) + f := newDelayFetcher(fetcherDelay, s.resourceCh, s.wg, make(chan bool, 1)) err := s.registry.Register(fetcherName, f) s.NoError(err) @@ -233,9 +237,9 @@ func (s *DataTestSuite) TestDataRunShouldNotRun() { d, err := NewData(s.log, interval, timeout, s.registry) s.NoError(err) - err = d.Run(s.ctx) + stop := d.Run(s.ctx) s.NoError(err) - defer d.Stop() + defer stop(context.Background(), time.Second) // Fetcher did not run, we can not wait for sync.done() to be called. var results []fetching.ResourceInfo @@ -250,18 +254,113 @@ func (s *DataTestSuite) TestDataRunShouldNotRun() { } func (s *DataTestSuite) TestDataStop() { - fetcherVal := 4 - interval := 5 * time.Second - fetcherName := "not_run_fetcher" - fetcherConditionName := "false_condition" + interval := 30 * time.Second + fetcherName := "run_fetcher" + fetcherConditionName := "true_condition" - f := newNumberFetcher(fetcherVal, s.resourceCh, s.wg) - c := newBoolFetcherCondition(false, fetcherConditionName) + isRunningChan := make(chan bool, 1) + f := newDelayFetcher(time.Minute, s.resourceCh, s.wg, isRunningChan) + c := newBoolFetcherCondition(true, fetcherConditionName) err := s.registry.Register(fetcherName, f, c) s.NoError(err) - d, err := NewData(s.log, interval, timeout, s.registry) + d, err := NewData(s.log, interval, time.Second*5, s.registry) s.NoError(err) - d.Stop() + stop := d.Run(context.Background()) + time.Sleep(1 * time.Second) + stop(context.Background(), time.Second) + time.Sleep(3 * time.Second) + s.True(f.stopCalled) + s.False(<-isRunningChan, "fetcher should not be running") + s.Equal(context.Canceled, f.err) +} + +func (s *DataTestSuite) TestDataStopWithTimeout() { + interval := 30 * time.Second + fetcherName := "run_fetcher" + fetcherConditionName := "true_condition" + + isRunningChan := make(chan bool, 1) + f := newDelayFetcher(time.Minute, s.resourceCh, s.wg, isRunningChan) + c := newBoolFetcherCondition(true, fetcherConditionName) + err := s.registry.Register(fetcherName, f, c) + s.NoError(err) + ctx, cancel := context.WithTimeout(context.Background(), time.Second*2) + defer cancel() + d, err := NewData(s.log, interval, time.Second*5, s.registry) + s.NoError(err) + + d.Run(ctx) + time.Sleep(2 * time.Second) + s.False(<-isRunningChan, "fetcher should not be running") + s.Equal(context.DeadlineExceeded, f.err) +} + +func (s *DataTestSuite) TestDataStopWithGracefulShutdown() { + interval := 30 * time.Second + fetcherName := "run_fetcher" + fetcherConditionName := "true_condition" + + isRunningChan := make(chan bool, 1) + f := newDelayFetcher(time.Minute, s.resourceCh, s.wg, isRunningChan) + c := newBoolFetcherCondition(true, fetcherConditionName) + err := s.registry.Register(fetcherName, f, c) + s.NoError(err) + ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) + defer cancel() + d, err := NewData(s.log, interval, time.Second*5, s.registry) + s.NoError(err) + + stop := d.Run(ctx) + time.Sleep(2 * time.Second) + + stop(ctx, time.Second) + time.Sleep(2 * time.Second) + + s.False(<-isRunningChan, "fetcher should not be running") + s.Equal(context.Canceled, f.err) +} + +func (s *DataTestSuite) TestDataStopWithNoticePeriod() { + fetcherName := "run_fetcher" + fetcherConditionName := "true_condition" + + isRunningChan := make(chan bool, 1) + f := newDelayFetcher(time.Millisecond, s.resourceCh, s.wg, isRunningChan) + c := newBoolFetcherCondition(true, fetcherConditionName) + err := s.registry.Register(fetcherName, f, c) + s.NoError(err) + ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) + defer cancel() + d, err := NewData(s.log, 500*time.Millisecond, time.Second*5, s.registry) + s.NoError(err) + + stop := d.Run(ctx) + time.Sleep(2 * time.Second) + + stop(ctx, time.Second) + time.Sleep(2 * time.Second) + s.LessOrEqual(f.execCounter, 4) +} + +func (s *DataTestSuite) TestDataDoubleStop() { + fetcherName := "run_fetcher" + fetcherConditionName := "true_condition" + + isRunningChan := make(chan bool, 1) + f := newDelayFetcher(time.Millisecond, s.resourceCh, s.wg, isRunningChan) + c := newBoolFetcherCondition(false, fetcherConditionName) + err := s.registry.Register(fetcherName, f, c) + s.NoError(err) + ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) + defer cancel() + d, err := NewData(s.log, 500*time.Millisecond, time.Second*5, s.registry) + s.NoError(err) + + stop := d.Run(ctx) + time.Sleep(2 * time.Second) + + stop(ctx, time.Second) + stop(ctx, time.Second) } diff --git a/resources/fetchersManager/mock_stop.go b/resources/fetchersManager/mock_stop.go new file mode 100644 index 0000000000..15aee5dd8d --- /dev/null +++ b/resources/fetchersManager/mock_stop.go @@ -0,0 +1,84 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +// Code generated by mockery v2.15.0. DO NOT EDIT. + +package fetchersManager + +import ( + context "context" + time "time" + + mock "github.com/stretchr/testify/mock" +) + +// MockStop is an autogenerated mock type for the Stop type +type MockStop struct { + mock.Mock +} + +type MockStop_Expecter struct { + mock *mock.Mock +} + +func (_m *MockStop) EXPECT() *MockStop_Expecter { + return &MockStop_Expecter{mock: &_m.Mock} +} + +// Execute provides a mock function with given fields: _a0, _a1 +func (_m *MockStop) Execute(_a0 context.Context, _a1 time.Duration) { + _m.Called(_a0, _a1) +} + +// MockStop_Execute_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Execute' +type MockStop_Execute_Call struct { + *mock.Call +} + +// Execute is a helper method to define mock.On call +// - _a0 context.Context +// - _a1 time.Duration +func (_e *MockStop_Expecter) Execute(_a0 interface{}, _a1 interface{}) *MockStop_Execute_Call { + return &MockStop_Execute_Call{Call: _e.mock.On("Execute", _a0, _a1)} +} + +func (_c *MockStop_Execute_Call) Run(run func(_a0 context.Context, _a1 time.Duration)) *MockStop_Execute_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(context.Context), args[1].(time.Duration)) + }) + return _c +} + +func (_c *MockStop_Execute_Call) Return() *MockStop_Execute_Call { + _c.Call.Return() + return _c +} + +type mockConstructorTestingTNewMockStop interface { + mock.TestingT + Cleanup(func()) +} + +// NewMockStop creates a new instance of MockStop. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. +func NewMockStop(t mockConstructorTestingTNewMockStop) *MockStop { + mock := &MockStop{} + mock.Mock.Test(t) + + t.Cleanup(func() { mock.AssertExpectations(t) }) + + return mock +} diff --git a/resources/providers/awslib/multi_region.go b/resources/providers/awslib/multi_region.go index 16d8425e92..563ef13567 100644 --- a/resources/providers/awslib/multi_region.go +++ b/resources/providers/awslib/multi_region.go @@ -74,10 +74,10 @@ func (w *MultiRegionClientFactory[T]) NewMultiRegionClients(client DescribeCloud // MultiRegionFetch retrieves resources from multiple regions concurrently using the provided fetcher function. func MultiRegionFetch[T any, K any](ctx context.Context, set map[string]T, fetcher func(ctx context.Context, region string, client T) (K, error)) ([]K, error) { - var err error var wg sync.WaitGroup var mux sync.Mutex var crossRegionResources []K + errChan := make(chan error, len(set)) if set == nil { return nil, errors.New("multi region clients have not been initialize") @@ -85,11 +85,11 @@ func MultiRegionFetch[T any, K any](ctx context.Context, set map[string]T, fetch for region, client := range set { wg.Add(1) - go func(client T, region string) { + go func(client T, region string, errCn chan error) { defer wg.Done() results, fetchErr := fetcher(ctx, region, client) if fetchErr != nil { - err = fmt.Errorf("fail to retrieve aws resources for region: %s, error: %v, ", region, fetchErr) + errCn <- fmt.Errorf("fail to retrieve aws resources for region: %s, error: %v, ", region, fetchErr) } mux.Lock() @@ -100,11 +100,16 @@ func MultiRegionFetch[T any, K any](ctx context.Context, set map[string]T, fetch return } crossRegionResources = append(crossRegionResources, results) - }(client, region) + }(client, region, errChan) } wg.Wait() - return crossRegionResources, err + select { + case err := <-errChan: + return crossRegionResources, err + default: + return crossRegionResources, nil + } } // shouldDrop checks the target type and return true if From 45bf871fa17d16e710e151a99a226a5adb336fe5 Mon Sep 17 00:00:00 2001 From: Oren Zohar <85433724+oren-zohar@users.noreply.github.com> Date: Tue, 21 Feb 2023 12:56:20 +0200 Subject: [PATCH 20/28] Update Hermit env vars (#760) --- bin/hermit.hcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/hermit.hcl b/bin/hermit.hcl index bb593de1be..d6dfddf7b1 100644 --- a/bin/hermit.hcl +++ b/bin/hermit.hcl @@ -1,4 +1,4 @@ env = { - "CLOUDBEAT_VERSION": "8.7.0", + "CLOUDBEAT_VERSION": "8.8.0", "ELK_VERSION": "${CLOUDBEAT_VERSION}-SNAPSHOT", } From 783120117f20b47308c698df5bcd05bf994eaae0 Mon Sep 17 00:00:00 2001 From: Uri Weisman <68195305+uri-weisman@users.noreply.github.com> Date: Tue, 21 Feb 2023 19:56:53 +0200 Subject: [PATCH 21/28] [CIS AWS] Fix multiple bugs (#761) --- resources/fetchers/monitoring_factory.go | 2 +- resources/fetchers/monitoring_fetcher.go | 16 ++++----------- resources/fetchers/monitoring_fetcher_test.go | 20 ++++++++++++------- resources/fetching/fetcher.go | 1 + .../providers/awslib/securityhub/provider.go | 20 +++++++++++-------- .../awslib/securityhub/provider_test.go | 16 ++++++++++----- .../awslib/securityhub/securityhub.go | 11 +++++----- version/policy.go | 2 +- 8 files changed, 49 insertions(+), 39 deletions(-) diff --git a/resources/fetchers/monitoring_factory.go b/resources/fetchers/monitoring_factory.go index d61404cfac..e2082227b4 100644 --- a/resources/fetchers/monitoring_factory.go +++ b/resources/fetchers/monitoring_factory.go @@ -97,6 +97,6 @@ func (f *MonitoringFactory) CreateFrom(log *logp.Logger, cfg MonitoringFetcherCo provider: &provider, resourceCh: ch, cloudIdentity: identity, - securityhub: securityhub.NewProvider(awsConfig, log, f.SecurityhubRegionFactory), + securityhub: securityhub.NewProvider(awsConfig, log, f.SecurityhubRegionFactory, *identity.Account), }, nil } diff --git a/resources/fetchers/monitoring_fetcher.go b/resources/fetchers/monitoring_fetcher.go index 00c2905589..da9bd3c6dd 100644 --- a/resources/fetchers/monitoring_fetcher.go +++ b/resources/fetchers/monitoring_fetcher.go @@ -91,14 +91,14 @@ func (r MonitoringResource) GetMetadata() (fetching.ResourceMetadata, error) { if len(r.Items) == 0 { return fetching.ResourceMetadata{ Type: fetching.MonitoringIdentity, - SubType: fetching.TrailType, + SubType: fetching.MultiTrailsType, }, nil } id := fmt.Sprintf("cloudtrail-%s", *r.identity.Account) return fetching.ResourceMetadata{ ID: id, Type: fetching.MonitoringIdentity, - SubType: fetching.TrailType, + SubType: fetching.MultiTrailsType, Name: id, }, nil } @@ -109,17 +109,9 @@ func (s SecurityHubResource) GetData() any { } func (s SecurityHubResource) GetMetadata() (fetching.ResourceMetadata, error) { - if s.DescribeHubOutput == nil || s.HubArn == nil { - return fetching.ResourceMetadata{ - ID: "", - Name: "", - Type: fetching.MonitoringIdentity, - SubType: fetching.SecurityHubType, - }, nil - } return fetching.ResourceMetadata{ - ID: *s.HubArn, - Name: *s.HubArn, + ID: s.GetResourceArn(), + Name: s.GetResourceName(), Type: fetching.MonitoringIdentity, SubType: fetching.SecurityHubType, }, nil diff --git a/resources/fetchers/monitoring_fetcher_test.go b/resources/fetchers/monitoring_fetcher_test.go index 79bf30c27f..5ffcc253a7 100644 --- a/resources/fetchers/monitoring_fetcher_test.go +++ b/resources/fetchers/monitoring_fetcher_test.go @@ -159,7 +159,7 @@ func TestMonitoringResource_GetMetadata(t *testing.T) { ID: "", Name: "", Type: fetching.MonitoringIdentity, - SubType: fetching.TrailType, + SubType: fetching.MultiTrailsType, }, }, { @@ -177,7 +177,7 @@ func TestMonitoringResource_GetMetadata(t *testing.T) { ID: "cloudtrail-aws-account-id", Name: "cloudtrail-aws-account-id", Type: fetching.MonitoringIdentity, - SubType: fetching.TrailType, + SubType: fetching.MultiTrailsType, }, }, } @@ -199,6 +199,8 @@ func TestMonitoringResource_GetMetadata(t *testing.T) { } func TestSecurityHubResource_GetMetadata(t *testing.T) { + accountId := "dummy-account-id" + type fields struct { SecurityHub securityhub.SecurityHub } @@ -212,7 +214,9 @@ func TestSecurityHubResource_GetMetadata(t *testing.T) { name: "enabled", fields: fields{ SecurityHub: securityhub.SecurityHub{ - Enabled: true, + Enabled: true, + Region: "us-east-1", + AccountId: accountId, DescribeHubOutput: &aws_securityhub.DescribeHubOutput{ HubArn: aws.String("hub:arn"), }, @@ -220,7 +224,7 @@ func TestSecurityHubResource_GetMetadata(t *testing.T) { }, want: fetching.ResourceMetadata{ ID: "hub:arn", - Name: "hub:arn", + Name: "securityhub-us-east-1-" + accountId, Type: fetching.MonitoringIdentity, SubType: fetching.SecurityHubType, }, @@ -229,12 +233,14 @@ func TestSecurityHubResource_GetMetadata(t *testing.T) { name: "disabled", fields: fields{ SecurityHub: securityhub.SecurityHub{ - Enabled: false, + Enabled: false, + AccountId: accountId, + Region: "us-east-2", }, }, want: fetching.ResourceMetadata{ - ID: "", - Name: "", + ID: "securityhub-us-east-2-" + accountId, + Name: "securityhub-us-east-2-" + accountId, Type: fetching.MonitoringIdentity, SubType: fetching.SecurityHubType, }, diff --git a/resources/fetching/fetcher.go b/resources/fetching/fetcher.go index eddd7f5b7c..47be77f60e 100644 --- a/resources/fetching/fetcher.go +++ b/resources/fetching/fetcher.go @@ -34,6 +34,7 @@ const ( MonitoringType = "aws-monitoring" NetworkNACLType = "aws-nacl" TrailType = "aws-trail" + MultiTrailsType = "aws-multi-trails" SecurityGroupType = "aws-security-group" EBSType = "aws-ebs" ElbType = "aws-elb" diff --git a/resources/providers/awslib/securityhub/provider.go b/resources/providers/awslib/securityhub/provider.go index ac1119104e..d02ad005ed 100644 --- a/resources/providers/awslib/securityhub/provider.go +++ b/resources/providers/awslib/securityhub/provider.go @@ -34,21 +34,23 @@ type ( } Provider struct { - log *logp.Logger - clients map[string]Client - region string + log *logp.Logger + clients map[string]Client + region string + accountId string } ) -func NewProvider(cfg aws.Config, log *logp.Logger, factory awslib.CrossRegionFactory[Client]) *Provider { +func NewProvider(cfg aws.Config, log *logp.Logger, factory awslib.CrossRegionFactory[Client], accountId string) *Provider { f := func(cfg aws.Config) Client { return securityhub.NewFromConfig(cfg) } m := factory.NewMultiRegionClients(ec2.NewFromConfig(cfg), cfg, f, log) return &Provider{ - log: log, - region: cfg.Region, - clients: m.GetMultiRegionsClientMap(), + log: log, + region: cfg.Region, + accountId: accountId, + clients: m.GetMultiRegionsClientMap(), } } @@ -58,8 +60,9 @@ func (p *Provider) Describe(ctx context.Context) ([]SecurityHub, error) { if err != nil { res := SecurityHub{ Enabled: false, - DescribeHubOutput: out, Region: region, + AccountId: p.accountId, + DescribeHubOutput: out, } if strings.Contains(err.Error(), "is not subscribed to AWS Security Hub") { return res, nil @@ -69,6 +72,7 @@ func (p *Provider) Describe(ctx context.Context) ([]SecurityHub, error) { return SecurityHub{ Enabled: true, DescribeHubOutput: out, + AccountId: p.accountId, Region: region, }, nil }) diff --git a/resources/providers/awslib/securityhub/provider_test.go b/resources/providers/awslib/securityhub/provider_test.go index 494342ab32..e316927f86 100644 --- a/resources/providers/awslib/securityhub/provider_test.go +++ b/resources/providers/awslib/securityhub/provider_test.go @@ -35,6 +35,7 @@ type ( ) func TestProvider_Describe(t *testing.T) { + accountId := "dummy-id" tests := []struct { name string want []SecurityHub @@ -48,6 +49,7 @@ func TestProvider_Describe(t *testing.T) { Enabled: true, DescribeHubOutput: &securityhub.DescribeHubOutput{}, Region: awslib.DefaultRegion, + AccountId: accountId, }}, mocks: clientMocks{ "DescribeHub": [2]mocks{ @@ -60,8 +62,9 @@ func TestProvider_Describe(t *testing.T) { { name: "disabled", want: []SecurityHub{{ - Enabled: false, - Region: awslib.DefaultRegion, + Enabled: false, + Region: awslib.DefaultRegion, + AccountId: accountId, }}, mocks: clientMocks{ "DescribeHub": [2]mocks{ @@ -77,10 +80,12 @@ func TestProvider_Describe(t *testing.T) { Enabled: true, DescribeHubOutput: &securityhub.DescribeHubOutput{}, Region: awslib.DefaultRegion, + AccountId: accountId, }, { Enabled: true, DescribeHubOutput: &securityhub.DescribeHubOutput{}, Region: "eu-west-1", + AccountId: accountId, }}, mocks: clientMocks{ "DescribeHub": [2]mocks{ @@ -113,8 +118,9 @@ func TestProvider_Describe(t *testing.T) { clients[r] = c } p := &Provider{ - log: logp.NewLogger("TestProvider_Describe"), - clients: clients, + log: logp.NewLogger("TestProvider_Describe"), + accountId: accountId, + clients: clients, } got, err := p.Describe(context.Background()) if tt.wantErr { @@ -125,7 +131,7 @@ func TestProvider_Describe(t *testing.T) { assert.ElementsMatch(t, tt.want, got) names := []string{} for _, r := range tt.regions { - names = append(names, fmt.Sprintf("securityhub - %s", r)) + names = append(names, fmt.Sprintf("securityhub-%s-%s", r, p.accountId)) } for _, s := range got { assert.Contains(t, names, s.GetResourceName()) diff --git a/resources/providers/awslib/securityhub/securityhub.go b/resources/providers/awslib/securityhub/securityhub.go index cb1ff96e3a..a6c0f72875 100644 --- a/resources/providers/awslib/securityhub/securityhub.go +++ b/resources/providers/awslib/securityhub/securityhub.go @@ -31,21 +31,22 @@ type ( } SecurityHub struct { - Enabled bool - Region string + Enabled bool + Region string + AccountId string *securityhub.DescribeHubOutput } ) func (s SecurityHub) GetResourceArn() string { - if s.HubArn == nil { - return "" + if s.DescribeHubOutput == nil || s.HubArn == nil { + return s.GetResourceName() } return *s.HubArn } func (s SecurityHub) GetResourceName() string { - return fmt.Sprintf("securityhub - %s", s.Region) + return fmt.Sprintf("securityhub-%s-%s", s.Region, s.AccountId) } func (s SecurityHub) GetResourceType() string { diff --git a/version/policy.go b/version/policy.go index 4006f60448..d565b57217 100644 --- a/version/policy.go +++ b/version/policy.go @@ -17,7 +17,7 @@ package version -const policyVersion = "v1.3.3" +const policyVersion = "v1.3.4" // PolicyVersion returns cloudbeat version info used for the build. func PolicyVersion() Version { From 3ad78c5c1756d49417f08ab90e0a4f240bf23d1f Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Wed, 22 Feb 2023 10:20:05 +0200 Subject: [PATCH 22/28] Updating flow to use stagging environment --- deploy/weekly-environment/main.tf | 1 + deploy/weekly-environment/variables.tf | 9 +++++++-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/deploy/weekly-environment/main.tf b/deploy/weekly-environment/main.tf index 9262b1a142..a1f0ef3336 100644 --- a/deploy/weekly-environment/main.tf +++ b/deploy/weekly-environment/main.tf @@ -1,5 +1,6 @@ provider "ec" { apikey = var.ec_api_key + endpoint= var.endpoint } module "ec_deployment" { diff --git a/deploy/weekly-environment/variables.tf b/deploy/weekly-environment/variables.tf index 2a5c32ca6b..e64aed6df6 100644 --- a/deploy/weekly-environment/variables.tf +++ b/deploy/weekly-environment/variables.tf @@ -6,8 +6,8 @@ variable "ec_api_key" { } variable "ess_region" { - default = "gcp-us-west2" - description = "Optional ESS region where the deployment will be created. Defaults to gcp-us-west2" + default = "gcp-us-central1" + description = "Optional ESS region where the deployment will be created. Defaults to gcp-us-central1" type = string } @@ -58,3 +58,8 @@ variable "deployment_name_prefix" { default = "weekly-environment" description = "Optional set a prefix of the deployment. Defaults to weekly-environment" } + +variable "endpoint" { + default = "https://staging.found.no/" + description = "Optional endpoint for the Elastic Cloud API" +} From b89b0e19f24798db9a1819d20dd619313af9e526 Mon Sep 17 00:00:00 2001 From: Evgeniy Belyi Date: Thu, 23 Feb 2023 10:33:47 +0200 Subject: [PATCH 23/28] Vulnerability POC (#671) * Initial vulnerability push * Fixing depend * Partial commit * Avoiding deadlock on boltdb * CR changes * Fixing go tidy * Fixing CR rebase * Cleanup of tidy * Mocking client * Bumping version and rename type * Initial vulnerability push * Fixing depend * Partial commit * Avoiding deadlock on boltdb * CR changes * Fixing go tidy * Fixing CR rebase * Cleanup of tidy * Mocking client * Bumping version and rename type * Rebase with concurrency * Update go version * Fixing lint problems * Fixing lint assignment * Removing due to mage config problems --- .go-version | 2 +- beater/beater.go | 59 ++ beater/{cloudbeat_test.go => beater_test.go} | 0 bin/{.go-1.18.6.pkg => .go-1.19.pkg} | 0 bin/go | 2 +- bin/gofmt | 2 +- config/config.go | 9 +- docs/version.asciidoc | 2 +- flavors/flavors.go | 47 ++ beater/cloudbeat.go => flavors/posture.go | 91 +-- flavors/vulnerability.go | 193 ++++++ go.mod | 219 +++++- go.sum | 655 ++++++++++++++++-- resources/providers/awslib/ec2/mock_client.go | 186 +++++ resources/providers/awslib/ec2/provider.go | 58 ++ .../providers/awslib/ec2/provider_test.go | 114 +++ vulnerability/fetcher.go | 68 ++ vulnerability/replicator.go | 71 ++ vulnerability/runner.go | 102 +++ vulnerability/scanner.go | 239 +++++++ vulnerability/verifier.go | 105 +++ vulnerability/worker.go | 149 ++++ 22 files changed, 2244 insertions(+), 129 deletions(-) create mode 100644 beater/beater.go rename beater/{cloudbeat_test.go => beater_test.go} (100%) rename bin/{.go-1.18.6.pkg => .go-1.19.pkg} (100%) create mode 100644 flavors/flavors.go rename beater/cloudbeat.go => flavors/posture.go (71%) create mode 100644 flavors/vulnerability.go create mode 100644 vulnerability/fetcher.go create mode 100644 vulnerability/replicator.go create mode 100644 vulnerability/runner.go create mode 100644 vulnerability/scanner.go create mode 100644 vulnerability/verifier.go create mode 100644 vulnerability/worker.go diff --git a/.go-version b/.go-version index 04a8bc26d1..bc4493477a 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.18.6 +1.19 diff --git a/beater/beater.go b/beater/beater.go new file mode 100644 index 0000000000..05907eaf14 --- /dev/null +++ b/beater/beater.go @@ -0,0 +1,59 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package beater + +import ( + "fmt" + + "github.com/elastic/cloudbeat/config" + "github.com/elastic/cloudbeat/flavors" + "github.com/elastic/cloudbeat/launcher" + + "github.com/elastic/beats/v7/libbeat/beat" + "github.com/elastic/beats/v7/libbeat/common/reload" + agentconfig "github.com/elastic/elastic-agent-libs/config" + "github.com/elastic/elastic-agent-libs/logp" +) + +func New(b *beat.Beat, cfg *agentconfig.C) (beat.Beater, error) { + log := logp.NewLogger("launcher") + reloader := launcher.NewListener(log) + validator := &validator{} + + s, err := launcher.New(log, "Cloudbeat", reloader, validator, NewBeater, cfg) + if err != nil { + return nil, err + } + + reload.RegisterV2.MustRegisterInput(reloader) + return s, nil +} + +// NewBeater creates an instance of beater. +func NewBeater(b *beat.Beat, cfg *agentconfig.C) (beat.Beater, error) { + c, err := config.New(cfg) + if err != nil { + return nil, fmt.Errorf("NewBeater: could not parse configuration %v, skipping with error: %w", cfg.FlattenedKeys(), err) + } + switch c.Deployment { + case config.VulnerabilityType: + return flavors.NewVulnerability(b, cfg) + default: + return flavors.NewPosture(b, cfg) + } +} diff --git a/beater/cloudbeat_test.go b/beater/beater_test.go similarity index 100% rename from beater/cloudbeat_test.go rename to beater/beater_test.go diff --git a/bin/.go-1.18.6.pkg b/bin/.go-1.19.pkg similarity index 100% rename from bin/.go-1.18.6.pkg rename to bin/.go-1.19.pkg diff --git a/bin/go b/bin/go index cd0c2203fd..b7b0a77d95 120000 --- a/bin/go +++ b/bin/go @@ -1 +1 @@ -.go-1.18.6.pkg \ No newline at end of file +.go-1.19.pkg \ No newline at end of file diff --git a/bin/gofmt b/bin/gofmt index cd0c2203fd..b7b0a77d95 120000 --- a/bin/gofmt +++ b/bin/gofmt @@ -1 +1 @@ -.go-1.18.6.pkg \ No newline at end of file +.go-1.19.pkg \ No newline at end of file diff --git a/config/config.go b/config/config.go index 6dcbfc73df..1cc2f7a2b1 100644 --- a/config/config.go +++ b/config/config.go @@ -31,9 +31,11 @@ import ( "github.com/elastic/elastic-agent-libs/config" ) -const DefaultNamespace = "default" - -const ResultsDatastreamIndexPrefix = "logs-cloud_security_posture.findings" +const ( + DefaultNamespace = "default" + VulnerabilityType = "cloudbeat/vuln_mgmt_aws" + ResultsDatastreamIndexPrefix = "logs-cloud_security_posture.findings" +) var ErrBenchmarkNotSupported = launcher.NewUnhealthyError("benchmark is not supported") @@ -43,6 +45,7 @@ type Fetcher struct { type Config struct { Benchmark string `config:"config.v1.benchmark"` + Deployment string `config:"config.v1.deployment"` CloudConfig CloudConfig `config:"config.v1"` Fetchers []*config.C `config:"fetchers"` KubeConfig string `config:"kube_config"` diff --git a/docs/version.asciidoc b/docs/version.asciidoc index 52942f2b7e..2a39c1b85d 100644 --- a/docs/version.asciidoc +++ b/docs/version.asciidoc @@ -1,6 +1,6 @@ // doc-branch can be: master, 8.1, 8.2, etc. :doc-branch: master -:go-version: 1.18.6 +:go-version: 1.19 :python: 3.7 :docker: 1.12 :docker-compose: 1.11 diff --git a/flavors/flavors.go b/flavors/flavors.go new file mode 100644 index 0000000000..b3a54b1db5 --- /dev/null +++ b/flavors/flavors.go @@ -0,0 +1,47 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package flavors + +import ( + "context" + "time" + + "github.com/elastic/cloudbeat/config" + _ "github.com/elastic/cloudbeat/processor" // Add cloudbeat default processors. + "github.com/elastic/cloudbeat/transformer" + + "github.com/elastic/beats/v7/libbeat/beat" + "github.com/elastic/elastic-agent-libs/logp" +) + +const ( + flushInterval = 10 * time.Second + eventsThreshold = 75 + resourceChBuffer = 10000 + shutdownGracePeriod = 30 * time.Second +) + +// flavorBase configuration. +type flavorBase struct { + ctx context.Context + cancel context.CancelFunc + config *config.Config + client beat.Client + transformer transformer.Transformer + log *logp.Logger +} diff --git a/beater/cloudbeat.go b/flavors/posture.go similarity index 71% rename from beater/cloudbeat.go rename to flavors/posture.go index 755e9db216..cd61bf44d1 100644 --- a/beater/cloudbeat.go +++ b/flavors/posture.go @@ -15,7 +15,7 @@ // specific language governing permissions and limitations // under the License. -package beater +package flavors import ( "context" @@ -27,7 +27,6 @@ import ( "github.com/elastic/cloudbeat/config" "github.com/elastic/cloudbeat/dataprovider" "github.com/elastic/cloudbeat/evaluator" - "github.com/elastic/cloudbeat/launcher" "github.com/elastic/cloudbeat/pipeline" _ "github.com/elastic/cloudbeat/processor" // Add cloudbeat default processors. "github.com/elastic/cloudbeat/resources/fetchersManager" @@ -36,56 +35,24 @@ import ( "github.com/elastic/cloudbeat/uniqueness" "github.com/elastic/beats/v7/libbeat/beat" - "github.com/elastic/beats/v7/libbeat/common/reload" "github.com/elastic/beats/v7/libbeat/processors" agentconfig "github.com/elastic/elastic-agent-libs/config" "github.com/elastic/elastic-agent-libs/logp" ) -const ( - beaterName = "Cloudbeat" - flushInterval = 10 * time.Second - eventsThreshold = 75 - resourceChBuffer = 10000 - shutdownGracePeriod = 30 * time.Second -) - -// cloudbeat configuration. -type cloudbeat struct { - ctx context.Context - cancel context.CancelFunc - config *config.Config - client beat.Client - data *fetchersManager.Data - evaluator evaluator.Evaluator - transformer transformer.Transformer - log *logp.Logger - resourceCh chan fetching.ResourceInfo - leader uniqueness.Manager - dataStop fetchersManager.Stop +// posture configuration. +type posture struct { + flavorBase + data *fetchersManager.Data + evaluator evaluator.Evaluator + resourceCh chan fetching.ResourceInfo + leader uniqueness.Manager + dataStop fetchersManager.Stop } -func New(b *beat.Beat, cfg *agentconfig.C) (beat.Beater, error) { - log := logp.NewLogger("launcher") - reloader := launcher.NewListener(log) - validator := &validator{} - - s, err := launcher.New(log, beaterName, reloader, validator, NewCloudbeat, cfg) - if err != nil { - return nil, err - } - - reload.RegisterV2.MustRegisterInput(reloader) - return s, nil -} - -// NewCloudbeat creates an instance of cloudbeat. -func NewCloudbeat(b *beat.Beat, cfg *agentconfig.C) (beat.Beater, error) { - return newCloudbeat(b, cfg) -} - -func newCloudbeat(_ *beat.Beat, cfg *agentconfig.C) (*cloudbeat, error) { - log := logp.NewLogger("cloudbeat") +// NewPosture creates an instance of posture. +func NewPosture(_ *beat.Beat, cfg *agentconfig.C) (*posture, error) { + log := logp.NewLogger("posture") ctx, cancel := context.WithCancel(context.Background()) @@ -134,23 +101,27 @@ func newCloudbeat(_ *beat.Beat, cfg *agentconfig.C) (*cloudbeat, error) { t := transformer.NewTransformer(log, commonData, resultsIndex) - bt := &cloudbeat{ + base := flavorBase{ ctx: ctx, cancel: cancel, config: c, - evaluator: eval, - data: data, transformer: t, log: log, - resourceCh: resourceCh, - leader: le, + } + + bt := &posture{ + flavorBase: base, + evaluator: eval, + data: data, + resourceCh: resourceCh, + leader: le, } return bt, nil } -// Run starts cloudbeat. -func (bt *cloudbeat) Run(b *beat.Beat) error { - bt.log.Info("cloudbeat is running! Hit CTRL-C to stop it") +// Run starts posture. +func (bt *posture) Run(b *beat.Beat) error { + bt.log.Info("posture is running! Hit CTRL-C to stop it") if err := bt.leader.Run(bt.ctx); err != nil { return err @@ -162,7 +133,7 @@ func (bt *cloudbeat) Run(b *beat.Beat) error { if err != nil { return err } - bt.log.Debugf("cloudbeat configured %d processors", len(bt.config.Processors)) + bt.log.Debugf("posture configured %d processors", len(bt.config.Processors)) // Connect publisher (with beat's processors) if bt.client, err = b.Publisher.ConnectWith(beat.ClientConfig{ @@ -182,7 +153,7 @@ func (bt *cloudbeat) Run(b *beat.Beat) error { for { select { case <-bt.ctx.Done(): - bt.log.Warn("Cloudbeat context is done") + bt.log.Warn("Posture context is done") return nil // Flush events to ES after a pre-defined interval, meant to clean residuals after a cycle is finished. @@ -191,7 +162,7 @@ func (bt *cloudbeat) Run(b *beat.Beat) error { continue } - bt.log.Infof("Publishing %d cloudbeat events to elasticsearch, time interval reached", len(eventsToSend)) + bt.log.Infof("Publishing %d posture events to elasticsearch, time interval reached", len(eventsToSend)) bt.client.PublishAll(eventsToSend) eventsToSend = nil @@ -202,7 +173,7 @@ func (bt *cloudbeat) Run(b *beat.Beat) error { continue } - bt.log.Infof("Publishing %d cloudbeat events to elasticsearch, buffer threshold reached", len(eventsToSend)) + bt.log.Infof("Publishing %d posture events to elasticsearch, buffer threshold reached", len(eventsToSend)) bt.client.PublishAll(eventsToSend) eventsToSend = nil } @@ -224,8 +195,8 @@ func initRegistry(log *logp.Logger, cfg *config.Config, ch chan fetching.Resourc return registry, nil } -// Stop stops cloudbeat. -func (bt *cloudbeat) Stop() { +// Stop stops posture. +func (bt *posture) Stop() { if bt.dataStop != nil { bt.dataStop(bt.ctx, shutdownGracePeriod) } @@ -240,6 +211,6 @@ func (bt *cloudbeat) Stop() { } // configureProcessors configure processors to be used by the beat -func (bt *cloudbeat) configureProcessors(processorsList processors.PluginConfig) (procs *processors.Processors, err error) { +func (bt *posture) configureProcessors(processorsList processors.PluginConfig) (procs *processors.Processors, err error) { return processors.New(processorsList) } diff --git a/flavors/vulnerability.go b/flavors/vulnerability.go new file mode 100644 index 0000000000..3df1a339ca --- /dev/null +++ b/flavors/vulnerability.go @@ -0,0 +1,193 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package flavors + +import ( + "context" + "fmt" + "sync" + "time" + + "github.com/elastic/cloudbeat/config" + "github.com/elastic/cloudbeat/dataprovider" + _ "github.com/elastic/cloudbeat/processor" // Add vulnerability default processors. + "github.com/elastic/cloudbeat/transformer" + vuln "github.com/elastic/cloudbeat/vulnerability" + + "github.com/elastic/beats/v7/libbeat/beat" + "github.com/elastic/beats/v7/libbeat/processors" + agentconfig "github.com/elastic/elastic-agent-libs/config" + "github.com/elastic/elastic-agent-libs/logp" +) + +// vulnerability configuration. +type vulnerability struct { + flavorBase + runner vuln.VulnerabilityRunner +} + +// NewVulnerability creates an instance of vulnerability. +func NewVulnerability(_ *beat.Beat, cfg *agentconfig.C) (*vulnerability, error) { + log := logp.NewLogger("vulnerability") + + ctx, cancel := context.WithCancel(context.Background()) + + c, err := config.New(cfg) + if err != nil { + cancel() + return nil, fmt.Errorf("error reading config file: %w", err) + } + + log.Info("Config initiated with cycle period of ", c.Period) + + // namespace will be passed as param from fleet on https://github.com/elastic/security-team/issues/2383 and it's user configurable + resultsIndex := config.Datastream("", config.ResultsDatastreamIndexPrefix) + + commonDataProvider := dataprovider.NewCommonDataProvider(log, c) + commonData, err := commonDataProvider.FetchCommonData(ctx) + if err != nil { + cancel() + return nil, err + } + + t := transformer.NewTransformer(log, commonData, resultsIndex) + + base := flavorBase{ + ctx: ctx, + cancel: cancel, + config: c, + transformer: t, + log: log, + } + + // TODO: Due to boltDB lock, I've moved this to a global variable as single runner + // initial commit created a new runner every iteration in the evaluator constructor + runner, err := vuln.NewVulnerabilityRunner(log) + if err != nil { + cancel() + return nil, err + } + + bt := &vulnerability{ + flavorBase: base, + runner: runner, + } + + return bt, nil +} + +// Run starts vulnerability. +func (bt *vulnerability) Run(b *beat.Beat) error { + bt.log.Info("vulnerability is running! Hit CTRL-C to stop it.") + + procs, err := bt.configureProcessors(bt.config.Processors) + if err != nil { + return err + } + bt.log.Debugf("vulnerability configured %d processors", len(bt.config.Processors)) + + // Connect publisher (with beat's processors) + if bt.client, err = b.Publisher.ConnectWith(beat.ClientConfig{ + Processing: beat.ProcessingConfig{ + Processor: procs, + }, + }); err != nil { + return err + } + + // TODO: Should trigger first cycle without waiting for ticker. + bt.log.Warn("vulnerability.Run ticker running for period ", bt.config.Period) + workerTicker := time.NewTicker(bt.config.Period) + for { + select { + case <-bt.ctx.Done(): + bt.log.Warn("vulnerability.Run context is done") + return nil + + case <-workerTicker.C: + bt.log.Warn("vulnerability.Run ticker triggered") + worker, err := vuln.NewVulnerabilityWorker(bt.log, bt.config, bt.runner) + if err != nil { + bt.log.Warn("vulnerability.Run worker creation failed") + bt.cancel() + return err + } + wg := sync.WaitGroup{} + wg.Add(1) + go func() { + defer wg.Done() + bt.handleEvents(worker.GetChan()) + }() + worker.Run(bt.ctx) + wg.Wait() + bt.log.Warn("vulnerability.Run cycle finished") + } + } +} + +func (bt *vulnerability) handleEvents(ch chan beat.Event) { + var eventsToSend []beat.Event + flushTicker := time.NewTicker(flushInterval) + for { + select { + case <-bt.ctx.Done(): + bt.log.Warn("vulnerability.handleEvents context is done") + return + + // Flush events to ES after a pre-defined interval, meant to clean residuals after a cycle is finished. + case <-flushTicker.C: + if len(eventsToSend) == 0 { + continue + } + + bt.log.Infof("vulnerability.handleEvents Publishing %d vulnerability events to elasticsearch, time interval reached", len(eventsToSend)) + bt.client.PublishAll(eventsToSend) + eventsToSend = nil + + // Flush events to ES when reaching a certain threshold + case event, ok := <-ch: + if !ok { + bt.log.Warn("vulnerability.handleEvents worker channel is closed") + if len(eventsToSend) > 0 { + bt.log.Infof("Publishing %d cloudbeat events to elasticsearch, worker channel is closed", len(eventsToSend)) + bt.client.PublishAll(eventsToSend) + } + return + } + + eventsToSend = append(eventsToSend, event) + if len(eventsToSend) < eventsThreshold { + continue + } + + bt.log.Infof("Publishing %d cloudbeat events to elasticsearch, buffer threshold reached", len(eventsToSend)) + bt.client.PublishAll(eventsToSend) + eventsToSend = nil + } + } +} + +// Stop stops vulnerability. +func (bt *vulnerability) Stop() { + bt.cancel() +} + +// configureProcessors configure processors to be used by the beat +func (bt *vulnerability) configureProcessors(processorsList processors.PluginConfig) (procs *processors.Processors, err error) { + return processors.New(processorsList) +} diff --git a/go.mod b/go.mod index c2bc623714..b9045eeb79 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/elastic/cloudbeat -go 1.18 +go 1.19 require ( code.cloudfoundry.org/go-diodes v0.0.0-20190809170250-f77fb823c7ee // indirect @@ -32,8 +32,10 @@ require ( ) require ( - github.com/aws/aws-sdk-go-v2/credentials v1.12.21 - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.17 + github.com/aquasecurity/trivy v0.35.0 + github.com/aquasecurity/trivy-db v0.0.0-20221227141502-af78ecb7db4c + github.com/aws/aws-sdk-go-v2/credentials v1.13.3 + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.19 github.com/aws/aws-sdk-go-v2/service/autoscaling v1.24.4 github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.22.0 github.com/aws/aws-sdk-go-v2/service/cloudwatch v1.24.0 @@ -46,10 +48,10 @@ require ( github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing v1.14.8 github.com/aws/aws-sdk-go-v2/service/iam v1.18.23 github.com/aws/aws-sdk-go-v2/service/rds v1.40.2 - github.com/aws/aws-sdk-go-v2/service/s3 v1.26.12 + github.com/aws/aws-sdk-go-v2/service/s3 v1.27.11 github.com/aws/aws-sdk-go-v2/service/securityhub v1.27.1 github.com/aws/aws-sdk-go-v2/service/sns v1.19.0 - github.com/aws/aws-sdk-go-v2/service/sts v1.16.19 + github.com/aws/aws-sdk-go-v2/service/sts v1.17.5 github.com/aws/smithy-go v1.13.5 github.com/djherbis/times v1.5.0 github.com/elastic/e2e-testing v1.99.2-0.20220117192005-d3365c99b9c4 @@ -68,35 +70,213 @@ require ( ) require ( + cloud.google.com/go v0.105.0 // indirect + cloud.google.com/go/compute v1.13.0 // indirect + cloud.google.com/go/compute/metadata v0.2.1 // indirect + cloud.google.com/go/iam v0.8.0 // indirect + cloud.google.com/go/storage v1.27.0 // indirect + github.com/Azure/azure-sdk-for-go v66.0.0+incompatible // indirect + github.com/Azure/go-autorest v14.2.0+incompatible // indirect + github.com/Azure/go-autorest/autorest v0.11.28 // indirect + github.com/Azure/go-autorest/autorest/adal v0.9.21 // indirect + github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 // indirect + github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 // indirect + github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect + github.com/Azure/go-autorest/logger v0.2.1 // indirect + github.com/Azure/go-autorest/tracing v0.6.0 // indirect + github.com/BurntSushi/toml v1.2.0 // indirect + github.com/CycloneDX/cyclonedx-go v0.6.0 // indirect + github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible // indirect + github.com/MakeNowJust/heredoc v1.0.0 // indirect + github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver/v3 v3.1.1 // indirect + github.com/Masterminds/sprig/v3 v3.2.2 // indirect + github.com/Masterminds/squirrel v1.5.3 // indirect + github.com/Microsoft/hcsshim v0.9.5 // indirect github.com/ProtonMail/go-crypto v0.0.0-20211221144345-a4f6767435ab // indirect + github.com/VividCortex/ewma v1.1.1 // indirect github.com/acomagu/bufpipe v1.0.3 // indirect - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3 // indirect - github.com/aws/aws-sdk-go-v2/config v1.17.8 // indirect + github.com/agext/levenshtein v1.2.3 // indirect + github.com/alecthomas/chroma v0.10.0 // indirect + github.com/apparentlymart/go-cidr v1.1.0 // indirect + github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect + github.com/aquasecurity/defsec v0.82.0 // indirect + github.com/aquasecurity/go-dep-parser v0.0.0-20221114145626-35ef808901e8 // indirect + github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce // indirect + github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 // indirect + github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 // indirect + github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 // indirect + github.com/aquasecurity/memoryfs v1.4.4 // indirect + github.com/aquasecurity/table v1.8.0 // indirect + github.com/aquasecurity/tml v0.6.1 // indirect + github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect + github.com/aws/aws-sdk-go v1.44.136 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.8 // indirect + github.com/aws/aws-sdk-go-v2/config v1.18.3 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.28 // indirect github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.22 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.3.24 // indirect - github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.4 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.3.26 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.14 // indirect + github.com/aws/aws-sdk-go-v2/service/ebs v1.15.19 // indirect github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.20 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.3 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.8 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.9 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.18 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.22 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.7 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.11.23 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.6 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.17 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.11.25 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.8 // indirect + github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect + github.com/bmatcuk/doublestar v1.3.4 // indirect + github.com/briandowns/spinner v1.12.0 // indirect + github.com/caarlos0/env/v6 v6.10.1 // indirect + github.com/cenkalti/backoff v2.2.1+incompatible // indirect + github.com/chai2010/gettext-go v1.0.2 // indirect + github.com/cheggaaa/pb/v3 v3.1.0 // indirect + github.com/containerd/cgroups v1.0.4 // indirect + github.com/containerd/continuity v0.3.0 // indirect + github.com/containerd/fifo v1.0.0 // indirect + github.com/containerd/stargz-snapshotter/estargz v0.12.1 // indirect + github.com/containerd/ttrpc v1.1.1-0.20220420014843-944ef4a40df3 // indirect + github.com/containerd/typeurl v1.0.2 // indirect + github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect + github.com/dimchansky/utfbom v1.1.1 // indirect + github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect github.com/elastic/elastic-agent-shipper-client v0.4.0 // indirect github.com/emicklei/go-restful/v3 v3.8.0 // indirect github.com/emirpasic/gods v1.12.0 // indirect + github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect + github.com/go-errors/errors v1.0.1 // indirect github.com/go-git/gcfg v1.5.0 // indirect github.com/go-git/go-billy/v5 v5.3.1 // indirect + github.com/go-gorp/gorp/v3 v3.0.2 // indirect + github.com/go-openapi/analysis v0.21.4 // indirect + github.com/go-openapi/errors v0.20.3 // indirect + github.com/go-openapi/loads v0.21.2 // indirect + github.com/go-openapi/runtime v0.24.2 // indirect + github.com/go-openapi/spec v0.20.7 // indirect + github.com/go-openapi/strfmt v0.21.3 // indirect + github.com/go-openapi/validate v0.22.0 // indirect + github.com/go-redis/redis/v8 v8.11.5 // indirect + github.com/gogo/googleapis v1.4.1 // indirect + github.com/golang-jwt/jwt/v4 v4.2.0 // indirect + github.com/google/btree v1.0.1 // indirect + github.com/google/go-containerregistry v0.12.0 // indirect + github.com/google/licenseclassifier/v2 v2.0.0-pre6 // indirect + github.com/google/wire v0.5.0 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.2.0 // indirect + github.com/googleapis/gax-go/v2 v2.7.0 // indirect + github.com/gosuri/uitable v0.0.4 // indirect + github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect + github.com/hashicorp/go-getter v1.6.2 // indirect + github.com/hashicorp/go-retryablehttp v0.7.1 // indirect + github.com/hashicorp/go-safetemp v1.0.0 // indirect + github.com/hashicorp/golang-lru v0.5.4 // indirect + github.com/hashicorp/hcl v1.0.0 // indirect + github.com/hashicorp/hcl/v2 v2.14.1 // indirect + github.com/huandu/xstrings v1.3.2 // indirect + github.com/in-toto/in-toto-golang v0.5.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect + github.com/jmoiron/sqlx v1.3.5 // indirect + github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 // indirect - github.com/onsi/ginkgo v1.16.4 // indirect + github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f // indirect + github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d // indirect + github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 // indirect + github.com/knqyf263/go-rpmdb v0.0.0-20221030142135-919c8a52f04f // indirect + github.com/knqyf263/nested v0.0.1 // indirect + github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect + github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect + github.com/liamg/iamgo v0.0.9 // indirect + github.com/liamg/jfather v0.0.7 // indirect + github.com/liamg/memoryfs v1.4.3 // indirect + github.com/lib/pq v1.10.6 // indirect + github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect + github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40 // indirect + github.com/magiconair/properties v1.8.6 // indirect + github.com/masahiro331/go-disk v0.0.0-20220919035250-c8da316f91ac // indirect + github.com/masahiro331/go-ebs-file v0.0.0-20221125181850-09c63351e38c // indirect + github.com/masahiro331/go-ext4-filesystem v0.0.0-20221016160854-4b40d7ee6193 // indirect + github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08 // indirect + github.com/masahiro331/go-vmdk-parser v0.0.0-20221124162251-5eeffd974e5a // indirect + github.com/masahiro331/go-xfs-filesystem v0.0.0-20221127135739-051c25f1becd // indirect + github.com/mattn/go-runewidth v0.0.13 // indirect + github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/go-testing-interface v1.0.0 // indirect + github.com/mitchellh/go-wordwrap v1.0.1 // indirect + github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect + github.com/moby/buildkit v0.10.4 // indirect + github.com/moby/spdystream v0.2.0 // indirect + github.com/moby/sys/mountinfo v0.6.2 // indirect + github.com/moby/sys/signal v0.7.0 // indirect + github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect + github.com/oklog/ulid v1.3.1 // indirect + github.com/olekukonko/tablewriter v0.0.5 // indirect + github.com/opencontainers/runc v1.1.3 // indirect + github.com/opencontainers/runtime-spec v1.0.3-0.20220311020903-6969a0a09ab1 // indirect + github.com/opencontainers/selinux v1.10.1 // indirect + github.com/opentracing/opentracing-go v1.2.0 // indirect + github.com/owenrumney/go-sarif/v2 v2.1.2 // indirect + github.com/owenrumney/squealer v1.0.1-0.20220510063705-c0be93f0edea // indirect + github.com/package-url/packageurl-go v0.1.1-0.20220203205134-d70459300c8a // indirect + github.com/pelletier/go-toml v1.9.5 // indirect + github.com/pelletier/go-toml/v2 v2.0.5 // indirect + github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pierrec/lz4/v4 v4.1.15 // indirect + github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 // indirect + github.com/rivo/uniseg v0.2.0 // indirect + github.com/rubenv/sql-migrate v1.1.2 // indirect + github.com/russross/blackfriday v1.6.0 // indirect + github.com/saracen/walker v0.0.0-20191201085201-324a081bae7e // indirect + github.com/secure-systems-lab/go-securesystemslib v0.4.0 // indirect + github.com/shibumi/go-pathspec v1.3.0 // indirect github.com/shirou/gopsutil v3.21.11+incompatible // indirect + github.com/shopspring/decimal v1.2.0 // indirect + github.com/sigstore/rekor v1.0.0 // indirect + github.com/spdx/tools-golang v0.3.0 // indirect + github.com/spf13/afero v1.8.2 // indirect + github.com/spf13/cast v1.5.0 // indirect + github.com/spf13/jwalterweatherman v1.1.0 // indirect + github.com/spf13/viper v1.13.0 // indirect + github.com/subosito/gotenv v1.4.1 // indirect github.com/tchap/go-patricia/v2 v2.3.1 // indirect + github.com/tetratelabs/wazero v1.0.0-pre.3 // indirect + github.com/twitchtv/twirp v8.1.2+incompatible // indirect + github.com/ulikunitz/xz v0.5.10 // indirect + github.com/vbatts/tar-split v0.11.2 // indirect github.com/xanzy/ssh-agent v0.3.0 // indirect + github.com/xeipuuv/gojsonschema v1.2.0 // indirect + github.com/xlab/treeprint v1.1.0 // indirect + github.com/zclconf/go-cty v1.10.0 // indirect + github.com/zclconf/go-cty-yaml v1.0.2 // indirect + go.etcd.io/bbolt v1.3.6 // indirect + go.mongodb.org/mongo-driver v1.10.0 // indirect + go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 // indirect golang.org/x/exp v0.0.0-20220921023135-46d9e7742f1e // indirect + golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect + google.golang.org/api v0.103.0 // indirect + gopkg.in/cheggaaa/pb.v1 v1.0.28 // indirect + gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect + helm.sh/helm/v3 v3.10.0 // indirect + k8s.io/apiextensions-apiserver v0.25.0 // indirect + k8s.io/apiserver v0.25.0 // indirect + k8s.io/cli-runtime v0.25.3 // indirect + k8s.io/component-base v0.25.3 // indirect + k8s.io/kubectl v0.25.3 // indirect + lukechampine.com/uint128 v1.1.1 // indirect + modernc.org/cc/v3 v3.36.0 // indirect + modernc.org/ccgo/v3 v3.16.6 // indirect + modernc.org/libc v1.16.7 // indirect + modernc.org/mathutil v1.4.1 // indirect + modernc.org/memory v1.1.1 // indirect + modernc.org/opt v0.1.1 // indirect + modernc.org/sqlite v1.17.3 // indirect + modernc.org/strutil v1.1.1 // indirect + modernc.org/token v1.0.0 // indirect + sigs.k8s.io/kustomize/api v0.12.1 // indirect + sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect ) require ( @@ -152,7 +332,7 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/yashtewari/glob-intersection v0.1.0 // indirect go.elastic.co/fastjson v1.1.0 // indirect - go.opencensus.io v0.23.0 // indirect + go.opencensus.io v0.24.0 // indirect go.opentelemetry.io/otel v1.7.0 // indirect go.opentelemetry.io/otel/trace v1.7.0 // indirect golang.org/x/term v0.3.0 // indirect @@ -295,3 +475,10 @@ replace ( ) // exclude github.com/elastic/elastic-agent v0.0.0-20220831162706-5f1e54f40d3e + +// See https://github.com/moby/moby/issues/42939#issuecomment-1114255529 +replace github.com/docker/docker => github.com/docker/docker v20.10.3-0.20220224222438-c78f6963a1c0+incompatible + +// v1.2.0 is taken from github.com/open-policy-agent/opa v0.42.0 +// v1.2.0 incompatible with github.com/docker/docker v20.10.3-0.20220224222438-c78f6963a1c0+incompatible +replace oras.land/oras-go => oras.land/oras-go v1.1.1 diff --git a/go.sum b/go.sum index f6145322b4..9480867b5f 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,11 @@ bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= +bazil.org/fuse v0.0.0-20200407214033-5883e5a4b512/go.mod h1:FbcW6z/2VytnFDhZfumh8Ss8zxHE6qpMP5sHTRe0EaM= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= +cloud.google.com/go v0.44.3/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To= @@ -16,6 +18,7 @@ cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOY cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY= cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI= cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk= +cloud.google.com/go v0.75.0/go.mod h1:VGuuCn7PG0dwsd5XPVm2Mm3wlh3EL55/79EKB6hlPTY= cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= @@ -28,16 +31,25 @@ cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc= cloud.google.com/go v0.98.0/go.mod h1:ua6Ush4NALrHk5QXDWnjvZHN93OuF0HfuEPq9I1X0cM= cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA= +cloud.google.com/go v0.105.0 h1:DNtEKRBAAzeS4KyIory52wWHuClNaXJ5x1F7xa4q+5Y= +cloud.google.com/go v0.105.0/go.mod h1:PrLgOJNe5nfE9UMxKxgXj4mD3voiP+YQ6gdt6KMFOKM= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= +cloud.google.com/go/compute v1.13.0 h1:AYrLkB8NPdDRslNp4Jxmzrhdr03fUAIDbiGFjLWowoU= +cloud.google.com/go/compute v1.13.0/go.mod h1:5aPTS0cUNMIc1CE546K+Th6weJUNQErARyZtRXDJ8GE= +cloud.google.com/go/compute/metadata v0.2.1 h1:efOwf5ymceDhK6PKMnnrTHP4pppY5L22mle96M1yP48= +cloud.google.com/go/compute/metadata v0.2.1/go.mod h1:jgHgmJd2RKBGzXqF5LR2EZMGxBkeanZ9wwa75XHJgOM= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= cloud.google.com/go/firestore v1.6.1/go.mod h1:asNXNOzBdyVQmEU+ggO8UPodTkEVFW5Qx+rwHnAz+EY= +cloud.google.com/go/iam v0.8.0 h1:E2osAkZzxI/+8pZcxVLcDtAQx/u+hZXVryUaYQ5O0Kk= +cloud.google.com/go/iam v0.8.0/go.mod h1:lga0/y3iH6CX7sYqypWJ33hf7kkfXJag67naqGESjkE= +cloud.google.com/go/longrunning v0.3.0 h1:NjljC+FYPV3uh5/OwWT6pVU+doBqMg2x/rZlE+CamDs= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -47,6 +59,9 @@ cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0Zeo cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk= cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs= cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0= +cloud.google.com/go/storage v1.14.0/go.mod h1:GrKmX003DSIwi9o29oFT7YDnHYwZoctc3fOKtUw0Xmo= +cloud.google.com/go/storage v1.27.0 h1:YOO045NZI9RKfCj1c5A/ZtuuENUc8OAW+gHdGnDgyMQ= +cloud.google.com/go/storage v1.27.0/go.mod h1:x9DOL8TK/ygDUMieqwfhdpQryTeEkhGKMi80i/iqR2s= code.cloudfoundry.org/go-diodes v0.0.0-20190809170250-f77fb823c7ee h1:iAAPf9s7/+BIiGf+RjgcXLm3NoZaLIJsBXJuUa63Lx8= code.cloudfoundry.org/go-diodes v0.0.0-20190809170250-f77fb823c7ee/go.mod h1:Jzi+ccHgo/V/PLQUaQ6hnZcC1c4BS790gx21LRRui4g= code.cloudfoundry.org/go-loggregator v7.4.0+incompatible h1:KqZYloMQWM5Zg/BQKunOIA4OODh7djZbk48qqbowNFI= @@ -56,43 +71,80 @@ code.cloudfoundry.org/gofileutils v0.0.0-20170111115228-4d0c80011a0f/go.mod h1:s code.cloudfoundry.org/rfc5424 v0.0.0-20180905210152-236a6d29298a h1:8rqv2w8xEceNwckcF5ONeRt0qBHlh5bnNfFnYTrZbxs= code.cloudfoundry.org/rfc5424 v0.0.0-20180905210152-236a6d29298a/go.mod h1:tkZo8GtzBjySJ7USvxm4E36lNQw1D3xM6oKHGqdaAJ4= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +github.com/AdaLogics/go-fuzz-headers v0.0.0-20210715213245-6c3934b029d8/go.mod h1:CzsSbkDixRphAF5hS6wbMKq0eI6ccJRb7/A0M6JBnwg= github.com/AlecAivazis/survey/v2 v2.3.2/go.mod h1:TH2kPCDU3Kqq7pLbnCWwZXDBjnhZtmsCle5EiYDJ2fg= github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v56.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= +github.com/Azure/azure-sdk-for-go v66.0.0+incompatible h1:bmmC38SlE8/E81nNADlgmVGurPWMHDX2YNXVQMrBpEE= +github.com/Azure/azure-sdk-for-go v66.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= +github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.11.1/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= github.com/Azure/go-autorest/autorest v0.11.18/go.mod h1:dSiJPy22c3u0OtOKDNttNgqpNFY/GeWa7GH/Pz56QRA= +github.com/Azure/go-autorest/autorest v0.11.20/go.mod h1:o3tqFY+QR40VOlk+pV4d77mORO64jOXSgEnPQgLK6JY= +github.com/Azure/go-autorest/autorest v0.11.24/go.mod h1:G6kyRlFnTuSbEYkQGawPfsCswgme4iYf6rfSKUDzbCc= +github.com/Azure/go-autorest/autorest v0.11.28 h1:ndAExarwr5Y+GaHE6VCaY1kyS/HwwGGyuimVhWsHOEM= +github.com/Azure/go-autorest/autorest v0.11.28/go.mod h1:MrkzG3Y3AH668QyF9KRk5neJnGgmhQ6krbhR8Q5eMvA= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.5/go.mod h1:B7KF7jKIeC9Mct5spmyCB/A8CG/sEz1vwIRGv/bbw7A= github.com/Azure/go-autorest/autorest/adal v0.9.13/go.mod h1:W/MM4U6nLxnIskrw4UwWzlHfGjwUS50aOsc/I3yuU8M= +github.com/Azure/go-autorest/autorest/adal v0.9.15/go.mod h1:tGMin8I49Yij6AQ+rvV+Xa/zwxYQB5hmsd6DkfAx2+A= +github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= +github.com/Azure/go-autorest/autorest/adal v0.9.21 h1:jjQnVFXPfekaqb8vIsv2G1lxshoW+oGv4MDlhRtnYZk= +github.com/Azure/go-autorest/autorest/adal v0.9.21/go.mod h1:zua7mBUaCc5YnSLKYgGJR/w5ePdMDA6H56upLsHzA9U= +github.com/Azure/go-autorest/autorest/azure/auth v0.5.11 h1:P6bYXFoao05z5uhOQzbC3Qd8JqF3jUoocoTeIxkp2cA= +github.com/Azure/go-autorest/autorest/azure/auth v0.5.11/go.mod h1:84w/uV8E37feW2NCJ08uT9VBfjfUHpgLVnG2InYD6cg= +github.com/Azure/go-autorest/autorest/azure/cli v0.4.5 h1:0W/yGmFdTIT77fvdlGZ0LMISoLHFJ7Tx4U0yeB+uFs4= +github.com/Azure/go-autorest/autorest/azure/cli v0.4.5/go.mod h1:ADQAXrkgm7acgWVUNamOgh8YNrv4p27l3Wc55oVfpzg= +github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= github.com/Azure/go-autorest/autorest/mocks v0.4.0/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= +github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= +github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= +github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= github.com/Azure/go-autorest/logger v0.2.0/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= +github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/toml v1.2.0 h1:Rt8g24XnyGTyglgET/PRUNlrUeu9F5L+7FilkXfZgs0= +github.com/BurntSushi/toml v1.2.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/CycloneDX/cyclonedx-go v0.6.0 h1:SizWGbZzFTC/O/1yh072XQBMxfvsoWqd//oKCIyzFyE= +github.com/CycloneDX/cyclonedx-go v0.6.0/go.mod h1:nQCiF4Tvrg5Ieu8qPhYMvzPGMu5I7fANZkrSsJjl5mg= +github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60= github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/Flaque/filet v0.0.0-20201012163910-45f684403088 h1:PnnQln5IGbhLeJOi6hVs+lCeF+B1dRfFKPGXUAez0Ww= github.com/Flaque/filet v0.0.0-20201012163910-45f684403088/go.mod h1:TK+jB3mBs+8ZMWhU5BqZKnZWJ1MrLo8etNVg51ueTBo= +github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible h1:juIaKLLVhqzP55d8x4cSVgwyQv76Z55/fRv/UBr2KkQ= +github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible/go.mod h1:BB1eHdMLYEFuFdBlRMb0N7YGVdM5s6Pt0njxgvfbGGs= github.com/Jeffail/gabs/v2 v2.6.0 h1:WdCnGaDhNa4LSRTMwhLZzJ7SRDXjABNP13SOKvCpL5w= github.com/Jeffail/gabs/v2 v2.6.0/go.mod h1:xCn81vdHKxFUuWWAaD5jCTQDNPBMh5pPs9IJ+NcziBI= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= +github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= +github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver v1.4.2/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= +github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= +github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= github.com/Masterminds/squirrel v1.5.2/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= +github.com/Masterminds/squirrel v1.5.3 h1:YPpoceAcxuzIljlr5iWpNKaql7hLeG1KLSrhvdHpkZc= +github.com/Masterminds/squirrel v1.5.3/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA= github.com/Microsoft/hcsshim v0.8.6/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= github.com/Microsoft/hcsshim v0.8.7-0.20190325164909-8abdbb8205e4/go.mod h1:Op3hHsoHPAvb6lceZHDtd9OkTew38wNoXnJs8iY7rUg= @@ -101,9 +153,13 @@ github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg3 github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2ow3VK6a9Lg= github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= +github.com/Microsoft/hcsshim v0.8.20/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= github.com/Microsoft/hcsshim v0.8.21/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= +github.com/Microsoft/hcsshim v0.8.23/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= github.com/Microsoft/hcsshim v0.8.24/go.mod h1:4zegtUJth7lAvFyc6cH2gGQ5B3OFQim01nnU2M8jKDg= +github.com/Microsoft/hcsshim v0.9.2/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim v0.9.5 h1:AbV+VPfTrIVffukazHcpxmz/sRiE6YaMDzHWR9BXZHo= +github.com/Microsoft/hcsshim v0.9.5/go.mod h1:7pLA8lDk46WKDWlVsENo92gC0XFa8rbKfyFRBqxEbCc= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= @@ -120,28 +176,39 @@ github.com/ProtonMail/go-crypto v0.0.0-20211221144345-a4f6767435ab h1:5FiL/TCaiK github.com/ProtonMail/go-crypto v0.0.0-20211221144345-a4f6767435ab/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/ProtonMail/go-mime v0.0.0-20190923161245-9b5a4261663a/go.mod h1:NYt+V3/4rEeDuaev/zw1zCq8uqVEuPHzDPo3OZrlGJ4= github.com/ProtonMail/gopenpgp/v2 v2.4.0/go.mod h1:RFjoVjfhV8f78tjz/fLrp/OXkugL3QmWsiJq/fsQYA4= +github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/Shopify/toxiproxy v2.1.4+incompatible h1:TKdv8HiTLgE5wdJuEML90aBgNWsokNbMijUGhmcoBJc= github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/StackExchange/wmi v1.2.1/go.mod h1:rcmrprowKIVzvc+NUiLncP2uuArMWLCbu9SBzvHz7e8= +github.com/VividCortex/ewma v1.1.1 h1:MnEK4VOv6n0RSY4vtRe3h11qjxL3+t0B8yOL8iMXdcM= +github.com/VividCortex/ewma v1.1.1/go.mod h1:2Tkkvm3sRDVXaiyucHiACn4cqf7DpdyLvmxzcbUokwA= github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/adriansr/fsnotify v1.4.8-0.20211018144411-a81f2b630e7c h1:LpOCwE9oTg0+1Dm8rB06dKxQs7yu5tdnM6A/Zm/juQQ= github.com/adriansr/fsnotify v1.4.8-0.20211018144411-a81f2b630e7c/go.mod h1:onXS6zmTa1LJcurVsOkzywEV/Q3pdEqqu362/8OQzAI= +github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= +github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8= github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo= github.com/akavel/rsrc v0.10.2 h1:Zxm8V5eI1hW4gGaYsJQUhxpjkENuG91ki8B4zCrvEsw= github.com/akavel/rsrc v0.10.2/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c= github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs= +github.com/alecthomas/chroma v0.10.0 h1:7XDcGkCQopCNKjZHfYrNLraA+M7e0fMiJ/Mfikbfjek= +github.com/alecthomas/chroma v0.10.0/go.mod h1:jtJATyUxlIORhUOFNA9NZDWGAQ8wpxQQqNSB4rjA/1s= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= +github.com/alexflint/go-filemutex v1.1.0/go.mod h1:7P4iRhttt/nUvUOrYIhcpMzv2G6CY9UnI16Z+UJqRyk= +github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a h1:HbKu58rmZpUGpz5+4FfNmIU+FmZg2P3Xaj2v2bfNWmk= +github.com/alicebob/miniredis/v2 v2.23.0 h1:+lwAJYjvvdIVg6doFHuotFjueJ/7KY10xo/vm3X3Scw= github.com/andrewkroh/goja v0.0.0-20190128172624-dd2ac4456e20 h1:7rj9qZ63knnVo2ZeepYHvHuRdG76f3tRUTdIQDzRBeI= github.com/andrewkroh/goja v0.0.0-20190128172624-dd2ac4456e20/go.mod h1:cI59GRkC2FRaFYtgbYEqMlgnnfvAwXzjojyZKXwklNg= github.com/andrewkroh/sys v0.0.0-20151128191922-287798fe3e43 h1:WFwa9pqou0Nb4DdfBOyaBTH0GqLE74Qwdf61E7ITHwQ= @@ -150,6 +217,36 @@ github.com/andybalholm/brotli v1.0.3/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHG github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4tdgBZjnU= +github.com/apparentlymart/go-cidr v1.1.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= +github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= +github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw= +github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo= +github.com/aquasecurity/bolt-fixtures v0.0.0-20200903104109-d34e7f983986 h1:2a30xLN2sUZcMXl50hg+PJCIDdJgIvIbVcKqLJ/ZrtM= +github.com/aquasecurity/defsec v0.82.0 h1:WUpPZ6IR0NgZqDK7CGaY5fOI799FNlqGvGMSboHEHlI= +github.com/aquasecurity/defsec v0.82.0/go.mod h1:4SMepRtX/F8bzTd8CucIpMiqpNOB6/BVPnRktDF5iN0= +github.com/aquasecurity/go-dep-parser v0.0.0-20221114145626-35ef808901e8 h1:574FCPBKyseQXhlOfTFdbxfcynhXRWVlD3cpRK0reC4= +github.com/aquasecurity/go-dep-parser v0.0.0-20221114145626-35ef808901e8/go.mod h1:ZCiGJgdQxCateSw3nPMwZvp9J/+nU8/3DcGY/NO71e4= +github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce h1:QgBRgJvtEOBtUXilDb1MLi1p1MWoyFDXAu5DEUl5nwM= +github.com/aquasecurity/go-gem-version v0.0.0-20201115065557-8eed6fe000ce/go.mod h1:HXgVzOPvXhVGLJs4ZKO817idqr/xhwsTcj17CLYY74s= +github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798 h1:eveqE9ivrt30CJ7dOajOfBavhZ4zPqHcZe/4tKp0alc= +github.com/aquasecurity/go-npm-version v0.0.0-20201110091526-0b796d180798/go.mod h1:hxbJZtKlO4P8sZ9nztizR6XLoE33O+BkPmuYQ4ACyz0= +github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 h1:vmXNl+HDfqqXgr0uY1UgK1GAhps8nbAAtqHNBcgyf+4= +github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46/go.mod h1:olhPNdiiAAMiSujemd1O/sc6GcyePr23f/6uGKtthNg= +github.com/aquasecurity/go-version v0.0.0-20201107203531-5e48ac5d022a/go.mod h1:9Beu8XsUNNfzml7WBf3QmyPToP1wm1Gj/Vc5UJKqTzU= +github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 h1:rcEG5HI490FF0a7zuvxOxen52ddygCfNVjP0XOCMl+M= +github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492/go.mod h1:9Beu8XsUNNfzml7WBf3QmyPToP1wm1Gj/Vc5UJKqTzU= +github.com/aquasecurity/memoryfs v1.4.4 h1:HdkShi6jjKZLAgQ+6/CXXDB/zwH2hAMp2oklo9w5t7A= +github.com/aquasecurity/memoryfs v1.4.4/go.mod h1:kLxvGxhdyG0zmlFUJB6VAkLn4WRPOycLW/UYO6dspao= +github.com/aquasecurity/table v1.8.0 h1:9ntpSwrUfjrM6/YviArlx/ZBGd6ix8W+MtojQcM7tv0= +github.com/aquasecurity/table v1.8.0/go.mod h1:eqOmvjjB7AhXFgFqpJUEE/ietg7RrMSJZXyTN8E/wZw= +github.com/aquasecurity/testdocker v0.0.0-20210911155206-e1e85f5a1516 h1:moQmzbpLo5dxHQCyEhqzizsDSNrNhn/7uRTCZzo4A1o= +github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo= +github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY= +github.com/aquasecurity/trivy v0.35.0 h1:qtSn7MSLjRRmUOTI7UbGOlT3NVk/Zcv2/m19kD4EjIY= +github.com/aquasecurity/trivy v0.35.0/go.mod h1:gwkdeoZUwAxDrwBVD6EmCDHPVo+nkMxeudy06HiWkcA= +github.com/aquasecurity/trivy-db v0.0.0-20221227141502-af78ecb7db4c h1:CgJiXxVxgFOQ4btP97LEYqEHnx++FRpf2IJEXJV+xHs= +github.com/aquasecurity/trivy-db v0.0.0-20221227141502-af78ecb7db4c/go.mod h1:/nULgnDeq/JMPMVwE1dmf4kWlYn++7VrM3O2naj4BHA= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= @@ -164,10 +261,14 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkY github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ= +github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aslakhellesoy/gox v1.0.100/go.mod h1:AJl542QsKKG96COVsv0N74HHzVQgDIQPceVUh1aeU2M= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= +github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= github.com/aws/aws-sdk-go v1.34.9/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZveU8YkpAk0= -github.com/aws/aws-sdk-go-v2 v1.16.6/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw= +github.com/aws/aws-sdk-go v1.44.136 h1:J1KJJssa8pjU8jETYUxwRS37KTcxjACfKd9GK8t+5ZU= +github.com/aws/aws-sdk-go v1.44.136/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go-v2 v1.16.7/go.mod h1:6CpKuLXg2w7If3ABZCl/qZ6rEgwtjZTn4eAf4RcEyuw= github.com/aws/aws-sdk-go-v2 v1.16.16/go.mod h1:SwiyXi/1zTUZ6KIAmLK5V5ll8SiURNUYOqTerZPaF9k= github.com/aws/aws-sdk-go-v2 v1.17.1/go.mod h1:JLnGeGONAyi2lWXI1p0PCIOIy333JMVK1U7Hf0aRFLw= @@ -175,15 +276,14 @@ github.com/aws/aws-sdk-go-v2 v1.17.2/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3eP github.com/aws/aws-sdk-go-v2 v1.17.3/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= github.com/aws/aws-sdk-go-v2 v1.17.4 h1:wyC6p9Yfq6V2y98wfDsj6OnNQa4w2BLGCLIxzNhwOGY= github.com/aws/aws-sdk-go-v2 v1.17.4/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3 h1:S/ZBwevQkr7gv5YxONYpGQxlMFFYSRfz3RMcjsC9Qhk= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.3/go.mod h1:gNsR5CaXKmQSSzrmGxmwmct/r+ZBfbxorAuXYsj/M5Y= -github.com/aws/aws-sdk-go-v2/config v1.17.8 h1:b9LGqNnOdg9vR4Q43tBTVWk4J6F+W774MSchvKJsqnE= -github.com/aws/aws-sdk-go-v2/config v1.17.8/go.mod h1:UkCI3kb0sCdvtjiXYiU4Zx5h07BOpgBTtkPu/49r+kA= -github.com/aws/aws-sdk-go-v2/credentials v1.12.21 h1:4tjlyCD0hRGNQivh5dN8hbP30qQhMLBE/FgQR1vHHWM= -github.com/aws/aws-sdk-go-v2/credentials v1.12.21/go.mod h1:O+4XyAt4e+oBAoIwNUYkRg3CVMscaIJdmZBOcPgJ8D8= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.17 h1:r08j4sbZu/RVi+BNxkBJwPMUYY3P8mgSDuKkZ/ZN1lE= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.17/go.mod h1:yIkQcCDYNsZfXpd5UX2Cy+sWA1jPgIhGTw9cOBzfVnQ= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.13/go.mod h1:wLLesU+LdMZDM3U0PP9vZXJW39zmD/7L4nY2pSrYZ/g= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.8 h1:tcFliCWne+zOuUfKNRn8JdFBuWPDuISDH08wD2ULkhk= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.8/go.mod h1:JTnlBSot91steJeti4ryyu/tLd4Sk84O5W22L7O2EQU= +github.com/aws/aws-sdk-go-v2/config v1.18.3 h1:3kfBKcX3votFX84dm00U8RGA1sCCh3eRMOGzg5dCWfU= +github.com/aws/aws-sdk-go-v2/config v1.18.3/go.mod h1:BYdrbeCse3ZnOD5+2/VE/nATOK8fEUpBtmPMdKSyhMU= +github.com/aws/aws-sdk-go-v2/credentials v1.13.3 h1:ur+FHdp4NbVIv/49bUjBW+FE7e57HOo03ELodttmagk= +github.com/aws/aws-sdk-go-v2/credentials v1.13.3/go.mod h1:/rOMmqYBcFfNbRPU0iN9IgGqD5+V2yp3iWNmIlz0wI4= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.19 h1:E3PXZSI3F2bzyj6XxUXdTIfvp425HHhwKsFvmzBwHgs= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.19/go.mod h1:VihW95zQpeKQWVPGkwT+2+WJNQV8UXFfMTWdU6VErL8= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.14/go.mod h1:kdjrMwHwrC3+FsKhNcCMJ7tUVj/8uSD5CZXeQ4wV6fM= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.23/go.mod h1:2DFxAQ9pfIRy0imBCJv+vZ2X6RKxves6fbnEuSry6b4= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.25/go.mod h1:Zb29PYkf42vVYQY6pvSyJCJcFHlPIiY+YKdPtwnvMkY= @@ -191,7 +291,6 @@ github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.26/go.mod h1:2E0LdbJW6l github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27/go.mod h1:a1/UpzeyBBerajpnP5nGZa9mGzsBn5cOKxm6NWQsvoI= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.28 h1:r+XwaCLpIvCKjBIYy/HVZujQS9tsz5ohHG3ZIe0wKoE= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.28/go.mod h1:3lwChorpIM/BhImY/hy+Z6jekmN92cXGPI1QJasVPYY= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.7/go.mod h1:93Uot80ddyVzSl//xEJreNKMhxntr71WtR3v/A1cRYk= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.8/go.mod h1:ZIV8GYoC6WLBW5KGs+o4rsc65/ozd+eQ0L31XF5VDwk= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.17/go.mod h1:pRwaTYCJemADaqCbUAxltMoHKata7hmB5PjEXeu0kfg= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.19/go.mod h1:6Q0546uHDp421okhmmGfbxzq2hBqbXFNpi4k+Q1JnQA= @@ -199,10 +298,10 @@ github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.20/go.mod h1:/+6lSiby8TB github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21/go.mod h1:+Gxn8jYn5k9ebfHEqlhrMirFjSW0v0C9fI+KN5vk2kE= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.22 h1:7AwGYXDdqRQYsluvKFmWoqpcOQJ4bH634SkYf3FNj/A= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.22/go.mod h1:EqK7gVrIGAHyZItrD1D8B0ilgwMD1GiWAmbU4u/JHNk= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.24 h1:wj5Rwc05hvUSvKuOF29IYb9QrCLjU+rHAy/x/o0DK2c= -github.com/aws/aws-sdk-go-v2/internal/ini v1.3.24/go.mod h1:jULHjqqjDlbyTa7pfM7WICATnOv+iOhjletM3N0Xbu8= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.4 h1:wusoY1MJ9JNrPoX3n4kxY4MTIUivCiXvTYQbYh59yxs= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.4/go.mod h1:cHTMyJVEXRUZ25f8V+pq6CAwoYARarJRFGf3XH4eIxE= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.26 h1:Mza+vlnZr+fPKFKRq/lKGVvM6B/8ZZmNdEopOwSQLms= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.26/go.mod h1:Y2OJ+P+MC1u1VKnavT+PshiEuGPyh/7DqxoDNij4/bg= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.14 h1:ZSIPAkAsCCjYrhqfw2+lNzWDzxzHXEckFkTePL5RSWQ= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.14/go.mod h1:AyGgqiKv9ECM6IZeNQtdT8NnMvUb3/2wokeq2Fgryto= github.com/aws/aws-sdk-go-v2/service/autoscaling v1.24.4 h1:UFY/jik4/RIejnc4Qfi+AxYAs/ZIoLlKVIt7s/iqQR4= github.com/aws/aws-sdk-go-v2/service/autoscaling v1.24.4/go.mod h1:uPC6MoUg0E5P19+yoXB//OnQGMUApXmu8Z2Gqo+h/bk= github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.22.0 h1:Hdql8h9SancrQPqJoDcaJQT01zwaSP4gYbe8rmrQRrw= @@ -213,6 +312,8 @@ github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.19.0 h1:p+OcsLTwgm2nYEohX github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs v1.19.0/go.mod h1:xHK1ta0bQEa5jL6rahKRJvsibjzDO7NTIs5itzsF4w8= github.com/aws/aws-sdk-go-v2/service/configservice v1.29.2 h1:/NbZCLU+p0/eLNqQQdiXMYvpbYP+C4IN+/sFZ/GR+SE= github.com/aws/aws-sdk-go-v2/service/configservice v1.29.2/go.mod h1:254LLiyp/FUug9/gqJ+w7+tM+2UAk0LJFJykjkm5FXY= +github.com/aws/aws-sdk-go-v2/service/ebs v1.15.19 h1:6S06aB1xyXs3C9RE5RyJROw1v1ByXGHo/cxTZ13VRp0= +github.com/aws/aws-sdk-go-v2/service/ebs v1.15.19/go.mod h1:pJhytP5qZaPIqCF2BewXttD4bc29KIPm6LMSIBhMCFI= github.com/aws/aws-sdk-go-v2/service/ec2 v1.63.1 h1:jSS5gynKz4XaGcs6m25idCTN+tvPkRJ2WedSWCcZEjI= github.com/aws/aws-sdk-go-v2/service/ec2 v1.63.1/go.mod h1:0+6fPoY0SglgzQUs2yml7X/fup12cMlVumJufh5npRQ= github.com/aws/aws-sdk-go-v2/service/ecr v1.17.18 h1:uiF/RI+Up8H2xdgT2GWa20YzxiKEalHieqNjm6HC3Xk= @@ -227,30 +328,30 @@ github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.20 h1:dJngzOIJ github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 v1.18.20/go.mod h1:tAKN3/tWkL0P+WA44wSkNyk6wWcbHUfTV2F3j3o6Yhs= github.com/aws/aws-sdk-go-v2/service/iam v1.18.23 h1:HOtW30EkfQevdv++mKguMyn8/agh1z2VuBGR4Hou/u8= github.com/aws/aws-sdk-go-v2/service/iam v1.18.23/go.mod h1:yQ92mKfw/Gg5AvgxGmfdufKEyVoa9RNBsdnB9j5Gzkk= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.3 h1:4n4KCtv5SUoT5Er5XV41huuzrCqepxlW3SDI9qHQebc= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.3/go.mod h1:gkb2qADY+OHaGLKNTYxMaQNacfeyQpZ4csDTQMeFmcw= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.8 h1:BzBekDihMMeBexBhdK7xS3AIh2Jg/mECyLWO5RRwwHY= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.8/go.mod h1:a1BSeQI9IVr1j5Dwn73cdAKi4MdizTaV9YovUaHefGI= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.7/go.mod h1:HvVdEh/x4jsPBsjNvDy+MH3CDCPy4gTZEzFe2r4uJY8= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.9 h1:Lh1AShsuIJTwMkoxVCAYPJgNG5H+eN6SmoUn8nOZ5wE= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.9/go.mod h1:a9j48l6yL5XINLHLcOKInjdvknN+vWqPBxqeIDw7ktw= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.18 h1:BBYoNQt2kUZUUK4bIPsKrCcjVPUMNsgQpNAwhznK/zo= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.18/go.mod h1:NS55eQ4YixUJPTC+INxi2/jCqe1y2Uw3rnh9wEOVJxY= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.17/go.mod h1:4nYOrY41Lrbk2170/BGkcJKBhws9Pfn8MG3aGqjjeFI= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.19/go.mod h1:02CP6iuYP+IVnBX5HULVdSAku/85eHB2Y9EsFhrkEwU= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.22 h1:LjFQf8hFuMO22HkV5VWGLBvmCLBCLPivUAmpdpnp4Vs= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.22/go.mod h1:xt0Au8yPIwYXf/GYPy/vl4K3CgwhfQMYbrH7DlUUIws= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.7 h1:imb0NhTQZaTDSAQvgFyiZbKTwl0F+AkZL1ZNoEHtuQc= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.7/go.mod h1:V952z/yIT247sKya+CB+Ls3sxpB9jeBj5TkLraCGKGU= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.17 h1:HfVVR1vItaG6le+Bpw6P4midjBDMKnjMyZnw9MXYUcE= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.17/go.mod h1:YqMdV+gEKCQ59NrB7rzrJdALeBIsYiVi8Inj3+KcqHI= github.com/aws/aws-sdk-go-v2/service/rds v1.40.2 h1:XUzGH3HNlseTJ+3Tb/chp8Tcc5KqF2IJOKP+Qlu36zQ= github.com/aws/aws-sdk-go-v2/service/rds v1.40.2/go.mod h1:UFRMdSp7ok62LLFvZjnbAxPf+jfYwsjPEIYiqQYavJE= -github.com/aws/aws-sdk-go-v2/service/s3 v1.26.12 h1:/JTTdNObz+GygQqnbdBzummuxFIcuB6hbra1mqS+Wic= -github.com/aws/aws-sdk-go-v2/service/s3 v1.26.12/go.mod h1:eas8WnpTDJtCvEjRXAINFuox9TmEGeevxiUKEKv2tQ8= +github.com/aws/aws-sdk-go-v2/service/s3 v1.27.11 h1:3/gm/JTX9bX8CpzTgIlrtYpB3EVBDxyg/GY/QdcIEZw= +github.com/aws/aws-sdk-go-v2/service/s3 v1.27.11/go.mod h1:fmgDANqTUCxciViKl9hb/zD5LFbvPINFRgWhDbR+vZo= github.com/aws/aws-sdk-go-v2/service/securityhub v1.27.1 h1:p8yEiKMPGWb2zgZ6hG1uHXDD5GJZ870DUMPnikUHL2A= github.com/aws/aws-sdk-go-v2/service/securityhub v1.27.1/go.mod h1:jCcQtGvdKbsciK2qopdoByZRHkJRcIz+uebk4fSj8CA= github.com/aws/aws-sdk-go-v2/service/sns v1.19.0 h1:ZU8uo+/XBgJLoYMEN5iPUd+WQXLt53S46ULtRa85+uk= github.com/aws/aws-sdk-go-v2/service/sns v1.19.0/go.mod h1:iTh9DgwDnFqF5LfFHNXWAxLe9zV0/XcWaMCWXIRDqXA= -github.com/aws/aws-sdk-go-v2/service/sso v1.11.23 h1:pwvCchFUEnlceKIgPUouBJwK81aCkQ8UDMORfeFtW10= -github.com/aws/aws-sdk-go-v2/service/sso v1.11.23/go.mod h1:/w0eg9IhFGjGyyncHIQrXtU8wvNsTJOP0R6PPj0wf80= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.6 h1:OwhhKc1P9ElfWbMKPIbMMZBV6hzJlL2JKD76wNNVzgQ= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.6/go.mod h1:csZuQY65DAdFBt1oIjO5hhBR49kQqop4+lcuCjf2arA= -github.com/aws/aws-sdk-go-v2/service/sts v1.16.19 h1:9pPi0PsFNAGILFfPCk8Y0iyEBGc6lu6OQ97U7hmdesg= -github.com/aws/aws-sdk-go-v2/service/sts v1.16.19/go.mod h1:h4J3oPZQbxLhzGnk+j9dfYHi5qIOVJ5kczZd658/ydM= +github.com/aws/aws-sdk-go-v2/service/sso v1.11.25 h1:GFZitO48N/7EsFDt8fMa5iYdmWqkUDDB3Eje6z3kbG0= +github.com/aws/aws-sdk-go-v2/service/sso v1.11.25/go.mod h1:IARHuzTXmj1C0KS35vboR0FeJ89OkEy1M9mWbK2ifCI= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.8 h1:jcw6kKZrtNfBPJkaHrscDOZoe5gvi9wjudnxvozYFJo= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.8/go.mod h1:er2JHN+kBY6FcMfcBBKNGCT3CarImmdFzishsqBmSRI= +github.com/aws/aws-sdk-go-v2/service/sts v1.17.5 h1:60SJ4lhvn///8ygCzYy2l53bFW/Q15bVfyjyAWo6zuw= +github.com/aws/aws-sdk-go-v2/service/sts v1.17.5/go.mod h1:bXcN3koeVYiJcdDU89n3kCYILob7Y34AeLopUbZgLT4= github.com/aws/smithy-go v1.12.0/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= github.com/aws/smithy-go v1.13.3/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= github.com/aws/smithy-go v1.13.4/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= @@ -265,6 +366,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1UJrqV3uuy861HCTo708pDMbjHHdCas= +github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bi-zone/go-winio v0.4.15 h1:viLHm+U7bzIkfVHuWgc3Wp/sT5zaLoRG7XdOEy1b12w= github.com/bi-zone/go-winio v0.4.15/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= @@ -274,12 +377,19 @@ github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJm github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/bmatcuk/doublestar v1.3.4 h1:gPypJ5xD31uhX6Tf54sDPUOBXTqKH4c9aPY66CyQrS0= +github.com/bmatcuk/doublestar v1.3.4/go.mod h1:wiQtGV+rzVYxB7WIlirSN++5HPtPlXEo9MEoZQC/PmE= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= github.com/boumenot/gocover-cobertura v1.2.0/go.mod h1:fz7ly8dslE42VRR5ZWLt2OHGDHjkTiA2oNvKgJEjLT0= +github.com/bradleyjkemp/cupaloy/v2 v2.7.0 h1:AT0vOjO68RcLyenLCHOGZzSNiuto7ziqzq6Q1/3xzMQ= +github.com/bradleyjkemp/cupaloy/v2 v2.7.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= +github.com/briandowns/spinner v1.12.0 h1:72O0PzqGJb6G3KgrcIOtL/JAGGZ5ptOMCn9cUHmqsmw= +github.com/briandowns/spinner v1.12.0/go.mod h1:QOuQk7x+EaDASo80FEXwlwiA+j/PPIcX3FScO+3/ZPQ= github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/bshuster-repo/logrus-logstash-hook v1.0.0 h1:e+C0SB5R1pu//O4MQ3f9cFuPGoOVeF2fE4Og9otCc70= github.com/bshuster-repo/logrus-logstash-hook v1.0.0/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= +github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd h1:rFt+Y/IK1aEZkEHchZRSq9OQbsSzIT/OrI8YFFmRIng= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b h1:otBG+dV+YK+Soembjv71DPz3uX/V/6MMlSyD9JBQ6kQ= @@ -288,9 +398,13 @@ github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 h1:nvj0OLI3YqYXe github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/bytecodealliance/wasmtime-go v1.0.0 h1:9u9gqaUiaJeN5IoD1L7egD8atOnTGyJcNp8BhkL9cUU= github.com/bytecodealliance/wasmtime-go v1.0.0/go.mod h1:jjlqQbWUfVSbehpErw3UoWFndBXRRMvfikYH6KsCwOg= +github.com/caarlos0/env/v6 v6.10.1 h1:t1mPSxNpei6M5yAeu1qtRdPAK29Nbcf/n3G7x+b3/II= +github.com/caarlos0/env/v6 v6.10.1/go.mod h1:hvp/ryKXKipEkcuYjs9mI4bBCg+UI0Yhgm5Zu0ddvwc= +github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/cenkalti/backoff/v4 v4.1.0/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/cenkalti/backoff/v4 v4.1.1/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= +github.com/cenkalti/backoff/v4 v4.1.2/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/cenkalti/backoff/v4 v4.1.3 h1:cFAlzYUlVYDysBEH2T5hyJZMh3+5+WCBvSnK6Q8UtC4= github.com/cenkalti/backoff/v4 v4.1.3/go.mod h1:scbssz8iZGpm3xbr14ovlUdkxfGXNInqkPWOWmG2CLw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -303,8 +417,14 @@ github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw= +github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= +github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= +github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= +github.com/cheggaaa/pb v1.0.27/go.mod h1:pQciLPpbU0oxA0h+VJYYLxO+XeDQb5pZijXscXHm81s= +github.com/cheggaaa/pb/v3 v3.1.0 h1:3uouEsl32RL7gTiQsuaXD4Bzbfl5tGztXGUvXbs4O04= +github.com/cheggaaa/pb/v3 v3.1.0/go.mod h1:YjrevcBqadFDaGQKRdmZxTY42pXEqda48Ea3lt0K/BE= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -313,6 +433,7 @@ github.com/cilium/ebpf v0.0.0-20200702112145-1c8d4c9ef775/go.mod h1:7cR51M8ViRLI github.com/cilium/ebpf v0.2.0/go.mod h1:To2CFviqOWL/M0gIMsvSMlqe7em/l1ALkX1PyjrX2Qs= github.com/cilium/ebpf v0.4.0/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= github.com/cilium/ebpf v0.6.2/go.mod h1:4tRaxcgiL706VnOzHOdBlY8IEAIdxINsQBcU4xJJXRs= +github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -336,6 +457,7 @@ github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:z github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= +github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0 h1:sDMmm+q/3+BukdIpxwO365v/Rbspp2Nt5XntgQRXq8Q= github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM= github.com/containerd/aufs v0.0.0-20200908144142-dab0cbea06f4/go.mod h1:nukgQABAEopAHvB6j7cnP5zJ+/3aVcE7hCYqvIwAHyE= @@ -352,13 +474,15 @@ github.com/containerd/cgroups v0.0.0-20200710171044-318312a37340/go.mod h1:s5q4S github.com/containerd/cgroups v0.0.0-20200824123100-0b889c03f102/go.mod h1:s5q4SojHctfxANBDvMeIaIovkq29IP48TKAxnhYRxvo= github.com/containerd/cgroups v0.0.0-20210114181951-8a68de567b68/go.mod h1:ZJeTFisyysqgcCdecO57Dj79RfL0LNeGiFUqLYQRYLE= github.com/containerd/cgroups v1.0.1/go.mod h1:0SJrPIenamHDcZhEcJMNBB85rHcUsw4f25ZfBiPYRkU= -github.com/containerd/cgroups v1.0.3 h1:ADZftAkglvCiD44c77s5YmMqaP2pzVCFZvBmAlBdAP4= github.com/containerd/cgroups v1.0.3/go.mod h1:/ofk34relqNjSGyqPrmEULrO4Sc8LJhvJmWbUCUKqj8= +github.com/containerd/cgroups v1.0.4 h1:jN/mbWBEaz+T1pi5OFtnkQ+8qnmEbAr1Oo1FRm5B0dA= +github.com/containerd/cgroups v1.0.4/go.mod h1:nLNQtsF7Sl2HxNebu77i1R0oDlhiTG+kO4JTrUzo6IA= github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/console v0.0.0-20191206165004-02ecf6a7291e/go.mod h1:8Pf4gM6VEbTNRIT26AyyU7hxdQU3MvAvxVI0sc00XBE= github.com/containerd/console v1.0.1/go.mod h1:XUsP6YE/mKtz6bxc+I8UiKKTP04qjQL4qcS3XoQ5xkw= github.com/containerd/console v1.0.2/go.mod h1:ytZPjGgY2oeTkAONYafi2kSj0aYggsf8acV1PGKCbzQ= +github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/containerd/containerd v1.2.10/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.3.0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= @@ -373,9 +497,10 @@ github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= -github.com/containerd/containerd v1.5.2/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= +github.com/containerd/containerd v1.5.8/go.mod h1:YdFSv5bTFLpG2HIYmfqDpSYYTDX+mc5qtSuYx1YUb/s= github.com/containerd/containerd v1.5.13/go.mod h1:3AlCrzKROjIuP3JALsY14n8YtntaUDBu7vek+rPN5Vc= +github.com/containerd/containerd v1.6.1/go.mod h1:1nJz5xCZPusx6jJU8Frfct988y0NpumIq9ODB0kLtoE= github.com/containerd/containerd v1.6.12 h1:kJ9b3mOFKf8yqo05Ob+tMoxvt1pbVWhnB0re9Y+k+8c= github.com/containerd/containerd v1.6.12/go.mod h1:K4Bw7gjgh4TnkmQY+py/PYQGp4e7xgnHAeg87VeWb3A= github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= @@ -385,14 +510,20 @@ github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe/go.mod h1:cE github.com/containerd/continuity v0.0.0-20201208142359-180525291bb7/go.mod h1:kR3BEg7bDFaEddKm54WSmrol1fKWDU1nKYkgrcgZT7Y= github.com/containerd/continuity v0.0.0-20210208174643-50096c924a4e/go.mod h1:EXlVlkqNba9rJe3j7w3Xa924itAMLgZH4UD/Q4PExuQ= github.com/containerd/continuity v0.1.0/go.mod h1:ICJu0PwR54nI0yPEnJ6jcS+J7CZAUXrLh8lPo2knzsM= +github.com/containerd/continuity v0.2.2/go.mod h1:pWygW9u7LtS1o4N/Tn0FoCFDIXZ7rxcMX7HX1Dmibvk= +github.com/containerd/continuity v0.3.0 h1:nisirsYROK15TAMVukJOUyGJjz4BNQJBVsNvAXZJ/eg= +github.com/containerd/continuity v0.3.0/go.mod h1:wJEAIwKOm/pBZuBd0JmeTvnLquTB1Ag8espWhkykbPM= github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= github.com/containerd/fifo v0.0.0-20201026212402-0724c46b320c/go.mod h1:jPQ2IAeZRCYxpS/Cm1495vGFww6ecHmMk1YJH2Q5ln0= github.com/containerd/fifo v0.0.0-20210316144830-115abcc95a1d/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= +github.com/containerd/fifo v1.0.0 h1:6PirWBr9/L7GDamKr+XM0IeUFXu5mf3M/BPpH9gaLBU= github.com/containerd/fifo v1.0.0/go.mod h1:ocF/ME1SX5b1AOlWi9r677YJmCPSwwWnQ9O123vzpE4= github.com/containerd/go-cni v1.0.1/go.mod h1:+vUpYxKvAF72G9i1WoDOiPGRtQpqsNW/ZHtSlv++smU= github.com/containerd/go-cni v1.0.2/go.mod h1:nrNABBHzu0ZwCug9Ije8hL2xBCYh/pjfMb1aZGrrohk= +github.com/containerd/go-cni v1.1.0/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= +github.com/containerd/go-cni v1.1.3/go.mod h1:Rflh2EJ/++BA2/vY5ao3K6WJRR/bZKsX123aPk+kUtA= github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= github.com/containerd/go-runc v0.0.0-20200220073739-7016d3ce2328/go.mod h1:PpyHrqVs8FTi9vpyHwPwiNEGaACDxT/N/pLcvMSRA9g= @@ -402,18 +533,25 @@ github.com/containerd/imgcrypt v1.0.1/go.mod h1:mdd8cEPW7TPgNG4FpuP3sGBiQ7Yi/zak github.com/containerd/imgcrypt v1.0.4-0.20210301171431-0ae5c75f59ba/go.mod h1:6TNsg0ctmizkrOgXRNQjAPFWpMYRWuiB6dSF4Pfa5SA= github.com/containerd/imgcrypt v1.1.1-0.20210312161619-7ed62a527887/go.mod h1:5AZJNI6sLHJljKuI9IHnw1pWqo/F0nGDOuR9zgTs7ow= github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJrXQb0Dpc4ms= +github.com/containerd/imgcrypt v1.1.3/go.mod h1:/TPA1GIDXMzbj01yd8pIbQiLdQxed5ue1wb8bP7PQu4= github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= +github.com/containerd/stargz-snapshotter/estargz v0.4.1/go.mod h1:x7Q9dg9QYb4+ELgxmo4gBUeJB0tl5dqH1Sdz0nJU1QM= +github.com/containerd/stargz-snapshotter/estargz v0.12.1 h1:+7nYmHJb0tEkcRaAW+MHqoKaJYZmkikupxCqVtmPuY0= +github.com/containerd/stargz-snapshotter/estargz v0.12.1/go.mod h1:12VUuCq3qPq4y8yUW+l5w3+oXV3cx2Po3KSe/SmPGqw= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= github.com/containerd/ttrpc v1.1.0/go.mod h1:XX4ZTnoOId4HklF4edwc4DcqskFZuvXB1Evzy5KFQpQ= +github.com/containerd/ttrpc v1.1.1-0.20220420014843-944ef4a40df3 h1:BhCp66ofL8oYcdelc3CBXc2/Pfvvgx+s+mrp9TvNgn8= +github.com/containerd/ttrpc v1.1.1-0.20220420014843-944ef4a40df3/go.mod h1:YYyNVhZrTMiaf51Vj6WhAJqJw+vl/nzABhj8pWrzle4= github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= github.com/containerd/typeurl v0.0.0-20190911142611-5eb25027c9fd/go.mod h1:GeKYzf2pQcqv7tJ0AoCuuhtnqhva5LNU3U+OyKxxJpk= github.com/containerd/typeurl v1.0.1/go.mod h1:TB1hUtrpaiO88KEK56ijojHS1+NeF0izUACaJW2mdXg= +github.com/containerd/typeurl v1.0.2 h1:Chlt8zIieDbzQFzXzAeBEF92KhExuE4p9p92/QmY7aY= github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= github.com/containerd/zfs v0.0.0-20200918131355-0a33824f23a2/go.mod h1:8IgZOBdv8fAgXddBT4dBXJPtxyRsejFIpXoklgxgEjw= github.com/containerd/zfs v0.0.0-20210301145711-11e8f1707f62/go.mod h1:A9zfAbMlQwE+/is6hi0Xw8ktpL+6glmqZYtevJgaB8Y= @@ -423,17 +561,21 @@ github.com/containerd/zfs v1.0.0/go.mod h1:m+m51S1DvAP6r3FcmYCp54bQ34pyOwTieQDNR github.com/containernetworking/cni v0.7.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/cni v0.8.0/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= +github.com/containernetworking/cni v1.0.1/go.mod h1:AKuhXbN5EzmD4yTNtfSsX3tPcmtrBI6QcRV0NiNt15Y= github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= +github.com/containernetworking/plugins v1.0.1/go.mod h1:QHCfGpaTwYTbbH+nZXKVTxNBDZcxSOplJT5ico8/FLE= github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= +github.com/containers/ocicrypt v1.1.2/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= +github.com/coreos/go-iptables v0.6.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -467,6 +609,7 @@ github.com/d2g/dhcp4 v0.0.0-20170904100407-a1d1b6c41b1c/go.mod h1:Ct2BUK8SB0YC1S github.com/d2g/dhcp4client v1.0.0/go.mod h1:j0hNfjhrt2SxUOw55nL0ATM/z4Yt3t2Kd1mW34z5W5s= github.com/d2g/dhcp4server v0.0.0-20181031114812-7d4a0a7f59a5/go.mod h1:Eo87+Kg/IX2hfWJfwxMzLyuSZyxSoAug2nGa1G2QAi8= github.com/d2g/hardwareaddr v0.0.0-20190221164911-e7d9fbe030e4/go.mod h1:bMl4RjIciD2oAxI7DmWRx6gbeqrkoLqv3MV0vzNad+I= +github.com/danieljoos/wincred v1.1.0/go.mod h1:XYlo+eRTsVA9aHGp7NGjFkPla4m+DCL7hqDjlFjiygg= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -481,19 +624,27 @@ github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11 github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WAFKLNi6ZS0675eEUC9y3AlwSbQu1Y= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= +github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+UbP35JkH8yB7MYb4q/qhBarqZE6g= github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= +github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= +github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/distribution/distribution/v3 v3.0.0-20210804104954-38ab4c606ee3/go.mod h1:gt38b7cvVKazi5XkHvINNytZXgTEntyhtyM3HQz46Nk= +github.com/distribution/distribution/v3 v3.0.0-20211118083504-a29a3c99a684/go.mod h1:UfCu3YXJJCI+IdnqGgYP82dk2+Joxmv+mUTVBES6wac= github.com/distribution/distribution/v3 v3.0.0-20220526142353-ffbd94cbe269 h1:hbCT8ZPPMqefiAWD2ZKjn7ypokIGViTvBBg/ExLSdCk= github.com/djherbis/times v1.5.0 h1:79myA211VwPhFTqUk8xehWrsEO+zcIZj0zT8mXPVARU= github.com/djherbis/times v1.5.0/go.mod h1:5q7FDLvbNg1L/KaBmPcWlVR9NmoKo3+ucqUA3ijQhA0= +github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc= github.com/dlclark/regexp2 v1.7.0 h1:7lJfhqlPssTb1WQx4yvTHN0uElPEv52sbaECrAQxjAo= github.com/dlclark/regexp2 v1.7.0/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= github.com/dnephin/pflag v1.0.7 h1:oxONGlWxhmUct0YzKTgrpQv9AUA1wtPBn7zuSjJqptk= github.com/dnephin/pflag v1.0.7/go.mod h1:uxE91IoWURlOiTUIA8Mq5ZZkAv3dPUfZNaT80Zm7OQE= +github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v20.10.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v20.10.11+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v20.10.20+incompatible h1:lWQbHSHUFs7KraSN2jOJK7zbMS2jNCHI4mt4xUFUVQ4= github.com/docker/cli v20.10.20+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= @@ -502,12 +653,10 @@ github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4Kfc github.com/docker/distribution v2.8.0+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.12+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker v20.10.20+incompatible h1:kH9tx6XO+359d+iAkumyKDc5Q1kOwPuAUaeri48nD6E= -github.com/docker/docker v20.10.20+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v20.10.3-0.20220224222438-c78f6963a1c0+incompatible h1:Ptj2To+ezU/mCBUKdYXBQ2r3/2EJojAlOZrsgprF+is= +github.com/docker/docker v20.10.3-0.20220224222438-c78f6963a1c0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= +github.com/docker/docker-credential-helpers v0.6.4/go.mod h1:ofX3UI0Gz1TteYBjtgs07O36Pyasyp66D2uKT7H8W1c= github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A= github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= @@ -613,6 +762,7 @@ github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQL github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= @@ -628,8 +778,8 @@ github.com/form3tech-oss/jwt-go v3.2.3+incompatible/go.mod h1:pbq4aXjuKjdthFRnoD github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= github.com/foxcpp/go-mockdns v0.0.0-20210729171921-fb145fc6f897 h1:E52jfcE64UG42SwLmrW0QByONfGynWuzBvm86BoB9z8= -github.com/frankban/quicktest v1.11.3 h1:8sXhOn0uLys67V8EsXLc6eszDs8VXWxL3iRvebPhedY= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= +github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA= github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= @@ -640,6 +790,7 @@ github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0= github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= +github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= @@ -653,6 +804,8 @@ github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= +github.com/go-gorp/gorp/v3 v3.0.2 h1:ULqJXIekoqMx29FI5ekXXFoH1dT2Vc8UhnRzBg+Emz4= +github.com/go-gorp/gorp/v3 v3.0.2/go.mod h1:BJ3q1ejpV8cVALtcXvXaXyTOlMmJhWDxTmncaR6rwBY= github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A= github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= @@ -668,9 +821,11 @@ github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7 github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v0.4.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.1/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jTKKwI= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab h1:xveKWz2iaueeTaUgdetzel+U7exyigDYBryyVfV/rZk= @@ -678,30 +833,66 @@ github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AE github.com/go-ole/go-ole v1.2.5/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= +github.com/go-openapi/analysis v0.21.2/go.mod h1:HZwRk4RRisyG8vx2Oe6aqeSQcoxRp47Xkp3+K6q+LdY= +github.com/go-openapi/analysis v0.21.4 h1:ZDFLvSNxpDaomuCueM0BlSXxpANBlFYiBvr+GXrvIHc= +github.com/go-openapi/analysis v0.21.4/go.mod h1:4zQ35W4neeZTqh3ol0rv/O8JBbka9QyAgQRPp9y3pfo= github.com/go-openapi/errors v0.19.8/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.19.9/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.20.2/go.mod h1:cM//ZKUKyO06HSwqAelJ5NsEMMcpa6VpXe8DOa1Mi1M= +github.com/go-openapi/errors v0.20.3 h1:rz6kiC84sqNQoqrtulzaL/VERgkoCyB6WdEkc2ujzUc= +github.com/go-openapi/errors v0.20.3/go.mod h1:Z3FlZ4I8jEGxjUK+bugx3on2mIAk4txuAOhlsB1FSgk= +github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= +github.com/go-openapi/jsonreference v0.19.6/go.mod h1:diGHMEHg2IqXZGKxqyvWdfWU/aim5Dprw5bqpKkTvns= github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= +github.com/go-openapi/loads v0.21.1/go.mod h1:/DtAMXXneXFjbQMGEtbamCZb+4x7eGwkvZCvBmwUG+g= +github.com/go-openapi/loads v0.21.2 h1:r2a/xFIYeZ4Qd2TnGpWDIQNcP80dIaZgf704za8enro= +github.com/go-openapi/loads v0.21.2/go.mod h1:Jq58Os6SSGz0rzh62ptiu8Z31I+OTHqmULx5e/gJbNw= +github.com/go-openapi/runtime v0.24.2 h1:yX9HMGQbz32M87ECaAhGpJjBmErO3QLcgdZj9BzGx7c= +github.com/go-openapi/runtime v0.24.2/go.mod h1:AKurw9fNre+h3ELZfk6ILsfvPN+bvvlaU/M9q/r9hpk= +github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/spec v0.20.4/go.mod h1:faYFR1CvsJZ0mNsmsphTMSoRrNV3TEDoAM7FOEWeq8I= +github.com/go-openapi/spec v0.20.6/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= +github.com/go-openapi/spec v0.20.7 h1:1Rlu/ZrOCCob0n+JKKJAWhNWMPW8bOZRg8FJaY+0SKI= +github.com/go-openapi/spec v0.20.7/go.mod h1:2OpW+JddWPrpXSCIX8eOx7lZ5iyuWj3RYR6VaaBKcWA= github.com/go-openapi/strfmt v0.21.0/go.mod h1:ZRQ409bWMj+SOgXofQAGTIo2Ebu72Gs+WaRADcS5iNg= +github.com/go-openapi/strfmt v0.21.1/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= +github.com/go-openapi/strfmt v0.21.2/go.mod h1:I/XVKeLc5+MM5oPNN7P6urMOpuLXEcNrCX/rPGuWb0k= +github.com/go-openapi/strfmt v0.21.3 h1:xwhj5X6CjXEZZHMWy1zKJxvW9AfHC9pkyUjLvHtKG7o= +github.com/go-openapi/strfmt v0.21.3/go.mod h1:k+RzNO0Da+k3FrrynSNN8F7n/peCmQQqbbXjtDfvmGg= +github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.19.15/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= +github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/validate v0.21.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= +github.com/go-openapi/validate v0.22.0 h1:b0QecH6VslW/TxtpKgzpO1SNG7GU2FsaqKdP1E2T50Y= +github.com/go-openapi/validate v0.22.0/go.mod h1:rjnrwK57VJ7A8xqfpAOEKRH8yQSGUriMu5/zuPSQ1hg= github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= +github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI= +github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo= github.com/go-sourcemap/sourcemap v2.1.3+incompatible h1:W1iEw64niKVGogNgBN3ePyLFfuisuzeidWPMPWmECqU= github.com/go-sourcemap/sourcemap v2.1.3+incompatible/go.mod h1:F8jJfvm2KbVjc5NqelyYJmf/v5J0dwNLS2mL4sNA1Jg= +github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-stack/stack v1.8.1/go.mod h1:dcoOX6HbPZSZptuspn9bctJ+N/CnF5gGygcUP3XYfe4= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= +github.com/go-test/deep v1.0.7 h1:/VSMRlnY/JSyqxQUzQLKVMAskpY/NZKFA5j2P+0pP2M= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= github.com/gobuffalo/depgen v0.0.0-20190329151759-d478694a28d3/go.mod h1:3STtPUQYuzV0gBVOY3vy6CfMm/ljR4pABfrTeHNLHUY= github.com/gobuffalo/depgen v0.1.0/go.mod h1:+ifsuy7fhi15RWncXQQKjWS9JPkdah5sZvtHc2RXGlg= @@ -722,33 +913,44 @@ github.com/gobuffalo/here v0.6.0 h1:hYrd0a6gDmWxBM4TnrGw8mQg24iSVoIkHEk7FodQcBI= github.com/gobuffalo/here v0.6.0/go.mod h1:wAG085dHOYqUpf+Ap+WOdrPTp5IYcDAs/x7PLa8Y5fM= github.com/gobuffalo/logger v0.0.0-20190315122211-86e12af44bc2/go.mod h1:QdxcLw541hSGtBnhUc4gaNIXRjiDppFGaDqzbrBd3v8= github.com/gobuffalo/logger v1.0.3/go.mod h1:SoeejUwldiS7ZsyCBphOGURmWdwUFXs0J7TCjEhjKxM= +github.com/gobuffalo/logger v1.0.6 h1:nnZNpxYo0zx+Aj9RfMPBm+x9zAU2OayFh/xrAWi34HU= +github.com/gobuffalo/logger v1.0.6/go.mod h1:J31TBEHR1QLV2683OXTAItYIg8pv2JMHnF/quuAbMjs= github.com/gobuffalo/mapi v1.0.1/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= github.com/gobuffalo/mapi v1.0.2/go.mod h1:4VAGh89y6rVOvm5A8fKFxYG+wIW6LO1FMTG9hnKStFc= github.com/gobuffalo/packd v0.0.0-20190315124812-a385830c7fc0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= github.com/gobuffalo/packd v0.1.0/go.mod h1:M2Juc+hhDXf/PnmBANFCqx4DM3wRbgDvnVWeG2RIxq4= github.com/gobuffalo/packd v1.0.0/go.mod h1:6VTc4htmJRFB7u1m/4LeMTWjFoYrUiBkU9Fdec9hrhI= +github.com/gobuffalo/packd v1.0.1 h1:U2wXfRr4E9DH8IdsDLlRFwTZTK7hLfq9qT/QHXGVe/0= +github.com/gobuffalo/packd v1.0.1/go.mod h1:PP2POP3p3RXGz7Jh6eYEf93S7vA2za6xM7QT85L4+VY= github.com/gobuffalo/packr/v2 v2.0.9/go.mod h1:emmyGweYTm6Kdper+iywB6YK5YzuKchGtJQZ0Odn4pQ= github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/VCm/3ptBN+0= github.com/gobuffalo/packr/v2 v2.8.1/go.mod h1:c/PLlOuTU+p3SybaJATW3H6lX/iK7xEz5OeMf+NnJpg= +github.com/gobuffalo/packr/v2 v2.8.3 h1:xE1yzvnO56cUC0sTpKR3DIbxZgB54AftTFMhB2XEWlY= +github.com/gobuffalo/packr/v2 v2.8.3/go.mod h1:0SahksCVcx4IMnigTjiFuyldmTrdTctXsOdiU5KwbKc= github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/gocarina/gocsv v0.0.0-20170324095351-ffef3ffc77be h1:zXHeEEJ231bTf/IXqvCfeaqjLpXsq42ybLoT4ROSR6Y= github.com/gocarina/gocsv v0.0.0-20170324095351-ffef3ffc77be/go.mod h1:/oj50ZdPq/cUjA02lMZhijk5kR31SEydKyqah1OgBuo= +github.com/goccy/go-yaml v1.8.2 h1:gDYrSN12XK/wQTFjxWIgcIqjNCV/Zb5V09M7cq+dbCs= github.com/godbus/dbus v0.0.0-20151105175453-c7fdd8b5cd55/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20180201030542-885f9cc04c9c/go.mod h1:/YcGZj5zSblfDWMMoOzV4fas9FZnQYTkDnsGvmh2Grw= github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= +github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godror/godror v0.24.2/go.mod h1:wZv/9vPiUib6tkoDl+AZ/QLf5YZgMravZ7jxH2eQWAE= github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw= github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gofrs/uuid v3.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= +github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gofrs/uuid v4.3.1+incompatible h1:0/KbAdpx3UXAx1kEOWHJeOkpbgRFGHVgv+CFIY7dBJI= github.com/gofrs/uuid v4.3.1+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/googleapis v1.2.0/go.mod h1:Njal3psf3qN6dwBtQfUmBZh2ybovJ0tlu3o/AC7HYjU= github.com/gogo/googleapis v1.4.0/go.mod h1:5YRNX2z1oM5gXdAkurHa942MDgEJyk02w4OecKY87+c= +github.com/gogo/googleapis v1.4.1 h1:1Yx4Myt7BxzvUr5ldGSbwYiZG6t9wGBZ+8/fX3Wvtq0= +github.com/gogo/googleapis v1.4.1/go.mod h1:2lpHqI5OcWCtVElxXnPt+s8oJvMpySlOyM6xDCrzib4= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= @@ -756,6 +958,10 @@ github.com/gogo/protobuf v1.3.0/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXP github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY= +github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= +github.com/golang-jwt/jwt/v4 v4.2.0 h1:besgBTC8w8HjP6NzQdxwKH9Z5oQMZ24ThTrHp3cZ8eU= +github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -772,7 +978,9 @@ github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= +github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -802,6 +1010,7 @@ github.com/gomodule/redigo v1.8.3 h1:HR0kYDX2RJZvAup8CsiJwxB4dTCSC0AaUq6S4SiLwUc github.com/gomodule/redigo v1.8.3/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= github.com/google/flatbuffers v1.12.1 h1:MVlul7pQNoDzWRLTw5imwYsl+usrS1TXG2H4jg6ImGw= github.com/google/flatbuffers v1.12.1/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8= @@ -823,6 +1032,9 @@ github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8 github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0= +github.com/google/go-containerregistry v0.12.0 h1:nidOEtFYlgPCRqxCKj/4c/js940HVWplCWc5ftdfdUA= +github.com/google/go-containerregistry v0.12.0/go.mod h1:sdIK+oHQO7B93xI8UweYdl887YhuIwg9vz8BSLH3+8k= github.com/google/go-github/v32 v32.1.0/go.mod h1:rIEpZD9CTDQwDK9GDrtMTycQNA4JU3qBsCizh3q2WCI= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= @@ -833,9 +1045,13 @@ github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/ github.com/google/licenseclassifier v0.0.0-20200402202327-879cb1424de0/go.mod h1:qsqn2hxC+vURpyBRygGUuinTO42MFRLcsmQ/P8v94+M= github.com/google/licenseclassifier v0.0.0-20210325184830-bb04aff29e72 h1:EfzlPF5MRmoWsCGvSkPZ1Nh9uVzHf4FfGnDQ6CXd2NA= github.com/google/licenseclassifier v0.0.0-20210325184830-bb04aff29e72/go.mod h1:qsqn2hxC+vURpyBRygGUuinTO42MFRLcsmQ/P8v94+M= +github.com/google/licenseclassifier/v2 v2.0.0-pre6 h1:ytJvfOEiKcN1m5vkAJXkK2olICdrXqwNKFkBpKQ5Q+I= +github.com/google/licenseclassifier/v2 v2.0.0-pre6/go.mod h1:cOjbdH0kyC9R22sdQbYsFkto4NGCAc+ZSwbeThazEtM= +github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPgecwXBIDzw5no= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= +github.com/google/martian/v3 v3.2.1 h1:d8MncMlErDFTwQGBK1xhv026j9kqhvw1Qv9IbWT1VLQ= github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= @@ -846,6 +1062,7 @@ github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20201218002935-b9804c9f04c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= @@ -854,25 +1071,34 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLe github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= +github.com/google/subcommands v1.0.1/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/wire v0.5.0 h1:I7ELFeVBr3yfPIcc8+MWvrjk+3VjbcSzoXm3JVa+jD8= +github.com/google/wire v0.5.0/go.mod h1:ngWDr9Qvq3yZA10YrxfyGELY/AFWGVpy9c1LTRi1EoU= +github.com/googleapis/enterprise-certificate-proxy v0.2.0 h1:y8Yozv7SZtlU//QXbezB6QkpuE6jMD2/gfzk4AftXjs= +github.com/googleapis/enterprise-certificate-proxy v0.2.0/go.mod h1:8C0jb7/mgJe/9KK8Lm7X9ctZC2t60YyIpYEI16jx0Qg= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0= github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM= +github.com/googleapis/gax-go/v2 v2.7.0 h1:IcsPKeInNvYi7eqSaDjiZqDDKu5rsmunY0Y1YupQSSQ= +github.com/googleapis/gax-go/v2 v2.7.0/go.mod h1:TEop28CZZQ2y+c0VxMUmu1lV+fQx57QpBWsYpwqHJx8= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= +github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= +github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= @@ -882,7 +1108,9 @@ github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoA github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= @@ -909,8 +1137,12 @@ github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtng github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= +github.com/hashicorp/go-getter v1.6.2 h1:7jX7xcB+uVCliddZgeKyNxv0xoT7qL5KDtH7rU4IqIk= +github.com/hashicorp/go-getter v1.6.2/go.mod h1:IZCrswsZPeWv9IkVnLElzRU/gz/QPi6pZHn4tv6vbwA= +github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-hclog v0.12.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= github.com/hashicorp/go-hclog v1.0.0/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= +github.com/hashicorp/go-hclog v1.2.0 h1:La19f8d7WIlm4ogzNHB0JGqs5AUDAZ2UfCY4sJXcJdM= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-immutable-radix v1.3.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= @@ -922,9 +1154,13 @@ github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+ github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= +github.com/hashicorp/go-retryablehttp v0.7.1 h1:sUiuQAnLlbvmExtFQs72iFW/HXeUn8Z1aJLQ4LJJbTQ= +github.com/hashicorp/go-retryablehttp v0.7.1/go.mod h1:vAew36LZh98gCBJNLH42IQ1ER/9wtLZZ8meHqQvEYWY= github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= +github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= +github.com/hashicorp/go-safetemp v1.0.0/go.mod h1:oaerMy3BhqiTbVye6QuFhFtIceqFoDHxNAB65b+Rj1I= github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= @@ -933,13 +1169,18 @@ github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.0.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= +github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/hashicorp/hcl/v2 v2.14.1 h1:x0BpjfZ+CYdbiz+8yZTQ+gdLO7IXvOut7Da+XJayx34= +github.com/hashicorp/hcl/v2 v2.14.1/go.mod h1:e4z5nxYlWNPdDSNYX+ph14EvWYMFm3eP0zIUqPc2jr0= github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= github.com/hashicorp/mdns v1.0.1/go.mod h1:4gW7WsVCke5TE7EPeYliwHlRUyBtfCwuFwuMg2DmyNY= @@ -955,6 +1196,7 @@ github.com/hashicorp/serf v0.9.6/go.mod h1:TXZNMjZQijwlDvp+r0b63xZ45H7JmCmgg4gpT github.com/hinshun/vt10x v0.0.0-20180616224451-1954e6464174/go.mod h1:DqJ97dSdRW1W22yXSB90986pcOyQ7r45iio1KN2ez1A= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw= github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/iancoleman/strcase v0.2.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= @@ -966,10 +1208,14 @@ github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= +github.com/in-toto/in-toto-golang v0.5.0 h1:hb8bgwr0M2hGdDsLjkJ3ZqJ8JFLL/tgYdAxF/XEFBbY= +github.com/in-toto/in-toto-golang v0.5.0/go.mod h1:/Rq0IZHLV7Ku5gielPT4wPHJfH1GdHMCq8+WPxw8/BE= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.0.1 h1:U3uMjPSQEBMNp1lFxmllqCPM6P5u/Xq7Pgzkat/bFNc= github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/intel/goresctrl v0.2.0/go.mod h1:+CZdzouYFn5EsxgqAQTEzMfwKwuc0fVdMrT9FCCAVRQ= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= +github.com/j-keck/arping v1.0.2/go.mod h1:aJbELhR92bSk7tp79AWM/ftfc90EfEi2bQJrbBFOsPw= github.com/jarcoal/httpmock v1.0.4 h1:jp+dy/+nonJE4g4xbVtl9QdrUNbn6/3hDT5R4nDIZnA= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= @@ -999,6 +1245,9 @@ github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHW github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/jmoiron/sqlx v1.3.1/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ= +github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g= +github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ= +github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= github.com/joeshaw/multierror v0.0.0-20140124173710-69b34d4ec901 h1:rp+c0RAYOWj8l6qbCUTSiRLG/iKnW3K3/QfPPuSsBt4= github.com/joeshaw/multierror v0.0.0-20140124173710-69b34d4ec901/go.mod h1:Z86h9688Y0wesXCyonoVr47MasHilkuLMqGhRZ4Hpak= github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= @@ -1030,6 +1279,7 @@ github.com/karrick/godirwalk v1.15.6/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1q github.com/karrick/godirwalk v1.15.8/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw= github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= +github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8= github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck= @@ -1039,6 +1289,7 @@ github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQL github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= +github.com/klauspost/compress v1.11.2/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.4/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= @@ -1049,6 +1300,16 @@ github.com/klauspost/compress v1.15.11 h1:Lcadnb3RKGin4FYM/orgq0qde+nc15E5Cbqg4B github.com/klauspost/compress v1.15.11/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM= github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= +github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f h1:GvCU5GXhHq+7LeOzx/haG7HSIZokl3/0GkoUFzsRJjg= +github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f/go.mod h1:q59u9px8b7UTj0nIjEjvmTWekazka6xIt6Uogz5Dm+8= +github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d h1:X4cedH4Kn3JPupAwwWuo4AzYp16P0OyLO9d7OnMZc/c= +github.com/knqyf263/go-deb-version v0.0.0-20190517075300-09fca494f03d/go.mod h1:o8sgWoz3JADecfc/cTYD92/Et1yMqMy0utV1z+VaZao= +github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 h1:aC6MEAs3PE3lWD7lqrJfDxHd6hcced9R4JTZu85cJwU= +github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075/go.mod h1:i4sF0l1fFnY1aiw08QQSwVAFxHEm311Me3WsU/X7nL0= +github.com/knqyf263/go-rpmdb v0.0.0-20221030142135-919c8a52f04f h1:oz80cOWEcx/tTh5T0g43oz5W7zZw8jm7zD5BR9tQjX8= +github.com/knqyf263/go-rpmdb v0.0.0-20221030142135-919c8a52f04f/go.mod h1:zp6SMcRd0GB+uwNJjr+DkrNZdQZ4er2HMO6KyD0vIGU= +github.com/knqyf263/nested v0.0.1 h1:Sv26CegUMhjt19zqbBKntjwESdxe5hxVPSk0+AKjdUc= +github.com/knqyf263/nested v0.0.1/go.mod h1:zwhsIhMkBg90DTOJQvxPkKIypEHPYkgWHs4gybdlUmk= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -1057,8 +1318,8 @@ github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.4/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= @@ -1066,15 +1327,31 @@ github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw= github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o= +github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk= github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= +github.com/liamg/iamgo v0.0.9 h1:tADGm3xVotyRJmuKKaH4+zsBn7LOcvgdpuF3WsSKW3c= +github.com/liamg/iamgo v0.0.9/go.mod h1:Kk6ZxBF/GQqG9nnaUjIi6jf+WXNpeOTyhwc6gnguaZQ= +github.com/liamg/jfather v0.0.7 h1:Xf78zS263yfT+xr2VSo6+kyAy4ROlCacRqJG7s5jt4k= +github.com/liamg/jfather v0.0.7/go.mod h1:xXBGiBoiZ6tmHhfy5Jzw8sugzajwYdi6VosIpB3/cPM= +github.com/liamg/memoryfs v1.4.3 h1:+ChjcuPRYpjJSulD13PXDNR3JeJ5HUYKjLHyWVK0bqU= +github.com/liamg/memoryfs v1.4.3/go.mod h1:z7mfqXFQS8eSeBBsFjYLlxYRMRyiPktytvYCYTb3BSk= github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lib/pq v1.10.6 h1:jbk+ZieJ0D7EVGJYpL9QTz7/YW6UHbmdnZWYyK5cdBs= +github.com/lib/pq v1.10.6/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4= github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I= +github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40 h1:EnfXoSqDfSNJv0VBNqY/88RNnhSGYkrHaO0mmFGbVsc= +github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40/go.mod h1:vy1vK6wD6j7xX6O6hXe621WabdtNkou2h7uRtTfRMyg= github.com/lyft/protoc-gen-star v0.5.3/go.mod h1:V0xaHgaf5oCCqmcxYcWiDfTiKsZsRc87/1qhoTACD8w= github.com/magefile/mage v1.9.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= github.com/magefile/mage v1.11.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A= @@ -1084,21 +1361,39 @@ github.com/magefile/mage v1.14.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXq github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo= +github.com/magiconair/properties v1.8.6/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= +github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/markbates/errx v1.1.0 h1:QDFeR+UP95dO12JgW+tgi2UVfo0V8YBHiUIOaeBPiEI= github.com/markbates/errx v1.1.0/go.mod h1:PLa46Oex9KNbVDZhKel8v1OT7hD5JZ2eI7AHhA0wswc= github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE= +github.com/markbates/oncer v1.0.0 h1:E83IaVAHygyndzPimgUYJjbshhDTALZyXxvk9FOlQRY= github.com/markbates/oncer v1.0.0/go.mod h1:Z59JA581E9GP6w96jai+TGqafHPW+cPfRxz2aSZ0mcI= github.com/markbates/pkger v0.17.0 h1:RFfyBPufP2V6cddUyyEVSHBpaAnM1WzaMNyqomeT+iY= github.com/markbates/pkger v0.17.0/go.mod h1:0JoVlrol20BSywW79rN3kdFFsE5xYM+rSCQDXbLhiuI= +github.com/markbates/safe v1.0.1 h1:yjZkbvRM6IzKj9tlu/zMJLS0n/V351OZWRnF3QfaUxI= github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/martini-contrib/render v0.0.0-20150707142108-ec18f8345a11 h1:YFh+sjyJTMQSYjKwM4dFKhJPJC/wfo98tPUc17HdoYw= github.com/martini-contrib/render v0.0.0-20150707142108-ec18f8345a11/go.mod h1:Ah2dBMoxZEqk118as2T4u4fjfXarE0pPnMJaArZQZsI= +github.com/masahiro331/go-disk v0.0.0-20220919035250-c8da316f91ac h1:QyRucnGOLHJag1eB9CtuZwZk+/LpvTSYr5mnFLLFlgA= +github.com/masahiro331/go-disk v0.0.0-20220919035250-c8da316f91ac/go.mod h1:J7Vb0sf0JzOhT0uHTeCqO6dqP/ELVcQvQ6yQ/56ZRGw= +github.com/masahiro331/go-ebs-file v0.0.0-20221125181850-09c63351e38c h1:sBVxQbdRxqMoczqQYPxUwe3V3msmAUj9KPuPZRpD13k= +github.com/masahiro331/go-ebs-file v0.0.0-20221125181850-09c63351e38c/go.mod h1:5NOkqebMwu8UiOTSjwqam1Ykdr7fci52TVE2xDQnIiM= +github.com/masahiro331/go-ext4-filesystem v0.0.0-20221016160854-4b40d7ee6193 h1:1005OfmUUdBL4540DpkovaDrV+lkiEda7Nb/t792LEg= +github.com/masahiro331/go-ext4-filesystem v0.0.0-20221016160854-4b40d7ee6193/go.mod h1:X08d9nmB+eg7Gj2XWAOkiG8lbMFbgGXPsDKEvkFwyF8= +github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08 h1:AevUBW4cc99rAF8q8vmddIP8qd/0J5s/UyltGbp66dg= +github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08/go.mod h1:JOkBRrE1HvgTyjk6diFtNGgr8XJMtIfiBzkL5krqzVk= +github.com/masahiro331/go-vmdk-parser v0.0.0-20221124162251-5eeffd974e5a h1:R2wjAgJt2IwTqKfSDc4mJ0SIz66lIslqmAjW/Dmi5fE= +github.com/masahiro331/go-vmdk-parser v0.0.0-20221124162251-5eeffd974e5a/go.mod h1:5f7mCJGW9cJb8SDn3z8qodGxpMCOo8d/2nls/tiwRrw= +github.com/masahiro331/go-xfs-filesystem v0.0.0-20221127135739-051c25f1becd h1:jOFGJ9IFmR9jbm06nZzSR9xdd5clVbRcK55yGNhqMYM= +github.com/masahiro331/go-xfs-filesystem v0.0.0-20221127135739-051c25f1becd/go.mod h1:QKBZqdn6teT0LK3QhAf3K6xakItd1LonOShOEC44idQ= github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A= github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -1121,18 +1416,30 @@ github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peK github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-oci8 v0.1.1/go.mod h1:wjDx6Xm9q7dFtHJvIlrI99JytznLw5wQ4R+9mNXJwGI= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= +github.com/mattn/go-runewidth v0.0.12/go.mod h1:RAqKPSqVFrSLVXbA8x7dzmKdmGzieGRCM46jaSJTDAk= +github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= +github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-shellwords v1.0.3/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= +github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o= github.com/mattn/go-shellwords v1.0.11/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= +github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= +github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= +github.com/mattn/go-sqlite3 v1.14.12 h1:TJ1bhYJPV44phC+IMu1u2K/i5RriLTPe+yc68XDJ1Z0= +github.com/mattn/go-sqlite3 v1.14.12/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= github.com/mholt/archiver/v3 v3.5.1/go.mod h1:e3dqJ7H78uzsRSEACH1joayhuSyhnonssnDhppzS1L4= +github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032 h1:TLygBUBxikNJJfLwgm+Qwdgq1FtfV8Uh7bcxRyTzK8s= +github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032/go.mod h1:vYT9HE7WCvL64iVeZylKmCsWKfE+JZ8105iuh2Trk8g= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.26/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= @@ -1145,17 +1452,23 @@ github.com/mitchellh/cli v1.1.0/go.mod h1:xcISNoH86gajksDmfB23e/pu+B+GeFRMYmoHXx github.com/mitchellh/cli v1.1.2/go.mod h1:6iaV0fGdElS6dPBx0EApTxHrcWvmJphyh2n8YBLPPZ4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/copystructure v1.1.1/go.mod h1:EBArHfARyrSWO/+Wyr9zwEkc6XMFB9XyNgFNmRkZZU4= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= +github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= +github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= github.com/mitchellh/gox v1.0.1 h1:x0jD3dcHk9a9xPSDN6YEL4xL6Qz0dvNYm8yZqui5chI= github.com/mitchellh/gox v1.0.1/go.mod h1:ED6BioOGXMswlXa2zxfh/xdd5QhwYliBFn9V18Ap4z4= github.com/mitchellh/hashstructure v1.1.0 h1:P6P1hdjqAAknpY/M1CGipelZgp+4y9ja9kmUZPXP+H0= github.com/mitchellh/hashstructure v1.1.0/go.mod h1:xUDAozZz0Wmdiufv0uyhnHkUTN6/6d8ulp4AwfLKrmA= +github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4= +github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE= github.com/mitchellh/iochan v1.0.0 h1:C+X3KsSTLFVBr/tK1eYN/vs4rJcvsiLU338UhYPJWeY= github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= @@ -1168,14 +1481,25 @@ github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.1/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/moby/buildkit v0.10.4 h1:FvC+buO8isGpUFZ1abdSLdGHZVqg9sqI4BbFL8tlzP4= +github.com/moby/buildkit v0.10.4/go.mod h1:Yajz9vt1Zw5q9Pp4pdb3TCSUXJBIroIQGQ3TTs/sLug= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= +github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/sys/mount v0.2.0/go.mod h1:aAivFE2LB3W4bACsUXChRHQ0qKWsetY4Y9V7sxOougM= github.com/moby/sys/mountinfo v0.4.0/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= github.com/moby/sys/mountinfo v0.4.1/go.mod h1:rEr8tzG/lsIZHBtN/JjGG+LMYx9eXgW2JI+6q0qou+A= -github.com/moby/sys/mountinfo v0.5.0 h1:2Ks8/r6lopsxWi9m58nlwjaeSzUX9iiL1vj5qB/9ObI= +github.com/moby/sys/mountinfo v0.5.0/go.mod h1:3bMD3Rg+zkqx8MRYPi7Pyb0Ie97QEBmdxbhnCLlSvSU= +github.com/moby/sys/mountinfo v0.6.2 h1:BzJjoreD5BMFNmD9Rus6gdd1pLuecOFPt8wC+Vygl78= +github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= +github.com/moby/sys/signal v0.6.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= +github.com/moby/sys/signal v0.7.0 h1:25RW3d5TnQEoKvRbEKUGay6DCQ46IxAVTT9CUMgmsSI= +github.com/moby/sys/signal v0.7.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ= +github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6BMgR/gFs= github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/moby/term v0.0.0-20201216013528-df9cb8a40635/go.mod h1:FBS0z0QWA44HXygs7VXDUOGoN/1TV3RuWkLO04am3wc= github.com/moby/term v0.0.0-20210610120745-9d4ed1856297/go.mod h1:vgPCkQMyxTZ7IDy8SXRufE172gr8+K/JE/7hHFxHW3A= @@ -1188,6 +1512,7 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= @@ -1206,28 +1531,36 @@ github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWk github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= +github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= github.com/olekukonko/tablewriter v0.0.4/go.mod h1:zq6QwlOf5SlnkVbMSr5EoBv3636FWnp+qbPhuoO21uA= +github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= github.com/onsi/ginkgo v0.0.0-20151202141238-7f8ab55aaf3b/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.13.0/go.mod h1:+REjRxOmWfHCjfv9TTWB1jD1Frx4XydAD3zm1lskyM0= github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= -github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo/v2 v2.1.6 h1:Fx2POJZfKRQcM1pH49qSZiYeu319wji004qX+GDovrU= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= +github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= +github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.20.1 h1:PA/3qinGoukvymdIDV8pii6tiZgC8kbmJO6Z5+b002Q= github.com/open-policy-agent/opa v0.44.1-0.20220927105354-00e835a7cc15 h1:B+LGzLaQBMXiNFO89jTFmr8PnZE383kVqNOJsV9WFII= github.com/open-policy-agent/opa v0.44.1-0.20220927105354-00e835a7cc15/go.mod h1:/OnsYljNEWJ6DXeFOOnoGn8CvwZGMUS4iRqzYdJvmBI= @@ -1239,6 +1572,7 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.1.0-rc2 h1:2zx/Stx4Wc5pIPDvIxHXvXtQFW/7XWJGmnM7r3wg034= github.com/opencontainers/image-spec v1.1.0-rc2/go.mod h1:3OVijpioIKYWTqjiG0zfF6wvoJ4fAXGbjdZuI2NgsRQ= @@ -1248,19 +1582,36 @@ github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0= github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= +github.com/opencontainers/runc v1.1.0/go.mod h1:Tj1hFw6eFWp/o33uxGf5yF2BX5yz2Z6iptFpuvbbKqc= +github.com/opencontainers/runc v1.1.3 h1:vIXrkId+0/J2Ymu2m7VjGvbSlAId9XNRPhn2p4b+d8w= +github.com/opencontainers/runc v1.1.3/go.mod h1:1J5XiS+vdZ3wCyZybsuxXZWGrgSr8fFJHLXuG2PsnNg= github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.2/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20200929063507-e6143ca7d51d/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= +github.com/opencontainers/runtime-spec v1.0.3-0.20220311020903-6969a0a09ab1 h1:DUNsiyVYdBOR9Ztzo4/AxcT2KsIV6apA0NvF2gZTXVQ= +github.com/opencontainers/runtime-spec v1.0.3-0.20220311020903-6969a0a09ab1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= +github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= +github.com/opencontainers/selinux v1.10.1 h1:09LIPVRP3uuZGQvgR+SgMSNBd1Eb3vlRbGqQpoHsF8w= +github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= +github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= +github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= +github.com/owenrumney/go-sarif v1.1.1/go.mod h1:dNDiPlF04ESR/6fHlPyq7gHKmrM0sHUvAGjsoh8ZH0U= +github.com/owenrumney/go-sarif/v2 v2.1.2 h1:PMDK7tXShJ9zsB7bfvlpADH5NEw1dfA9xwU8Xtdj73U= +github.com/owenrumney/go-sarif/v2 v2.1.2/go.mod h1:MSqMMx9WqlBSY7pXoOZWgEsVB4FDNfhcaXDA1j6Sr+w= +github.com/owenrumney/squealer v1.0.1-0.20220510063705-c0be93f0edea h1:RwQ26NYF4vvP7GckFRB4ABL18Byo7vnYBzMpmZKkGwQ= +github.com/owenrumney/squealer v1.0.1-0.20220510063705-c0be93f0edea/go.mod h1:WWvhG67r/BBwvLwmE2TcASI0b/xyPxmR9y33q/mg4ig= github.com/oxtoacart/bpool v0.0.0-20150712133111-4e1c5567d7c2 h1:CXwSGu/LYmbjEab5aMCs5usQRVBGThelUKBNnoSOuso= github.com/oxtoacart/bpool v0.0.0-20150712133111-4e1c5567d7c2/go.mod h1:L3UMQOThbttwfYRNFOWLLVXMhk5Lkio4GGOtw5UrxS0= +github.com/package-url/packageurl-go v0.1.1-0.20220203205134-d70459300c8a h1:tkTSd1nhioPqi5Whu3CQ79UjPtaGOytqyNnSCVOqzHM= +github.com/package-url/packageurl-go v0.1.1-0.20220203205134-d70459300c8a/go.mod h1:uQd4a7Rh3ZsVg5j0lNyAfyxIeGde9yrlhjF78GzeW0c= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-buffruneio v0.2.0/go.mod h1:JkE26KsDizTr40EUHkXVtNPvgGtbSNq5BcowyYOWdKo= @@ -1269,6 +1620,11 @@ github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAv github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= +github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= +github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg= +github.com/pelletier/go-toml/v2 v2.0.5/go.mod h1:OMHamSCAODeSsVrwwvcJOaoN0LIUIaFVNZzmWyNfXas= +github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI= @@ -1280,12 +1636,14 @@ github.com/pierrec/lz4/v4 v4.1.15 h1:MO0/ucJhngq7299dKLwIMtgTfbkoSPF6AoMYDd8Q4q0 github.com/pierrec/lz4/v4 v4.1.15/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pierrre/gotestcover v0.0.0-20160517101806-924dca7d15f0 h1:i5VIxp6QB8oWZ8IkK8zrDgeT6ORGIUeiN+61iETwJbI= github.com/pierrre/gotestcover v0.0.0-20160517101806-924dca7d15f0/go.mod h1:4xpMLz7RBWyB+ElzHu8Llua96TRCB3YwX+l5EP1wmHk= +github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= +github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= @@ -1293,6 +1651,8 @@ github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSg github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw= github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= github.com/poy/eachers v0.0.0-20181020210610-23942921fe77 h1:SNdqPRvRsVmYR0gKqFvrUKhFizPJ6yDiGQ++VAJIoDg= +github.com/poy/onpar v0.0.0-20190519213022-ee068f8ea4d1 h1:oL4IBbcqwhhNWh31bjOX8C/OCy0zs9906d/VUru+bqg= +github.com/poy/onpar v0.0.0-20190519213022-ee068f8ea4d1/go.mod h1:nSbFQvMj97ZyhFRSJYtut+msi4sOY6zJDGCdSc+/rZU= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= @@ -1319,6 +1679,7 @@ github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+ github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= +github.com/prometheus/common v0.30.0/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= @@ -1340,37 +1701,62 @@ github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 h1:N/ElC8H3+5XpJzTSTfLsJV/mx9Q9g7kxmchpfZyxgzM= github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= +github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk= +github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= +github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.5.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= +github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8= +github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/rubenv/sql-migrate v0.0.0-20210614095031-55d5740dbbcc/go.mod h1:HFLT6i9iR4QBOF5rdCyjddC9t59ArqWJV2xx+jwcCMo= +github.com/rubenv/sql-migrate v1.1.2 h1:9M6oj4e//owVVHYrFISmY9LBRw6gzkCNmD9MV36tZeQ= +github.com/rubenv/sql-migrate v1.1.2/go.mod h1:/7TZymwxN8VWumcIxw1jjHEcR1djpdkMHQPT4FWdnbQ= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= +github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= +github.com/safchain/ethtool v0.0.0-20210803160452-9aa261dae9b1/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= github.com/sagikazarmark/crypt v0.3.0/go.mod h1:uD/D+6UF4SrIR1uGEv7bBNkNqLGqUr43MRiaGWX1Nig= github.com/samber/lo v1.37.0 h1:XjVcB8g6tgUp8rsPsJ2CvhClfImrpL04YpQHXeHPhRw= github.com/samber/lo v1.37.0/go.mod h1:9vaz2O4o8oOnK23pd2TrXufcbdbJIa3b6cstBWKpopA= github.com/santhosh-tekuri/jsonschema v1.2.4 h1:hNhW8e7t+H1vgY+1QeEQpveR6D4+OwKPXCfD2aieJis= github.com/santhosh-tekuri/jsonschema v1.2.4/go.mod h1:TEAUOeZSmIxTTuHatJzrvARHiuO9LYd+cIxzgEHCQI4= +github.com/saracen/walker v0.0.0-20191201085201-324a081bae7e h1:NO86zOn5ScSKW8wRbMaSIcjDZUFpWdCQQnexRqZ9h9A= +github.com/saracen/walker v0.0.0-20191201085201-324a081bae7e/go.mod h1:G0Z6yVPru183i2MuRJx1DcR4dgIZtLcTdaaE/pC1BJU= github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= +github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw= +github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= +github.com/seccomp/libseccomp-golang v0.9.2-0.20210429002308-3879420cc921/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= +github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= +github.com/secure-systems-lab/go-securesystemslib v0.4.0 h1:b23VGrQhTA8cN2CbBw7/FulN9fTtqYUdS5+Oxzt+DUE= +github.com/secure-systems-lab/go-securesystemslib v0.4.0/go.mod h1:FGBZgq2tXWICsxWQW1msNf49F0Pf2Op5Htayx335Qbs= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= +github.com/shibumi/go-pathspec v1.3.0 h1:QUyMZhFo0Md5B8zV8x2tesohbb5kfbpTi9rBnKh5dkI= +github.com/shibumi/go-pathspec v1.3.0/go.mod h1:Xutfslp817l2I1cZvgcfeMQJG5QnU2lh5tVaaMCl3jE= github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI= github.com/shirou/gopsutil v3.21.11+incompatible/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA= github.com/shirou/gopsutil/v3 v3.21.10/go.mod h1:t75NhzCZ/dYyPQjyQmrAYP6c8+LCdFANeBMdLPCNnew= github.com/shirou/gopsutil/v3 v3.21.12 h1:VoGxEW2hpmz0Vt3wUvHIl9fquzYLNpVpgNNB7pGJimA= github.com/shirou/gopsutil/v3 v3.21.12/go.mod h1:BToYZVTlSVlfazpDDYFnsVZLaoRG+g8ufT6fPQLdJzA= +github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/sigstore/rekor v1.0.0 h1:64IeShnl8n862APKu4MyDObAOjwNL//je6okig4uQw8= +github.com/sigstore/rekor v1.0.0/go.mod h1:8FPG2wHngSA4Bo8tgOn0C/PIDDNi4iiNePhAiyJlv5Q= github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -1389,17 +1775,24 @@ github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIK github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= +github.com/sosedoff/gitkit v0.3.0 h1:TfINVRNUM+GcFa+LGhZ3RcWN86Im1M6i8qs0IsgMy90= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spdx/gordf v0.0.0-20201111095634-7098f93598fb/go.mod h1:uKWaldnbMnjsSAXRurWqqrdyZen1R7kxl8TkmWk2OyM= +github.com/spdx/tools-golang v0.3.0 h1:rtm+DHk3aAt74Fh0Wgucb4pCxjXV8SqHCPEb2iBd30k= +github.com/spdx/tools-golang v0.3.0/go.mod h1:RO4Y3IFROJnz+43JKm1YOrbtgQNljW4gAPpA/sY2eqo= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/afero v1.3.3/go.mod h1:5KUK8ByomD5Ti5Artl0RtHeI5pTF7MIDuXL3yY520V4= -github.com/spf13/afero v1.6.0 h1:xoax2sJ2DT8S8xA2paPFjDCScCNeWsg75VG0DLRreiY= github.com/spf13/afero v1.6.0/go.mod h1:Ai8FlHk4v/PARR026UzYexafAt9roJ7LcLMAmO6Z93I= +github.com/spf13/afero v1.8.2 h1:xehSyVa0YnHWsJ49JFljMpg1HX19V6NDZ1fkm1Xznbo= +github.com/spf13/afero v1.8.2/go.mod h1:CtAatgMJh6bJEIs48Ay/FOnkljP3WeGUG0MC1RfAqwo= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= +github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= @@ -1412,6 +1805,7 @@ github.com/spf13/cobra v1.3.0/go.mod h1:BrRVncBjOJa/eUcVVm9CE+oC6as8k+VYr4NY7WCi github.com/spf13/cobra v1.6.0 h1:42a0n6jwCot1pUmomAp4T7DeMD+20LFv4Q54pxLf2LI= github.com/spf13/cobra v1.6.0/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/jwalterweatherman v1.1.0 h1:ue6voC5bR5F8YxI5S67j9i582FU4Qvo2bmqnqMYADFk= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -1424,6 +1818,8 @@ github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/y github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= github.com/spf13/viper v1.10.0/go.mod h1:SoyBPwAtKDzypXNDFKN5kzH7ppppbGZtls1UpIy5AsM= +github.com/spf13/viper v1.13.0 h1:BWSJ/M+f+3nmdz9bxB+bWX28kkALN2ok11D0rSo8EJU= +github.com/spf13/viper v1.13.0/go.mod h1:Icm2xNL3/8uyh/wFuB1jI7TiTNKp8632Nwegu+zgdYw= github.com/src-d/gcfg v1.4.0/go.mod h1:p/UMsR43ujA89BJY9duynAwIpvqEujIH/jFlfL7jWoI= github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= @@ -1448,6 +1844,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/subosito/gotenv v1.4.1 h1:jyEFiXpy21Wm81FBN71l9VoMMV8H8jG+qIK3GCpY6Qs= +github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= @@ -1456,7 +1854,10 @@ github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BG github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= github.com/tebeka/go2xunit v1.4.10/go.mod h1:wmc9jKT7KlU4QLU6DNTaIXNnYNOjKKNlp6mjOS0UrqY= github.com/testcontainers/testcontainers-go v0.11.0/go.mod h1:HztBCODzuA+YpMXGK8amjO8j50jz2gcT0BOzSKUiYIs= +github.com/tetratelabs/wazero v1.0.0-pre.3 h1:Z5fbogMUGcERzaQb9mQU8+yJSy0bVvv2ce3dfR4wcZg= +github.com/tetratelabs/wazero v1.0.0-pre.3/go.mod h1:M8UDNECGm/HVjOfq0EOe4QfCY9Les1eq54IChMLETbc= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tklauser/go-sysconf v0.3.9 h1:JeUVdAOWhhxVcU6Eqr/ATFHgXk/mmiItdKeJPev3vTo= github.com/tklauser/go-sysconf v0.3.9/go.mod h1:11DU/5sG7UexIrp/O6g35hrWzu0JxlwQ3LSFUzyeuhs= github.com/tklauser/numcpus v0.3.0 h1:ILuRUQBtssgnxw0XXIjKUC56fgnOrFoQQ/4+DeU2biQ= @@ -1467,6 +1868,9 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1 github.com/tsg/go-daemon v0.0.0-20200207173439-e704b93fd89b h1:X/8hkb4rQq3+QuOxpJK7gWmAXmZucF0EI1s1BfBLq6U= github.com/tsg/go-daemon v0.0.0-20200207173439-e704b93fd89b/go.mod h1:jAqhj/JBVC1PwcLTWd6rjQyGyItxxrhpiBl8LSuAGmw= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= +github.com/tv42/httpunix v0.0.0-20191220191345-2ba4b9c3382c/go.mod h1:hzIxponao9Kjc7aWznkXaL4U4TWaDSs8zcsY4Ka08nM= +github.com/twitchtv/twirp v8.1.2+incompatible h1:0O6TfzZW09ZP5r+ORA90XQEE3PTgA6C7MBbl2KxvVgE= +github.com/twitchtv/twirp v8.1.2+incompatible/go.mod h1:RRJoFSAmTEh2weEqWtpPE3vFK5YBhA6bqp2l1kfCC5A= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.8/go.mod h1:0lNM99SwWUIRhCXnigEMClngXBk/EmpTXa7mgiewYWA= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= @@ -1474,20 +1878,31 @@ github.com/ugorji/go/codec v1.1.8 h1:4dryPvxMP9OtkjIbuNeK2nb27M38XMHLGlfNSNph/5s github.com/ugorji/go/codec v1.1.8/go.mod h1:X00B19HDtwvKbQY2DcYjvZxKQp8mzrJoQ6EgoIY/D2E= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ulikunitz/xz v0.5.9/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= +github.com/ulikunitz/xz v0.5.10 h1:t92gobL9l3HE202wg3rlk19F6X+JOxl9BBrCCMYEYd8= +github.com/ulikunitz/xz v0.5.10/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI= github.com/urso/diag v0.0.0-20200210123136-21b3cc8eb797 h1:OHNw/6pXODJAB32NujjdQO/KIYQ3KAbHQfCzH81XdCs= github.com/urso/diag v0.0.0-20200210123136-21b3cc8eb797/go.mod h1:pNWFTeQ+V1OYT/TzWpnWb6eQBdoXpdx+H+lrH97/Oyo= github.com/urso/sderr v0.0.0-20210525210834-52b04e8f5c71 h1:CehQeKbysHV8J2V7AD0w8NL2x1h04kmmo/Ft5su4lU0= github.com/urso/sderr v0.0.0-20210525210834-52b04e8f5c71/go.mod h1:Wp40HwmjM59FkDIVFfcCb9LzBbnc0XAMp8++hJuWvSU= +github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME= +github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= +github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= +github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= +github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= +github.com/vmihailenco/tagparser v0.1.1/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4= github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI= github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= @@ -1495,7 +1910,9 @@ github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= +github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g= github.com/xdg-go/stringprep v1.0.2/go.mod h1:8F9zXuvzgwmyT5DUm4GUfZGDdT3W+LCvS6+da4O5kxM= +github.com/xdg-go/stringprep v1.0.3/go.mod h1:W3f5j4i+9rC0kuIEJL0ky1VpHXQU3ocBgklLGvcBnW8= github.com/xdg/scram v1.0.3 h1:nTadYh2Fs4BK2xdldEa2g5bbaZp0/+1nJMMPtPxS/to= github.com/xdg/scram v1.0.3/go.mod h1:lB8K/P019DLNhemzwFU4jHLhdvlE6uDZjXFejJXr49I= github.com/xdg/stringprep v1.0.3 h1:cmL5Enob4W83ti/ZHuZLuKD/xqJfus4fVPwE+/BDm+4= @@ -1506,10 +1923,13 @@ github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2 github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= +github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= +github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= +github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yashtewari/glob-intersection v0.1.0 h1:6gJvMYQlTDOL3dMsPF6J0+26vwX9MB8/1q3uAdhmTrg= github.com/yashtewari/glob-intersection v0.1.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= @@ -1521,6 +1941,8 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.0/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/yuin/gopher-lua v0.0.0-20210529063254-f4c35e4016d9 h1:k/gmLsJDWwWqbLCur2yWnJzwQEKRcAHXo6seXGuSwWw= github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg= github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 h1:+lm10QQTNSBd8DVTNGHx7o/IKu9HYDvLMffDhbyLccI= @@ -1529,6 +1951,12 @@ github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50 h1:hlE8//ciYMzt github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f h1:ERexzlUfuTvpE74urLSbIQW0Z/6hF9t8U4NsJLaioAY= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= +github.com/zclconf/go-cty v1.0.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= +github.com/zclconf/go-cty v1.10.0 h1:mp9ZXQeIcN8kAwuqorjH+Q+njbJKjLrvB2yIh4q7U+0= +github.com/zclconf/go-cty v1.10.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk= +github.com/zclconf/go-cty-yaml v1.0.2 h1:dNyg4QLTrv2IfJpm7Wtxi55ed5gLGOlPrZ6kMd51hY0= +github.com/zclconf/go-cty-yaml v1.0.2/go.mod h1:IP3Ylp0wQpYm50IHK8OZWKMu6sPJIUgKa8XhiVHura0= +github.com/ziutek/mymysql v1.5.4 h1:GB0qdRGsTwQSBVYuVShFBKaXSnSnYYC2d9knnE1LHFs= github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0= go.elastic.co/apm v1.10.0/go.mod h1:qoOSi09pnzJDh5fKnfY7bPmQgl8yl2tULdOu03xhui0= go.elastic.co/apm v1.13.0 h1:SUCDscFfpshuxoxuoSh+r+2E3v1uvd5HrlRK5ZHpyvs= @@ -1553,6 +1981,7 @@ go.elastic.co/go-licence-detector v0.5.0/go.mod h1:fSJQU8au4SAgDK+UQFbgUPsXKYNBD go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= +go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU= go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= go.etcd.io/etcd v0.5.0-alpha.5.0.20200910180754-dd1b699fc489/go.mod h1:yVHk9ub3CSBatqGNg7GRmsnfLWtoW60w4eDYfh7vHDg= go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs= @@ -1566,6 +1995,10 @@ go.etcd.io/etcd/pkg/v3 v3.5.0/go.mod h1:UzJGatBQ1lXChBkQF0AuAtkRQMYnHubxAEYIrC3M go.etcd.io/etcd/raft/v3 v3.5.0/go.mod h1:UFOHSIvO/nKwd4lhkwabrTD3cqW5yVyYYf/KlD00Szc= go.etcd.io/etcd/server/v3 v3.5.0/go.mod h1:3Ah5ruV+M+7RZr0+Y/5mNLwC+eQlni+mQmOVdCRJoS4= go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= +go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= +go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= +go.mongodb.org/mongo-driver v1.10.0 h1:UtV6N5k14upNp4LTduX0QCufG124fSu25Wz9tu94GLg= +go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= @@ -1573,33 +2006,44 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= -go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= +go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= +go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/contrib v0.20.0 h1:ubFQUn0VCZ0gPwIoJfBJVpeBlyRMxu8Mm/huKWYd9p0= go.opentelemetry.io/contrib v0.20.0/go.mod h1:G/EtFaa6qaN7+LxqfIAT3GiZa7Wv5DTBUzl5H4LY0Kc= go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0/go.mod h1:oVGt1LRbBOBq1A5BQLlUg9UaU/54aiHw8cgjV3aWZ/E= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0/go.mod h1:vEhqr0m4eTc+DWxfsXoXue2GBgV2uUwVznkGIHW/e5w= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0/go.mod h1:2AboqHi0CiIZU0qwhtUfCYD1GeUzvvIXWNkhDt7ZMG4= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.32.0 h1:mac9BKRqwaX6zxHPDe3pvmWpwuuIM0vuXv2juCnQevE= go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo= +go.opentelemetry.io/otel v1.3.0/go.mod h1:PWIKzi6JCp7sM0k9yZ43VX+T345uNbAkDKwHVjb2PTs= go.opentelemetry.io/otel v1.7.0 h1:Z2lA3Tdch0iDcrhJXDIlC94XE+bxok1F9B+4Lz/lGsM= go.opentelemetry.io/otel v1.7.0/go.mod h1:5BdUoMIz5WEs0vt0CUEMtSSaTSHBBVwrhnz7+nrD5xk= go.opentelemetry.io/otel/exporters/otlp v0.20.0 h1:PTNgq9MRmQqqJY0REVbZFvwkYOA85vbdQU/nVfxDyqg= go.opentelemetry.io/otel/exporters/otlp v0.20.0/go.mod h1:YIieizyaN77rtLJra0buKiNBOm9XQfkPEKBeuhoMwAM= +go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.3.0/go.mod h1:VpP4/RMn8bv8gNo9uK7/IMY4mtWLELsS+JIP0inH0h4= go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.7.0 h1:7Yxsak1q4XrJ5y7XBnNwqWx9amMZvoidCctv62XOQ6Y= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.3.0/go.mod h1:hO1KLR7jcKaDDKDkvI9dP/FIhpmna5lkqPUQdEjFAM8= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.7.0 h1:cMDtmgJ5FpRvqx9x2Aq+Mm0O6K/zcUkH73SFz20TuBw= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.3.0/go.mod h1:keUU7UfnwWTWpJ+FWnyqmogPa82nuU5VUANFq49hlMY= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.7.0 h1:MFAyzUPrTwLOwCi+cltN0ZVyy4phU41lwH+lyMyQTS4= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.3.0/go.mod h1:QNX1aly8ehqqX1LEa6YniTU7VY9I6R3X/oPxhGdTceE= go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU= go.opentelemetry.io/otel/metric v0.30.0 h1:Hs8eQZ8aQgs0U49diZoaS6Uaxw3+bBE3lcMUKBFIk3c= go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw= go.opentelemetry.io/otel/sdk v0.20.0/go.mod h1:g/IcepuwNsoiX5Byy2nNV0ySUF1em498m7hBWC279Yc= +go.opentelemetry.io/otel/sdk v1.3.0/go.mod h1:rIo4suHNhQwBIPg9axF8V9CA72Wz2mKF1teNrup8yzs= go.opentelemetry.io/otel/sdk v1.7.0 h1:4OmStpcKVOfvDOgCt7UriAPtKolwIhxpnSNI/yK+1B0= go.opentelemetry.io/otel/sdk/export/metric v0.20.0/go.mod h1:h7RBNMsDJ5pmI1zExLi+bJK+Dr8NQCh0qGhm1KDnNlE= go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4/0TjTXukfxjzSTpHE= go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= +go.opentelemetry.io/otel/trace v1.3.0/go.mod h1:c/VDhno8888bvQYmbYLqe41/Ldmr/KKunbvWM4/fEjk= go.opentelemetry.io/otel/trace v1.7.0 h1:O37Iogk1lEkMRXewVtZ1BBTVn5JEp8GrJvP92bJqC6o= go.opentelemetry.io/otel/trace v1.7.0/go.mod h1:fzLSB9nqR2eXzxPXb2JW9IKE+ScyXA48yyE4TNvoHqU= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= +go.opentelemetry.io/proto/otlp v0.11.0/go.mod h1:QpEjXPrNQzrFDZgoTo49dgHR9RYRSrg3NAKnUGl9YpQ= go.opentelemetry.io/proto/otlp v0.16.0 h1:WHzDWdXUvbc5bG2ObdrGfaNpQz7ft7QN9HHmJlbiB1E= +go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 h1:+FNtrFTmVw0YZGpBGX56XDee331t6JAXeK2bcyhLOOc= go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5/go.mod h1:nmDLcffg48OtT/PSW0Hg7FvpRQsQh5OSqIylirxKC7o= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= @@ -1651,12 +2095,19 @@ golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201112155050-0c6587e931a9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20201216223049-8b5274cf687f/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.4.0 h1:UVQgzMY87xqpKNgb+kDsll2Igd33HszWHFLmpaRMq/8= golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1702,9 +2153,11 @@ golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.5.0/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= golang.org/x/mod v0.5.1/go.mod h1:5OXOZSfqPIIbmVBIIKWRFfZjPR0E5r58TLhUjH0a2Ro= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.7.0 h1:LapD9S96VoQRhi/GrNTqeBJFrUjs5UHCAtTlgwA5oZA= golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181011144130-49bb7cea24b1/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1757,6 +2210,8 @@ golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLd golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210410081132-afb366fc7cd1/go.mod h1:9tjilg8BloeKEkVJvy7fQ90B1CfIiPueXVOjqfkSzI8= +golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= +golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= @@ -1764,11 +2219,17 @@ golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211020060615-d418f374d309/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211209124913-491a49abca63/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220107192237-5cfca573fb4d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.4.0 h1:Q5QPcMlvfxFTAPV0+07Xz/MpK9NTXu2VDUuy0FeMfaU= golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -1805,6 +2266,7 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180810173357-98c5dad5d1a0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1834,6 +2296,7 @@ golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1896,6 +2359,7 @@ golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210225134936-a50acf3fe073/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1903,7 +2367,9 @@ golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210403161142-5e06dd20ab57/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1919,20 +2385,29 @@ golang.org/x/sys v0.0.0-20210816074244-15123e1e1f71/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210903071746-97244b99971b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211102192858-4dd72447c267/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211205182925-97ca703d548d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220517195934-5e4e11fc645e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= @@ -1941,6 +2416,7 @@ golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9sn golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.3.0 h1:qoo4akIqOcDME5bhc/NgxUdovd6BSS2uMsVjB56q1xI= golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1952,12 +2428,14 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM= golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1965,6 +2443,7 @@ golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 h1:ftMN5LMiBFjbzleLqtoBZk7K golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -1975,6 +2454,7 @@ golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190329151228-23e29df326fe/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190416151739-9c9e1878f421/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190420181800-aa740d480789/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190422233926-fe54fb35175b/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= @@ -1984,10 +2464,12 @@ golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= golang.org/x/tools v0.0.0-20190729092621-ff9f1409240a/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191011211836-4c025a95b26e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= @@ -2020,18 +2502,22 @@ golang.org/x/tools v0.0.0-20200509030707-2212a7e161a5/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200526224456-8b020aee10d2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE= +golang.org/x/tools v0.0.0-20200916195026-c9a70fc28ce3/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= @@ -2042,12 +2528,15 @@ golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyj golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= golang.org/x/tools v0.1.8/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.4.0 h1:7mTAgkunk3fr4GAloyyCasadO6h9zSsQZbwvcaIciV4= golang.org/x/tools v0.4.0/go.mod h1:UE5sM2OK9E/d67R0ANs2xJizIymRP5gJU295PvKXxjQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk= +golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= @@ -2082,6 +2571,8 @@ google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdr google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU= google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I= google.golang.org/api v0.62.0/go.mod h1:dKmwPCydfsad4qCH08MSdgWjfHOyfpd4VtDGgRFdavw= +google.golang.org/api v0.103.0 h1:9yuVqlu2JCvcLg9p8S3fcFLZij8EPSyvODIY1rkMizQ= +google.golang.org/api v0.103.0/go.mod h1:hGtW6nK1AC+d9si/UBhw8Xli+QMOf6xyNAyJw4qU9w0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -2120,6 +2611,7 @@ google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= +google.golang.org/genproto v0.0.0-20200527145253-8367513e4ece/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA= google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -2131,7 +2623,9 @@ google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210108203827-ffc7fda8c3d7/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= +google.golang.org/genproto v0.0.0-20210226172003-ab064af71705/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= @@ -2159,6 +2653,7 @@ google.golang.org/genproto v0.0.0-20211129164237-f09f9a12af12/go.mod h1:5CzLGKJ6 google.golang.org/genproto v0.0.0-20211203200212-54befc351ae9/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= +google.golang.org/genproto v0.0.0-20220107163113-42d7afdf6368/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc= google.golang.org/genproto v0.0.0-20221207170731-23e4bf6bdc37 h1:jmIfw8+gSvXcZSgaFAGyInDXeWzUhvYH57G/5GKMn70= google.golang.org/genproto v0.0.0-20221207170731-23e4bf6bdc37/go.mod h1:RGgjbofJ8xD9Sq1VVhDM1Vok1vRONV+rg+CjzG4SZKM= google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= @@ -2192,6 +2687,7 @@ google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnD google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= +google.golang.org/grpc v1.43.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U= google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= @@ -2220,6 +2716,9 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/cheggaaa/pb.v1 v1.0.27/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/cheggaaa/pb.v1 v1.0.28 h1:n1tBJnnK2r7g9OW2btFH91V92STTUevLXYFb8gy9EMk= +gopkg.in/cheggaaa/pb.v1 v1.0.28/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= @@ -2230,6 +2729,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= +gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/jcmturner/aescts.v1 v1.0.1 h1:cVVZBK2b1zY26haWB4vbBiZrfFQnfbTVrE3xZq6hrEw= gopkg.in/jcmturner/aescts.v1 v1.0.1/go.mod h1:nsR8qBOg+OucoIW+WMhB3GspUQXq9XorLnQb9XtvcOo= gopkg.in/jcmturner/dnsutils.v1 v1.0.1 h1:cIuC1OLRGZrld+16ZJvvZxVJeKPsvd5eUIvxfoN5hSM= @@ -2279,6 +2780,8 @@ gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0= gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8= helm.sh/helm/v3 v3.7.2/go.mod h1:UXuiAn0+FfBpqbiMuwWt8/aAKkfJvnWLBJ6f4HcFs0M= +helm.sh/helm/v3 v3.10.0 h1:y/MYONZ/bsld9kHwqgBX2uPggnUr5hahpjwt9/jrHlI= +helm.sh/helm/v3 v3.10.0/go.mod h1:paPw0hO5KVfrCMbi1M8+P8xdfBri3IiJiVKATZsFR94= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= @@ -2295,15 +2798,20 @@ k8s.io/api v0.20.1/go.mod h1:KqwcCVogGxQY3nBlRpwt+wpAMF/KjaCc7RpywacvqUo= k8s.io/api v0.20.4/go.mod h1:++lNL1AJMkDymriNniQsWRkMDzRaX2Y/POTUi8yvqYQ= k8s.io/api v0.20.6/go.mod h1:X9e8Qag6JV/bL5G6bU8sdVRltWKmdHsFUGS3eVndqE8= k8s.io/api v0.22.4/go.mod h1:Rgs+9gIGYC5laXQSZZ9JqT5NevNgoGiOdVWi1BAB3qk= +k8s.io/api v0.22.5/go.mod h1:mEhXyLaSD1qTOf40rRiKXkc+2iCem09rWLlFwhCEiAs= k8s.io/api v0.23.1/go.mod h1:WfXnOnwSqNtG62Y1CdjoMxh7r7u9QXGCkA1u0na2jgo= k8s.io/api v0.23.4/go.mod h1:i77F4JfyNNrhOjZF7OwwNJS5Y1S9dpwvb9iYRYRczfI= k8s.io/api v0.25.3 h1:Q1v5UFfYe87vi5H7NU0p4RXC26PPMT8KOpr1TLQbCMQ= k8s.io/api v0.25.3/go.mod h1:o42gKscFrEVjHdQnyRenACrMtbuJsVdP+WVjqejfzmI= k8s.io/apiextensions-apiserver v0.22.4/go.mod h1:kH9lxD8dbJ+k0ZizGET55lFgdGjO8t45fgZnCVdZEpw= +k8s.io/apiextensions-apiserver v0.25.0 h1:CJ9zlyXAbq0FIW8CD7HHyozCMBpDSiH7EdrSTCZcZFY= +k8s.io/apiextensions-apiserver v0.25.0/go.mod h1:3pAjZiN4zw7R8aZC5gR0y3/vCkGlAjCazcg1me8iB/E= k8s.io/apimachinery v0.20.1/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.4/go.mod h1:WlLqWAHZGg07AeltaI0MV5uk1Omp8xaN0JGLY6gkRpU= k8s.io/apimachinery v0.20.6/go.mod h1:ejZXtW1Ra6V1O5H8xPBGz+T3+4gfkTCeExAHKU57MAc= +k8s.io/apimachinery v0.22.1/go.mod h1:O3oNtNadZdeOMxHFVxOreoznohCpy0z6mocxbZr7oJ0= k8s.io/apimachinery v0.22.4/go.mod h1:yU6oA6Gnax9RrxGzVvPFFJ+mpnW6PBSqp0sx0I0HHW0= +k8s.io/apimachinery v0.22.5/go.mod h1:xziclGKwuuJ2RM5/rSFQSYAj0zdbci3DH8kj+WvyN0U= k8s.io/apimachinery v0.23.1/go.mod h1:SADt2Kl8/sttJ62RRsi9MIV4o8f5S3coArm0Iu3fBno= k8s.io/apimachinery v0.23.4/go.mod h1:BEuFMMBaIbcOqVIJqNZJXGFTP4W6AycEpb5+m/97hrM= k8s.io/apimachinery v0.25.3 h1:7o9ium4uyUOM76t6aunP0nZuex7gDf8VGwkR5RcJnQc= @@ -2312,27 +2820,40 @@ k8s.io/apiserver v0.20.1/go.mod h1:ro5QHeQkgMS7ZGpvf4tSMx6bBOgPfE+f52KwvXfScaU= k8s.io/apiserver v0.20.4/go.mod h1:Mc80thBKOyy7tbvFtB4kJv1kbdD0eIH8k8vianJcbFM= k8s.io/apiserver v0.20.6/go.mod h1:QIJXNt6i6JB+0YQRNcS0hdRHJlMhflFmsBDeSgT1r8Q= k8s.io/apiserver v0.22.4/go.mod h1:38WmcUZiiy41A7Aty8/VorWRa8vDGqoUzDf2XYlku0E= +k8s.io/apiserver v0.22.5/go.mod h1:s2WbtgZAkTKt679sYtSudEQrTGWUSQAPe6MupLnlmaQ= +k8s.io/apiserver v0.25.0 h1:8kl2ifbNffD440MyvHtPaIz1mw4mGKVgWqM0nL+oyu4= +k8s.io/apiserver v0.25.0/go.mod h1:BKwsE+PTC+aZK+6OJQDPr0v6uS91/HWxX7evElAH6xo= k8s.io/cli-runtime v0.22.4/go.mod h1:x35r0ERHXr/MrbR1C6MPJxQ3xKG6+hXi9m2xLzlMPZA= k8s.io/cli-runtime v0.23.1/go.mod h1:r9r8H/qfXo9w+69vwUL7LokKlLRKW5D6A8vUKCx+YL0= +k8s.io/cli-runtime v0.25.3 h1:Zs7P7l7db/5J+KDePOVtDlArAa9pZXaDinGWGZl0aM8= +k8s.io/cli-runtime v0.25.3/go.mod h1:InHHsjkyW5hQsILJGpGjeruiDZT/R0OkROQgD6GzxO4= k8s.io/client-go v0.20.1/go.mod h1:/zcHdt1TeWSd5HoUe6elJmHSQ6uLLgp4bIJHVEuy+/Y= k8s.io/client-go v0.20.4/go.mod h1:LiMv25ND1gLUdBeYxBIwKpkSC5IsozMMmOOeSJboP+k= k8s.io/client-go v0.20.6/go.mod h1:nNQMnOvEUEsOzRRFIIkdmYOjAZrC8bgq0ExboWSU1I0= k8s.io/client-go v0.22.4/go.mod h1:Yzw4e5e7h1LNHA4uqnMVrpEpUs1hJOiuBsJKIlRCHDA= +k8s.io/client-go v0.22.5/go.mod h1:cs6yf/61q2T1SdQL5Rdcjg9J1ElXSwbjSrW2vFImM4Y= k8s.io/client-go v0.23.1/go.mod h1:6QSI8fEuqD4zgFK0xbdwfB/PthBsIxCJMa3s17WlcO0= k8s.io/client-go v0.23.4/go.mod h1:PKnIL4pqLuvYUK1WU7RLTMYKPiIh7MYShLshtRY9cj0= k8s.io/client-go v0.25.3 h1:oB4Dyl8d6UbfDHD8Bv8evKylzs3BXzzufLiO27xuPs0= k8s.io/client-go v0.25.3/go.mod h1:t39LPczAIMwycjcXkVc+CB+PZV69jQuNx4um5ORDjQA= +k8s.io/code-generator v0.19.7/go.mod h1:lwEq3YnLYb/7uVXLorOJfxg+cUu2oihFhHZ0n9NIla0= k8s.io/code-generator v0.22.4/go.mod h1:qjYl54pQ/emhkT0UxbufbREYJMWsHNNV/jSVwhYZQGw= k8s.io/component-base v0.20.1/go.mod h1:guxkoJnNoh8LNrbtiQOlyp2Y2XFCZQmrcg2n/DeYNLk= k8s.io/component-base v0.20.4/go.mod h1:t4p9EdiagbVCJKrQ1RsA5/V4rFQNDfRlevJajlGwgjI= k8s.io/component-base v0.20.6/go.mod h1:6f1MPBAeI+mvuts3sIdtpjljHWBQ2cIy38oBIWMYnrM= k8s.io/component-base v0.22.4/go.mod h1:MrSaQy4a3tFVViff8TZL6JHYSewNCLshZCwHYM58v5A= +k8s.io/component-base v0.22.5/go.mod h1:VK3I+TjuF9eaa+Ln67dKxhGar5ynVbwnGrUiNF4MqCI= +k8s.io/component-base v0.25.3 h1:UrsxciGdrCY03ULT1h/S/gXFCOPnLhUVwSyx+hM/zq4= +k8s.io/component-base v0.25.3/go.mod h1:WYoS8L+IlTZgU7rhAl5Ctpw0WdMxDfCC5dkxcEFa/TI= k8s.io/component-helpers v0.22.4/go.mod h1:A50qTyczDFbhZDifIfS2zFrHuPk9UNOWPpvNZ+3RSIs= k8s.io/cri-api v0.17.3/go.mod h1:X1sbHmuXhwaHs9xxYffLqJogVsnI+f6cPRcgPel7ywM= k8s.io/cri-api v0.20.1/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.4/go.mod h1:2JRbKt+BFLTjtrILYVqQK5jqhI+XNdF6UiGMgczeBCI= k8s.io/cri-api v0.20.6/go.mod h1:ew44AjNXwyn1s0U4xCKGodU7J1HzBeZ1MpGrpa5r8Yc= +k8s.io/cri-api v0.23.1/go.mod h1:REJE3PSU0h/LOV1APBrupxrEJqnoxZC8KWzkBUHwrK4= k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20201113003025-83324d819ded/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20201214224949-b6c5ce23f027/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= @@ -2342,6 +2863,7 @@ k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec= k8s.io/klog/v2 v2.30.0/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ= k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd/go.mod h1:WOJ3KddDSol4tAGcJo0Tvi+dK12EcqSLqcWsryKMpfM= k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20211109043538-20434351676c/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= @@ -2349,6 +2871,8 @@ k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65/go.mod h1:sX9MT8g7NVZM5lV k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA= k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= k8s.io/kubectl v0.22.4/go.mod h1:ok2qRT6y2Gy4+y+mniJVyUMKeBHP4OWS9Rdtf/QTM5I= +k8s.io/kubectl v0.25.3 h1:HnWJziEtmsm4JaJiKT33kG0kadx68MXxUE8UEbXnN4U= +k8s.io/kubectl v0.25.3/go.mod h1:glU7PiVj/R6Ud4A9FJdTcJjyzOtCJyc0eO7Mrbh3jlI= k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= k8s.io/metrics v0.22.4/go.mod h1:6F/iwuYb1w2QDCoHkeMFLf4pwHBcYKLm4mPtVHKYrIw= k8s.io/utils v0.0.0-20201110183641-67b214c5f920/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= @@ -2358,9 +2882,43 @@ k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4= k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= -oras.land/oras-go v0.4.0/go.mod h1:VJcU+VE4rkclUbum5C0O7deEZbBYnsnpbGSACwTjOcg= -oras.land/oras-go v1.2.0 h1:yoKosVIbsPoFMqAIFHTnrmOuafHal+J/r+I5bdbVWu4= -oras.land/oras-go v1.2.0/go.mod h1:pFNs7oHp2dYsYMSS82HaX5l4mpnGO7hbpPN6EWH2ltc= +lukechampine.com/uint128 v1.1.1 h1:pnxCASz787iMf+02ssImqk6OLt+Z5QHMoZyUXR4z6JU= +lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= +modernc.org/cc/v3 v3.36.0 h1:0kmRkTmqNidmu3c7BNDSdVHCxXCkWLmWmCIVX4LUboo= +modernc.org/cc/v3 v3.36.0/go.mod h1:NFUHyPn4ekoC/JHeZFfZurN6ixxawE1BnVonP/oahEI= +modernc.org/ccgo/v3 v3.0.0-20220428102840-41399a37e894/go.mod h1:eI31LL8EwEBKPpNpA4bU1/i+sKOwOrQy8D87zWUcRZc= +modernc.org/ccgo/v3 v3.0.0-20220430103911-bc99d88307be/go.mod h1:bwdAnOoaIt8Ax9YdWGjxWsdkPcZyRPHqrOvJxaKAKGw= +modernc.org/ccgo/v3 v3.16.4/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccgo/v3 v3.16.6 h1:3l18poV+iUemQ98O3X5OMr97LOqlzis+ytivU4NqGhA= +modernc.org/ccgo/v3 v3.16.6/go.mod h1:tGtX0gE9Jn7hdZFeU88slbTh1UtCYKusWOoCJuvkWsQ= +modernc.org/ccorpus v1.11.6 h1:J16RXiiqiCgua6+ZvQot4yUuUy8zxgqbqEEUuGPlISk= +modernc.org/ccorpus v1.11.6/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ= +modernc.org/httpfs v1.0.6 h1:AAgIpFZRXuYnkjftxTAZwMIiwEqAfk8aVB2/oA6nAeM= +modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM= +modernc.org/libc v0.0.0-20220428101251-2d5f3daf273b/go.mod h1:p7Mg4+koNjc8jkqwcoFBJx7tXkpj00G77X7A72jXPXA= +modernc.org/libc v1.16.0/go.mod h1:N4LD6DBE9cf+Dzf9buBlzVJndKr/iJHG97vGLHYnb5A= +modernc.org/libc v1.16.1/go.mod h1:JjJE0eu4yeK7tab2n4S1w8tlWd9MxXLRzheaRnAKymU= +modernc.org/libc v1.16.7 h1:qzQtHhsZNpVPpeCu+aMIQldXeV1P0vRhSqCL0nOIJOA= +modernc.org/libc v1.16.7/go.mod h1:hYIV5VZczAmGZAnG15Vdngn5HSF5cSkbvfz2B7GRuVU= +modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/mathutil v1.4.1 h1:ij3fYGe8zBF4Vu+g0oT7mB06r8sqGWKuJu1yXeR4by8= +modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E= +modernc.org/memory v1.1.1 h1:bDOL0DIDLQv7bWhP3gMvIrnoFw+Eo6F7a2QK9HPDiFU= +modernc.org/memory v1.1.1/go.mod h1:/0wo5ibyrQiaoUoH7f9D8dnglAmILJ5/cxZlRECf+Nw= +modernc.org/opt v0.1.1 h1:/0RX92k9vwVeDXj+Xn23DKp2VJubL7k8qNffND6qn3A= +modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= +modernc.org/sqlite v1.17.3 h1:iE+coC5g17LtByDYDWKpR6m2Z9022YrSh3bumwOnIrI= +modernc.org/sqlite v1.17.3/go.mod h1:10hPVYar9C0kfXuTWGz8s0XtB8uAGymUy51ZzStYe3k= +modernc.org/strutil v1.1.1 h1:xv+J1BXY3Opl2ALrBwyfEikFAj8pmqcpnfmuwUwcozs= +modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw= +modernc.org/tcl v1.13.1 h1:npxzTwFTZYM8ghWicVIX1cRWzj7Nd8i6AqqX2p+IYao= +modernc.org/tcl v1.13.1/go.mod h1:XOLfOwzhkljL4itZkK6T72ckMgvj0BDsnKNdZVUOecw= +modernc.org/token v1.0.0 h1:a0jaWiNMDhDUtqOj09wvjWWAqd3q7WpBulmL9H2egsk= +modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= +modernc.org/z v1.5.1 h1:RTNHdsrOpeoSeOF4FbzTo8gBYByaJ5xT7NgZ9ZqRiJM= +modernc.org/z v1.5.1/go.mod h1:eWFB510QWW5Th9YGZT81s+LwvaAs3Q2yr4sP0rmLkv8= +oras.land/oras-go v1.1.1 h1:gI00ftziRivKXaw1BdMeEoIA4uBgga33iVlOsEwefFs= +oras.land/oras-go v1.1.1/go.mod h1:n2TE1ummt9MUyprGhT+Q7kGZUF4kVUpYysPFxeV2IpQ= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/letsencrypt v0.0.3/go.mod h1:buyQKZ6IXrRnB7TdkHP0RyEybLx18HHyOSoTyoOLqNY= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= @@ -2373,10 +2931,15 @@ sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.8.11/go.mod h1:a77Ls36JdfCWojpUqR6m60pdGY1AYFix4AH83nJtY1g= sigs.k8s.io/kustomize/api v0.10.1/go.mod h1:2FigT1QN6xKdcnGS2Ppp1uIWrtWN28Ms8A3OZUZhwr8= +sigs.k8s.io/kustomize/api v0.12.1 h1:7YM7gW3kYBwtKvoY216ZzY+8hM+lV53LUayghNRJ0vM= +sigs.k8s.io/kustomize/api v0.12.1/go.mod h1:y3JUhimkZkR6sbLNwfJHxvo1TCLwuwm14sCYnkH6S1s= sigs.k8s.io/kustomize/cmd/config v0.9.13/go.mod h1:7547FLF8W/lTaDf0BDqFTbZxM9zqwEJqCKN9sSR0xSs= sigs.k8s.io/kustomize/kustomize/v4 v4.2.0/go.mod h1:MOkR6fmhwG7hEDRXBYELTi5GSFcLwfqwzTRHW3kv5go= sigs.k8s.io/kustomize/kyaml v0.11.0/go.mod h1:GNMwjim4Ypgp/MueD3zXHLRJEjz7RvtPae0AwlvEMFM= sigs.k8s.io/kustomize/kyaml v0.13.0/go.mod h1:FTJxEZ86ScK184NpGSAQcfEqee0nul8oLCK30D47m4E= +sigs.k8s.io/kustomize/kyaml v0.13.9 h1:Qz53EAaFFANyNgyOEJbT/yoIHygK40/ZcvU3rgry2Tk= +sigs.k8s.io/kustomize/kyaml v0.13.9/go.mod h1:QsRbD0/KcU+wdk0/L0fIp2KLnohkVzs6fQ85/nOXac4= +sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.0.3/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/structured-merge-diff/v4 v4.1.2/go.mod h1:j/nl6xW8vLS49O8YvXW1ocPhZawJtm+Yrr7PPRQ0Vg4= diff --git a/resources/providers/awslib/ec2/mock_client.go b/resources/providers/awslib/ec2/mock_client.go index 993db6b65a..936a40de44 100644 --- a/resources/providers/awslib/ec2/mock_client.go +++ b/resources/providers/awslib/ec2/mock_client.go @@ -39,6 +39,68 @@ func (_m *MockClient) EXPECT() *MockClient_Expecter { return &MockClient_Expecter{mock: &_m.Mock} } +// CreateSnapshots provides a mock function with given fields: ctx, params, optFns +func (_m *MockClient) CreateSnapshots(ctx context.Context, params *serviceec2.CreateSnapshotsInput, optFns ...func(*serviceec2.Options)) (*serviceec2.CreateSnapshotsOutput, error) { + _va := make([]interface{}, len(optFns)) + for _i := range optFns { + _va[_i] = optFns[_i] + } + var _ca []interface{} + _ca = append(_ca, ctx, params) + _ca = append(_ca, _va...) + ret := _m.Called(_ca...) + + var r0 *serviceec2.CreateSnapshotsOutput + if rf, ok := ret.Get(0).(func(context.Context, *serviceec2.CreateSnapshotsInput, ...func(*serviceec2.Options)) *serviceec2.CreateSnapshotsOutput); ok { + r0 = rf(ctx, params, optFns...) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*serviceec2.CreateSnapshotsOutput) + } + } + + var r1 error + if rf, ok := ret.Get(1).(func(context.Context, *serviceec2.CreateSnapshotsInput, ...func(*serviceec2.Options)) error); ok { + r1 = rf(ctx, params, optFns...) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockClient_CreateSnapshots_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'CreateSnapshots' +type MockClient_CreateSnapshots_Call struct { + *mock.Call +} + +// CreateSnapshots is a helper method to define mock.On call +// - ctx context.Context +// - params *serviceec2.CreateSnapshotsInput +// - optFns ...func(*serviceec2.Options) +func (_e *MockClient_Expecter) CreateSnapshots(ctx interface{}, params interface{}, optFns ...interface{}) *MockClient_CreateSnapshots_Call { + return &MockClient_CreateSnapshots_Call{Call: _e.mock.On("CreateSnapshots", + append([]interface{}{ctx, params}, optFns...)...)} +} + +func (_c *MockClient_CreateSnapshots_Call) Run(run func(ctx context.Context, params *serviceec2.CreateSnapshotsInput, optFns ...func(*serviceec2.Options))) *MockClient_CreateSnapshots_Call { + _c.Call.Run(func(args mock.Arguments) { + variadicArgs := make([]func(*serviceec2.Options), len(args)-2) + for i, a := range args[2:] { + if a != nil { + variadicArgs[i] = a.(func(*serviceec2.Options)) + } + } + run(args[0].(context.Context), args[1].(*serviceec2.CreateSnapshotsInput), variadicArgs...) + }) + return _c +} + +func (_c *MockClient_CreateSnapshots_Call) Return(_a0 *serviceec2.CreateSnapshotsOutput, _a1 error) *MockClient_CreateSnapshots_Call { + _c.Call.Return(_a0, _a1) + return _c +} + // DescribeFlowLogs provides a mock function with given fields: ctx, params, optFns func (_m *MockClient) DescribeFlowLogs(ctx context.Context, params *serviceec2.DescribeFlowLogsInput, optFns ...func(*serviceec2.Options)) (*serviceec2.DescribeFlowLogsOutput, error) { _va := make([]interface{}, len(optFns)) @@ -101,6 +163,68 @@ func (_c *MockClient_DescribeFlowLogs_Call) Return(_a0 *serviceec2.DescribeFlowL return _c } +// DescribeInstances provides a mock function with given fields: ctx, params, optFns +func (_m *MockClient) DescribeInstances(ctx context.Context, params *serviceec2.DescribeInstancesInput, optFns ...func(*serviceec2.Options)) (*serviceec2.DescribeInstancesOutput, error) { + _va := make([]interface{}, len(optFns)) + for _i := range optFns { + _va[_i] = optFns[_i] + } + var _ca []interface{} + _ca = append(_ca, ctx, params) + _ca = append(_ca, _va...) + ret := _m.Called(_ca...) + + var r0 *serviceec2.DescribeInstancesOutput + if rf, ok := ret.Get(0).(func(context.Context, *serviceec2.DescribeInstancesInput, ...func(*serviceec2.Options)) *serviceec2.DescribeInstancesOutput); ok { + r0 = rf(ctx, params, optFns...) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*serviceec2.DescribeInstancesOutput) + } + } + + var r1 error + if rf, ok := ret.Get(1).(func(context.Context, *serviceec2.DescribeInstancesInput, ...func(*serviceec2.Options)) error); ok { + r1 = rf(ctx, params, optFns...) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockClient_DescribeInstances_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'DescribeInstances' +type MockClient_DescribeInstances_Call struct { + *mock.Call +} + +// DescribeInstances is a helper method to define mock.On call +// - ctx context.Context +// - params *serviceec2.DescribeInstancesInput +// - optFns ...func(*serviceec2.Options) +func (_e *MockClient_Expecter) DescribeInstances(ctx interface{}, params interface{}, optFns ...interface{}) *MockClient_DescribeInstances_Call { + return &MockClient_DescribeInstances_Call{Call: _e.mock.On("DescribeInstances", + append([]interface{}{ctx, params}, optFns...)...)} +} + +func (_c *MockClient_DescribeInstances_Call) Run(run func(ctx context.Context, params *serviceec2.DescribeInstancesInput, optFns ...func(*serviceec2.Options))) *MockClient_DescribeInstances_Call { + _c.Call.Run(func(args mock.Arguments) { + variadicArgs := make([]func(*serviceec2.Options), len(args)-2) + for i, a := range args[2:] { + if a != nil { + variadicArgs[i] = a.(func(*serviceec2.Options)) + } + } + run(args[0].(context.Context), args[1].(*serviceec2.DescribeInstancesInput), variadicArgs...) + }) + return _c +} + +func (_c *MockClient_DescribeInstances_Call) Return(_a0 *serviceec2.DescribeInstancesOutput, _a1 error) *MockClient_DescribeInstances_Call { + _c.Call.Return(_a0, _a1) + return _c +} + // DescribeNetworkAcls provides a mock function with given fields: ctx, params, optFns func (_m *MockClient) DescribeNetworkAcls(ctx context.Context, params *serviceec2.DescribeNetworkAclsInput, optFns ...func(*serviceec2.Options)) (*serviceec2.DescribeNetworkAclsOutput, error) { _va := make([]interface{}, len(optFns)) @@ -225,6 +349,68 @@ func (_c *MockClient_DescribeSecurityGroups_Call) Return(_a0 *serviceec2.Describ return _c } +// DescribeSnapshots provides a mock function with given fields: ctx, params, optFns +func (_m *MockClient) DescribeSnapshots(ctx context.Context, params *serviceec2.DescribeSnapshotsInput, optFns ...func(*serviceec2.Options)) (*serviceec2.DescribeSnapshotsOutput, error) { + _va := make([]interface{}, len(optFns)) + for _i := range optFns { + _va[_i] = optFns[_i] + } + var _ca []interface{} + _ca = append(_ca, ctx, params) + _ca = append(_ca, _va...) + ret := _m.Called(_ca...) + + var r0 *serviceec2.DescribeSnapshotsOutput + if rf, ok := ret.Get(0).(func(context.Context, *serviceec2.DescribeSnapshotsInput, ...func(*serviceec2.Options)) *serviceec2.DescribeSnapshotsOutput); ok { + r0 = rf(ctx, params, optFns...) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*serviceec2.DescribeSnapshotsOutput) + } + } + + var r1 error + if rf, ok := ret.Get(1).(func(context.Context, *serviceec2.DescribeSnapshotsInput, ...func(*serviceec2.Options)) error); ok { + r1 = rf(ctx, params, optFns...) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockClient_DescribeSnapshots_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'DescribeSnapshots' +type MockClient_DescribeSnapshots_Call struct { + *mock.Call +} + +// DescribeSnapshots is a helper method to define mock.On call +// - ctx context.Context +// - params *serviceec2.DescribeSnapshotsInput +// - optFns ...func(*serviceec2.Options) +func (_e *MockClient_Expecter) DescribeSnapshots(ctx interface{}, params interface{}, optFns ...interface{}) *MockClient_DescribeSnapshots_Call { + return &MockClient_DescribeSnapshots_Call{Call: _e.mock.On("DescribeSnapshots", + append([]interface{}{ctx, params}, optFns...)...)} +} + +func (_c *MockClient_DescribeSnapshots_Call) Run(run func(ctx context.Context, params *serviceec2.DescribeSnapshotsInput, optFns ...func(*serviceec2.Options))) *MockClient_DescribeSnapshots_Call { + _c.Call.Run(func(args mock.Arguments) { + variadicArgs := make([]func(*serviceec2.Options), len(args)-2) + for i, a := range args[2:] { + if a != nil { + variadicArgs[i] = a.(func(*serviceec2.Options)) + } + } + run(args[0].(context.Context), args[1].(*serviceec2.DescribeSnapshotsInput), variadicArgs...) + }) + return _c +} + +func (_c *MockClient_DescribeSnapshots_Call) Return(_a0 *serviceec2.DescribeSnapshotsOutput, _a1 error) *MockClient_DescribeSnapshots_Call { + _c.Call.Return(_a0, _a1) + return _c +} + // DescribeVpcs provides a mock function with given fields: ctx, params, optFns func (_m *MockClient) DescribeVpcs(ctx context.Context, params *serviceec2.DescribeVpcsInput, optFns ...func(*serviceec2.Options)) (*serviceec2.DescribeVpcsOutput, error) { _va := make([]interface{}, len(optFns)) diff --git a/resources/providers/awslib/ec2/provider.go b/resources/providers/awslib/ec2/provider.go index a223acf978..130f918c3c 100644 --- a/resources/providers/awslib/ec2/provider.go +++ b/resources/providers/awslib/ec2/provider.go @@ -41,6 +41,9 @@ type Client interface { DescribeVpcs(ctx context.Context, params *ec2.DescribeVpcsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeVpcsOutput, error) DescribeFlowLogs(ctx context.Context, params *ec2.DescribeFlowLogsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeFlowLogsOutput, error) GetEbsEncryptionByDefault(ctx context.Context, params *ec2.GetEbsEncryptionByDefaultInput, optFns ...func(*ec2.Options)) (*ec2.GetEbsEncryptionByDefaultOutput, error) + DescribeInstances(ctx context.Context, params *ec2.DescribeInstancesInput, optFns ...func(*ec2.Options)) (*ec2.DescribeInstancesOutput, error) + CreateSnapshots(ctx context.Context, params *ec2.CreateSnapshotsInput, optFns ...func(*ec2.Options)) (*ec2.CreateSnapshotsOutput, error) + DescribeSnapshots(ctx context.Context, params *ec2.DescribeSnapshotsInput, optFns ...func(*ec2.Options)) (*ec2.DescribeSnapshotsOutput, error) } func (p *Provider) DescribeNetworkAcl(ctx context.Context) ([]awslib.AwsResource, error) { @@ -151,3 +154,58 @@ func (p *Provider) GetEbsEncryptionByDefault(ctx context.Context) ([]awslib.AwsR }, nil }) } + +func (p *Provider) DescribeInstances(ctx context.Context) ([]types.Instance, error) { + ins, err := awslib.MultiRegionFetch(ctx, p.clients, func(ctx context.Context, region string, c Client) ([]types.Instance, error) { + input := &ec2.DescribeInstancesInput{} + allInstances := []types.Instance{} + for { + output, err := c.DescribeInstances(ctx, input) + if err != nil { + return nil, err + } + for _, reservation := range output.Reservations { + allInstances = append(allInstances, reservation.Instances...) + } + if output.NextToken == nil { + break + } + input.NextToken = output.NextToken + } + return allInstances, nil + }) + return lo.Flatten(ins), err +} + +func (p *Provider) CreateSnapshots(ctx context.Context, ins types.Instance) ([]types.SnapshotInfo, error) { + snaps, err := awslib.MultiRegionFetch(ctx, p.clients, func(ctx context.Context, region string, c Client) ([]types.SnapshotInfo, error) { + input := &ec2.CreateSnapshotsInput{ + InstanceSpecification: &types.InstanceSpecification{ + InstanceId: ins.InstanceId, + }, + Description: aws.String("Cloudbeat Vulnerability Snapshot."), + } + result, err := c.CreateSnapshots(ctx, input) + if err != nil { + return nil, err + } + return result.Snapshots, nil + }) + return lo.Flatten(snaps), err +} + +// TODO: Maybe we should bulk request snapshots? +// This will limit us scaling the pipeline +func (p *Provider) DescribeSnapshots(ctx context.Context, snap types.SnapshotInfo) ([]types.Snapshot, error) { + snaps, err := awslib.MultiRegionFetch(ctx, p.clients, func(ctx context.Context, region string, c Client) ([]types.Snapshot, error) { + input := &ec2.DescribeSnapshotsInput{ + SnapshotIds: []string{*snap.SnapshotId}, + } + result, err := c.DescribeSnapshots(ctx, input) + if err != nil { + return nil, err + } + return result.Snapshots, nil + }) + return lo.Flatten(snaps), err +} diff --git a/resources/providers/awslib/ec2/provider_test.go b/resources/providers/awslib/ec2/provider_test.go index 1eb49b8420..81f0726ee4 100644 --- a/resources/providers/awslib/ec2/provider_test.go +++ b/resources/providers/awslib/ec2/provider_test.go @@ -21,6 +21,7 @@ import ( "context" "errors" "fmt" + "reflect" "testing" "github.com/aws/aws-sdk-go-v2/aws" @@ -266,3 +267,116 @@ func TestProvider_GetEbsEncryptionByDefault(t *testing.T) { }) } } + +func TestProvider_DescribeInstances(t *testing.T) { + type fields struct { + log *logp.Logger + clients map[string]Client + awsAccountID string + } + type args struct { + ctx context.Context + } + tests := []struct { + name string + fields fields + args args + want []types.Instance + wantErr bool + }{ + // TODO: Add test cases. + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + p := &Provider{ + log: tt.fields.log, + clients: tt.fields.clients, + awsAccountID: tt.fields.awsAccountID, + } + got, err := p.DescribeInstances(tt.args.ctx) + if (err != nil) != tt.wantErr { + t.Errorf("Provider.DescribeInstances() error = %v, wantErr %v", err, tt.wantErr) + return + } + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("Provider.DescribeInstances() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestProvider_CreateSnapshots(t *testing.T) { + type fields struct { + log *logp.Logger + clients map[string]Client + awsAccountID string + } + type args struct { + ctx context.Context + ins types.Instance + } + tests := []struct { + name string + fields fields + args args + want []types.SnapshotInfo + wantErr bool + }{ + // TODO: Add test cases. + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + p := &Provider{ + log: tt.fields.log, + clients: tt.fields.clients, + awsAccountID: tt.fields.awsAccountID, + } + got, err := p.CreateSnapshots(tt.args.ctx, tt.args.ins) + if (err != nil) != tt.wantErr { + t.Errorf("Provider.CreateSnapshots() error = %v, wantErr %v", err, tt.wantErr) + return + } + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("Provider.CreateSnapshots() = %v, want %v", got, tt.want) + } + }) + } +} + +func TestProvider_DescribeSnapshots(t *testing.T) { + type fields struct { + log *logp.Logger + clients map[string]Client + awsAccountID string + } + type args struct { + ctx context.Context + snap types.SnapshotInfo + } + tests := []struct { + name string + fields fields + args args + want []types.Snapshot + wantErr bool + }{ + // TODO: Add test cases. + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + p := &Provider{ + log: tt.fields.log, + clients: tt.fields.clients, + awsAccountID: tt.fields.awsAccountID, + } + got, err := p.DescribeSnapshots(tt.args.ctx, tt.args.snap) + if (err != nil) != tt.wantErr { + t.Errorf("Provider.DescribeSnapshots() error = %v, wantErr %v", err, tt.wantErr) + return + } + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("Provider.DescribeSnapshots() = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/vulnerability/fetcher.go b/vulnerability/fetcher.go new file mode 100644 index 0000000000..9ce0ca4c6b --- /dev/null +++ b/vulnerability/fetcher.go @@ -0,0 +1,68 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package vulnerability + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/service/ec2/types" + "github.com/elastic/cloudbeat/resources/providers/awslib/ec2" + "github.com/elastic/elastic-agent-libs/logp" +) + +type VulnerabilityFetcher struct { + log *logp.Logger + provider *ec2.Provider + ch chan types.Instance +} + +func NewVulnerabilityFetcher(log *logp.Logger, provider *ec2.Provider) VulnerabilityFetcher { + log.Debug("VulnerabilityFetcher: New") + ch := make(chan types.Instance) + return VulnerabilityFetcher{ + log: log, + ch: ch, + provider: provider, + } +} + +func (f VulnerabilityFetcher) FetchInstances(ctx context.Context) error { + defer close(f.ch) + f.log.Info("Starting VulnerabilityFetcher.FetchInstances") + for { + select { + case <-ctx.Done(): + f.log.Info("VulnerabilityFetcher.FetchInstances context canceled") + return nil + default: + ins, err := f.provider.DescribeInstances(ctx) + if err != nil { + f.log.Errorf("VulnerabilityFetcher.FetchInstances DescribeInstances failed: %v", err) + return err + } + for _, i := range ins { + f.ch <- i + } + return nil + } + } +} + +func (f VulnerabilityFetcher) GetChan() chan types.Instance { + return f.ch +} diff --git a/vulnerability/replicator.go b/vulnerability/replicator.go new file mode 100644 index 0000000000..3377fba18d --- /dev/null +++ b/vulnerability/replicator.go @@ -0,0 +1,71 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package vulnerability + +import ( + "context" + + "github.com/aws/aws-sdk-go-v2/service/ec2/types" + "github.com/elastic/cloudbeat/resources/providers/awslib/ec2" + "github.com/elastic/elastic-agent-libs/logp" +) + +type VulnerabilityReplicator struct { + log *logp.Logger + provider *ec2.Provider + ch chan types.SnapshotInfo +} + +func NewVulnerabilityReplicator(log *logp.Logger, provider *ec2.Provider) VulnerabilityReplicator { + log.Debug("VulnerabilityReplicator: New") + ch := make(chan types.SnapshotInfo) + return VulnerabilityReplicator{ + log: log, + ch: ch, + provider: provider, + } +} + +func (f VulnerabilityReplicator) SnapshotInstance(ctx context.Context, insCh chan types.Instance) { + f.log.Info("Starting VulnerabilityReplicator.SnapshotInstance") + defer close(f.ch) + for { + select { + case <-ctx.Done(): + f.log.Info("VulnerabilityReplicator.SnapshotInstance context canceled") + return + case data, ok := <-insCh: + if !ok { + f.log.Info("VulnerabilityReplicator.SnapshotInstance channel is closed") + return + } + sp, err := f.provider.CreateSnapshots(ctx, data) + if err != nil { + f.log.Errorf("VulnerabilityReplicator.SnapshotInstance.CreateSnapshots failed: %v", err) + continue + } + for _, s := range sp { + f.ch <- s + } + } + } +} + +func (f VulnerabilityReplicator) GetChan() chan types.SnapshotInfo { + return f.ch +} diff --git a/vulnerability/runner.go b/vulnerability/runner.go new file mode 100644 index 0000000000..ac0b78720f --- /dev/null +++ b/vulnerability/runner.go @@ -0,0 +1,102 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package vulnerability + +import ( + "context" + "time" + + "github.com/elastic/elastic-agent-libs/logp" + + "github.com/aquasecurity/trivy/pkg/commands/artifact" + "github.com/aquasecurity/trivy/pkg/flag" +) + +type VulnerabilityRunner struct { + log *logp.Logger + runner artifact.Runner +} + +// TODO: Due to boltDB lock, I've moved this to a global variable as single runner +// initial commit created a new runner every iteration in the evaluator constructor +func NewVulnerabilityRunner(log *logp.Logger) (VulnerabilityRunner, error) { + log.Debug("NewVulnerabilityRunner: New") + // TODO: POC REMOVE and pick only what needed + opts := flag.Options{ + GlobalOptions: flag.GlobalOptions{ + // TODO: Make configurable + Timeout: 1 * time.Hour, + Quiet: false, + Debug: true, + // CacheDir: "/tmp/trivy", + // CacheDir: "/home/ubuntu/.cache/trivy", + }, + VulnerabilityOptions: flag.VulnerabilityOptions{ + VulnType: []string{"os", "library"}, + IgnoreUnfixed: false, + }, + ScanOptions: flag.ScanOptions{ + // Target: fmt.Sprint("ebs:", *snap.SnapshotId), + // Target: "ebs:snap-07a4a228a916368c5", + // Target: "file:snap-07a4a228a916368c5", + SecurityChecks: []string{"vuln"}, + RekorURL: "https://rekor.sigstore.dev", + }, + DBOptions: flag.DBOptions{ + // DownloadDBOnly: true, + // SkipDBUpdate: true, + DBRepository: "ghcr.io/aquasecurity/trivy-db", + }, + // CacheOptions: flag.CacheOptions{ + // CacheBackend: "fs", + // ClearCache: false, + // CacheTTL: 0, + // }, + // CloudOptions: flag.CloudOptions{ + // MaxCacheAge: 0, + // UpdateCache: false, + // }, + // ReportOptions: flag.ReportOptions{ + // Output: o, + // Format: "json", + // Severities: []db_types.Severity{0, 1, 2, 3, 4}, + // }, + } + + // config_str := "{\"ConfigFile\":\"trivy.yaml\",\"ShowVersion\":false,\"Quiet\":false,\"Debug\":false,\"Insecure\":false,\"Timeout\":1800000000000,\"CacheDir\":\"/home/ubuntu/.cache/trivy\",\"GenerateDefaultConfig\":false,\"Region\":\"\",\"Endpoint\":\"\",\"Services\":null,\"Account\":\"\",\"ARN\":\"\",\"ClearCache\":false,\"CacheBackend\":\"fs\",\"CacheTTL\":0,\"RedisCACert\":\"\",\"RedisCert\":\"\",\"RedisKey\":\"\",\"MaxCacheAge\":0,\"UpdateCache\":false,\"Reset\":false,\"DownloadDBOnly\":false,\"SkipDBUpdate\":false,\"NoProgress\":false,\"DBRepository\":\"ghcr.io/aquasecurity/trivy-db\",\"Light\":false,\"Input\":\"\",\"ScanRemovedPkgs\":false,\"Platform\":\"\",\"ClusterContext\":\"\",\"Namespace\":\"\",\"KubeConfig\":\"\",\"Components\":null,\"LicenseFull\":false,\"IgnoredLicenses\":null,\"LicenseRiskThreshold\":0,\"LicenseCategories\":{\"forbidden\":[\"AGPL-1.0\",\"AGPL-3.0\",\"CC-BY-NC-1.0\",\"CC-BY-NC-2.0\",\"CC-BY-NC-2.5\",\"CC-BY-NC-3.0\",\"CC-BY-NC-4.0\",\"CC-BY-NC-ND-1.0\",\"CC-BY-NC-ND-2.0\",\"CC-BY-NC-ND-2.5\",\"CC-BY-NC-ND-3.0\",\"CC-BY-NC-ND-4.0\",\"CC-BY-NC-SA-1.0\",\"CC-BY-NC-SA-2.0\",\"CC-BY-NC-SA-2.5\",\"CC-BY-NC-SA-3.0\",\"CC-BY-NC-SA-4.0\",\"Commons-Clause\",\"Facebook-2-Clause\",\"Facebook-3-Clause\",\"Facebook-Examples\",\"WTFPL\"],\"notice\":[\"AFL-1.1\",\"AFL-1.2\",\"AFL-2.0\",\"AFL-2.1\",\"AFL-3.0\",\"Apache-1.0\",\"Apache-1.1\",\"Apache-2.0\",\"Artistic-1.0-cl8\",\"Artistic-1.0-Perl\",\"Artistic-1.0\",\"Artistic-2.0\",\"BSL-1.0\",\"BSD-2-Clause-FreeBSD\",\"BSD-2-Clause-NetBSD\",\"BSD-2-Clause\",\"BSD-3-Clause-Attribution\",\"BSD-3-Clause-Clear\",\"BSD-3-Clause-LBNL\",\"BSD-3-Clause\",\"BSD-4-Clause\",\"BSD-4-Clause-UC\",\"BSD-Protection\",\"CC-BY-1.0\",\"CC-BY-2.0\",\"CC-BY-2.5\",\"CC-BY-3.0\",\"CC-BY-4.0\",\"FTL\",\"ISC\",\"ImageMagick\",\"Libpng\",\"Lil-1.0\",\"Linux-OpenIB\",\"LPL-1.02\",\"LPL-1.0\",\"MS-PL\",\"MIT\",\"NCSA\",\"OpenSSL\",\"PHP-3.01\",\"PHP-3.0\",\"PIL\",\"Python-2.0\",\"Python-2.0-complete\",\"PostgreSQL\",\"SGI-B-1.0\",\"SGI-B-1.1\",\"SGI-B-2.0\",\"Unicode-DFS-2015\",\"Unicode-DFS-2016\",\"Unicode-TOU\",\"UPL-1.0\",\"W3C-19980720\",\"W3C-20150513\",\"W3C\",\"X11\",\"Xnet\",\"Zend-2.0\",\"zlib-acknowledgement\",\"Zlib\",\"ZPL-1.1\",\"ZPL-2.0\",\"ZPL-2.1\"],\"permissive\":null,\"reciprocal\":[\"APSL-1.0\",\"APSL-1.1\",\"APSL-1.2\",\"APSL-2.0\",\"CDDL-1.0\",\"CDDL-1.1\",\"CPL-1.0\",\"EPL-1.0\",\"EPL-2.0\",\"FreeImage\",\"IPL-1.0\",\"MPL-1.0\",\"MPL-1.1\",\"MPL-2.0\",\"Ruby\"],\"restricted\":[\"BCL\",\"CC-BY-ND-1.0\",\"CC-BY-ND-2.0\",\"CC-BY-ND-2.5\",\"CC-BY-ND-3.0\",\"CC-BY-ND-4.0\",\"CC-BY-SA-1.0\",\"CC-BY-SA-2.0\",\"CC-BY-SA-2.5\",\"CC-BY-SA-3.0\",\"CC-BY-SA-4.0\",\"GPL-1.0\",\"GPL-2.0\",\"GPL-2.0-with-autoconf-exception\",\"GPL-2.0-with-bison-exception\",\"GPL-2.0-with-classpath-exception\",\"GPL-2.0-with-font-exception\",\"GPL-2.0-with-GCC-exception\",\"GPL-3.0\",\"GPL-3.0-with-autoconf-exception\",\"GPL-3.0-with-GCC-exception\",\"LGPL-2.0\",\"LGPL-2.1\",\"LGPL-3.0\",\"NPL-1.0\",\"NPL-1.1\",\"OSL-1.0\",\"OSL-1.1\",\"OSL-2.0\",\"OSL-2.1\",\"OSL-3.0\",\"QPL-1.0\",\"Sleepycat\"],\"unencumbered\":[\"CC0-1.0\",\"Unlicense\",\"0BSD\"]},\"IncludeNonFailures\":false,\"HelmValues\":null,\"HelmValueFiles\":null,\"HelmFileValues\":null,\"HelmStringValues\":null,\"TerraformTFVars\":null,\"SkipPolicyUpdate\":false,\"Trace\":false,\"PolicyPaths\":null,\"DataPaths\":null,\"PolicyNamespaces\":null,\"Token\":\"\",\"TokenHeader\":\"Trivy-Token\",\"ServerAddr\":\"\",\"Listen\":\"\",\"CustomHeaders\":{},\"RepoBranch\":\"\",\"RepoCommit\":\"\",\"RepoTag\":\"\",\"Format\":\"table\",\"ReportFormat\":\"\",\"Template\":\"\",\"DependencyTree\":false,\"ListAllPkgs\":false,\"IgnoreFile\":\".trivyignore\",\"ExitCode\":0,\"IgnorePolicy\":\"\",\"Output\":{},\"Severities\":[0,1,2,3,4],\"Compliance\":\"\",\"ArtifactType\":\"\",\"SBOMFormat\":\"\",\"Target\":\"ebs:snap-1726726362\",\"SkipDirs\":null,\"SkipFiles\":null,\"OfflineScan\":false,\"SecurityChecks\":[\"vuln\"],\"FilePatterns\":null,\"Slow\":false,\"SBOMSources\":null,\"RekorURL\":\"https://rekor.sigstore.dev\",\"SecretConfigPath\":\"trivy-secret.yaml\",\"VulnType\":[\"os\",\"library\"],\"IgnoreUnfixed\":false,\"AppVersion\":\"0.35.0-48-g62b369ee\",\"DisabledAnalyzers\":null}" + // data := flag.Options{} + // json.Unmarshal([]byte(config_str), &data) + + // res2B, _ := json.Marshal(data) + // fmt.Println("JENIA THIS OPTS: ", string(res2B)) + + runner, err := artifact.NewRunner(context.Background(), opts) + if err != nil { + log.Error("NewVulnerabilityRunner: NewRunner error: ", err) + return VulnerabilityRunner{}, err + } + + return VulnerabilityRunner{ + log: log, + runner: runner, + }, nil +} + +func (f VulnerabilityRunner) GetRunner() artifact.Runner { + return f.runner +} diff --git a/vulnerability/scanner.go b/vulnerability/scanner.go new file mode 100644 index 0000000000..dabed9c93d --- /dev/null +++ b/vulnerability/scanner.go @@ -0,0 +1,239 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package vulnerability + +import ( + "context" + "encoding/json" + "io" + "os" + "time" + + "github.com/elastic/beats/v7/libbeat/beat" + "github.com/elastic/elastic-agent-libs/logp" + "github.com/elastic/elastic-agent-libs/mapstr" + + db_types "github.com/aquasecurity/trivy-db/pkg/types" + "github.com/aquasecurity/trivy/pkg/commands/artifact" + "github.com/aquasecurity/trivy/pkg/flag" + trivy_types "github.com/aquasecurity/trivy/pkg/types" + ec2_types "github.com/aws/aws-sdk-go-v2/service/ec2/types" +) + +type VulnerabilityScanner struct { + log *logp.Logger + // TODO: Change to type that includes snapshot for deletion after evaluation + ch chan beat.Event + runner artifact.Runner +} + +// TODO: Take region from config or from snapshot +func NewVulnerabilityScanner(log *logp.Logger, runner artifact.Runner) (VulnerabilityScanner, error) { + log.Debug("VulnerabilityScanner: New") + ch := make(chan beat.Event) + + // // TODO: POC REMOVE and pick only what needed + // opts := flag.Options{ + // AWSOptions: flag.AWSOptions{ + // // TODO: Take region from config + // Region: "eu-west-1", + // }, + // GlobalOptions: flag.GlobalOptions{ + // // TODO: Make configurable + // Timeout: 1 * time.Hour, + // Quiet: false, + // Debug: true, + // // CacheDir: "/tmp/trivy", + // // CacheDir: "/home/ubuntu/.cache/trivy", + // }, + // VulnerabilityOptions: flag.VulnerabilityOptions{ + // VulnType: []string{"os", "library"}, + // IgnoreUnfixed: false, + // }, + // ScanOptions: flag.ScanOptions{ + // // Target: fmt.Sprint("ebs:", *snap.SnapshotId), + // // Target: "ebs:snap-07a4a228a916368c5", + // // Target: "file:snap-07a4a228a916368c5", + // SecurityChecks: []string{"vuln"}, + // RekorURL: "https://rekor.sigstore.dev", + // }, + // DBOptions: flag.DBOptions{ + // // DownloadDBOnly: true, + // // SkipDBUpdate: true, + // DBRepository: "ghcr.io/aquasecurity/trivy-db", + // }, + // CacheOptions: flag.CacheOptions{ + // CacheBackend: "fs", + // ClearCache: false, + // CacheTTL: 0, + // }, + // // CloudOptions: flag.CloudOptions{ + // // MaxCacheAge: 0, + // // UpdateCache: false, + // // }, + // // ReportOptions: flag.ReportOptions{ + // // Output: o, + // // Format: "json", + // // Severities: []db_types.Severity{0, 1, 2, 3, 4}, + // // }, + // } + + // config_str := "{\"ConfigFile\":\"trivy.yaml\",\"ShowVersion\":false,\"Quiet\":false,\"Debug\":false,\"Insecure\":false,\"Timeout\":1800000000000,\"CacheDir\":\"/home/ubuntu/.cache/trivy\",\"GenerateDefaultConfig\":false,\"Region\":\"\",\"Endpoint\":\"\",\"Services\":null,\"Account\":\"\",\"ARN\":\"\",\"ClearCache\":false,\"CacheBackend\":\"fs\",\"CacheTTL\":0,\"RedisCACert\":\"\",\"RedisCert\":\"\",\"RedisKey\":\"\",\"MaxCacheAge\":0,\"UpdateCache\":false,\"Reset\":false,\"DownloadDBOnly\":false,\"SkipDBUpdate\":false,\"NoProgress\":false,\"DBRepository\":\"ghcr.io/aquasecurity/trivy-db\",\"Light\":false,\"Input\":\"\",\"ScanRemovedPkgs\":false,\"Platform\":\"\",\"ClusterContext\":\"\",\"Namespace\":\"\",\"KubeConfig\":\"\",\"Components\":null,\"LicenseFull\":false,\"IgnoredLicenses\":null,\"LicenseRiskThreshold\":0,\"LicenseCategories\":{\"forbidden\":[\"AGPL-1.0\",\"AGPL-3.0\",\"CC-BY-NC-1.0\",\"CC-BY-NC-2.0\",\"CC-BY-NC-2.5\",\"CC-BY-NC-3.0\",\"CC-BY-NC-4.0\",\"CC-BY-NC-ND-1.0\",\"CC-BY-NC-ND-2.0\",\"CC-BY-NC-ND-2.5\",\"CC-BY-NC-ND-3.0\",\"CC-BY-NC-ND-4.0\",\"CC-BY-NC-SA-1.0\",\"CC-BY-NC-SA-2.0\",\"CC-BY-NC-SA-2.5\",\"CC-BY-NC-SA-3.0\",\"CC-BY-NC-SA-4.0\",\"Commons-Clause\",\"Facebook-2-Clause\",\"Facebook-3-Clause\",\"Facebook-Examples\",\"WTFPL\"],\"notice\":[\"AFL-1.1\",\"AFL-1.2\",\"AFL-2.0\",\"AFL-2.1\",\"AFL-3.0\",\"Apache-1.0\",\"Apache-1.1\",\"Apache-2.0\",\"Artistic-1.0-cl8\",\"Artistic-1.0-Perl\",\"Artistic-1.0\",\"Artistic-2.0\",\"BSL-1.0\",\"BSD-2-Clause-FreeBSD\",\"BSD-2-Clause-NetBSD\",\"BSD-2-Clause\",\"BSD-3-Clause-Attribution\",\"BSD-3-Clause-Clear\",\"BSD-3-Clause-LBNL\",\"BSD-3-Clause\",\"BSD-4-Clause\",\"BSD-4-Clause-UC\",\"BSD-Protection\",\"CC-BY-1.0\",\"CC-BY-2.0\",\"CC-BY-2.5\",\"CC-BY-3.0\",\"CC-BY-4.0\",\"FTL\",\"ISC\",\"ImageMagick\",\"Libpng\",\"Lil-1.0\",\"Linux-OpenIB\",\"LPL-1.02\",\"LPL-1.0\",\"MS-PL\",\"MIT\",\"NCSA\",\"OpenSSL\",\"PHP-3.01\",\"PHP-3.0\",\"PIL\",\"Python-2.0\",\"Python-2.0-complete\",\"PostgreSQL\",\"SGI-B-1.0\",\"SGI-B-1.1\",\"SGI-B-2.0\",\"Unicode-DFS-2015\",\"Unicode-DFS-2016\",\"Unicode-TOU\",\"UPL-1.0\",\"W3C-19980720\",\"W3C-20150513\",\"W3C\",\"X11\",\"Xnet\",\"Zend-2.0\",\"zlib-acknowledgement\",\"Zlib\",\"ZPL-1.1\",\"ZPL-2.0\",\"ZPL-2.1\"],\"permissive\":null,\"reciprocal\":[\"APSL-1.0\",\"APSL-1.1\",\"APSL-1.2\",\"APSL-2.0\",\"CDDL-1.0\",\"CDDL-1.1\",\"CPL-1.0\",\"EPL-1.0\",\"EPL-2.0\",\"FreeImage\",\"IPL-1.0\",\"MPL-1.0\",\"MPL-1.1\",\"MPL-2.0\",\"Ruby\"],\"restricted\":[\"BCL\",\"CC-BY-ND-1.0\",\"CC-BY-ND-2.0\",\"CC-BY-ND-2.5\",\"CC-BY-ND-3.0\",\"CC-BY-ND-4.0\",\"CC-BY-SA-1.0\",\"CC-BY-SA-2.0\",\"CC-BY-SA-2.5\",\"CC-BY-SA-3.0\",\"CC-BY-SA-4.0\",\"GPL-1.0\",\"GPL-2.0\",\"GPL-2.0-with-autoconf-exception\",\"GPL-2.0-with-bison-exception\",\"GPL-2.0-with-classpath-exception\",\"GPL-2.0-with-font-exception\",\"GPL-2.0-with-GCC-exception\",\"GPL-3.0\",\"GPL-3.0-with-autoconf-exception\",\"GPL-3.0-with-GCC-exception\",\"LGPL-2.0\",\"LGPL-2.1\",\"LGPL-3.0\",\"NPL-1.0\",\"NPL-1.1\",\"OSL-1.0\",\"OSL-1.1\",\"OSL-2.0\",\"OSL-2.1\",\"OSL-3.0\",\"QPL-1.0\",\"Sleepycat\"],\"unencumbered\":[\"CC0-1.0\",\"Unlicense\",\"0BSD\"]},\"IncludeNonFailures\":false,\"HelmValues\":null,\"HelmValueFiles\":null,\"HelmFileValues\":null,\"HelmStringValues\":null,\"TerraformTFVars\":null,\"SkipPolicyUpdate\":false,\"Trace\":false,\"PolicyPaths\":null,\"DataPaths\":null,\"PolicyNamespaces\":null,\"Token\":\"\",\"TokenHeader\":\"Trivy-Token\",\"ServerAddr\":\"\",\"Listen\":\"\",\"CustomHeaders\":{},\"RepoBranch\":\"\",\"RepoCommit\":\"\",\"RepoTag\":\"\",\"Format\":\"table\",\"ReportFormat\":\"\",\"Template\":\"\",\"DependencyTree\":false,\"ListAllPkgs\":false,\"IgnoreFile\":\".trivyignore\",\"ExitCode\":0,\"IgnorePolicy\":\"\",\"Output\":{},\"Severities\":[0,1,2,3,4],\"Compliance\":\"\",\"ArtifactType\":\"\",\"SBOMFormat\":\"\",\"Target\":\"ebs:snap-1726726362\",\"SkipDirs\":null,\"SkipFiles\":null,\"OfflineScan\":false,\"SecurityChecks\":[\"vuln\"],\"FilePatterns\":null,\"Slow\":false,\"SBOMSources\":null,\"RekorURL\":\"https://rekor.sigstore.dev\",\"SecretConfigPath\":\"trivy-secret.yaml\",\"VulnType\":[\"os\",\"library\"],\"IgnoreUnfixed\":false,\"AppVersion\":\"0.35.0-48-g62b369ee\",\"DisabledAnalyzers\":null}" + // data := flag.Options{} + // json.Unmarshal([]byte(config_str), &data) + + // res2B, _ := json.Marshal(data) + // fmt.Println("JENIA THIS OPTS: ", string(res2B)) + + // runner, err := artifact.NewRunner(context.Background(), opts) + // if err != nil { + // log.Error("VulnerabilityScanner: NewRunner error: ", err) + // return VulnerabilityScanner{}, err + // } + + return VulnerabilityScanner{ + log: log, + ch: ch, + runner: runner, + }, nil +} + +func (f VulnerabilityScanner) EvaluateSnapshot(ctx context.Context, snapCh chan ec2_types.Snapshot) { + f.log.Info("Starting NewVulnerabilityScanner.EvaluateSnapshot") + defer close(f.ch) + for { + select { + case <-ctx.Done(): + f.log.Info("NewVulnerabilityScanner.EvaluateSnapshot context canceled") + return + case data, ok := <-snapCh: + if !ok { + f.log.Info("NewVulnerabilityScanner.EvaluateSnapshot channel is closed") + return + } + // TODO: Should we pass the context here? Or should we use a new one? + // I do not want to cancel the context if one of the evaluation fails + f.evaluate(context.Background(), data) + } + } +} + +func (f VulnerabilityScanner) evaluate(ctx context.Context, snap ec2_types.Snapshot) { + f.log.Info("Starting VulnerabilityScanner.evaluate") + f.log.Info("JENIA SNAPS3", *snap.Description, *snap.SnapshotId, *snap.Progress, snap.State) + o, err := os.CreateTemp("", "") + if err != nil { + f.log.Error("VulnerabilityScanner.evaluate.TempFile error: ", err) + return + } + defer os.Remove(o.Name()) + + opts := flag.Options{ + AWSOptions: flag.AWSOptions{ + // TODO: Take region from config + Region: "eu-west-1", + }, + GlobalOptions: flag.GlobalOptions{ + // TODO: Make configurable + Timeout: 1 * time.Hour, + Quiet: false, + Debug: true, + // CacheDir: "/tmp/trivy", + }, + VulnerabilityOptions: flag.VulnerabilityOptions{ + VulnType: []string{"os", "library"}, + IgnoreUnfixed: false, + }, + ScanOptions: flag.ScanOptions{ + // Target: fmt.Sprint("ebs:", *snap.SnapshotId), + // Target: "ebs:snap-07a4a228a916368c5", + Target: "file:ebs_8g.img", + SecurityChecks: []string{"vuln"}, + RekorURL: "https://rekor.sigstore.dev", + }, + DBOptions: flag.DBOptions{ + // SkipDBUpdate: true, + DBRepository: "ghcr.io/aquasecurity/trivy-db", + }, + ReportOptions: flag.ReportOptions{ + Output: o, + Format: "json", + Severities: []db_types.Severity{0, 1, 2, 3, 4}, + }, + } + + // f.log.Info("VulnerabilityScanner.evaluate.NewRunner") + // r, err := artifact.NewRunner(ctx, opts) + // if err != nil { + // f.log.Error("VulnerabilityScanner.evaluate.NewRunner error: ", err) + // return + // } + + f.log.Info("VulnerabilityScanner.evaluate.ScanVM") + report, err := f.runner.ScanVM(ctx, opts) + if err != nil { + f.log.Error("VulnerabilityScanner.evaluate.ScanVM error: ", err) + return + } + + f.log.Info("VulnerabilityScanner.evaluate.Filter") + report, err = f.runner.Filter(ctx, opts, report) + if err != nil { + f.log.Error("VulnerabilityScanner.evaluate.Filter error: ", err) + return + } + + f.log.Info("VulnerabilityScanner.evaluate.Report") + err = f.runner.Report(opts, report) + if err != nil { + f.log.Error("VulnerabilityScanner.evaluate.Report error: ", err) + return + } + + f.log.Info("VulnerabilityScanner.evaluate.jsonFile") + jsonFile, err := os.Open(o.Name()) + if err != nil { + f.log.Error("VulnerabilityScanner.evaluate.jsonFile error: ", err) + return + } + + defer jsonFile.Close() + f.log.Info("VulnerabilityScanner.evaluate.ReadAll") + byteValue, _ := io.ReadAll(jsonFile) + var result trivy_types.Report + err = json.Unmarshal([]byte(byteValue), &result) + if err != nil { + f.log.Error("VulnerabilityScanner.evaluate.Unmarshal error: ", err) + return + } + + // file, _ := json.MarshalIndent(result, "", " ") + // _ = os.WriteFile("JENIA_RES_NEW.json", file, 0644) + // evn, _ := json.Marshal(result) + // f.log.Info("VulnerabilityScanner.evaluate.JENIARES", string(evn)) + + f.ch <- beat.Event{ + Fields: mapstr.M{"result": result}, + } + + f.log.Info("VulnerabilityScanner.evaluate.DONE") +} + +func (f VulnerabilityScanner) GetChan() chan beat.Event { + return f.ch +} diff --git a/vulnerability/verifier.go b/vulnerability/verifier.go new file mode 100644 index 0000000000..dba6d31e1b --- /dev/null +++ b/vulnerability/verifier.go @@ -0,0 +1,105 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package vulnerability + +import ( + "context" + "time" + + "github.com/aws/aws-sdk-go-v2/service/ec2/types" + "github.com/elastic/cloudbeat/resources/providers/awslib/ec2" + "github.com/elastic/elastic-agent-libs/logp" +) + +type VulnerabilityVerifier struct { + log *logp.Logger + provider *ec2.Provider + ch chan types.Snapshot +} + +func NewVulnerabilityVerifier(log *logp.Logger, provider *ec2.Provider) VulnerabilityVerifier { + log.Debug("VulnerabilityVerifier: New") + ch := make(chan types.Snapshot) + return VulnerabilityVerifier{ + log: log, + ch: ch, + provider: provider, + } +} + +// TODO: Maybe verify more than one snapshot +func (f VulnerabilityVerifier) VerifySnapshot(ctx context.Context, snapCh chan types.SnapshotInfo) { + f.log.Info("Starting VulnerabilityVerifier.VerifySnapshot") + defer close(f.ch) + for { + select { + case <-ctx.Done(): + f.log.Info("VulnerabilityVerifier.VerifySnapshot context canceled") + return + case data, ok := <-snapCh: + if !ok { + f.log.Info("VulnerabilityVerifier.VerifySnapshot channel is closed") + return + } + f.verify(ctx, data) + } + } +} + +func (f VulnerabilityVerifier) verify(ctx context.Context, snap types.SnapshotInfo) { + f.log.Info("Starting VulnerabilityVerifier.verify") + // TODO: Change this to variable + timer := time.After(5 * time.Minute) + for { + select { + case <-timer: + f.log.Info("VulnerabilityVerifier.verify timed out waiting for snapshot ", *snap.SnapshotId) + return + case <-ctx.Done(): + f.log.Info("VulnerabilityVerifier.verify context canceled") + return + // TODO: Change this to variable + case <-time.After(15 * time.Second): + sp, err := f.provider.DescribeSnapshots(ctx, snap) + if err != nil { + f.log.Errorf("VulnerabilityVerifier.verify.DescribeSnapshots failed: %v", err) + continue + } + // TOOD: Add a layer of "smart" cache to avoid checking and sending the same snapshot + // and not to wait on all snapshots to be completed, sending them periodically + allCompleted := true + for _, i := range sp { + if i.State != types.SnapshotStateCompleted { + f.log.Info("VulnerabilityVerifier.verify.VerifySnapshot snapshot not completed yet - ", *i.SnapshotId) + allCompleted = false + break + } + } + if allCompleted { + for _, i := range sp { + f.ch <- i + } + return + } + } + } +} + +func (f VulnerabilityVerifier) GetChan() chan types.Snapshot { + return f.ch +} diff --git a/vulnerability/worker.go b/vulnerability/worker.go new file mode 100644 index 0000000000..135f7501e2 --- /dev/null +++ b/vulnerability/worker.go @@ -0,0 +1,149 @@ +// Licensed to Elasticsearch B.V. under one or more contributor +// license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright +// ownership. Elasticsearch B.V. licenses this file to you under +// the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package vulnerability + +import ( + "context" + "fmt" + "sync" + + "github.com/elastic/beats/v7/libbeat/beat" + libbeat_aws "github.com/elastic/beats/v7/x-pack/libbeat/common/aws" + "github.com/elastic/cloudbeat/config" + "github.com/elastic/cloudbeat/resources/providers/awslib" + "github.com/elastic/cloudbeat/resources/providers/awslib/ec2" + "github.com/elastic/elastic-agent-libs/logp" +) + +type VulnerabilityWorker struct { + log *logp.Logger + cfg *config.Config + provider *ec2.Provider + // cloudIdentity *awslib.Identity + fetcher VulnerabilityFetcher + replicator VulnerabilityReplicator + verifier VulnerabilityVerifier + evaluator VulnerabilityScanner + runner VulnerabilityRunner + wg sync.WaitGroup +} + +func NewVulnerabilityWorker(log *logp.Logger, c *config.Config, runner VulnerabilityRunner) (*VulnerabilityWorker, error) { + log.Debug("VulnerabilityWorker: New") + // ctx := context.Background() + + // acp := awslib.ConfigProvider{MetadataProvider: awslib.Ec2MetadataProvider{}} + // awsConfig, err := acp.InitializeAWSConfig(ctx, c.CloudConfig.AwsCred) + // log.Info("VulnerabilityWorker: New - InitializeAWSConfig") + awsConfig, err := libbeat_aws.InitializeAWSConfig(c.CloudConfig.AwsCred) + if err != nil { + return nil, fmt.Errorf("VulnerabilityWorker: failed to initialize AWS credentials: %w", err) + } + + // identityProvider := awslib.GetIdentityClient(awsConfig) + // identity, err := identityProvider.GetIdentity(ctx) + // if err != nil { + // return nil, fmt.Errorf("VulnerabilityWorker: could not get cloud indentity: %w", err) + // } + + // provider := ec2.NewEC2Provider(log, *identity.Account, awsConfig) + // log.Info("VulnerabilityWorker: New - NewEC2Provider") + provider := ec2.NewEC2Provider(log, "", awsConfig, &awslib.MultiRegionClientFactory[ec2.Client]{}) + + // log.Info("VulnerabilityWorker: New - NewVulnerabilityFetcher") + fetcher := NewVulnerabilityFetcher(log, provider) + // log.Info("VulnerabilityWorker: New - NewVulnerabilityReplicator") + replicator := NewVulnerabilityReplicator(log, provider) + // log.Info("VulnerabilityWorker: New - NewVulnerabilityVerifier") + verifier := NewVulnerabilityVerifier(log, provider) + // log.Info("VulnerabilityWorker: New - NewVulnerabilityScanner") + evaluator, err := NewVulnerabilityScanner(log, runner.GetRunner()) + if err != nil { + return nil, fmt.Errorf("VulnerabilityWorker: could not get init NewVulnerabilityScanner: %w", err) + } + + // log.Info("VulnerabilityWorker: New - NewVulnerabilityWorker") + return &VulnerabilityWorker{ + log: log, + cfg: c, + provider: provider, + // cloudIdentity: identity, + fetcher: fetcher, + replicator: replicator, + verifier: verifier, + evaluator: evaluator, + runner: runner, + wg: sync.WaitGroup{}, + }, nil +} + +// // TODO: Maybe verify more than one snapshot +// func (f *VulnerabilityWorker) Run(ctx context.Context) error { +// f.log.Info("Starting VulnerabilityWorker.Run") +// go f.work(ctx) +// return nil +// } + +func (f *VulnerabilityWorker) Run(ctx context.Context) { + // TODO: Handle deletion of snapshots + f.log.Info("Starting VulnerabilityWorker.work") + for { + select { + case <-ctx.Done(): + f.log.Info("VulnerabilityWorker.work context canceled") + return + default: + f.wg.Add(1) + go func() { + defer f.wg.Done() + err := f.fetcher.FetchInstances(ctx) + if err != nil { + f.log.Error("VulnerabilityWorker.work FetchInstances failed: %v", err) + return + } + f.log.Info("VulnerabilityWorker.work FetchInstances finished") + }() + f.wg.Add(1) + go func() { + defer f.wg.Done() + f.replicator.SnapshotInstance(ctx, f.fetcher.GetChan()) + f.log.Info("VulnerabilityWorker.work SnapshotInstance finished") + }() + f.wg.Add(1) + go func() { + defer f.wg.Done() + f.verifier.VerifySnapshot(ctx, f.replicator.GetChan()) + f.log.Info("VulnerabilityWorker.work VerifySnapshot finished") + }() + f.wg.Add(1) + go func() { + defer f.wg.Done() + f.evaluator.EvaluateSnapshot(ctx, f.verifier.GetChan()) + f.log.Info("VulnerabilityWorker.work EvaluateSnapshot finished") + }() + f.log.Info("VulnerabilityWorker.work waiting on workers") + f.wg.Wait() + f.log.Info("VulnerabilityWorker.work finished waiting on workers") + return + } + } +} + +func (f *VulnerabilityWorker) GetChan() chan beat.Event { + return f.evaluator.GetChan() +} From f217bc8f8ca13894ea442873bd7e6e1d1872e0cd Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Thu, 23 Feb 2023 13:48:23 +0200 Subject: [PATCH 24/28] Weekly environment - Vanilla POC (#746) --- .github/workflows/unit-test.yml | 14 ++ .github/workflows/weekly-enviroment.yml | 126 ++++++++++++++ .gitignore | 32 +++- deploy/cloud/.gitignore | 27 --- deploy/cloud/modules/api/terraform.tf | 4 +- .../provision-apps/aws-ebs-csi-driver.tf | 8 +- .../modules/provision-apps/nginx-ingress.tf | 10 +- .../cloud/modules/provision-apps/terraform.tf | 2 +- .../cloud/modules/provision-apps/variables.tf | 4 +- deploy/weekly-environment/main.tf | 25 +++ deploy/weekly-environment/outputs.tf | 26 +++ .../data/agent_policy_vanilla.json | 8 + .../data/package_policy_vanilla.json | 64 ++++++++ .../install-kspm-vanilla-integration.sh | 39 +++++ deploy/weekly-environment/scripts/utils.sh | 155 ++++++++++++++++++ deploy/weekly-environment/terraform.tf | 8 + deploy/weekly-environment/variables.tf | 60 +++++++ 17 files changed, 567 insertions(+), 45 deletions(-) create mode 100644 .github/workflows/weekly-enviroment.yml delete mode 100644 deploy/cloud/.gitignore create mode 100644 deploy/weekly-environment/main.tf create mode 100644 deploy/weekly-environment/outputs.tf create mode 100644 deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/agent_policy_vanilla.json create mode 100644 deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json create mode 100755 deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/install-kspm-vanilla-integration.sh create mode 100755 deploy/weekly-environment/scripts/utils.sh create mode 100644 deploy/weekly-environment/terraform.tf create mode 100644 deploy/weekly-environment/variables.tf diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index 3b1af03d7a..6d47d776c1 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -119,6 +119,7 @@ jobs: - uses: actions/setup-go@v3 with: go-version-file: .go-version + - name: Check out the repo uses: actions/checkout@v3 with: @@ -156,3 +157,16 @@ jobs: run: | cfn-lint --version cfn-lint -I -t ./deploy/cloudformation/elastic-agent-ec2.yml + + terraform-linter: + name: terraform-lint + runs-on: ubuntu-20.04 + steps: + - name: Checkout Repository + uses: actions/checkout@v3 + + - name: Init Hermit + run: ./bin/hermit env -r >> $GITHUB_ENV + + - name: Terraform fmt + run: terraform fmt -check -recursive diff --git a/.github/workflows/weekly-enviroment.yml b/.github/workflows/weekly-enviroment.yml new file mode 100644 index 0000000000..4c5af30075 --- /dev/null +++ b/.github/workflows/weekly-enviroment.yml @@ -0,0 +1,126 @@ +name: Weekly environment deployment + +on: + workflow_dispatch: + inputs: + environment: + description: 'Environment to deploy' + type: choice + options: + - weekly environment + logLevel: + description: 'Log level' + required: true + default: 'INFO' + type: choice + options: + - TRACE + - DEBUG + - INFO + - WARN + - ERROR + +env: + WORKING_DIR: deploy/weekly-environment + SCRIPTS_DIR: deploy/weekly-environment/scripts/benchmarks/kspm_vanilla + TF_VAR_ec_api_key: ${{ secrets.WEEKLY_ENVIRONMENT_EC_API_KEY }} + TF_VAR_environment: ${{ github.event.inputs.logLevel }} + TF_LOG: ${{ github.event.inputs.logLevel }} + TF_VAR_stack_version: 8.6.1 + +jobs: + terraform: + name: Deploy KSPM cloud environment + runs-on: ubuntu-latest + defaults: + run: + working-directory: ${{ env.WORKING_DIR }} + steps: + - name: Check out the repo + uses: actions/checkout@v2 + + - name: Init Hermit + run: ./bin/hermit env -r >> $GITHUB_ENV + working-directory: ./ + + - name: Terraform Init + run: terraform init -no-color + + - name: Terraform Validate + run: terraform validate -no-color + + - name: Deploy Elastic Cloud + run: terraform apply --auto-approve + + - name: Set terraform output as env variable + run: | + echo "KIBANA_URL=$(terraform output kibana_url)" >> $GITHUB_ENV + + - name: Set sensitive terraform output as env variable + run: | + export ELASTICSEARCH_USERNAME=$(terraform output elasticsearch_username) + echo "::add-mask::$ELASTICSEARCH_USERNAME" + echo "ELASTICSEARCH_USERNAME=$ELASTICSEARCH_USERNAME" >> $GITHUB_ENV + + export ELASTICSEARCH_PASSWORD=$(terraform output elasticsearch_password) + echo "::add-mask::$ELASTICSEARCH_PASSWORD" + echo "ELASTICSEARCH_PASSWORD=$ELASTICSEARCH_PASSWORD" >> $GITHUB_ENV + + - name: Install KSPM vanilla integration + working-directory: ${{ env.SCRIPTS_DIR }} + run: | + ./install-kspm-vanilla-integration.sh ${{ env.KIBANA_URL }} ${{ env.ELASTICSEARCH_PASSWORD }} + + - name: Deploy agent on EC2 + working-directory: ${{ env.SCRIPTS_DIR }} + run: | + echo -e "${{ secrets.WEEKLY_ENVIRONMENT_EC2_PRIVATE_KEY }}" > weekly-key.pem + chmod 600 weekly-key.pem + # Copy the manifest file to the EC2 instance + scp -o StrictHostKeyChecking=no -v -i weekly-key.pem manifest.yaml "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}:~/." + # Apply the manifest file + ssh -o StrictHostKeyChecking=no -v -i weekly-key.pem "ubuntu@${{ secrets.WEEKLY_ENVIRONMENT_EC2_PUBLIC_IP }}" "kubectl apply -f manifest.yaml" + + # Once https://github.com/slackapi/slack-github-action/issues/84 will be resolved we can push the payload to a different file + - name: Send custom JSON data to Slack workflow + uses: slackapi/slack-github-action@v1.23.0 + with: + payload: | + { + "text": "A new deployment job has been triggered", + "attachments": [ + { + "color": "#36a64f", + "fields": [ + { + "title": "Environment", + "value": "${{ github.event.inputs.environment }}", + "short": true + }, + { + "title": "Log level", + "value": "${{ github.event.inputs.logLevel }}", + "short": true + }, + { + "title": "Kibana URL", + "value": ${{ env.KIBANA_URL }}, + "short": false + }, + { + "title": "ElasticSearch username", + "value": ${{ env.ELASTICSEARCH_USERNAME }}, + "short": false + }, + { + "title": "ElasticSearch password", + "value": ${{ env.ELASTICSEARCH_PASSWORD }}, + "short": false + } + ] + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK diff --git a/.gitignore b/.gitignore index 0bcfa0ed72..ac28157667 100644 --- a/.gitignore +++ b/.gitignore @@ -41,7 +41,31 @@ bundle.tar.gz /deploy/k8s/cloudbeat-ds.yaml # terraform -deploy/cloud/.terraform -deploy/cloud/.terraform.lock.hcl -deploy/cloud/terraform.tfstate -deploy/cloud/terraform.tfstate.backup +.terraform +.terraform.lock.hcl +.tfstate.backup + +# .tfstate files +*.tfstate +*.tfstate.* +*.tfplan + +# Crash log files +crash.log + +# Exclude all .tfvars files, which are likely to contain sentitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +*.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Ignore CLI configuration files +.terraformrc +terraform.rc diff --git a/deploy/cloud/.gitignore b/deploy/cloud/.gitignore deleted file mode 100644 index 6665869f80..0000000000 --- a/deploy/cloud/.gitignore +++ /dev/null @@ -1,27 +0,0 @@ -# Local .terraform directories -**/.terraform/* - -# .tfstate files -*.tfstate -*.tfstate.* -*.tfplan - -# Crash log files -crash.log - -# Exclude all .tfvars files, which are likely to contain sentitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject -# to change depending on the environment. -*.tfvars - -# Ignore override files as they are usually used to override resources locally and so -# are not checked in -override.tf -override.tf.json -*_override.tf -*_override.tf.json - -# Ignore CLI configuration files -.terraformrc -terraform.rc diff --git a/deploy/cloud/modules/api/terraform.tf b/deploy/cloud/modules/api/terraform.tf index dec6d6e92a..0d4352222f 100644 --- a/deploy/cloud/modules/api/terraform.tf +++ b/deploy/cloud/modules/api/terraform.tf @@ -1,11 +1,11 @@ terraform { required_providers { restapi = { - source = "mastercard/restapi" + source = "mastercard/restapi" version = "~> 1.18.0" } http = { - source = "hashicorp/http" + source = "hashicorp/http" version = "~> 3.2.1" } } diff --git a/deploy/cloud/modules/provision-apps/aws-ebs-csi-driver.tf b/deploy/cloud/modules/provision-apps/aws-ebs-csi-driver.tf index d2b0a6431c..c357cf1de3 100644 --- a/deploy/cloud/modules/provision-apps/aws-ebs-csi-driver.tf +++ b/deploy/cloud/modules/provision-apps/aws-ebs-csi-driver.tf @@ -1,12 +1,12 @@ resource "helm_release" "aws_ebs_csi_driver" { - chart = "aws-ebs-csi-driver" - name = "aws-ebs-csi-driver" - namespace = var.namespace + chart = "aws-ebs-csi-driver" + name = "aws-ebs-csi-driver" + namespace = var.namespace repository = "https://kubernetes-sigs.github.io/aws-ebs-csi-driver" set { - name = "controller.serviceAccount.name" + name = "controller.serviceAccount.name" value = "ebs-csi-controller-sa" } diff --git a/deploy/cloud/modules/provision-apps/nginx-ingress.tf b/deploy/cloud/modules/provision-apps/nginx-ingress.tf index 7e7571d748..d9ed770093 100644 --- a/deploy/cloud/modules/provision-apps/nginx-ingress.tf +++ b/deploy/cloud/modules/provision-apps/nginx-ingress.tf @@ -1,10 +1,10 @@ resource "helm_release" "nginx_ingress" { - chart = "nginx-ingress-controller" - name = "nginx-ingress-controller" + chart = "nginx-ingress-controller" + name = "nginx-ingress-controller" repository = "https://charts.bitnami.com/bitnami" - timeout = 600 - namespace = var.namespace + timeout = 600 + namespace = var.namespace set { name = "service.type" @@ -12,7 +12,7 @@ resource "helm_release" "nginx_ingress" { } set { - name = "replicaCount" + name = "replicaCount" value = var.replica_count } } diff --git a/deploy/cloud/modules/provision-apps/terraform.tf b/deploy/cloud/modules/provision-apps/terraform.tf index d436ae8bb5..995559fe6f 100644 --- a/deploy/cloud/modules/provision-apps/terraform.tf +++ b/deploy/cloud/modules/provision-apps/terraform.tf @@ -1,7 +1,7 @@ terraform { required_providers { helm = { - source = "hashicorp/helm" + source = "hashicorp/helm" version = ">=2.8.0" } diff --git a/deploy/cloud/modules/provision-apps/variables.tf b/deploy/cloud/modules/provision-apps/variables.tf index 4a927ff926..09377378a6 100644 --- a/deploy/cloud/modules/provision-apps/variables.tf +++ b/deploy/cloud/modules/provision-apps/variables.tf @@ -1,9 +1,9 @@ variable "namespace" { - type = string + type = string default = "default" } variable "replica_count" { - type = string + type = string default = "2" } diff --git a/deploy/weekly-environment/main.tf b/deploy/weekly-environment/main.tf new file mode 100644 index 0000000000..9262b1a142 --- /dev/null +++ b/deploy/weekly-environment/main.tf @@ -0,0 +1,25 @@ +provider "ec" { + apikey = var.ec_api_key +} + +module "ec_deployment" { + source = "github.com/elastic/apm-server/testing/infra/terraform/modules/ec_deployment" + + region = var.ess_region + stack_version = var.stack_version + + deployment_template = var.deployment_template + deployment_name_prefix = "${var.deployment_name_prefix}-${formatdate("MMM DD, YYYY", timestamp())}" + + integrations_server = true + + elasticsearch_size = var.elasticsearch_size + elasticsearch_zone_count = var.elasticsearch_zone_count + + docker_image = var.docker_image_override + docker_image_tag_override = { + "elasticsearch" : "", + "kibana" : "", + "apm" : "" + } +} diff --git a/deploy/weekly-environment/outputs.tf b/deploy/weekly-environment/outputs.tf new file mode 100644 index 0000000000..0c55271150 --- /dev/null +++ b/deploy/weekly-environment/outputs.tf @@ -0,0 +1,26 @@ +output "elasticsearch_url" { + value = module.ec_deployment.elasticsearch_url + description = "The secure Elasticsearch URL" +} + +output "elasticsearch_username" { + value = module.ec_deployment.elasticsearch_username + description = "The Elasticsearch username" + sensitive = true +} + +output "elasticsearch_password" { + value = module.ec_deployment.elasticsearch_password + description = "The Elasticsearch password" + sensitive = true +} + +output "kibana_url" { + value = module.ec_deployment.kibana_url + description = "The secure Kibana URL" +} + +output "admin_console_url" { + value = module.ec_deployment.admin_console_url + description = "The admin console URL" +} diff --git a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/agent_policy_vanilla.json b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/agent_policy_vanilla.json new file mode 100644 index 0000000000..8ceaf9e3aa --- /dev/null +++ b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/agent_policy_vanilla.json @@ -0,0 +1,8 @@ +{ + "name": "weekly-environment-vanilla-policy", + "namespace": "default", + "monitoring_enabled": [ + "logs", + "metrics" + ] +} diff --git a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json new file mode 100644 index 0000000000..452a5c06ea --- /dev/null +++ b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json @@ -0,0 +1,64 @@ +{ + "name": "weekly-environment-vanilla-integration-package", + "description": "", + "namespace": "default", + "policy_id": "${agent_policy_id}", + "enabled": true, + "inputs": [ + { + "type": "cloudbeat/cis_k8s", + "policy_template": "kspm", + "enabled": true, + "streams": [ + { + "enabled": true, + "data_stream": { + "type": "logs", + "dataset": "cloud_security_posture.findings" + }, + "release": "ga" + } + ] + }, + { + "type": "cloudbeat/cis_eks", + "policy_template": "kspm", + "enabled": false, + "streams": [ + { + "enabled": false, + "data_stream": { + "type": "logs", + "dataset": "cloud_security_posture.findings" + }, + "release": "ga", + "vars": { + "access_key_id": { + "type": "text" + }, + "secret_access_key": { + "type": "text" + }, + "session_token": { + "type": "text" + }, + "shared_credential_file": { + "type": "text" + }, + "credential_profile_name": { + "type": "text" + }, + "role_arn": { + "type": "text" + } + } + } + ] + } + ], + "package": { + "name": "cloud_security_posture", + "title": "Kubernetes Security Posture Management (KSPM)", + "version": "1.1.1" + } +} diff --git a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/install-kspm-vanilla-integration.sh b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/install-kspm-vanilla-integration.sh new file mode 100755 index 0000000000..1787a68cb4 --- /dev/null +++ b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/install-kspm-vanilla-integration.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +source ../../utils.sh + +# This script is used to install a vanilla integration for the KSPM vanilla benchmark. +# It will create a new agent policy, a new vanilla integration and a new vanilla integration manifest file. +# The script requires two arguments: +# 1. Kibana URL +# 2. Kibana password + +KIBANA_URL=$1 +KIBANA_PASSWORD=$2 +KIBANA_AUTH=elastic:${KIBANA_PASSWORD} + +readonly AGENT_POLICY=data/agent_policy_vanilla.json +readonly INTEGRATION_POLICY=data/package_policy_vanilla.json + +# Check if input is empty +if [ -z "$KIBANA_URL" ] || [ -z "$KIBANA_PASSWORD" ]; then + echo "Kibana URL or Kibana password is empty" + exit 1 +fi + +## Create a new agent policy And get the agent id +create_a_new_agent_policy "$KIBANA_URL" "$KIBANA_AUTH" "$AGENT_POLICY" +if [ -z "$POLICY_ID" ]; then + echo "Agent policy id is empty" + exit 1 +fi + +# Create a new vanilla integration +create_a_new_vanilla_integration "$KIBANA_URL" "$KIBANA_AUTH" "$POLICY_ID" "$INTEGRATION_POLICY" + +# Create a new agent policy +create_new_vanilla_integration_manifest_file "$KIBANA_URL" "$KIBANA_AUTH" "$POLICY_ID" +if [ -z "$MANIFEST_FILE" ]; then + echo "Manifest file is empty" + exit 1 +fi diff --git a/deploy/weekly-environment/scripts/utils.sh b/deploy/weekly-environment/scripts/utils.sh new file mode 100755 index 0000000000..2d3268556d --- /dev/null +++ b/deploy/weekly-environment/scripts/utils.sh @@ -0,0 +1,155 @@ +#!/bin/bash + +# This utility script contains functions that are used by the benchmark scripts. + +####################################### +# Creates a new agent policy and set the new POLICY_ID as the new integration policy id +# Globals: +# POLICY_ID +# Arguments: +# $1: Kibana URL +# $2: Kibana auth +# $3: Agent policy +# Returns: +# None +####################################### +create_a_new_agent_policy() { + local kibana_url=$1 + local kibana_auth=$2 + local agent_policy=$3 + + # Install Agent policy + local install_agent_response + install_agent_response="$(curl -X POST \ + --url "${kibana_url}/api/fleet/agent_policies?sys_monitoring=true" \ + -u "${kibana_auth}" \ + -H 'Cache-Control: no-cache' \ + -H 'Connection: keep-alive' \ + -H 'Content-Type: application/json' \ + -H 'kbn-xsrf: true' \ + -d "@${agent_policy}")" + + echo "Install agent response: ${install_agent_response}" + check_status_code_of_curl "${install_agent_response}" + + POLICY_ID=$(echo "${install_agent_response}" | jq -r '.item.id') + echo "Creating a new agent policy has completed successfully: New policy id: ${POLICY_ID}" +} + +####################################### +# Creates a new vanilla integration on the given policy id +# Arguments: +# $1: Kibana URL +# $2: Kibana auth +# $3: Policy id +# $4: Integration policy +# Returns: +# None +####################################### +create_a_new_vanilla_integration() { + local kibana_url=$1 + local kibana_auth=$2 + local policy_id=$3 + local integration_policy=$4 + + # Updating the new integration policy with the policy id + local updated_policy + updated_policy="$(jq --arg policy_id "${policy_id}" '.policy_id |= $policy_id' "${integration_policy}")" + echo "New integration policy: ${updated_policy}" + + package_policy_response="$(curl -X POST \ + --url "${kibana_url}/api/fleet/package_policies" \ + -u "${kibana_auth}" \ + -H 'Cache-Control: no-cache' \ + -H 'Connection: keep-alive' \ + -H 'Content-Type: application/json' \ + -H 'kbn-xsrf: true' \ + -d "${updated_policy}")" + + check_status_code_of_curl "${package_policy_response}" + + echo "Creating a new a new vanilla integration with policy id: ${policy_id} has completed successfully.Integration policy: ${updated_policy}" +} + +####################################### +# Creates a new vanilla integration manifest file manifest.yaml +# Globals: +# MANIFEST_FILE +# Arguments: +# $1: Kibana URL +# $2: Kibana auth +# $3: Policy id +# Returns: +# None +####################################### +create_new_vanilla_integration_manifest_file() { + local kibana_url=$1 + local kibana_auth=$2 + local policy_id=$3 + + local enrolment_token_response + enrolment_token_response="$(curl -X GET \ + --url "${kibana_url}/api/fleet/enrollment_api_keys" \ + -u "${kibana_auth}" \ + -H 'Cache-Control: no-cache' \ + -H 'Connection: keep-alive' \ + -H 'Content-Type: application/json' \ + -H 'kbn-xsrf: true')" + + check_status_code_of_curl "${enrolment_token_response}" + + local enrolment_token + enrolment_token="$(echo "${enrolment_token_response}" | jq --arg policy "${policy_id}" '.list[] | select(.policy_id == $policy)' | jq -r '.api_key')" + echo "enrolment_token: ${enrolment_token}" + + local fleet_data_response + fleet_data_response="$(curl -X GET \ + --url "${kibana_url}/api/fleet/settings" \ + -u "${kibana_auth}" \ + -H 'Cache-Control: no-cache' \ + -H 'Connection: keep-alive' \ + -H 'Content-Type: application/json' \ + -H 'kbn-xsrf: true')" + + check_status_code_of_curl "${fleet_data_response}" + + local fleet_server_host + fleet_server_host="$(echo "${fleet_data_response}" | jq -r '.item.fleet_server_hosts[0]')" + echo "fleet_server_host: ${fleet_server_host}" + + # Create the manifest file + local manifest_creation_response + manifest_creation_response="$(curl -X GET \ + --url "${kibana_url}/api/fleet/kubernetes?fleetServer=${fleet_server_host}&enrolToken=${enrolment_token}" \ + -u "${kibana_auth}" \ + -H 'Cache-Control: no-cache' \ + -H 'Connection: keep-alive' \ + -H 'Content-Type: application/json' \ + -H 'kbn-xsrf: true')" + + check_status_code_of_curl "${manifest_creation_response}" + + # write the manifest file to the file system + # get the item field from the response + MANIFEST_FILE=$(echo "$manifest_creation_response" | jq -r '.item') + echo "$MANIFEST_FILE" > manifest.yaml +} + +####################################### +# Checks the status code of the curl response and exits if the status code is not 200 +# Globals: +# Arguments: +# $1: Curl response +# Returns: +# None +####################################### +check_status_code_of_curl() { + local curl_response=$1 + error_code=$(echo "$curl_response" | jq -r '.statusCode') + if [ "$error_code" != "null" ] && [ "$error_code" != "200" ]; then + echo "Error code: $error_code" + echo "Error message: $(echo "$curl_response" | jq -r '.message')" + echo "Error full response: $curl_response" + exit 1 + fi +} diff --git a/deploy/weekly-environment/terraform.tf b/deploy/weekly-environment/terraform.tf new file mode 100644 index 0000000000..94ff40d981 --- /dev/null +++ b/deploy/weekly-environment/terraform.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + ec = { + source = "elastic/ec" + version = ">=0.5.0" + } + } +} diff --git a/deploy/weekly-environment/variables.tf b/deploy/weekly-environment/variables.tf new file mode 100644 index 0000000000..0dac9f064a --- /dev/null +++ b/deploy/weekly-environment/variables.tf @@ -0,0 +1,60 @@ +## Deployment configuration + +variable "ec_api_key" { + description = "Elastic cloud API key" + type = string +} + +variable "ess_region" { + default = "gcp-us-central1" + description = "Optional ESS region where the deployment will be created. Defaults to gcp-us-west2" + type = string +} + +variable "deployment_template" { + default = "gcp-compute-optimized-v2" + description = "Optional deployment template. Defaults to the CPU optimized template for GCP" + type = string +} + +variable "stack_version" { + default = "latest" + description = "Optional stack version" + type = string +} + +variable "elasticsearch_size" { + default = "8g" + type = string + description = "Optional Elasticsearch instance size" +} + +variable "elasticsearch_zone_count" { + default = 1 + type = number + description = "Optional Elasticsearch zone count" +} + +variable "docker_image_tag_override" { + default = { + "elasticsearch" : "", + "kibana" : "", + "apm" : "", + } + description = "Optional docker image tag override" + type = map(string) +} + +variable "docker_image_override" { + default = { + "elasticsearch" : "docker.elastic.co/cloud-release/elasticsearch-cloud-ess", + "kibana" : "docker.elastic.co/cloud-release/kibana-cloud", + "apm" : "docker.elastic.co/cloud-release/elastic-agent-cloud", + } + type = map(string) +} + +variable "deployment_name_prefix" { + default = "weekly-environment" + description = "Optional set a prefix of the deployment. Defaults to weekly-environment" +} From d997ee9347ad447480bab5d71c2585fbcc1d45ad Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Thu, 23 Feb 2023 15:11:38 +0200 Subject: [PATCH 25/28] Trying to install vanilla integration using only the vanilla input --- .../data/package_policy_vanilla.json | 102 ------------------ 1 file changed, 102 deletions(-) diff --git a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json index a35803b2ef..a053c73826 100644 --- a/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json +++ b/deploy/weekly-environment/scripts/benchmarks/kspm_vanilla/data/package_policy_vanilla.json @@ -18,108 +18,6 @@ } } ] - }, - { - "type": "cloudbeat/cis_eks", - "policy_template": "kspm", - "enabled": false, - "streams": [ - { - "enabled": false, - "data_stream": { - "type": "logs", - "dataset": "cloud_security_posture.findings" - }, - "vars": { - "access_key_id": { - "type": "text" - }, - "secret_access_key": { - "type": "text" - }, - "session_token": { - "type": "text" - }, - "shared_credential_file": { - "type": "text" - }, - "credential_profile_name": { - "type": "text" - }, - "role_arn": { - "type": "text" - }, - "aws.credentials.type": { - "type": "text" - } - } - } - ] - }, - { - "type": "cloudbeat/cis_aws", - "policy_template": "cspm", - "enabled": false, - "streams": [ - { - "enabled": false, - "data_stream": { - "type": "logs", - "dataset": "cloud_security_posture.findings" - }, - "vars": { - "access_key_id": { - "type": "text" - }, - "secret_access_key": { - "type": "text" - }, - "session_token": { - "type": "text" - }, - "shared_credential_file": { - "type": "text" - }, - "credential_profile_name": { - "type": "text" - }, - "role_arn": { - "type": "text" - }, - "aws.credentials.type": { - "type": "text" - } - } - } - ] - }, - { - "type": "cloudbeat/cis_gcp", - "policy_template": "cspm", - "enabled": false, - "streams": [ - { - "enabled": false, - "data_stream": { - "type": "logs", - "dataset": "cloud_security_posture.findings" - } - } - ] - }, - { - "type": "cloudbeat/cis_azure", - "policy_template": "cspm", - "enabled": false, - "streams": [ - { - "enabled": false, - "data_stream": { - "type": "logs", - "dataset": "cloud_security_posture.findings" - } - } - ] } ], "package": { From 086eac72dfdb4ecec49db955bbbb0be27c919e84 Mon Sep 17 00:00:00 2001 From: Dmitry Gurevich <99176494+gurevichdmitry@users.noreply.github.com> Date: Thu, 23 Feb 2023 18:06:53 +0200 Subject: [PATCH 26/28] aws functional tests poc (#770) * add s3 test case * add additional test cases for 2.1.1 * update skip_param_case function and refactor code * rename test and refactor code --- deploy/k8s/kind/kind-mono.yml | 7 ++ tests/commonlib/framework/reporting.py | 30 +++-- tests/commonlib/utils.py | 9 ++ tests/configuration.py | 1 + .../charts/elasticsearch-8.4.0.tgz | Bin 35379 -> 35391 bytes .../charts/kibana-8.4.0.tgz | Bin 13950 -> 13965 bytes .../tests/data/aws/aws_s3_test_cases.py | 38 ++++++ .../data/aws/managed_services_test_cases.py | 51 +++----- .../k8s_object/eks_k8s_object_test_cases.py | 17 +-- .../data/process/eks_process_test_cases.py | 110 +++++++----------- .../tests/data/process/process_test_cases.py | 8 +- .../tests/test_aws_s3_service_rules.py | 59 ++++++++++ ....py => test_eks_managed_services_rules.py} | 6 +- tests/product/tests/test_k8s_objects_rules.py | 2 +- tests/pyproject.toml | 3 +- 15 files changed, 208 insertions(+), 133 deletions(-) create mode 100644 tests/product/tests/data/aws/aws_s3_test_cases.py create mode 100644 tests/product/tests/test_aws_s3_service_rules.py rename tests/product/tests/{test_eks_aws_managed_services_rules.py => test_eks_managed_services_rules.py} (95%) diff --git a/deploy/k8s/kind/kind-mono.yml b/deploy/k8s/kind/kind-mono.yml index bd760fe6e0..801844790c 100644 --- a/deploy/k8s/kind/kind-mono.yml +++ b/deploy/k8s/kind/kind-mono.yml @@ -7,5 +7,12 @@ nodes: extraMounts: - hostPath: ./tests/allure/results containerPath: /tmp/data + extraPortMappings: + - containerPort: 9200 + hostPort: 9200 + listenAddress: "127.0.0.1" + - containerPort: 5601 + hostPort: 5601 + listenAddress: "127.0.0.1" # Todo Enable EphemeralContainers on kind config for debug diff --git a/tests/commonlib/framework/reporting.py b/tests/commonlib/framework/reporting.py index a44728e3d5..bb8009edc7 100644 --- a/tests/commonlib/framework/reporting.py +++ b/tests/commonlib/framework/reporting.py @@ -1,6 +1,7 @@ """ This module extends pytest basic report functionality using allure reporter """ +from __future__ import annotations from dataclasses import dataclass import pytest from allure_commons.types import LinkType @@ -21,22 +22,22 @@ class SkipReportData: def skip_param_case( - skip_list: list, + skip_objects: dict | list, data_to_report: SkipReportData, is_auto_defect: bool = True, -) -> list: +) -> dict | list | None: """ This function wraps parameterized test case(s) with markers: pytest.xfail allure.Link @param is_auto_defect: - @param skip_list: list of test cases to be skipped + @param skip_objects: dictionary or list of test cases to be skipped @param data_to_report: Report data to be used in pytest and allure reports - @return: list of test cases wrapped with xfail and allure link params. + @return: dictionary or list of test cases wrapped with xfail and allure link params. """ - ret_list = [] - if not skip_list: - return ret_list + + if not skip_objects: + return None marks_list = [ pytest.mark.xfail(reason=data_to_report.skip_reason), @@ -49,6 +50,15 @@ def skip_param_case( if is_auto_defect: marks_list.append(pytest.mark.skip(reason=data_to_report.skip_reason)) - for case in skip_list: - ret_list.append(pytest.param(*case, marks=marks_list)) - return ret_list + if isinstance(skip_objects, list): + ret_object = [] + for case in skip_objects: + ret_object.append(pytest.param(*case, marks=marks_list)) + elif isinstance(skip_objects, dict): + ret_object = {} + for key, value in skip_objects.items(): + ret_object[key] = pytest.param(*value, marks=marks_list) + else: + ret_object = None + + return ret_object diff --git a/tests/commonlib/utils.py b/tests/commonlib/utils.py index e3493cbf5b..8e8fb7db4b 100644 --- a/tests/commonlib/utils.py +++ b/tests/commonlib/utils.py @@ -57,6 +57,15 @@ def get_ES_evaluation( continue if resource_identifier(event): + allure.attach( + json.dumps( + event, + indent=4, + sort_keys=True, + ), + rule_tag, + attachment_type=allure.attachment_type.JSON, + ) return evaluation return None diff --git a/tests/configuration.py b/tests/configuration.py index 15e37a7553..c9ed3e558f 100644 --- a/tests/configuration.py +++ b/tests/configuration.py @@ -13,6 +13,7 @@ agent.namespace = os.getenv("AGENT_NAMESPACE", "kube-system") agent.findings_timeout = 500 agent.eks_findings_timeout = 120 +agent.aws_findings_timeout = 500 agent.cluster_type = os.getenv("CLUSTER_TYPE", "eks") # options: vanilla / eks # The K8S Node on which the test Pod is running. diff --git a/tests/deploy/k8s-cloudbeat-tests/charts/elasticsearch-8.4.0.tgz b/tests/deploy/k8s-cloudbeat-tests/charts/elasticsearch-8.4.0.tgz index dd6cb13d60c4d12d6b5b113f8747935b4dc0f357..6cfd642f0764e50bedbf087d96df94bccc198d34 100644 GIT binary patch delta 24412 zcmX7vWmr~C*MZWE7peNXC~WH0#VPOp;>JXszQTbNmsxhn zd@Xb2x4L;Z$7l48!A+4m<~$PofYt^L&UX}IE!`IU7_82Yrn}94&Tgi+y0|d}O0=n# z1)nI7wSBrHOBHFeXG*W*7BKuLQY?J3x^_08;zJd`R(&YYE*28b5E_NQQfY@@0J0yJ zc-j1+#{%wmCt?w-m-AJ+0#F^s2LjQ10dtoRKQ>yjGd#4*XYh9JrtB8$lA$-6bnA-= zdcJv!hBcFTu8O$=u{(K7Ov>YchUkYg$$_?!6tq!;)Q;&eftHtv z?ov>kBS?jncP2s;>~UdbsxYX>^e{WkDykiViQUNh(uE29AdQrqnaZ$Z_FuYAwjN%G zD4n|efy@&l`d(;m3@V_Dr2R0ObRNx)8h;=XtDFrp^X)s}cyX%^E(ihYq4e1Yl|1^F z_yJXZ37FR5lJ2LKhG&duh%PAJQ^_UI?mSV4P`)n$aS@V|48fM!EJwUfhE3vT*@-iZ)}kqRuLbwA;PkBtsX&I z`n-E?x+0#OYV=012_%4E4M+R~bJ?>ARtgADIuT&l>9$Cz8wqQ192w%E^I` zYM3w2`Z8&E8eYCtInn!t^;}s#M?Pn|Yaa%Fv-kb%bwLG^r=1(bw0*Z-H6n4;l>Neb znx_ucWi%*IkEe+L@S4c*URoS|3}GEgUK$%Vho`L6=Qyok7l;K2B9;CS8Mi*36ha|> zg!GBJ`}0j@<>JxiT3MSi{ltl7)nHJHm~82oPc=G+Xg#C@*9kjcwnVyA^46bZdv$q z-L(hGspL2H-{zjQG+aZb&QNiW+ASupw;Q@%-X@t67TJ_&mzH!sB^ zrlZ7JqPP!f-CAf%wYe5%J#7<2WSj3G-Fd%iL!0r2T3JYe%8IVSlh3^H+;me`MqTSq z_uWIydKZk0*wF^+dQZ44kJ3fbC(zad6;rfZh>w{!fhxoG@bL0a1l~~(q)UN=Y#~Ij zYSNlWI2foCYYRkVQ-0ft(V>5|lncgK3Uv80RNMLA1}+l0q(Y8Ec1zO@40H5rLzMSY zQ!A?q$Jv8{Af5Cz3+}lg^MH{Ndmi<27I_5GduG2VV?YkohQ(%SSwJ(RlAl@{>M)}NuT(-!C?4(K5Ve8_bi0pbT!5i-cMO@Q1I2X z$;s3J(Y=QZwDBMCztW9Sc2LkExq5TN{3P(7$FcnmM{`l^@|o2HL)v){QKN%j0aK6v z*OWIPYb=~6(}$RTa)mzZ%y-SNhQN%rQ%&?R?rNtOg6B+iv)(cM%J|GV9f}&U9lFOo z_PNJB4efG?>Sx3o?+_y*)}T*CkF)@?6Q+>@@T;D!n@RGHFfIoShqK|)ixm?Xq zY(DJ`MOW;h<#|X&Pc{Lu)>(WzGn`41GT|F7rHS68#?)qUAQ5-tdlc=g9d?r8;G|!r^>@o?cB>&5_|~{4d31^uBVv7YWh@? z#u0QCg_SnZy@Z~XEKYxcTuAmU>|Ck&x~oN3V(_yF=s6~JH;vF zO-uR|^mEin1|h$!X?eGg5{N}0P9kV+m8*p(fBep=!QXL(14?{rYUId@UvTvG19~xz z11s&);%E$E!ZZQdQmj0V;0TnELbOXt06^PRFzV7 zGUc}Fw6iP4k@`8GG{0KV>1KMLV6_(vX`PRC5;4LbjH;D4RT~+r3SXYBQ67ntS zoSfpO=ECCN`GgP%b%fynBye9eKfv$}Af1^=>I~9lE4>qnH3(h#)1@dwO^;(r?iDLj z&f03mB7P*e&JuCy^WI0;CXM=s8lcGIJ)Q9{q!r;C(mzM-EP~SBuUbNOK)lZNcj7-a zy*INxlT#x@u267OsgMk}5NV<>lqe-{gws@g*554Ze!AvjercHfN>jHOY=QK?R<69` z`jEOsHzZ(1?N*JTCn#_@;tIP{*&$)iEGQstjBSLjt6^|5htCTJ{k&F~*2*dT_rBA& zs?+c&b33U1F4^C`pTch&Yyj6e%~%}wBc4377g!oE^BX$O%fF^T&L-2L+Bt`S+wNTJ97@XE-cV+T2bQY}cf^>q{3m$Kuzjej^6^ zwT~+i@I9G$TTd$L#a`5k>ime#qDe)B*lQFm&h6M}ZQ2jtx|;g9rn$9MleoLE7s zmZ8`GS`P!{*vn~=|61nX2}39y4w%p+%(V7WDowMz=&2|x)eF*(mbJC7kqX!e2Y&E# zM_cJjhRYv|&hi45XbC?g-=ED4^~r?Eq815-f4s18jPCTj_e!why*r3yT0Oi zGEdH4BVAM9$aGfsXtn(HX{6sp=VT9&oY;r4>ZKqN7Rw8`Jmww`_(H=r2E5!R@(`^N zMhoDPDt}96_Hg*?n<$@Np*81<%1%u>z?R<~hfh8BSt~A^QpuQ5b%Mcfa>T7!{3A0tW?#ECS}+2%}DDB!hu zTzgO3vi0%EI?cYd%C$Z}&G?f|#WGNM50sflZ~omOsO&997eUU4VwQPS9|YhE3&IRkE`bQ1SO>N!DUAD=)8PWn~JZD!bmz5M_ zi7?wSg9}FKFlr)Y7PJhz4xp2!#gO&4p}JS34*!csWO3k(zPrnm7TYA z&BY}LV?5>_-pM=O>SXX&tb-+1jTzTUv9K0S_E+?Q#p?4Q-_Y^?rwaENvJBn58li74 zd5xkebO|`P0-A2#S1#dI@M2%g4WPEzUXy|I)7oy1Ayp5}6(=OgFzwN_1XE-`SjNqG z3|4wgdsxEovx;7+_WmxbnQobuhH*Q1frUx@6L%j0_xUCqzRgzsai)9T6&aA?ia)0|sTRmmcUj)3$K0g15l*;1JKOeJggdD?_5 zi5~qGYa178W$qr0TP~s`=;T<}c%W4VMDh3Ub^T?D_UTt;#GmUY^IXB_?*Zq9ui_=s z;KYh`4`@?a-}0*%RJp?bE4G3nn!cCSp8;k5r;`329Ke`$>7=n%<4PW)SJz71Q>eR> zo>}oJ{=x+%QV-sq%?Pnz>tqi@azDGa^qnbjrp)cwY3&ixs2TTCBXfI91_Hf(r`^*RMcS=~+Y`!vL|-_3&dWEcyi-Ry+Db zzimXtzKsM;e#><+T(uK$;*g*-0GqM_lYr+Ph_G9^?8)ET*{4J?L^_Dlem7@D=*uUf z(x9l(BBr;KMbOG!Df(wv-dxtlAqF0|CKo&)&)X@R2=IF!z6Qr#*TQ<*skK!qSA9bN zg3Uj@Ki z;~XeFqM=)3zcL^7C4S{FgHv@tp#ttrIZZuG&6;5z{q0j)s>zgB@lOeP#1R;oln`{^ zO@U7k`Vo?-)yZgtdir=9RmolPqudsLLCGh>f>>Tnfs7{Wj(lkCpE^8PHJ=voI|H14 zN8k$sEy{80e1t%?9W&Y@&{e_pLo9 z66;4yyxukc8A>Foa_g$XcV>yN>!p*??hr$mxv1W9EwI5l7 z_tRPMcH;@Q^dmwBzfyigv?K>N(gH17984*6hvYXn;!= zaJ%*`LEHA1Y=!tU z6fyHn77dsYeb~s|FE0WQ7mWkm>~cIG|2_Z?)rsKH!a*YFpLp23nYkHZ0Mvf!kz{Xy z*;s5RB-i&_tTpJen<;euYH{`j!2jcVDJ7<9Yqs(;j%IY3^U>B#<2tvYp0hZG^PyRr znMke3wCKkb{b}Sl&+{xCk^n2&u_d#_T<4Cs3n=C=sq z2r!0e^Oo2Y>^0jACRYf=ys>v+#{w#+fUL_F@sBUGIh^OAbFIeTuZ;#zpkv^x+jL@3 zwN2^@H4hS;ErA47*CY7ec0yLo$#1#Zo7CGlwFi79tWP1p)~k2(d5rQL83A3yy?fOp5>_l6?sPVN&aCoc^nhIvm!D=5z({#VxR zSIc>iXyOkB(FoSJV7{MBYaVFB=Tg79oCkV`?fLY7u3=pmW+d4z!~*uXCjFgNWobi$ zd*g=TzF$zR9JO(7WAA8c$?xVmr|gmREWNZEUmT0&zOE~)2b|eY)81#Gqq1lXP&4+( zAEQZ+{*^I6Gi>Uyyv#rc+PSNsFF5QKcv50@y(Q7(I2{-)HJENpdDDm(o6ERT*O}F` zH+mPZC7_Bo|9rPEp$8~Uc|S2`A)k)Ci_hqkoLO}xtSlU$Ry5eAw7Hci5mr9WYLwnv zfrW|YSU2_o$DSAUjpmblve1TW0|#n0mD9(sw{MG3DT|xFw@QpVj9T{ZGf%BG>{gal zYQ(Bc4da|MmbwJ)1d8(Ez3q!8y@G6}eEF08R6~G$^CDl=Gtf1DKLcLK=Wa%V;OF+a z&U<#Kk-spr@^V56f1(q{*i3U#FcLy5n9;xcI&m>Vo91H9BbkMmr^or?^qThGvX0!O zUCnKP)(3jumB7Vqi&U_={@2G_pt9qC2?N{vzyKNoJKou_aev@)f1RL=$b?}b&=CC^ zr@m+K%SXWa>*Rhpxe?BXB;^5=j%>#-dJ17EuJ&=Og^vAi+S)AFuKevo)K&}iD9!FY zdYX}eXh%wlrFlzq&@O8uiC2gH$3KgY^%tS<# zLX9>X*jR1d(M+3I0YPh0YZk#{wekn6^f!*F8GL|}-K-{Lj36Lgm%BroGk*3^u&1jqcMD5QQ zeG=fIomfWc3;#2A&5#uEQ<*+cUeZmHkYt`Ln&k*iTj@G8rD_=k6SMa$JCz-R$mF^gYM?@Tl@JF!aMUoJwl@Q)V#$xL;&6WJYB0^|;MK^qk>cqpJ= zaQ(99qwb?>0#tXv*gGg+pL*ib1G^{{d)jWEgGyR?XS0RN64M!}DayJ`0YNb{mW|>I+OiRd7Ut{Kff_l=6@v_YsI9UUR7Y!rhTt8R5wyp zY;m>_Qf-`rpiXDV-7&(bXdRFIG*=1qZn)l(DAPE<@4fwoqNt|vTbp!pcIVmhdtu%+ z=P~(lS`>aB{z^z)N{rclB_Y$=PI`yb>O_UCO>Rvjs|Q=~+VYF;xVQD&>z#LeMl5Sx zjc@Rro=~=mliIQK#*EZK;V@gCVHyh4u_ytnf(Yxa=DvUBap|+QXDBnL@yjnj$s*(9 zq)Ulj{z}q)m{ia(7TP}3^!Z$s8@=%W%3rTrirDqMbX?0&?S57p6SP6cFxi2A=?{18 zcf6$s3d3cT(^~8W`0UeP5jhDlBxCwK!x^606Zb#JVF=X5TG6VdV4cC6+To{9vCA+2 zSkj6-nKB{xL6OnNyd9Hc`Gh9`(BPK#yxGffpo|wQ6Q%5?43bfjz|TLXcN;Cpkd8v9 zX9(nQOAox(==G>uFIC9d4y@O%iJp(VH=R zS&aRO@vkc)yF){30?Ej$0Fku$Uv!Z%8t05~vvcCb$GyHy<_PZfA=IRCPj<(OphOv- zF1xS6^0pqr$jQEUr*L7^`O3^Q4L$Hz$&^VE0pT+ScIumLd^3?I1DHJR1=rH=a4d5a zityV6oGMn{(_k}hKkn^YMiII`Xi|;1jP`JuY8rZAd z%Ndlb_|A8`+DE%8LozMv!{DutXaD{ojxF0a`)>Oh+3H#`O(O*z_&Wv>lQbh)p)z%U98D8ov4i{V7;F);W*uoti-S0-&mTmR z89ae}Y|>4bY=A07+!e@x;hmW0ptsFpMX)r`)=kA2n#8Kj}7$E#c)s04-NyQrvqpZL7lwE=q+tgTVBEY6_)`r`74)ekIoK9s9%j7bn*bo$*lXAZc+XTMyX z)0u_m+D4ktvcQ)_VA0C32t()iIo}_*Ja*Z1eQEZ9sqehmJz7;UKOb>GPQIP%6xrC{ z&~bv7_dD{xt6=FeOlZLV5WIxDJwu{V{#BidmDTADk^wKlT5gd!h8t5O{mKCOMy723CG%Uqe? z3Y71eWW9p-^ggtv0-`kHejw!SX?en?MpNS**10E@k8N7Rt=2mATSzMDlG||yQS1-z zQR2p9PHL#)AMeoqE88!CvsT0+q4&9v*0#q$T zG}PvE-`@*p6#baW*U-2RLC5OU~EKY(OOGV&e{ELt%!;&YG zOUr4=e20Q?4FGu*DbM=Y7*(<8M}x#na7}pfZPpyay7Xg`)uy|CPLy68D>+OWz5*m*NM@$^zO zn`B4N7dT!!VpHcmEO>49_ujdIQQ^~K1FKqflEjb9c`e(Id5Fr1@32;PO?Nb)ceb18 zb)P1Bln-@T#H%L|#JQP15>XhPuftURQb?cui9Z}v%n%&A)}~c7gzngZSBehUy&3w& zlzbgm<2F#?kNfi_^^eB35#Qq+eU1I&bghv~Px89?yup~P!SlZS0@dXx-$UVj)_FGZZK{&2>e*&@e zoE*Pj{EKIf@AWxbO?7#!qMHK&d+vIIYGp2i@z{grsP^Ck)X|@~Vka0=9oAkMD=A!N zj`d*zEO8CJx_8D&_XfD%>b~)N4M=_4?gRqJjEq7t-mb0B0Ihji^uPZxXshp74za1fV^n?e{txLyaM=EM<2;l zu9X%x@C8=%$Rq~n_@Lxg5J+F(s5NWvF=0tpfzWgS?Rj%Z4 z_C0f+=Jij>ddqX+c=pREx@g45AtcTp=9a4OBH$1VVX_NRZg`&nIPybO7glk`BPtD2 z2?OeO+|XF08&-^3%Fb{vi39B62fDF~)h8w=e|>nx09KC&At<~?FUB}>ZXfJ##g{uP z9n!gZ7C!<}XB2%?xeVyqV#Mw=w>YqVTSrI2tvC69Lmvz4RG=5q*D*bV4QsmAAo1W} z7)mN5ZF;|9TY-BEj51u&Ey32iS}LDZu3o(SCSKd}(QIv}4W3G;RlE&UHMjBd#jptd z=bTiaUyM}#lv21>Q~`2pA&fevu_C>Azfiq4FIsTX48IbfaGqR-Xtm_y=)ucE)c#OD zhOjicLdf_>JW4|X2;-XLz+h12NX#3O8ptwyKJ-C(8x#bpt9cke7su-6=0MQE#K7ba zsB(>6#xdcOhy^-uMfYsb(?u-OiLxa1NvOjImu9KfrZ?BdzwcBtpXDd5*OrSwgMwE2 zj)!#@g28hw)P+s^)9nlnmafIwSa$l8g@I|#H9{MDY)S4oCkA#=+6baD<(R#5$Yy{l zF=vM7j3*$UiP3^n-g6Ob>~DscyXkAkI`kumDv^b7#Ea_1?4gb3U8j7b<(KB7cuHT812lkg9|dN>*+vD;<|_zQ~1xCKEt6_Nb6&L~H^ zqI^gCq9{JdcJiXXYrD4}$sRlSVScr@MDSj&Z7u<2lVHrD6$NNg*>Oep>sQ2JsR(d+ z(`5~j?WVFh+kgF6yXOLDRINCi#(sf( zf)1lk|BBAmkQCILmV2PB{+|NAo|^{M;-67gAUCJrowtL)zbg9NSXYegGr?2WggXSt z+bPcgiE{2%WSlnp7J51kyJq!QbVIgf#?a%nkCHH}w!q685^ylh|HL zQ*%UL+knOEA%5v=Q`y;A%_!((KirVWda7Bg?`HV<3W)X6M5gawv9N|W#g&{5^qH6 zq}DON_;HAg;mdPB~1UU>wk3PW(j(w4JmWGZGjN z#?B77C`eL>9ky9unC_KUEf=bhuE*A1;tM~kxz;ptj#l9oC9~Mu^Q_6{ZkmIDO;Wbk zg~x2c{*7;L`85dZ3j~y0{kPDCug#$kVxu?URbJ6<2XOHKnz>*59kUz>J(I`fNYE>M z%~{oNyvjLP7GT|gH83L|@P4dzmiJQ;uA+fgcZ}SuNELm^-Z;!?1;0Od8VkN(8j^S$)N?z+tI^7u&)@%!dMB%qKh*qmWRZVOXL~*r}H8}$SmR9M(sXW zz7iq>!xTCwVTav+PU(5@W9Xl3MX8?+pd2x_s!lVeSJ-U2B9@3`;;b4;+)mB*XwV+1 zJ;O)5lGR0_eD-Ms)9dEl`h~y+EWiDz=wFXK*Br-!*zY@pxXw9wPrg9O2dl#mmu03l z)~PR2n}4H9F`dWn<3$e)hWR*v_M*pV7>O$jKut)AwW46l+&eqEpzFl3BkUUgVS<`ZJJLLBz?Nf+zQ{#`R+Ny6$#M@ zu=ibqdfj*(m6GBKi?*J37~MVn-k~;`w@^Y6(}^Yq;oq=->;mBMCGLeVz6l}wFUBmd z0o)&W&0{4N73PwSWEewGKKW{g9dITg;N&wI#?%t}XkTkM=mkdbi>dvb`ZS_C-G``a zXISx;P9DdZ)oACmSJ)%Ig!k`%Ktn=6isihXktK&2tYiD;m3(okXJQ8>CH!n1I|kM9ysP$C5Xe)Bw{UF4^kssTjL z1oHZ+?75Ji2N!6#hi{@+ztPscR}d-1j`Ebi5m8Utk`H&yh0#-0=Qv3Go$XFM>7w|E zYmA|XPt{uRQ_D7M@cVvwT7hg&^q%@3T%>~R`Vnv3n@qle3^H<>< zQCby|hgK5Onz*?1xB3HB6GiMUY zpu|a1MPN|{=k%?4nXC|={{8a;jnY9Q;w#YxB}G68qlFt@tZ4;}G#)(W zN806zma&#m$4+7PP2HGBUtd3A%K}TvszkN;ZD`_Emu+a}nTpS9Y_9<-`v@Hx9yedo z1Pi0Q1LBt+dh;V5Hq}C#)D|Ev;{#*+&E8hoynN9}yMAmG{1)$+xQVo!OCZGf$~cMX zy0_j|x;HN%&}TU@3@6+VpV~*x);Bc_{LW{x4L=GDexSV9`G=W=ZoT()bB61A*jzP;x8gajn`3VbMRYJk`l z?W(Dc-_q~Ft9erKw|j6**83kpZ-IHN1f=P4t8 zyuQD2kxZ<4?^aB;d;b6wyjf7Pr_>|1Tcb2`i0qS;X%aF!sxk8Z(|V2P!uAT)dd^70 zOuS)iD}#a4>NRQbbsuh7?*g6VraD~MoAxoZTz5(i9Es3PW2(W5ob7#^6ldm1!DA(w z5ZrBJXlX7%x9}CktLz-wB!}DKBR&>Amk3hJHfj&-Jt0RTu}Az>=sK)!GraFzLSuwRhNQ!@(7Y>c3xNlt&i)=O5o z?ksSv#@-s5x8+Y^jE4g^!1bVwLd53KGm^2trJ8kF4U+6`ctH4*Cr{5#4 z@N-uR{;OT5KkJ_CDUieIvhXv`Yr|^L#B6BoMIBPI9`6KO%rvMT#CKN=CuC=ap@1qG z;QlA%8@h&}Q|sm|?SU@3wym%V6@_G z_?4@UIFT0cRacX2W##*w@Ei%VYdJhhJ!IOPfPi0CC(NP8Axq*}W!ba0KBjx9!ry{Y zmC3R98Ja3J8Ku!*9HwFewzR|*5t9%}&!@~N-r79k7i(Z}OaHty0mopb#gHnLg?0Tm z-!!$gIRdD|G(rP(L7ccS@c}jsLn*y`I%Bqei@gEhF=(vM_gCVX_09SD1a^DkwDe5$ z7lQEBEtPsg9oOVo*8EFxBkX%<_F*dJs zy2bw|K%_HfRy_x)J(tUGf>G#rDs;9beaQH7Hn};d`7(L0KMkpGi~(=C(ZfEgm-aRN z)zuc&TWwkj(K*)KYwmvIqlSqmKq@pMino zbL7&u$=E+^*Z)$6Sd{zg@iGFtU^?efkyV5xn8!Z z9iQu4PkBsksDJA2XVMSROcR7dxvL<-#X-E9^J|dWT%dt#O|5z2@Wd2JI?)4>HtTo# zjCD6wU8gfz2bbu3BC)g{%3@uoAkBcjRnk!{SnhY*Sq6Ny%v8%*y|cXE(^yL?-qyH) zrlmts;=Oh!rB%=%r|^yMb>(03Tk7Kq)l!(7z-bJ%CZnEhS~R+ZN1}zbd=9JLb}koU~>L| zE)CHyKv84M+J79&YZs$%+qL5MXJC7U#(=Vos4vIi=)?=OX?g?MsiqiSy3kfTeuInu zQtnw{ray%5ToB)z0*7ejx7CZ8nm&hUTAf}i%8HffMXK5R1#d8zP^+dnBerMlCjoV}1+Ug@?X~Ab*qn*w~gAGO00(Ior$G$AA3YZ>9=?1wa6lwj8-x zk*;A)S4o`$(wgU1aE)5|;x)q?4nQWYRZHZpA4L>|ZiNE~+;LB5@m@i@0<63Z9t|c1 ze@e?B71r*n4%!=L+jl3_v+!c4FCAmQdlOzFBcc3rrJBDddK5?>1 zBNfwqvPz=Ag#Khvu+tl5Af_zKYOGU4!e50pilzY^UeCx@nqZq2Dr&y3jz~ILLU-Y| zdwWqqumyQN#g|^%{7*W`f~cto@5SKBR&rbrU?6gr=oM{!xJ9{u+!Q8uZ0}Fm?N1W- zG#lhW@6kl+pgpRx&MBt zCjbVVY`jATCw~C1AoZl=Zr9!!L8_T?XM@c#1n>kWwf(ELl0gF^htZcVI$!O6|MX+5 z?Bnn#2;r1vIf%}XRI^2bvW%{udd&KSUwG3;kjU;CdzH*X`eR$dLsNzdoxnu2!Y9w^ zIor}?wr$8ZE&Y?D3U756c2)PSzrCmY)**0SkA2`|0T6VXJ2ObKMK+n~)DOjLyMR;HHDzh_gQ z65Hs3^UVDJ@v3@+ZAzg7*$m&~5s3#`Gr15N-UqJL6IKKBO%M419@R-L!`pt#OK1iNpg z=b-X5STt+THu+Bsm#hNYuK;T$o8AWh=X{YLWp3eprp%{`UkZoLbNX5lg@5>C?cT}|}aF0E+9Y>z*R_?>t!eZwxIF=dWCF;s?AT7Os28SJO3 zhE*bih-5_&c3=>>#b%C;AO=7&DqY7XJp6d*cb=5hPDu^RM{LH zfFVo3(nmotm~T^&V>a|#5Lb|;>p48^JUDkCeH2o^O3b*>WQ)eA= z!gT&{PnrA-zXs;wIKJ7UY@t!U{xBpPtG>xQW;AB`D}N`{$+6O#_a6A^a(J-Xe^pds zb^hazsFqU7i_jW@s$JP%+v9JaZ7i`CMAm22q3Q(Bh#&$ua| z8eEfcEl}w5@2VW0On&QvI@vtB?>eh41pmPk|AndRs)$ARLs4-!C3}+-=9)Q+jtjEc zwa>rqJHI;zX6@di-mLb9i2nYl(el`W2e~ddG-fiN;Qa?}#x|jfjfyHB*A zzYN?T_;yJyRKGJ8BvtpUO}{>gV{yn|xcu^BPBAm0zRqkkdz7$A=fyO+n*zCO;d?*@ zRE%E5$RQB(1~HE#V1c(e^*OK9hjs##Xb_v71hq?xLAz?UH?h3E3`I~Qfg68OF~vAS zR4#05x(d-o9(*a&iy;&FaapBb^SZ<&rdD-YfzBy1cxaq3ddQF$c?(dibRFI2RgXu# z|M6lw+^=7X_(QTqwy?0}q8(U{>pZliH*7+HILa8hiBC-bw zy*$y>Ops)-X?=VID2PT^#IBYOXR z?q4|k#6j;WCpO}yTYOhf296BRa@vY+1%o(6*_}KZ);&sjs_CAtYRj{H0;IHg8rg|c zF+Iw~CVnVd-|q-=euX*_WFLipJ6*IQev4-2cG~*+Q|=!=^@B1!#uM0D2{kU)F}#Oj zgLUs$d_TlH)omHhM65kUM_kzs$k#NVT;M3Jy~eea=n4D{Z{XN}HF0QExECWj`Cr_~ zm;jmQ7ZYK1-J!luKnur1r-P@NXO93B?ZszGF=XUYk~j43+>Cn{_xB&wN9Fa9=XF{Pt9 zCg;x{`nI<$oO|-}cCFX7Tc(BSbHa6NHxI~4=qw13z9#bMiJA;^Rqk9+IQ=7f_0Qa2 zL95pqIzQ_jkakb_b?wbW6y5*aZJhlx(d<3wCjeTM)~^Boj=8Y%>m(hQ6^p^eL6uH3 z4NoQSR!UPFD3IiPahO{s>t}!8g^7o24&&$YGWovt-RP^>Kj$S2lui#+o&~*{{=AZ{ zfUHO0u2}RnsD(0^81iE2a_IAL_5|sfAY!D$692OgzvDB#M{Z*co(_y0O`N0udl*TQ zciJUp2)woHh3oAo+gGurz$tH{2*+qrq3DcUXtA9Y@RbE@Mr#mw7p>GROUz4C6t#%C zmaA|Q(4_`4;%L-WBxB2K3zC|$f11aUl<&=iEAUTZvwc5B&?KZqmYw;ra6_&OVej7g zG*?mF)1tzo=z}#H`W=!;!xyv7NNYj-D6k%K25eTyD(BH}A%zJZMZ$MHHVac?Y|!7q zPJ0yS>B_!q)LYhCm4QeL1FVqiw2|5^bRNV;ljP7;r-#1c9hL?$#Zldh&Td!lxx!n?LxPTw z^9M96%R~5PQK%5X*RUMAd~_2gA;{h&H^c>lc1z=|YjyvT%|H?IkE+8dsCyp6f(k0+ z-P*@6Ub@bqk;!Y^(vrFjF-JQ1ORldE9WqMq0Ah${qTzKSNzCex5o^4ccuTv zliskv&AL*Eou(p+6>E+3GJY_#E*fQt3Xl<$tZgBD`ciX*vpq!GB756T8z?IVM3(4p zvC9#$IoHg7tPRRy0ggU5xz;<2^je9>i9LIK$Km`;q%i^BTbGuBb~TOv^C0$L#CYy_ zbONnV!lDd5_9<%^eA9OoELCGerY5PkuCFfRz2f|dZOw6*+2}L!XurCLS+dx5HHiNe zZ!cq+h238IGnf9tRR96S(R;&hijN0V2l6D|GN7vpA+@|HX9c0L3K=3sNIvbn~J98$XJi6+QlYBTF)uY4pcpsw@P3_iLiYvNOnw4rQ^~`zjAI|L-*|< zeC(cS>0uh6@0fW8?j@iHOv>Aq{CUTz7`yi@m}1n&J@_>z-2Aao7YL*Z&=1qdjIXv2 za=!0u&3g0x_3+gj~OzlR`py)_Fr7nWO=a*x z-S;MOtR8z*c}9~fm(N%Jg7x#KUHO@|tSi7rQ@_}00eeJN-Fqz#d}t!1~ z+F9qujr=}vZvIR6lywRfdLS4x6T8)cYoyg{QkRV644`B2N*#-CO*G54?D zw!)YVxUI#1#Kop9|3{q0Xy)2P{P*6$^MgkGfA{|O{@0B>*7=|71|Pu+4;zCmYKfjG z^2dyY-d+H`($h8nHxvKY$o~reZ0G+bo=4t$Ilu340d$sn$Fd!~A4T4q!W(J*4Cvh% z2^J5u5_yawq(tduQ&_HdDPC_D+@K#`8Dp?E9noTgfhYOW`{#Q)_t}}D&hqByM<`tY ze~{4ZEP{78qmedJRt3^@eR_$~!l z5cn#?qIpz6Yvnwr(cQsAf9dBbq<(8(^vUp-f6 zZDk$3@2K;vKj5X{)_hpwH7!zF>qlY7@~zg9d^IfN^Ky9ksvO4IGmK_@wp}Ivn9mX% zwQ?U_`u{fv_WduT{TJKyeZx?PUy~8U#Y6udj#tIJD;6L8r zO8z;5IR%5j_Jb)vSiVPvYU~|*{>LZ?|5e0Q^Z{_~dnY@dTs7a|$|^%LffOMuMLrEp z8>c-|RhurLe&0i=x6FUBm0OPk_}=pV-|*Mg|9cZp2mROL0N#22+lc?(e>-@-_5aw& zvy%V!o4>vONOmBDdtAmN!ACoP`S{^IzW-)8g8%>Nk+Kz`*Ql34ZrA?rv{{=0Mt$f2sI_WvH&$2bTdf4R;7y^-gU_oEQe zrupwWP7>P&XxnJyHP9qu+2jY(BuhemwIjqjnW<7GOykOS1%E4Vn+{c>J6VI)=Po_m zh`+RzmaDh{$F=@>S}e9YWi7iI`hj{ zH)J^o^8BJ>SmSz=hI5#h%H7^!56z0(=K-G9^Pg#vUA`(G%Kz*6HviXVo<9Cx%nDoo zuixX-HUBr@|1~;zZlC|+o#5N~zljI^zkt;Lc=hS-{$JeAe`5cy2XMvu44b|>y}Ja{ zJ7#AkwEJk=MHzmyGw^;2)AA?$7ljJ_Ar4pnz#dEjXSzob3ku~(#3k<2*GWhw!`DeM zpA)j}643fAf#sF^=#>AXrvK00*8hJa5BvYTWjh*3()bFL{c~~v0u}BJr@~Y|xF})E zn-T=fJNT@=f4XmY{|KVHh^K6ILt|fdMt`zH4TzvTM}bV1L`S1^m%Fm>^}mOm_MCf{G)%AE`8t>vpMrV2ybn zq`^7uosM8RoQlr;qoBZLAn})KPozFX`fxi;I3yLUjv=U;<#G*5qWIdoKrF}bca0Jl z$!l$?=3a;j9C!1U?p^vcy@lC zpJy0b{N0xv7A|sXgA&KT`j^oS5(so2A7%{30|i{$f0yDL*0ZrJkNEaPwR*d&5jxAW zBs;(P2RDa0N|8pG5E}MhxNMTye^*dmFzj2QlSC<~Gg(TPqFn_=jH(qUT7fSUcvAxF zf7d9q#>E$^!@sCxY2By-D)S5C#6OFpB>Whi)jy7KMaN}6sscQH;YMz?;c0)ibS~!m z5NR3*$%N&BILC3p1C?r)+uKF?Q2!oTzxQ{2H!!MyP)Mg49yC+H`vfswD)Je9DfV`@ z12n^9^dUB&*Z22^^gnkkIeNx^T}zXKf88h~`q7m=Z3q)mb{C06|CwM)eBc`Xagm8X zu7hGGzbD}?U-+{-OLhy;C96oD9m2mcR;Kjucmt~g%O}jMQ((ZAM8H(;8cLe6)EH{? zz}OyM^(y$g&OapNjrcx2_Tex8M9!FZc#pC!m!JUMt?Zu+QD3M^H0(U_m%G*4e}C#~ z@@SqUhNOLW_Cr=3f%pKV`Bsfo2~vBR6p$Zfc#Di#376WkmSl<(&{BeIq>zV|;RD)# zZd=+IS#7AC|IUUEupt52-{=Gxwl>l9(uNQ=mmzMi%A+DXCBmKsaWXHW&liA)3*aut zqUo$B1jAdv&dsL?01Cx=JKF24e+xo6&cbDDm2=wcEDfnR95K3kv7=Y>(Jto;{%kf7 zeUZFRNj>1t!RW-OFHK>i{clLDjL5XNY>R?^ALT}@F*5PKp_RzJ8Z7~^;q=vxa~D?u z+;8Hm{lCV#xbu0N+P{+GFuu3R0*`m7{E6nku}}HGXf@)Qv@i>oJp&!>f2F2&Bf)X( zjTyMBK2pwAyOwPNo~vWEn)(hvbY38>rSw5Nu8{slO{+#;dLdv2I6dVl6i0s62v*25f}#t)gl&Fa|^+V8+2U zt--V5EcgP7NIs#YGl%;xfA>evpZj)?>s~(MV|CvT4mJ8xiTUT(Mm(4(pNn|}P!{v_ zb@?Mygjcml{(#AH?yP>h!Kml+SxLJwpKLUH+CE(fJXRgxBI)!KP_b zw7oDG;so}Je~K%}Fr(oLc5Q{2r0Z%E zw}Z-T_^D_FfM6htHP-^=?bOZ2?dUm%f_&8n9ym(U+@xjR@#+ z;xaF}d8u*ralbL6-C;eZ4r#g2FzHyYdfLru6OhYY1np<4=zq7A8TBZm>}DLHuq5}|tCyH)Fq*t75UM4kHS>_oh{Bl6MpMHo? z&8!O@e>KYqVC7lV9&etxHxpqR5c;l08x8DTny3l{@38S`f>s9kHyOR!dFh|*(ZQZH z>e_SsB2I`<_k9}|W84^OHN;)%ZPk>i&CGRQ7eFKAhcvkn0WdvzweEjaA_)(cHa2Al zkx%8o(H?orTw3>TL&Mlu5vH0?G!D{O#k4$je@H($fci^q^&Fcf&qhf}6KOuuB%nRi z6?kwGloLGn@8-poIC0B|TRt@SPz|D;;c8p4DagWXP-e4;E@PysV$X9rFKFQPS0 zsqP&=4ztI*-eXnc@yRl5RQo-yVcF?YjkIy;24}kN7hZ8*rZW| zf9XS)Zh@fDXG@*UPzSdReWs4#vipG3$8;UOtKhQ^kXZOVG}(+H_9k8T?6OF>CE&&h z$Y+W+;iU7slXCsM@Rzd{T1Z=yY1TbB0q9C&TS7xKhjjmJWfri{Ihse!op>VVTh;z* z`4^47AEGPZyx$jog`IbieYc}>!vl-Zf8?^v=vmJv^^xhM%ET6jQnxEixyYuXD5e}K zQJ=eVVQy!58dbs2bnleu)T#He7x%U7XkFaN@kFDOIyn~G0`vG-$GP@FHr+WkL4`PU zkzh7YsyI)giH1mx6zvY)7UC_;)Mh-gP)XaFd`Z7_3)|O<`c~Yt;f*oNCb!n2fBab- z%~Ca;4kRY%AWI_vc^84~T6G$*capevY6UqY3=Gt-D#1|o!F-KgCkeF8ukJG;T&kGg zwf1}T+uBU@1t6-Tux_K-Fco|R*eK!(CJiG`1W#jp^eG1Nk^3lldO1eqX$@ID4)ZL3 z;>)&8pQFWCKD3*1>ZokOTwspme*z9`j=ZN5AmQ7;ggc${GRsK1!R8I4kKtk^E;{7$ zJq^UGEps{|ONY_iax5G)d{0^pC#?h0HC1JhaiG!Vlj5@Fv{$8aObBw^tZ8CbR1WdC z!mp*afOWA8+Y-z9Dbn<7;~i>ke#$mRd^MaF)$f|4#AxYwS&VmShU-Uif8k{VuR`}~ z^3~BD-wLSFe|GF)2K+5IEX@tn{QgEPjXjj%}>i3YE}`@eZW-p}Inn2%_wRCIO* z3;P(o0y#8}V6Gb$PPAk1f8gcb-bQh(yTmb{W2BvlM>$qE`p_S%YyUvOgvMSW4raq( z7W|T>!F5U5Owca^gh@HTKQ@AcR{vd#$K0^Cah(`JJHmu}skmgd6L-aFFvZuLUsWYK z6s^4GR$kjXvFNgNz&r?wbnM}O;O!X3H6D+&XN+Z@Va^xf`GUx!e`vWf52koYtq%EJ zXk;|hqSr4XN&E2H$g-wEx098#VNPT=e}`%%%e*(-R^hjV z#G3j5R{MxmmW_j zvSp*Xa3Dr_7LQ|be^l4vN^aedSX9P)x3Z|p&jO!eCwvway#u~kbGVM;^NWh2Qdl9R zMs(AW9p!CYi9PmaH?##-!>^awcd2?Qa)GJe1E@yt*6fztJ7!+ToiKV>#9tDdcrIcH zJ~Jknnq*va2+(fxbB+2&sJ$xV3b}WdBoJgQzMxT8Jiaf8f8w9qI@>&HyuCGtQCB-@ z=j?PMeC8*`JZUlbbAhI*-eJfzt*fHuP*{%B^Ek!BJ90qe@&o!Ywo)tAfoWn0xG^#q zR_v6FHXc9jQ`&elyTLy+tcgVnCPD)tvmK22!0A!7dy{M1%=JxE-x^@aSzlD}<76h@#^P^Q2KSf1-e z%UGxvEYaHqY`cIxq!c#N6#CubQ3amiq|_!qLuT>u}KhbVFWOXl5wxmP}Z zKz!DW=i3*_{LixEsLf)_r^9i{_BfqH<%BWdc8%PY^Bx{whFLX~ zqF-LI;CV@Q{`}|tAuxW9ryw%w2Jn{WnAN<%fAn0qsU|BP5{7>+M@oJ*3vx+F$^*b} z$zsN-UyKRR7%20;QKkXCC}R||u_5PBvjcMmHW9X{rct#6d9s}*_@bRvkKJ@2G)oC1 z`hAd-$;&$aGGh$|O>SMsWu^Goc4qGGe5s?nCT6<

NueUt1dz;EvPCbqu3P*yV@O zf7V9dVYEm;?vpd0&1Z%vThD>dA~E;#)ohaG?dLO5`S+{Yhg{Q6VfdK%DJ#mMs3-*# zK7)V%d;EG@#aGdhEcb>IA04biJ^{1?(P^8IYJ%sIKBwf6OwzNKOVjUPP(%i^OC;lek>$#&5Yn-pPI6 z>AKj{iNA$s7V&DYn7(E@JxTA?g9{c#SR3p@uMK@XFX9YSl}*@#8@p=RlW;jbJAL0% zIRx_V9z1>nggO@#6yE6v^F@4qfjU%A&>iTxvrB(-9D*#`V4eLQYT)Z(5`5$&e{MLG z)N78*_t#1e)omYA7=8h`M3!$n;HZdO;M(D6Qx-?k(n=~pNC_D^h%WO zum~xOf(vK-twjnh-JvF4>P{U_?BeUBEu~p&IDrN)O`Vqd+Qptrj>D1ZuO@Gg3~X)3 z=Xm6GN1FPw9p8m#M^bs2!p%WtpW#FNjz_^7JfpawMF!m-=&IPS4Qy?&z-g zGh6F}#eSGG+Z}tO{o(WB=-c6|^&`<50!x^>KUe5ZkYa=?Iw&Qd3v@u3a@5sbvFU7d zeMogSKlZ-I`_k5qR`*yKyVRo-u_FEkr1w2Ya1KxzEk>v_prs$rYN0>sfA>h(jn>Dv zE&z|^&=|kc-*q8^H;!B@edpa#EmMcyFUos?-J1X?Z6>Ee+)UUtZBkH<)Ruq%HSo6F zs`5Nd+_>;;PmO!=uvZa~Mow3CmZf_37wbb^BN%q1A*U+qwXSQ~l${r7&4CTK4Ikfk59ta4v=f3Tn)$$%3z<=b{_&Y7+n zxa(a11EYM@T}cQAO(3}AMS1_~ocy&pBgk_r%Z(9~&WB=aKNN6pv)!;*BG9@~Ze4=d z36Uv{TEKG)CpVlLp)R8vx&&M#8FP|JmTCISE<2mn;w+#}S|wcWl&@{+GSrAW(>C@Q z(fZ;F)%9_;e|xKNRQ>azHdco$TpxWlF`7ejG@XRGm$YsjDBE;QsdX7)yi}&P{+Zbn zhTAg=^+3!$&U0;8_n(%-^uw!#N!?tl)1IqvQ!3H7+jbV$Gkv=k$j+JFd^x}@Fau_p zfr=E20olq1O0K450$TcHUdXsxj-dFG!&~$!<$NQsf88BY!J!C=AJVEXe~?xXQ6rm7 z*W#K!Hgk~Pq=@sY#TnHsf2OY<4cZx33b)r4$x5D){^Mw8Kp)!g8Sd9|gQWIl#LjLP z)v9k2cJQWHHMb18vO+SD{Lq@^i}}K#r|9jr%a%?8YdxE+(gdTEyNFcIF!7cUa}hJH z2>sh*mHA88+zrChhsJ<<6~Pf24qdaWwpf91WQI;w*tA#~T+g5_MK#|b^;Ttx}a zLeLahy>jX(zr`KRf+$qRX5Dl-FUJ+IZ(|;CN-R<%vkp$Pbf6%Q$y~(=8PG=}QvLgP4r4%L-iZfm8N{~O& zd~OJE>Tm5=_qrydVFjqe9EI;{nNMn8&!$LOW=?pURaexxpz8s$PiJeP#6XxS{)fpQwB{Qse~SX6 z6{#nV{gYxT>53{=#?{zKG~&q|XPvAh*}=(6JdRJzskj`EEyGMr4WWy@HYju!Af%Q= zkGy|fM9ATsw}@3IMJt;^NYXGPJ>xn^D^ttzstmI^3*BINXT3*bJH&>(^fl__e>I|{ zCyO_^3O|1kUlrdlV!HJSoq$?Z8E4|szj{`2xqhEvGSMYRk9E3GfMuL$zz=sog{s~Y z4~_CJBslLurRb$OU83BMr1g&(zqZ^yX}7k_`IMRse7b&ePZ#By5aJcN==o^99Xa1R zuEDJ-gjpv7z9id;dhHTz%<3BFf0RH^V_m-nHC!B?PDQGw00O8h)JCYM3-G3#+6xQ7}vJ&pfbcEiq z(WJ>`LR}c6x+8K~| z%g7_|S6@SwXakuN>WYS?4~80r_Q^bb!+Ib>@$zBYBw?V(=+c#M)7J=3HemPd+0fl! zn#3UA$RrDM!Z*#Bw+?eZ&5|Cy_sR6BvV6)t#=;bz#-w*8`aEfxe`On(pq`+0voSjv zXv2KV&{}x!+xTt!IZQuFJ_IgJgxL6S@U0%Om#bhsm3T^&RkL7&jIR3pO>(<}er+sY zw|HNCul4XXGyh`LE}jAXFcai?Yib6Cnv<3Z(lVnC%o$~_Sf*Ek35|*UMWAVXzs}pn?AJExRrD9gq~BM^A@G-eV)tIY9xPK zCtpO}3J*B(bjgHM`c&T0I%3bcatv?tSKJ!_vT(_d6(ZD%bcZK%XW1bBiPymTkMkbe z=4CH{na_UQx$(d(8}#Xyk72F381O;(PwWk%)H|0mbIvMN`a--OI_+APGQiswYnC)4 zIMB|=@V0|)`v>l?QT!8o#i@D92jYKprQNVJWI<;Ray@B|5)dsh#6;1Ugbh;wkPKc@ zjtD>|IYD%_{%gk>#?cTJN`OHfML_)a3945|5?Dd2NHh}Xzk~=W>ZCD>+7 z@k$o7SaZD#ML2*aV&w0)gZF&Vqq-rD1fw`{BK1W=v;Xmr?VVog-+D)?5QTr!e6>ak z9)pinFH*wna7d1Qm8)H)0pV@I4w}+bU#>>+93XE$#}RR8C}oh0vnAc8jms7&j8ifW zQ}=^F4?RoAMx$^HE4X|(Q}@CDp6?z0w152m@L=!o^!%rtV;(JGZ5sif)1T+)M0ZZG zO3Q{k4y%VwCJLo%AhJW}H3on3o&{CEhjOxO%7ft8yHxWYN`IJL@GTM#y$0{!zZYr@N%1O^K z_!jzH%4jNtK^>Yy+2+g027W9(h|uMj5}O%W%s^ySD~4SaCZ{nYkx74f!%G)`T@(Nz z$bZ;JZtn(q)APc_v&;-^#kHc*Wh#XU@j17*+EVP;F^!mz$2V7ye&PqPTebxdA@lBrd~xB%>V-x3*Z|{R{>BZicIpBN zYkcdpotAu)-QB~7{mXyDC_Tbku`q>}VE%TpTR=&4e0Siu1NUE1=-wqHH{w67X?SV)a2u5M{` zC0%lQ!x7>VxT*mg)^jW@c-ML3$f}K z9{Bh+>s>{KVsT3Yja zs)#C~B7(u0+j`>zS}$C3u~50nDU`V-6ze7viWjH9_+4^_h)|ty{1kJGt5XY>(23mA za+OuI8D>!M3X^|(jD{L;qF))bOb8hqPK_xZ;gUHXg*(YkIObvFj~|if)t5=UcYZkf zFsZ}{7(PDOy>?2*S=T*^mxud8e zd$p*LHvC1$KC4nt$#d8U<;bo#stq+cZea=V;rx>vvpRnSCCSB4Obyi_N_BF?x}qYj zp`#M*%?jWZ4aOeQj1hj)(btQR`;o0<1yFTKJ}*Ye_#*niJ5{YZ==n?WT-SL1 zi-ezx@V@vqvQv_hDVSGi`mz@JRTbdO4-J`N;Wul!D?Gi$p+zGQYpVIc0eUPZ?=a_&k5b1QG(n?}S;TH{>J%&Mt=0HDj;30`0M&qGnE-j1j!fj-}yBC>XMPDYmkO48gker73 zE?Dle0UmqA6|vvuSOsCi7*930C`X}9qDv`u_9cJ!-Jlo{-X$~xhq5_j7$-VAHHzz} z`m%ok>*qdK|M)5EC=vnI4JcgmaAim&GSEciE9-d*`kNGRgQnI&;00N6O0j@`gXp)I zN*>)=Hp&s)vPXLh3}zDh zcw}%>7^Ij`gqjyDfEU{^gvhI`u;xlFtae+{@0bV4d?h$R_FgIqmWUOzz4g{VIkz(a-__hIx$?{4Q z30&5Sa}_9oSSFv!Z>*$Tr{@kigp#kg%YGaUGd^?Y-8)*5iX%D(I`Tbg!N#x?26_ik zQ-@KApYt!x_Sw%oh&VBaj;o%xQB!{@JFf7C8@R?`Y*pWT1Jn)?FHU8lPR5gyM0kLT=?q%`Vpsm3lk6H@?i6oU&zUs3$}zsQciY9|fyO8$S5L-|#B zemeLWI{6q5pa9y^KQoT7XroVL!L(l^dSuuva7@+}&Qqd~cG|B*_IhwE!2uR2wO9U} zBo~X2Pdkb}DkE4B5E(I^!q;gnk~~b1?~?f?`Q(?@___0@PT;{EmdB*5?GU%TEs&M{ zP*E%mfcWo;Z?IPy*)iWBJ(!cP(HpU zUyPEI+k;!mThmQyPM0jUDVg}~YMmSbgac27bw5;cV4@CQou+@8udn2V`EQ?IvSx!@ zV=?E#!zqxGWo`{UPcjKpwTc>!0fxk*_yrW$5rc&JuFA2|<0!GOzjIWT?_{C}l5k&A zcr=ncwVcJ7!wGjP9vpX2-pFN<$$5}3xwjaWh*AOoM0LYRf!JibL!DZMgxrA44Ct~x z10~B!6>2>`m6CszD0dHaBiywNk_-e+DIJi1$pV6-$~X}(2=P=2Xk+T(g&OQB#K5Ws zPMCd{Q|scxH!M&WNmoB#dhY|eF(t&V7*%ZX8(lnORhaalM*$Ro#Ry-@_^&`T6vSUX zSqf=8`r@WQC=_96;1C*eP^>+01PH5MCTjCHl$qZj+ZcZ|Du?9kYUp?rct)pfL84O; z;i4Wd6L2#PSPj}3bsBSpFCvG?(npEc(t8A{J7`Mc+Y0M>{N=e`+9Qs_VDkYvNDr6Dt|_s_Q^m&*m0OR6sM3TJ;VkrWU+j!&h$&E1RW))Qq_gd_D3 zBujz(ZE1hK1aRRw`>#6tPnH?zzWl-FfRpY2&^UA}Z~xh8ZEUP9?f;(Q`Rz9wiHP$P zTYhE+Nx+L)?$Fn!S+{Kq{inC3F^a{aY)KTh;3#&{d~93a_~ux>yh&A#@goz9{Btqu!OO5;m}FXt|x8qkTzO66dW8+$OKF=54z{ zl}y5;Kk+&Swx+HCUQD*l)y@R#s5qu-8l}X&Y=relp)mO$#Xm>L(0%$;pjwm3Os?7_ za#JW+OWW-1jl_v2c#3{zV={oU5e`z<=zo7}JlyQ;MxQcFgzkMGsxWG*Ql}_s?l3Sfil^Ok#g~ zEy5L0JbVi^?sGO(= zr@i$5e2S-T{tw@u?wvU4hjamLOq>6$jkV(W-`ZOGe?H06cErz=Vva6(WPII$hxeBW z-iLc)G(^?%GocdDTzS%h*0%Mv$g6+ifl6pzPOQQsL{-sjL&7?h`l_jiY2E%;#xIKy0j7WO|7-BS z;{M;-TIzqE zU%ob6L=2w4Tqnow8;#a9mIi-v7%8Jw6*K2pgNo54S=7U@P4hXk0=+JZE$Vkc9x+Yj zuvqrHa!g7fDl5^SqWRpcF-JWW@b{b98`9LxZF#S zvhr+4g@yE%G)jPwf8&|io3sa^`Ko?rWlwfrZqy=kDz2x=M}|o)l$w9zrpTMq#%>^* z-J6X?qOrmx<@bpWM}j4ce9TnXc`T`+>UD1ZsQLSIpG(WznORaubWR4XC(@D=bq8s>LtKTzc%hTN>OCS6uJo8AeSrE!$ zP(jTc2rK$!7S64R31cbw7McUnAMZ1&9K;Dj%eyVgU0iTwtmuDmxmtnu&PiESwM=)& zaVn0C-VCwBex-WfY^T*S@ zkCla;1(PWMLdo+~V*I(8)8+H%&jkC=VqTfKWx;9o-2PB@VVE)6sxxqaB)8DTe44 z=I?6?+Vd~a{IK2(pl<)`1iA~*08g|3-B>I7f3!Nw`~RnT3j1G0z*g#k%B{SsBVEq# z?8TX*zc_#SJky5oy&+xyy%f)6;Aq1j!NjD{H-+#EV|U|ES;dgg?ZQqi{+*krEKK-g z&y|sS_UoRoJW3xvX`g#<&+^pK|MP1vz__$dI(+o|zqMA$|6^-&$^Sjc^V@IDZ^W%X z*rwnim|OwxYhDcyExl{lt=}|hQ8&M__C5?{ICy`eA1bskZCA&V9dvaY6u%BAj2rlunA`*C z2ld~ve)bqTl~1t^91Dg@>AC1(kI_uT4_QP(8a2QOWJpqq8*Zcvd2uo3peTnYSQafh zQP6)}or)Y4Ln|B8vrzKeGh<5C9L9c_UW&%QC-%RiH*k*9K9f!v_d;r2uSfYV8{5T>mL z!Y)iLkqa$;FJgaR zR@BR5WAbLM!@RzQGB&FU`o{VaSde;ZUud<2EV8<)+I==sB)@JaDZX~KXcPO)2Zola zViJ|$B=v@(Wptyh1}@uRGWg7gKVBNvfcF?RrJBk{EW4oxN13%0vZjhLiRy$fLNQFoyb573 zVS1P3`OA1}?|(D%tVgE*>#dEp^8a7of|5l4H#e8`|0$m0#Q~77BqPmc+OT==55BxR z19jso#Tt<7LB3)(*tjpq%JQbv?0%Fpsc%he*tuIT-Z~;!uaa)v)xZldEMIH`^ z_n4&2dUoMfE;x%S5wIbhY3cM6ThdqLXv&9|DSqdQg#dt+%`)?bDQ$n6%AYxd4-<=~ z*GdL*y3h2tHI3Cp%&SVgsDW)7g1Q2wuq(G%1xcN)3;6`Ni|Go!YJS6p z@0Sq<^P=pBl%h>3TC|OgxCT1d!)%GL*Gau%!iCaNT(&EyzqgiiO2vAZd?*CT zc|rPn;i$#xd%cU2}KoqkMnbz%v z8V#$mO(9CDwaOc{94WhE(^vFbh0``l=!n{;B3c&{X54O8p}jPNch`4F0jXbF6>$Vfav)Sw3Zw&(#S9Fli`mNTZ|rW3eT@z=}y;vyv70Urmmy zzG8W{RRYi{!=F5Kb9WI*Hd3JK51jGZkG=kDO4E13)B*n5zX~J$dhY}5DqIp~O`8wN zeEk3Hsm=gkR;Pa(J~#*qA1V?6n2(tNAP;YriQsvD#6L+3}b)8}+MRRc2ni_)_4~jUOd+h3&IRDdEz{E8$Wfjz~gIQO?Bzjv( z#mdBi=~y5bOWyuUuA)k6x*c*S2zQd`+%|VzxaA7HG3fIcx zd0Jeb>{0YnUPc{6{ZbL*6GNL&wvsWdd{twGTO6~OXxmx!=*;sq(Pi#skUM)HtJ%)1 zpTFJ?GPBV|_BC&iI%|jXsVz#~&0CttTon1`lk0L}McpUEMXASyo~nFrRsB@ojINMH z#%n*8X)J#;==sew3sig3-jGNTd7`0wCEA^uH4eqAcmchRKBTex6VrmM(2CgQ?5n|; z&G4w0xCo*irrze%TnQOfB)SSF6ayyO4?#vFVu*2=?l46kMzS0NDIy29vCJf@a-!V; zEDZw_8YU^b6uT;M9r`PyG$eDFC7iL7EdL^>#NvN6xL*w^W}%tXX`^zy()dH9!=M@; z6S<$YVJGGc%`?rl^?zH7i)k3|kcmtyp`eK2;?qH*GsgpKE)M&gDCS?sqLR-1?Fmc8&_nj zR*!#?S-O>D3jJF@@UD#1?#5EdOZM~%bt}bpXmMlmy?P1h)Z@h(*~eT(BaJMNjIzky z;eT%j=;C=ka4|6{Fc_~)l|wn7H9-Bv(5>kJ?G@`CaDJ=`Oy#OjD>I4m*V6qNv>i#E zs>AHdXPz13D5BiC*-yJ?{P>tVhf-mCqey=Y{h^1s#4YnM%$?&JpM3b61(Bxvm|?P+ z4u(xtP|~R8H_dM_32lx?fikb2y}(ev#B)CLS96~!EpY=AE8>ZPX>p(Vcwp#0pdt~q ziFtXhro(Q(ZxfIPRe^tevmWKgHGXrVVN@z!L{SO{kUP}jl11W&J&)6C-ucq#E1!RS z5Eex|COby72j`5BeQDJmg@Uw}BU9voHG3xhEbM=YXTR;e+c`Pi-#tItIXU_H{qgJn z`0z>m@?Y3WSVquui6Ae$70-$_bLest!k8Y9j=2210_`PG4Os2ODEu`j*u`pH%yvJZ%1?|HH7dMFyva zqb*=(f^v2;V_SeTvx;}}i(ZMHvS+x3tGe*|!jEMPmIQc6lA}1f$VIF5K4gD)Itpop zBV1uFcaW=>#&ND*eJs3DN4r&ekBPZ`x;HBw8E}G+LNrS*)}bQ`4yZ=?g!uQ>K!6o(>PL^TBCY(i>C#O5dr{~}AzuS97B-rtibAo)1{7n@$ zUi%4QI!rJlGBiv{*KZ@gk9-wsm_?sB7WwrKCKCSSFR-_Q3YaPanYw>HV5*wuf?ku+ zzRbmdjsLe;b2d69Xx;}(zAcHi#33ZwFHFnX7Gu_}J6SR-%* zxB9vv(@&q}&O)8ye3LPDA|p6{dcw-vSz9 zrie}%tZH7Rrgnh#>&DE^}Od?5a zHrt&orv?9Oo8-|5p7!iF#B>D$Kb8Bz#N!f)N49>ala1&31?6LGI^LxqE{8-i0#t#h z&6I6<&I2-jUIF>->FLq=?)%q!AbrqkYBU=t#fpFb4S$08+V_7xHOiY=h~wQ?&;C}k z7|wumKi>T$?9dY}@yn#ez!Y)9#HfWQpi|GyUOgB8_w2Xtc1~c{cYZv5`$^0_c};ESzOBL8p(oe1TF1D`gX z4--(VC-0MZ1-pL^U^b>88#~{sT3|s9Oz2`m{N*qAwil$zoAY-k@xGANl1-_Jy9sNj zd~8=!yBZuYDfrnX-hj^T+-&4eamumu;FG+HZoqPpet4sj5uWZ^n~#o2=QWkl690BatbGOu7^&eMSMt6lXy?r&N4lnO<2= z7U4<>7MWNbojC8ETB%f!tAy>n>WNmA#2hLqZn4JbqmVL{)Zz>i+-ms#4A!IgOWY=fg zwhZ|PZ(O-`?`M*bCEzOoA}gEhlr0zBTlatcFg1h=BX)quXOsspca zP;==ts}EOkKJM+tf{%HXR5usMi!S&Km~5CfTer+5lB(tAzXZ&{ek+HqDCFareKcR1Cir&Enj?=>ud;7AZof02W%H-Id!$2l&K7ju35 zpbO-=tRZ>uQ%oWyhH9+U?_nA#0Zjr^YqedNz`(!sdgES@BNh5()ybFDn0EG6t(AX2 zppn501_p~TE_i@p!RL{R%Y_}SQy710lTs?9epP|gCCgwl6>bhdVU14C?<6#BomxxQJ<|I=CK|9P56?(-K$GyysFY#qqTDs>)I7s*tJ+JWVh zO5Sy7mdu?85(eHLWf1}YI6q1qeKSlF2;ib3P{k3129F{TLS9_Ew1(dX?=fn`+XmmgBu)=O84Sq5E|2Di5?J2?5r*?VyrMB6h`&o zJ$coYNJ)O_>CY3^U*!s{F?IMNmZ9$ZJ=dav%P(U=W*wfeDi^dO%izdAN?8P-u%#Bx z{{ts^?v#*E!|~SffAIe){m0Huc*v`Tt3t z0yV}NPjcdaZDujp8|4J?`oyPYa#%>pVDNMk3KsJg7Sh2tN^Ba(W7Y}@u>l}}>G5Ks zo-m?De&?6M#5JzHVBjRz&Fd(-X>1FuQ~qH0q0!W{Stf#F^fDR2NrYL=jqsZfibE!o zPMR)BGa|PlHTZqdYcGEc!Sg#W&E>dMa7402Be`y5KkQ!iBXc=g`7>PrUHD-WeNoY8 z30;rWXSQEvOJy>G70+j*;dK_t^V#4&FRNmzqcJ=z62p2)-6B-5LNyVG-fbZr%jYIt z%Vz;kAuY)V7Zx}i{{z1lMyM1pV(?7@jZ*H}g^Zz7I?fwt_o6*H$7Qj6Ff3v-u|EG9r=3m;tET)Y)_Wwp_ zZ8`r>@zl(}l3_mA{%?1d^#4hoI{H5fQh!0)f1drn-fk`D|0$lD`Iiw*KO_IwS!wqqAPysO^7y*gClP{C8Sw8_WIwBu~x!M?)`6uKmk}P=Gnk|IWtp{C|?Cj{Z|9 z9Q!hg?Sb2S;3Ak~|F_n+mh=A3!Bz>7xdt7k7{-BoxgE5To6@}9^PDr9{kp1qLWSe3oCEF8nOP_?e21R5TW;ww)z z+xN_R%Nu{p8TY?|_IcWvvj2hF7wLazZGCOI|DWQ?S>T}s1==jge6(x@WcY^H+Yu_; zixsiMzJ_E{mst<8*&pu8^g2pB(f2PeJ@i*(n?3P@%HLi4sTZINKbu}E1ItSDIt+KT zjqQY~7xrxU$t#hSGV68!5eXl3O zs?ACzGg8Hzx!rswq@$8!Exbiw#hz)K%(^u}PM>=pQuHng?zL8Cnbl%Ivqepyze+-C#6XHI@mtl>=bqF1JX81o z@!rnsgFR=^pTCXC`@g-mwpsN5Y;CM$=?w~=+kQt z)8@ecgRCHKISqmgjYF|ML1P|5%qu+y?uR_dBWEN~DMtQuq3<^ga}AgH)uKTCxx(c%cendnD%Vd8UqcS?Vp z0CeWg4+6^%Z=(SE>WU#JMU5`ST@11hRY5`|`jkAE8q*_kFi*rd8i{L{D&M(d7>k8Q z=~3*)KE{4YqalN$98OR;&W4R?5>jInTwh#8j!ut&aa=4{1c2kjM^X@D9wzAbuK+{H zekUSuM`7=pF`JtP!bYr7=vs-Ivde!+MTem&&&tqTX7Zo{bcKr%Rs+vUerhcX5E17m z$`!gP87g`h0V|D5wLkLIoENZ6C~>VIzi=cTGyuRm0mb05!bfDMZb*yp(vJZxsCJTw zMQHd_rnvHf(H?kQb^wf&NJg-Wa0+oZ!5X?mSlCCBkFkftI6}`xLgeKr2*!Wb2$mT% zgD>uA6(z6$hC>fmwj(|5ks*3u8n#)U^t2)A+GG^)mD*E|OeI*&-p7)Bcs!V8vKEQDa|Wio-Mo zyqPb&OAO7Y)5qkg2NCk>mEsD@{TTLW%q|L=luSkXfZ#xo3yLneM-+eNkQNLPx|o~w zX=M_*=g!7yumQWbE(RwkNW4E1Q|Ld#y?x`fHR7J+}mTO@>!P-QIcq7h8Bq=+|8qKOHgR@B)L+g6DAhUvAOC-zk0nfDWR`-h=fUA`4}B+umZ zqC(`j+^;UGvoP8}J92*|<}$PZF=^~yP-1jMYyOaAWtlj;a1&T^f#37OglM5S$ks;$ z!|S6j5)QdbeeM!oyUMGot5;l2^$wfzZiyHR+H zu`Btc;ezI7(z!(?X$_$-7@#b@<^@Xh%re(86GDY|o*W#tI%$72nOCb((E!|r8R)AB z=?&1|E8c5zMP7Iotw{Kj4-hX~(y-!C4}$~`2`!H=OM7HCrV_T`ioc41C{pWq>bMu= zo(@>e5&YQdWr+-AvKO^qWe_&#^)}|1=yto7bU>rzKN$IY`#(FaR?&w{mW5uvrYRvZ zF9$-@mewC_bUc3ws+k^z+#rf>1Sfa0igPB;v=|4g(C8!$Q3gGgUD++nYXf?N2ZfsaA*zX|qRma4Du{o%n>i+lvTq^A zvRMUA;10SA=VBP$F>%G^lRz8HN?19>W)t9uog^6ze7S!F2?6F=;i3A*_WHM#hKF?aCY-8qPP}@miJVSD+%|#5nRWa~# zo;7344t9U~2S@zOGsKKItQKPeWu_+~H=H4Oz+NM!Gg7P%Z8m1e66Ao02S6?!hD1w= z<{J-jS%!AO8bSbZ=Q}UG!;X0_;2ypYX**i#bf`}pSDeU~%m>nrz%6EVC-0(eb~GfO zmpfXrCCyz{T*7N5&X~Na$c$dUveJ~3w3G6!qY$ecI~-^QZYcQrma{K-7W>#Pw| znk`o1Z&|e;nSVx>L((KqDr!jAmM11F=BR^?l`NRN zn;Gl;2`6`fRWpYCE?~rxa-nt)NI=zl;M5cjK|&)T3lFsm(o767)&+1dm$=+7Q%xpF=?=p&;Is@SRQe*2ur^3+?sQ6`yizrJh#p{K5jJz0Mka;*SR3XZbT1r#1A!K`UW@6C%Kx@ZnujQ=oA2d<%8IXy>ZQ$~Si z3TJGSS8y{SJx{)^{Gsp|JvZQ6v+CSxaZaC`Ua?uyePYsu=BD#)a}f3M2HjR-8b-kw z1S{vd@$)n~ch7a>iaD&6+8@>(3Dkd9K&dxh)D6w!KC`d=`P-Ok|JhzE+JCl|@t>aN z!SGJ%bl4Uh%gX10+ZLPfN}cN4MwFnLlEA6tHT43Sg3_=oBNy6sA;3<9IR7_sG{RtN zxFn%G<-6l95j*g?QTataQ}@4d;XQ8~)As-RW~aFS*V{|`&nJ0G`+w$L$P0g?QAsg) zYl^d9EQ@nD?FOztIF-?}aL;o5&I4j`#aZLnbNfHz-5fH?jbAW|8gL8l6;@0V*%`V6 zbK`!)%B3hJvpdcOtF7H+?QPM1`+t9{Q?&nvUmMH){}d1I{}pj+nhY4u?ginBblUqAw2 z8>}-Kt(~_y+w~nrsi!Oj{Gz3ZR7jH%mnZG8aKA?(@F=Ku_ml8>YFc7iSY{YU{ZUVv z^`Pb8j|rTO#w9_10BnETqmA$KmRj4QOZNtn>X6p_f2C@hOaZ)fG(;m#wD^F=F?AlY zPH;TO#fEl{_A6BR6xCnVOm2J4$~!E)ew}36;D>#`ml-!$1zgXpSC;DPdcAUiDi|c& zI_qZ>58sSN;X~p`%PDNR03?ev^ko^&e;}f%K%QY!U@NplK{rTv&1I$LYw$>uR(EhqYn3Ve0Q(UixVDivmn^ ziOQiBadI8|;f*G(fB)$K?catD2z!5bZ{7DpkYq%|{>R`$yYuZpz#j?zL3MZ7V$>4} zT7sfc*!3v9NyvY`#2ZA=p`k}MV2+g&lJX)_Z#aS$+O5`r1Hp4uc(u{)9N??KhtU@c z*Oa!Hf9n9ML`x6HNqg$d(16-FU41@bua@#of`j(5`jEyjkWF{ z|D}WRKbG-d9{-s-|4-omxwc;6|GAX^pX7OH{Fl5v!!m!&%a`^{-T#m7|JiD}z`W80`|XiS5az^_PMbn0`-+)?u;BMBa;1p^9qBI02%%ANuL8 zN@(}h+f;l>&pk=U5p#y2n~3bif&*wHUELLP(*G zUhtbyg5ls$cO};sy&bwqau>yYnbmPGymj{8?VNv{?(d!-?VOza{Qmg0&gpm&^~Xj+ zNAgz7(l|bEgrmWQ7oSI$=fs>gw%49lenrbrqe$&YKi9}qUmF7I5>MSQ2O`mb&iN%v zmMK}$26B}@00;b%6t*YQa%JlL&zS##xd74*2R5oA??Vly?*H|o{%?I_V|o5R$+Oh| ze*u5`|7_bW{03mg{r?~>@YMa^Df)kOTJ7ce|0K_J`!AgT&t>%`%Nyqow5Jp`?r<24 zg?*_{^w_;~SQmk(bdO@3vW6fAQg#hoOa{ju#?h^hR;KV;y6CaS%Pb`K5^EzCFwo)w z`uQ#0X59Y|(gIJ}|DDZtk^gURt}X4qp5%X75kKr7zJ93c_Xk)bpV`(cYXCbV{#&%1 zE$Ah>cfiB}!2rM)IHogP&;T(RQA8-xGjr4ma^y~|UhEMIL@vrlKkaffIgA`fk%It8 z7=?Bm!Aqnwi31?B?UMLcuzjG3m3Dh$3z2f^f1ub{A@_{>C4+IH>$Dp~<2>kG&wYP# zlUIaf;D#d%hGm@{Gc6PEkd%lcASL1`qh&ZG#2EBUbTewxRcrxF8}Jp_nw6ha$+?IZ z7}DcRo%aY1yAU&;lhvYC-S?{7e|^RM-d==K-+=qyvx2Q3Z2`PNguj&QgSmD7Q(eWY z1wE;L$2Ue>_|w7l?c98uIDXW$%)Nh9*{74sSRLf+p6n&g4PQ zI2Aa>!Z_%wVNPZatZXkl9@bS8Pp=5Q|FXD$8~2z0I~&XVKTq>4<^QGpKOz6G44-kX zVr(YYbF8t}6#GBe^~L?a-dV!3&&^R1H!tw43U9@Qn_LU~gJo%UCXRnTjK#-~ zl-Nc51>^PK;J-)5?|0AlU%z_xXUjrYPfy&SOSRn+jc4*(L;Mxi(QOki0!8Pqe`)`h z=ts0jz20>s8dz-a@P_j*nJ=>KOV*|1HMBSGjKng58UB-4==^GbD@+v zo1OOhdc(4cW`h%i>_vZC5K^*PWDe01*)y`uehsFDwS)V@Yz{3H7_l|dEMe-OLfGRb z=arPY5ma4fV;ulKaiMK(ZE)A4J2V*=c->0Buh`x^?{~<$mB35KLy8U-Q-0mCWewCC zzHeVFL^@fjo26?yJ@WgcZsmEr(!W0U=APlHi~k42-(QUOXD)yJ&)VkJQvdT5&&2s( zi1ugt`QPf4^gpfjrT^!XJag%PDv}1{da2S2(Fe&8Jen2ZEa`tAHH-11rxc!5>y;mS zE49>Un%=Bs{$u)5LU6eQA%BOta0oY6qSuU9mq=AcGuU7pKo; z>Sdg(R&F6Ix*;Py(4(tr4Z+M%)aJL!qFXbQ2z_pPwS0dT`^>hmAJ)dS^M7N#82qObL%g{BSM)fK6#n50w$laUTwyU;83ipw70Wk7$9c*)_|1{#>`aD~GP`h;VZ_b=)7 zcKyAAiJRXs*EA~!{g5`Mod0XBR>}TnV|{u4Kgl!G`JbiwT5S}&Y@?mkb|$OYkP^w#z>QdDf%cwalelmNN+Gq$5h54 z_~?H~o$HJ<9t4=fOl8*|d6dO{HWi5U9sPE51+#&T5_I}Jk2lxaozBMQw_BE%?9xz6 zrU2OLw)jZs$~wn`U$Q34=L>meRs21qjVb(Jt6h%&zl{I&M9)n8--MippS%Cd=V8x1 zt{LWTW7_^-FXw;kbe8-7NuI}v|M_I5tYv@e-JJF6wxnj&2E5XC_djPc@BQ2p^+-?6 z{#W9{LQFvKZU5N;mSCCx=SiMv^S=la&}sU=&Q_WKL;K$){eS#tQU1Sb!B~=TpX}`% z@4h|XKiGLg3e~Pk!ob&D*3(Yr9JcpmG66TD#LD6`!!prx+r8c_XjTZNhagO5>TaLN>-JUBFRd} z0}Q6Ax?(6vShFB>Z}J7r0XoBWr|N@KGf31M>Gy!#-i_UJ35ae?b#4^Gtl^^sp+2Sf3H*1!E*^~mWH1w6q}Cp~}Bpcns^MR{{E+y;Z5&9Z>MJ))gREO?`Bpw`wEmOIUq&(Rqqu(#GS#gG zjEj{4t3A)^Jh|t^l^1%k->csGwvF*5Z9Gd~)sAUS=tM)NG+?0R{_uOWa3{mhu=51; z;cI2bpZuA||1H7ny~ z>pskEbh$;5&q!woHdiCR?=`(5{MaM+h@RI3@aQMeR0|viY2(H1bvl0tR&cZBFa6FI zZq}_wxD3egM}O|ILgsE`%K6{k>=gAs?X}kO{C|?CeE+AWzUB(BY{5`*D`?nhYAa9+ zPUkf0MS-Ma)@-&F)h1rXmBK9MT(cH08DDLiT*CDFH{KY-?}9uty9GwAXg$3-7!(|R zkJ@0-w5=YKy5v*#YO#L^f0!{&ZK2<@InMofp!wRECjV`2mEu2bZ7ltNpX4dt{}!Zx zFZC99(J`Ewzq>J4#A(te_w*1=^%wpD2yW2(-`#i{E(rFwUN*^%3peq5vxJ+H1h&j# z5Uf%(ryeINPK>rEF(HlGViQ=ASu0IuNM?ny&{J~OMiTAUr+KZ%Kn2F%;&Px z$ZQ!ZtuZpujCyIhm=!-&S4aY&=OrkVl8w^xWabJp-mRAVA+J{hA6Pm!c%>MnS6bg* zD4_T&br*Zjrg?uv1(nOTO zWEE6S>l`d@(&zuvf5|_d-?!WR)x3-5PT#pHCUFBEpcjva#4f>M`^ss`59j$0_njzX zstY)y(LNXrMX2dDW?k~n`_SFA2Mofwdx5)zcj+u|c~%7LVC!yw@dgflqlkR38(^8QGP~d{<^uQ{uTUkmSa{H_FYE%<6dsK0(}iDS z%668Qm=Aa+qqh3+yl)#*=s%nQ>jnD1*6FmC^#3WIWQ6QJ5!&VE`2#*Plhy~cF^&K0 zl=AZMyITC4~TXlMD@^INIZ*8Ul*D34oNmYdOfoVhk4ke|t~= z+_sJE`}O=+@R&C*$vjK3>?BP!<9U;p^zL%kG@gGXy}KEYN2NvDW=)ZNBxT3#_@F6I#qI)kkwdz6V)3mMJ3A6^M!NH?S>G0SmckurS0Qby zOVGlGbfz7J5IF(q9v0!$o>x(c?b)67gADLp$RD)@VL`@>hn^q5_h%Uue$_s@-Nk=5PX0&TC;y{0+}^aY3#%Ll|6}Sw>N)-kxSzRf58h54D_a{Ao24bN}jXD~#EI+gkib zTx{C%f5d5wX0A=dfA1YUKWM~%?{Dva-N<8||G92|@DZ%=urb)8mgtEhf6Q3u?FG;) zJzevEGx2|o{IBrOcK&bTdE~v9^ZO1LKxe6UEZf2RQRKZTyph(=fZm;vVDUgJk;f=P zN|atUh2?se;`L_14f^4gF$QbX5iK?tc#$R@Tw`jyli! z16~Sl&4)E!(;}s{eiU{r-)bGnSHm(sFNc?}%3+*6!)V55+g0+9`7FUvEBDc*|9^8} z-~Te&f3aQvH}atU|B-hT6*JJ-r`bR(nk-w>sR-CFvm^#I-PG&vRa{i_Ac2K?dJ(68 zz#%(9TE(x=&Y(bbgTV;d8K#7O5B@#- zGTMJN^WcvX|Dd|B#Uk#NGZ6Hs3S7+7%Mve~6U%&#X^t{jv|#nm=Eal)5pi)vrv^4u zO!GPPFxuOju|0*W!mAgf{rC7PiDC4AcHx%NJG|1Ph9H4ztl)qR{^Jd<WY1E$q>qavtKWaOR=T;Q+;j?JB$E!nqpUNR*?6Hz)l9b`#FnK zJdPHd>;-LqcZE9}Zc$#JaEg0O_HJ$-b;F8|FK%ehB#X87CBSNU*TcdK*el`36qcRC zAkPm4%H##qeebQ_8tWeD>5%_xaRBeq|6d+7?Ej;e+x*`fc^-K`3K4C8n*XljB(ZIP zwv9$!15GlPO@1IvvLxhJJ3_3JnJQJnG_Gt{@VD}|=};BAlQn34?$X1J_)8ngcI_~| z5&Cz4v=#@zuKE9>k^gVBx1Il+c^dwIQe(RhE$AMVppEH3^E`xNpDIivcz!eXKBR9+ z8TyTCE=!4|75nJg|Lu)`?Dc>2VzizA8+q2@|8;k#u2wgxrk~ZOGrxRwLzaUe&o4TL zHLf>lIERU;-0dCq(5$$99^h#`|Ctuq<*V|c{J)-W^M7sT>Er*!tg!X}`aM2f^M3>W zU!#NP_W3W~3BH~Gn|RRw3rPKsSD)_g|HbVr_WybSSFF#l>8sO!yGt;=V|G?TyN|YA zl;KA^1MjCWEq}s)QK--#;&Am3?7<{(rh62zpiquPT;e``orGjEe4P~YIU(CF0ja3nwxfY0jjur2KPLwuP~qNiDoo{rixRfHDM7%zgU{-# z`-b-mQNjsNuN4xI*x-=1g} zl|0}jmJzZuQr`6QC-2Y-Ox13oz;E&zih0U~^{W33;?;-$stTa6f;grv#6-yD^2yV& zO!5q?2{!4o{KJ1)!gz-!uur(`Q~vx&MPQVaaRG!~i8%6#WAxLMU;L9}g7F02=Ft>> z`ZA%0f8rf~9(o5$)iqC@xP@O;_65JX$s->ms5r9wkxKKpZkOr@)|mG}8l2PK=?Ip? zsp!l<3JP2X5`U@oMCwDN54XdFLsG%&7=o%IJyw;X#?uDqp zaW`-2-lb2|izu8U&fcA;nR@-*muNaibqAW za~u~uP^o6Qy;(XK{ExsPY~m!BA?NhVsB?VKr=i>A7TS~ zeSdFA|8v)pqi5{bwKOT%jY6UyUD?xyFd=1scacc+p9!YK2d?2C7n%6uIw)rHdlK&Q zg+IHqWVZlavWn!{A^aO-Wl9f^H?TUee8Rjs1qNJ61We_wp`;m0jiE*ljP2o7uY$kp z{6j+Ci0{*5AO7-B-WC=1F2m+IMGv zKV;Prhz~%TZ`DYZAhnlC0r^pex5${4aH%b8Nv1dfEhWfC3VB!=KA`>Qwxx}c)rQLX z?`-G*8xoNHjZTnZYZFZ`Z3tm=8RGV;JSwtNBJ5cZC-Wlud;xg40Pb=un$CJcFuVoq z+{oJ9;%A?Q*{0&t?PB7s>mS)C2w; zj82UD(iAq@|AxfMh)jFSwkYWLQEtQsqX+p=LOPQN*}c23h8guw3<|URlSSnR*$WXd|O40C5~$@z`^luUEuv- z4~VElZc3IJAwcM5yy|KY>vp6j)?!1B$|Hzqz(y$FDyk*}V?Y!FW*l788ax}$f-j(m znjP@^xEn16n4#Dj_QxtK=)Wid}*mp?*9cvXw! z511_H&g!=tjCwwwm9!i4$wsrMO>`Zo`jfHpJW-`r0nJozDzyHkWX1ez5lo{aL)@#f zwc>q92i^4ZX}!LNXq7DHlr_jZormX*Z6Itt>LOf1!b_@Q9-iv>1NQlUF%7O@!9#^y ztUGG6$r~tkLK5?VUnvymy_dZOf>km|K`;<*q#VDsN-I3$UX!QJ8&>e%9r-O~^Z98K zmlvSVpy0T99fr6olH%kqWS7-yCQ z>j;P`asJ&buWm$k(D)ZU9fqNF)N1`FPGGO7xPlBb8m?g1R)|S|x~?{HJE)8q>uMCX zg2)kdd!||no8H$+9F)=BhM}4F;uH_4(Cc6VYuZGb+ML$DI@$dxno=Fv)JE5Zz zV=*0g!%VL}2j^pd@8xiR_8rV~0XrrTeYv{Vh=499F7uL`ml{_e z_Zu_X9oA#&kd_M#laBSOr`@bJ0lC~o(0-0mlL|y_*3#o4Nyh7T#Kuy_-YevRNJIsg%PqUc6Mdd11+Wm0pMWu9@uF9)>y>4yl_%(~D~vz!1{ zo<;5P=9zncGZCf%q3>$6(ZJrNiK;;G4jYdqXl0OplhLc4m;T8f9qdV?u06*u;)Dow z-?wow#*Lv?L)?|#R!y1O%v|?%0W?B>NRt~80MnCK>;6|IlJH<@V^f9@`BV-Z?UA?4 zrFHK%G>nZEVXFB=;~(>!0@_1efd?l+Il*)P zZeCo86SsW0fZ6=Fnhe~ zJytaypDe>hwcq0!mYpuuNE?@qaNaUO0Wm=Rn>2&NK%qWzWZlGxO&T?rK6L382pWC1 z)Y%Mwb#TkjXX+R(yAL>hOxNMN3O?%qiG|-olg$`nZ_;(oE{lX)0&bjue5Pmne>q#Bg|s!9X5E7mfUY#QB{Vd1NcYcHW&!)0qj}Wai6>&dRqd~qf6>_cA-V$2 z`+eb8*m)P(cRMOKJg^8&F3XIb^?XtvnNF&IOl)x|b-Tipi)<>2V#<*c^|>n-=5~gs zQ56hL_fDBkoq8X8abL@h*2SG1Pc%BIlVhP7FZN?)Dm9(A7m-I`wuzjtlZ^bOK>~rHc7oYrjXot<6MV z0HP`i>o%GVQ^7}ojUujK(lGKw@HECppJE^%xsQ^kmt#bp){xcXFwgQQzHHm{Ia-Y6 zL%S)bj>;y?1?EUD;IQV%dny4EzWqyoxYIc=vy7x0Y~C>X7%o=gqC+m<(?Go1GN&W5 zbQsMo$HGCw_oUTu(mEhrQ&k2T2O3>IDK1-1dsQmOgdoSwnkIHd{90-YSQopn zEwP-RB2B+G-l5j!r)*=ySHo#h{jNDmjFyg<#dw!yxPBxTUN-P5bgw2~9o_MNt$-T+ zXU869z~6Gi(%isqC^;zTf-T(oo$Ya@^8hwCD57)FHj0~#x}-Gxz)V%H#*2DodaD?a zJ3Lhcjx?_@Cvvp!cuYz+IAc882%D6VXz=R0|CGUM%tNplw)!RwU1bZ zsi6G^jYEsiJFvt@JsU+cpT_#@JK&o&hwCUlzo;lGg%v_-L^mDTQQpRt z*kf;YLt9`q{Cb&vm#UW{7nu4zfNJz^&2GuPW9D_-38RNa{3Wr8=OTvSGh>peNyasY z0PQwE*QjrV+N(0Ikb7rI0zt;&3mSFBiPg&6CF4TXPtHb+war&Q2%7XMR%5 zlNN(N7igO59fnNPx+-c8h2=Osk5fFnBL_q-KcF9DE45M`m?nmR8zX~Z#ZJj+i5gP~R?l2o%$4NL1#AWsx z@}Nd5-g=}J!LMR}Ds#LJpSj5xiW6PdtC!X!x1@KKNNt#%Ol5qO-v*~0^jJ5bS#pdf zbcFbg)nlGSIs~qe^##2f)iE{*{w11r=Rx4sA! zN-DOYVt>)((}ZRlBKGgVPi=MAgT&=pU&v1^`P+6xVFWq_WeR+N<+)z8jD>o^61`o( zwhP!pE@0XenqCCR#~e&3L!jNZHStko?(MnvS!<@CHRnrd!GcVO#8;_I_(~BcN<>M{ znDYh`=3w@JwHe5U$Cz1va+YBbmkef$e<7>f1@Lish!W?&WZwOkd*$N?#AnTTzI~C* z|13L>+AOwwIvkg5kJCw1P8b7j*T_BzXK}AD00UTHnV`)-@8R)fm{mh5`sEc1o|k0j z&wt(@0^{d+3L>L!0B?DYSFFysYCd zGuBYh1(Fblk{FaxL{F)wZSg*+R(@IBF->X*@Qi~v8$Fn376Be)Av1jRD z-S#1cQ5eJatE{-}ON8~DkDKtasX>6z6lE$mQJSR_nfXHcc{nCWuSDq%i;%J?xNyeb zTBP989ctpG?$qJLF1}9MQku1f6KL?#)M=@&UF^B!I2@V&YV!8Tz}9wrjz?a1q^U34 z@m+X!B$byb+#Gaw;8M0e_73oZi1j0XPtQUpN5WZqsXrIy^bCFPj_!&-v$Z~0?1wqC z-LW^?A3h(Bz8$_=KN77Wu!O1mbA|2%DMqNGgHrOjKnH{=M_t_&o6bhphg4_tWAA&s zFKz8;b&rLyOFcRfE8=fJdf$Tt=Kz(_VuU&aTKe&<7W$)pkA&T5eSGTz@K_Fijqxk} zT^AyFW%D$mozjSJ8A z)VLQ9dldm`*c6^*>7x&RnM7fxX~%Pw8S?{9%x@8OYxOwDE2)_|s)EUA>oBKlNi zc|9TVETjIVCt2{HoyO_2)1bWYcl~FgqConFPkQvxqhVc*A5|;~nB!cA^Qdd%@brP` zN_zP|_&F>7i8d0DykS&DQ+1Qm&0I&%9aSVDBY@)tsX&LCIWBVr4-E_C$#)ebdC zu7jI$avd*-KsT$5y>G06zIte4e$z+_ior25zdzps^u@V(><#N(%^LPy16EvxylX(c zHM9BexxB~j8KnA_gHE7-+-#H6B?WpPa%m8wCD-YZc$cA1mpE(g$x2@neMTFgk54$V zB1Pz|S<<1N1Ong*`o-W~+UPSd%VAEP#z|WUf}1qIQ9@V(K`8;f#KHsVVpAv8r$NqC zi}_-jut0@_wUO7~fA9Bbg68rMS^6={D)(gv3+j;!I8jr+ZO7(+oaw58yUz7LFv>^W zm4sl>1cEzWl=rXB$zPi@f;_jf+!#UWd?>c|Ljm_T+YO5)0<9b6)+LCY5Sh}b1w6NK za>J<+>N2{aOTa~vF(;X1nWn$&va@L|&I0PBRl?;?`P!B)LyfpIZDXGituL-nT_0Dw zw+ctqKObsib;!bh_0eY&qd7E3(@B_nN$b{uvQ5X7T9*;VOJ!>7pP5ZzxILp#55(N# zJlBSG|7kf)KfGF))XlXz?YRm!r4oI+ZD(;k)3 zmtmGN#KaO?=^r8Kp;eIVQNNQh3?Cf??t@qg^w9?EIv`@e4IW!+@6?$L)_EdGCYE$Sa|151^3=tK{s6OFGD)ye+Wt@q+Zm zD~wBk8x}zM6<$5@DT@r=JqrJx#%V}tl|4Im3f<8dN)Q=B;kvb$&G8Z**&&^r>Zv*S zk@itp%5@vv6P>^Glr)B;*Qx?u-W#f;I!F>ica1H7Sk6UyoX|tgRg~Z?1Wl3EE2oa~ zTinqsh(cv-)=ii5a$EuXHs%4R#3D5^>)_)Z;M`^?#)nM=(ITFPPBy($AF+cq|n!48P%b2o-`=1O_$#s@8_E0Wz zW&mw}{iUXF#S+&C27F8R3bo)8yFor02J`A7E8<^RN?{_QIMckV zuWK?IR)9LpQTVQw`K0#sY>Jdc9?!Dwv3_^*2?{{llTNzl^p>mFFtdZy1C9jwsa%PY z8=T^x>V;_CS4KaN8@k{5ekN|+6%(Ep$s@aeh9(C(h59{7YrdiKwmtGp>WQGPNwP$}pR=&<%!n)_XLzLu|-PU!zW5BT9O*c$2H}^9S*N zRq+iYrdyxT38+<-aV9SPt7jFL>-QNZ6J2ujSf>jGSjLG4{BQ?UsOmlO&?xUhg7Y3! zie8%2CCcqcTK|~wYs>AEc5BO=PpR3!r|T#8bWyGeAzqP-o{!esk@KzN8r+&fm~|rH zOR}A)*Dlem9axU>{BQ*v>UdJV%Q5Uz^|=*<_r;5#Of zPr7=kXTxOS5353yS03J2>M5PR2Z#hbH!da-7f_4)Q5N^G=BRL_`{Z}$fVclILE8(t8N9Y|JO^U2{c=(C? zgCO}hPa-YdA?X1o4q72z4E5r+oWtR2YDAXl#F=!FA3OD8-IxtoRRn2?5hHCp0W{67 zzZ0wbQoPcKs;c`nlUB8R&-Ar_;s45rT!Yv9!XwIG!~#&rj+Py!odJorj6Cvw^)*z9 zHjpWyu4q{LV5m`OpUl%YtOp_#FCVr|5(avVE?xOHeU0#B19sn@4c!foE7zEa}mEpG==B%ctC9EKKofOnO(M&y%KEwt)%i30gNBvy*{;Hq5sSt%di# zjo-GP!}O!%L*UXxh>Z^i-|7K-xeC@(iKj$aH48S#=&H}(B)2Q**T(X7i}%I%S`S|{ z^Djp2;u+8nGeMrWre;v6Icb?7Ei>xCoKfbAWqKu;(3sd?1e(SNy!SC8(M7;OFo%5- z-7ZiDlPbH6Twxv?4XC#~1}Nb(EkU0V(iX2Z<+bPty^s11SQ_tCaq4lUbRiFnj=u;C bA>!jdw$Jw2KHF#eZ2b9u(k~150Ga~;7j}8H diff --git a/tests/deploy/k8s-cloudbeat-tests/charts/kibana-8.4.0.tgz b/tests/deploy/k8s-cloudbeat-tests/charts/kibana-8.4.0.tgz index f7e32791a7e70429bc100f88cf145b5fbb726024..7b768fd6a7d97b722110f4a861f1d81efa12c530 100644 GIT binary patch delta 13914 zcmV-gHl@k_Y>jOQABzY8`}_4{kqAJ4!fq0g1O_t$U@#cW0Jq+?6F80EJ!Wb)n+JP) zg#EkE|7~vX@_$7lt=;W|gVrAV-E3_)cXoeA_8t{0k;ZZ2M1V@~W_muz*6&aGF6c=A z{gtF!-u`~*I=*%1_+uK|6KCizvku_L{_bvd`?t3D)Arxn--Y(y+u7dx9ceCq6N#$y zf4uz-Z|L063+JXy%Y!4$nGoPcKZvh-e&+BbUZ)gOG^+8#+hAeiP!3#!#XK zqz+B?Vn~N!G{JXoJoBlkTBo{6jQ{t}E$w?geUv(8jsND(9vlC=`}?~)JKHe+clKJX z_4r>!@&eZ%_b9RL#(?@G8pRENHyjSbz#iTjPmSC+!#eSw~lE&bDEH5emsLY2L*%>Mg{2Gg_ z_9(ddt;j|({u9*f9%~g?cm1c#|J$v-_4;oWNwmL>{oT6>!sroHz?u4=SpO;Vf4jM} zmjA0reBc}QXoA1GuHz1WXydmc+}3Gk6662;=;@9Z9| z$NwtQhS1{3Th#5?GQcn{|8V)k*zjbCVR>w#Jn zH&}*7kKTo&*m6BpbNVH`ma5jD6g}@xs0rHf-OW}8e(v&(EdscI9!81Rcie=${qRF2 zt~BV4LeM?`Hjez4GLIulqDlyPuASZuZA5ew#$FOe6Iri{`O!9vzx=_n2(XR%;b=$$1Q-Qga6?AE&PHDf9}U7XX1eF~yH08BpRoI6;uh1N#$HO(M!aV=?i&M}$f) z@#G=@Ffa*u&Kf%FJsAW`7O+GC zixsd~cg_lbnqVs9b6y6cUOHD*uSQuh`QL&kfE18u<}11{tvwDJO37W-$FY>D?=_ngmHkq zl8+Oh)FJVRx*m)G^3(Sn((~dZ@~+2N)87EdAiTGKlF;HsEiB6Af(1l7mMm)Beji(E zQN3d9+hSi_VHbfZYoi^d{WWVJDfan&Lt6ZsV@?4Pzc@WSN&X86?(iu}rG9n4D{4n6t7qmBj z=LEUJpDz0Vzy6*XgxV$cDjPm8$P8PBBM1R1W10}T=k}5rsvg3pIVxdYEtUL+amEL& zT&BnfP3SQxnlH^kKgx}893&UvEe)<@@qY{`kO&eh zLea@2tjx%0k7;!0xgd62m%qb*(oz#oWu6(QiRN#cuEg z1ugk-{!Xk>`ARv!CWfC!YLS(YGj{^QP{RTROQR1KWHHG4_Mf+#%_~8FaQ9;r4zF^> zFDOh>PQtoBu44Es3)9lbi3LZnr7xkl7li>E1bu)*?wrWOQf#2`3GLp01N8xlI-?N{ zdRbvvcl!#45)&{u+n}zBUvVM8_Ujg;|MKJ2tW1plPf6swl646gP)a|{r=Y^;E zMToFUNh8%&*reDVrpnm^HHR&vj5-l@t zfBZz4p_8|7w%%ud4K^0L5ZEzzFJhe`X0{7eM}C3?gzfD&TUXOFA^pr+a|Yx4Ec88B zECV_H3c;7TY|snX-1_*GES7+<}-jlozA{Wbf)wAN{VnML~-H~&cD+&mi6OH4o* zw?0nIl+vHiR!#q}BmrT34@2G17A_a*oWSW1ZeWb$RGGZ|7n!if!)!!9jY6?GD_A5X zo&6-VmZkdoKj#J~_bMxXh`UEI8`lZnxp0Dsu-6g{ScuWsamBZNKx3hjyF5$dio|1B zAUUzD!JZ6%VL{L-!HOxD0TFg#sbRs}p~IDih3Kzq|M8t`>gP4teEaiE%q~9~`5xC% za8p3E|0wLmi=g>vX%70mK6NLqugQS2_PY9OKL~rY14|P(38SF%4Sg-MSpSPpe5^}b=M;m0jed;5jk0cMZVp$(JC!bT^v{@53;S5Oo+KbN8x zFM8%tZYB!ZCMyRS*HS0z(qDJ|9~UOSJpDE2zZLE5)JyZUKT2cV_`On#UvO%fq(7-&v-a z0SIf_?7yoinI!$NbU)<#_*b&H-u@x5;U3zZ_i|HEWpWN>rN13@XrBJhDA4of^4i^N-DcHteJa zK)NyzO)LCRWAYcWZ|^H>k}upD^T)&g;VrOeID&}tNgY=Q-pv3eAano)OxVnF`R1o1 z=x{Fx6oHuu7Ib+iY~#^LyJ1?J?we{G#y{AK=ni!q>BEZs*ezWt^g|p#sPkZbq8x_a zqs#y4hz6a3*T)G%ErqN3AP?jfuH|^d1iI~rXs}#Hc*ePZ9BH}Zn*EQ*<9x594LC4lM{^rMNa&AD?t-?{dD?Cja(Ae@PM;eFtT zPA}b2F1D2cje>?)humPh5a@mm_Tr4$+=!tdVv{2_*a6A}$;^g_anDHcm{1AOaP6}W z35pL$K_TQEMdRo4ZwP84Hwp%PU4x1iX0buNh+75gBIfM4Tody&gBLD2zpaAc9U^L zb3Tz%IBYc=)!FKQh2PgBLT7N zw9$n@$p*R*Dx;UgeD)kfolmToSRuja-9~`AlXXuv|M(ey!E}-7U;j7QB-T6fjKkkD z$sb-4bGz9z$;XfX4Wo+0K1PnU@OMC!nmF`-o}G3spfX;(;fy>fd{QFf25$wESZ|5R zR>eVLT`<*)S;_f))%XR(0L!y^dmUJx;;7GUet=(Z^Rp@Xo7uknY@*&~woR=~%@?NE zgO|gJ@&}()7hLf!20PM%Fn_PH` zpprCXFAeXJaXqIe7w5-6e7HD1d838z$oYKS1W7>oVc-mYKp+7GXP8?21%4rzR!Q5v!|A7mC@UINC@ zW26=Us+KnjEwczf9fXm^iDbZT(^&<>)?qrwbKU}%j*_^csg4aNj=h_}8ihRz_s<#| z5*iC(bwD$-K?Zc&K(+uGr$X zO)KnMsPS05!Hj8M|26PU4;^4_oncaV4^Km9)Y!;AU_|mQo$v!=LC|>-;%GTpZp(=? zkmXbvSq$C+?I^~)1YwjY;17qI!ZI#zZm9x)(DlP{&%R+1hzxATWgr%#5RFT$;bZPZ zF_?}uFV1>nM(CTd1>eQ6X*j(e3yJpNbrQ0sqKRuE@R*M&{0S|^DuTh3cO9%P8-)7S z;L8r^s6s!t_zR=xk@tYkHv%vmuqE90Ea|=n9gwMK(9N(6D$*EzAM-K6mw`s=Beghx zX9WacnTV(DsmE?)aPRN$)dkVb7=~zrrhQ0+uQtTeX^?>CcX?Y}`z|7*d0D_vcmyp& z^m0%LGp9n&-BGe}pMtU&C;+axa4cndVon|cqH!6HXb>}-#u7$<3e33F_U9Ku95I$q z;0L8cX2@%7$d@jHHpGtZQslSq-BH|sCbrTIV~at@hRC)M7a<1LB{)QZrK2$$q5_zL zhLP@4N$XH<9(VmQM!_v}63@hSeuwM<{7g^ua5=07RFi=Cp;rEj1&TA5PKLH=HMh(V zdt0%P8gk!bahWFGHH`dL(Ng-EfN6;+RIDX$Y@eG2qM#)qNmf)HudzTcQu>X5glg$f z4QqZrKv^FU z_*+T&Dep1rSm6BE{e#x}{MS{a^!#5IXZtuEVE*>sZSJkxe)Z-2Z8O3i0%H;Nrj!1vPF zepZjZiNf&+O0qrUszVHfLP$38FoR8UOD8r_w|~%3Exe)lcj!IwL({ zfgj+-&yqJ!PG28&PtWia$qv8Bh7ASyVga?EtkCaS@yG$?HunBQU$(w~N6MA*NAC_h z7sszUM~COH-gZB9j?PaG-ybQE*vT4VPlGSpf1;Cf+Rt`%IHWR0TgqN|njIL>M#3X3 zSB=WqVW;zt)AQGljtU;Q0GeqJ*q!3?{$Jgrlb?^zPfy+-om_N(K0L>-DQ}^zy6k5c zHxIk4c_4%C?8A0i%X<@lvvn3sDa>1dM}`fZks(htA(tNkwk0w#ayL|BgF9(E!dx7{ zduLS0$iG+!8gV7Q7bn>9r2l~kH})bHu+F+X_f=IKQ*mXukvc4nXSt^0mvj-0@YSpU z2toeSI&<7xz{aIPObykKR*;^yir9&VR*Mrnxosos2q)DUkeW7sDMr|#om*arkOMis zK4XP)U&#guNBryt!%(cC98ZgQBfLIp`+#{&woC+uxe)od%?UC4VQ90RNmIPIb|U$L z-(>|bW_T-@`lVMbyD8pe)=~JN1}>Y}%3uFt&s}WWj5U8#`lI^&CG@jtl&#R!^nJaA&c-^g>1Q_ z8Q`08rh!=;xK&Y_l|h;)s6~`!7NlvY5ut*4METw(U&Qc4DI|WvSY=LEOfWGCgXkUi z*-==@DdOg6P$U3^A($Uxc}888-BvXgGkak&L6(TT09rTgbmS; z**picB(wx_xsbzkM%?MdqoV10Q8JU-Wj-ik7m5nz@MClVe%ug6~+}E@-1xa zD&ycVJ_!T-tiSvKsAl!61|Von)`Sl_XbkAaI3#pX@h2~&*Gvy&I|If~(*U7o=%<_s z92JRJj98L?mN4Wu-$+AuD=6}42G~L*7H5$>prTEfJA|PgSc5GEA`F{I%3Ah0X0Hgr znkKKkh|7h-Q9rYaGmf3*#jut|_KdXIH$*+zaZ2e#$ZP10hr@}5+qi7(2+?^xjwjdQ zC-zFZpODK<>JGxq7i4olCz~GyWc{$FB|_J2W5^tT?n7%zCt5S@#M#GJTzDRzp$r7g z;RnaZ7*BY?nvbvpL`2&WrhM|oWZx7qPDoykBZCXueOQHcE$XlYe#Zg&d*DojWu!Cu zHBDd&)Osn1eoKeoiK1;Hr0sSE@sROJF$91bPvF=8$ z0!3|qnhu-f&e5ftcOR@oC0`CXJ_z|7B{t`<;nS$SKFrA2=UrvQ;vVcL*6uKFc>5fq zg$p%F*0>$vU|Z4RI(?#6o7K=J40uU4Jm1@KS^bh=wjawSxy2q*ElZf(xbh-IJ<}Xj ze=nhYVO@!zaVb@2Iko)ca{&-f85dF^t9?U%0@SjKx(z+}kj+_+=R^0p7y#LLi$I&~ zz*}~Toa4U+#cBc*T^RIm?T1Y@q98SU`a77@(IY4a1HBK!agt`;GmQNHF(XsmC}gdo zSmId*>4d_Csv1AfMs@x`EiT0~*E_CJz%wKZd%=1m3rZ?ni7YiE7`*GiIl z|0AsG;>KMIR$eHAvhXQm2s1t|_uJ`zjf|f^6WL{mDHdf?;+n)JU%#qq)n|DIdzzPj z!kk}7fIhacq}b)9K7Y0_P+uNPs7%iMyE`EHLaDtovS&XZ%RC_RDG*Scv6@ zM~0s$^M(9-90EycCX1lWGQ~?g;Np<4&7}bpK*-AEOI|8Y)mUU%_%9ezX--{#(S^!& zMo6a?P9=+3eaAT}6a;85UUPP?i^QDB%OiLO_0UJ1NZE>_5~ZOr`C5H5YOGx+PqUki z*RGeT(Q1X3W0>cAO+6HJ8_sf2!B-7&K|w!6I}f{DfCn0SeHq2g{U~8#k44;Lk9^n2 z!BxhIYA#Xh;*j`}h~uF)7@xy`QWv_LEe_eG_7CE0OJX)s1lTNKZn2RHTE+I>K7fJW zpx_2B+25H$svIVa|8nKu(aaCR4xkJl-9&((a)cJv=NSeiOLqlwX~9D46wEWlaa%O= zWMlXH3{nnn-R`1RsM}){jH`+ikj_=5*jBSVn!&Y5lv*Z}$@^0(y~~V$ANk>w5s+D< z)sA9i(+E3vR{bVT(rx99Zl=ak+4Ib?R%@8(Hge%$omHQ13+PzYoeZrUz*!Bb8kcx4 z%{P~pqpJ5QRp2Aj_0!{imGxCtN?UcQ)t1yTs|LA1Q-rWwvON&8vJ}jKtLwx0;VaC~ zFGsT~3JcYehAEVuS$%nb>+9yVEbj(+mEMcP0*P5}at%v)JoDB?%cnRhJx+`8*y+Rz z#*}mN+Hr61F>nf(oFm|xh= z6MAS%uIYwCoo4!PVsdOvF(37b`Ns=$8Z)-!kQn(>d8RadUXJ;HF`Y85a&Ri4O2C>qBv>0)VZyu|>frMBv~$s!3mXZ#fR8>eWfgXg z&VN2SXEn{LDBGcbV-=Li4fJrB(zV&=T=!A1%R}UQ=qlcFTfM9Tk-Hka1d=y67GdR% zc(3U2db})8g{WD{?OZS{f2l;!%2!`tD!@y|-Ne zgNNn7^5Ue^>2_ZKfQ~BNSBJ0O9=#00A|33+_2*mUbKwgnW;AA&>6hlS&n>N^X9*8O zv4Fq-d~s%uwQQ3|^6l@r#vIK24Kc_~Ast#F)-#)%p&ZLuSr@B_?zO4u|Yc*_wr zwN;Eb4H0Cz8laT1BYyLXRC^T`dfuhUn{z@%Dj6(6f)>s@Y#TBiD|yjkl! zZD$*^jCg}+StQ4VQ&IkN>TARnh2?olXWz<~!XSjWydckn6N_RJs#-zLTtilET{s zx|iq*K7IeExqYy6kn{iF-`#Gm_kUKA^0p7r`Z8kE5;My)v}ZAE8%VN(-d3 zo+3KacWEx^ouTHEIHcdw+~Nz9@f8JFW_44OdmkeL&GD0i10fUzq=;m*48< zf0*s}3-f<-cRl~FB4PZOI$frdqu8firSC`ihNd;%|e_O0p^Ukfu3C)0FiAkUY^-;MoM1Gde+4`Chok?hU1xP|t{f!kd%={irWuuYZGBm>?q&x3S@tdjTGxK=kzaam0 z$B(7dF+=`0clQhHzkh?~!CL;WBF%7*sGJ^NNr#AqCWy=*Vv%`**S46gPO+Y01eq|- z$fD0w;btiUCI9=Wn{8>SF#fv(>W`qgZQ#q2>X>o|45QDUx$ciyngcE&JP z6V;WMcu^Q`P`0_xA?7lUK8@s+%IcM5ETY6VL_SMI>7}EX4}W?q`^e^0bs{XifLw7f z#Gl@ouOd|*d4Ida9kcWx=J2OnNXbC&&Ydppe*D72JDzT zya-dfHB#Q6D6Zh+BT-&_NIu};65a(L}#JlpLNNx6yMPZ_*;{NFO)x zSxHNljPKmib597Kdt!*2$}(qseB0={PSWs#9-hT7pd(i<_=Q>79d^te6>q4!MB#+D zJ%7?0ag8U+t~lc}CmCPjm0vloKlmDj5*eT#`F{C$w=k8|Y*aDhF)CxKF4iX~ExSYn zuPsR5vr2yxGex!hmu>&>P2gGjU#peh|2bIi|E?(E2JftMD=|!|^xR72Y)O{qsfk&q zxzmjGe<~CoQpfD^pVR-gn|sae_4r>!l7CLMrI)@c=lpU%CcGnf47wLrdeX!E*o)?R z`2Px1mHmHt*1v`9fAFxj|E(fbwg2+0f3xNP&UV57=U~15Uro~OfAbpv*@{b?Xe+PK zeVAQuZNgh+sv7^xv;NJt|LyD)#{b^I+Wxnf4#qcUJ1yC9mHsw+_h#UXS`Tq4J_ojxYK0h2NG|YC{q?X@cVOdm6aW zgxwW)OD8X%J$ugYmt@O0%Zi5bUbA+~-f7t_BChTsmP^dP@RJ_LkrVXr(tn_SpR8Se|J}X3{6A>6*8Be}NgL_4n6(W+&KOSyP4JFdG!0-(=*7E^IG`_p zjtf5x-S+c5rj%T!2BWQ|TYrpXw_UZJNY-0sBC^KvCgnE2z+*^LtHy89e3Xig$Fv{m z`l(_-da&WBSjGPZQ&Jt`A6myO`G2tAD)@ixto6T@B=r9(9$(+)hu+{Y%1JnJ(VvkX zCf_!cE9ieZ{^9WCuzPg!>il147ssb3-Jg#BwZIMZxf>GLbMQT1VWk=iX(xG1ETpl<(67oi^0#F33i09qJC1!>U3z<}xG*>cTX`}uUQHiMS!yX4 z)!QRF6cCiR4}$b*D(u|z^L{@WteUOZqCI9#H z_Mh$M&ffa|$CV`2{vR*HV9w6f#_osNUTCkap;SlBTKi1OXINiRt1e49FnNTd{vic z%14$yqIF%<{xakGQ+LvJdbCv41D0t1pQ-=twRZCM|8@N5iqcg3KZp|1A8J|umu869 zD}5q6e1BaeQZxKhH|0X9-VE@tI%bXk-R)M<|9fr!T}fKD|97QtHeY}(&pEr?aas=A z#f`mB-5@JY>G}U4^#zx@_+XDFORHo0_}|;!X%+7OXzs7a|4NcKWUf$QY=~d+1a~PX z{5C}!H$0-`dFut_;BS5jz2Le0e%bu^f|!~a#edw|GMHIJJQD#IM`>3c3n(jNs|$l2 zApeq>!o*_Xvlzi$sMt*bAG?-$0T4cX?bv7+`cJYyd2j?g!O67)57Zes8 zHI;Yi_1e4!wQ5(RLv{u|gEw?;Acu`3IEisJ{@moQxr&iMu5rZ-AZ|j>fT#p&*L~+{ z%!<(9uE=U#?|ggOx#;Ba&B`%Flou@a?|<^@T6%S$T>pG@&gv zem%M}MVgz~Z2?L|ogT0vj?bd-nzb7JBwKAbbb=oIv|6H5Z;+$mD47s`BAxdi+(eXC zkyx#ex7pd)_dDFZ+9W}klnkcX-A4nPgg)iQkYz!{YsEU^60aqJ6c=-5(6qLg0e?G& z6<0!UCaj*xNH*&^0TD1Q&p%d(trF^OfcpcZl+&9qG@0rzDva? zBRoGeO1Us?u<#i_okOap_*dyP!vkTY)a`{9-tn0X&?5tjGJkQ{mVw*?8Z&dW$>nA* z+=b5-u93DPX&X@>Qs?ICp&!_6L9xdvP}-xD=o z&=oe{YAr`(z<)3KkW9q{%M0o=r6_5;KCqxof*UWu_G4y0sqC=bbr}zuZHfqbaSKmV zbVLMU@eNXiKNTfGm^--9=6gt5m7AM&>c}C;4N1v>Ms!B$;ba;%e};rB17CFg(g4cP zy7&B^>qI>UMqyj3v#A`LPbpLO|D@HQ_g0UOgY;$f_J5xTBf^&p3Wgo~t?Y*>=$Vxz zGunmGu7m;lrVtdz-l|q@)~r@5hkK7`{lX@c`;E9J=dc>{mc4e|TgtYb6ib_8#1xKT zC3^9~!1f#nTs8%-=co1jw2Jv@refNajQ%xgs1F!D=66~j`KE@>ck5B}&5oL?nPtV}XEjsI zdXTIK$vlHZczaOh>mj_Wy5ms~dPr9~ua%Auo`0t!vS0?jt!18vK5i>~VBe8vk@|u| z8akgo1kRn~`8cxLq$S^WSl~1~&)0Dm^uo(yI{)sB3R$BQU+7fotx>X=cwkkGb)2%6 z+QKXv756FuT-w~_dzFymRAguqnKhcTEzGo_^ad~Ux>gX3X_9ahxg%;NZt%Byt;M8Ac_WVv^=j*z3x3aG0r>ek!N8{IXZ&D%V!C*;*;- z8Zu^nCo;uM*@M*je{;%|?FC&C)WXp&<;d*g^Kb)L)ENMD+G9JyY_pfW?uCghXL5Oz z1|cD?)-7I@3XLu0p>F0eSCiAi$&J4nI)5XV<~__+EA%b_T; zXnFD!o5Dj}0j&Eu7r9YdL@T55L}o8wCkpiz*-X&t`z$#59yr;~T%qzT{rV!?P2jl8 z4~St;*`JUuRz}u8iyISFeo0m5d8r!{rD!PMP3x6bTAt|YLi2?#?)BR~+aZU#67)I_|5IS<@A zE>ckx(xtV&RFKy+F0NEEN3t?!$9ZB2O$Mb^GsNbSXHO+v!Hr&&mC6dwo!QTLWnv!Z zTGO1dk9G08l!WmGl62xMVWT2Rr|IYIGINRRhvS}o6NWcFWyjrMfR1%7B7bx&v5q_j z#WD)GS1BPi$4^C=X5}29bhsK=m2|sBP^KDKlWJW)xTh^W9u zb49FK2+c}nrP!B`PXN}Hz`8Mu9P36bbZk~fs|q=jrnW`c=1&d$y{ry%%g@w)f%b=x z()#nZ-P-@2!P?%m{5TfrDz)P(4{M zfw##{Q!a^@Al%D>m{K~JaOc%kSps8r(l7=XR>pp1S=tz4DGmjhFEsxVW91$id96@X z>|AKJnKc74Uu;d@d(O~yhR%P&0Hh|HVxkbOpES1c#|o@BHH1BDzJGE|D@-}2z`w-I zmG-GLaOEuYJ-5uFT*t!rDBUH8nrQyx{z;geMKs1*Du!~dWSboN_s%4)I|5cr5l617 zH&?2~rjefs!z5 zlQg{Op=%b$_cQYS2Y(n*BoAy4asXB-(0&-DfGcODI1NJ5%Fn?E9xW>N3YOJxf18X< zbs@f~%42Ie|Kjm=rFmzL>rP^!3zXk=!oL=7IMJ^nbJdGZ7&LBJYSdyx*mbAuzL2`nA&WP_2uhZ5KP7=LRRjTg ztBuM`v%;YyrNJ!QTkV4eq;6@KaxtH&O*X}$gnWY8tic=(mCr}Q@@Z;7^c9Daar$v& z#hmG6P`vHqkcB^F{ z{CU}H?c6a#yo+Ylm0G*7EwrtKA{wT-RnL?l4`bmX*#m(SKB_q(TU@icH2QGi?C>*_ z$~Ta*GnMdM0dLesRvj?w7>l@<0mWi2GW%g@vn9F7pMS5NNIut-UP_INt+~`=pmIlY zc(@&{;QxXj8pZHuF=-k0FI3b&vJFxNaLM_HU1tmGS`pX%12_? z(R^Vp5YLK%ej#tT(gu0Yi_uG}F1cwoR#Thw9Y0=$1!Y-G_>tjTCF*9`mI^xwvrJ1h o4Z(}7%^!6;QkCgws>SH3k5gTzby}x&`qiZW563k;lmKJ_0Pg&ZOaK4? delta 13913 zcmV-fHm1pqZT@TsABzY8CnWu1kqAJ4Lc6g@0)v?WFc=JGfLrg{37p379y2wY&4ax? z!v5~_zs>Dk{#PW@+TA`lXzj7z&DM5vXZLqx?@_T5X&fg`1gP|Grssof{r;5if{yg> zuO!{__V+{A@vS?@AJf>LI75G#bpSv1cXzAXzqP%ew*TJ#F0}vN&i3B#NOPHgNK~c& zc`e8(V zVtvOLghSdUgCrTn?MCCqO9ta>8-z%M@?t1hh88Op8$-tn68I15Y#SDTq44atiIU^* zq7*;?y&`ZBwy59WPrS<-cM|RI?Uvm%oYClK{f(l#SkurG@H`ib%6y2CouSgeud&E# zkAj=uifk0)KS9mzu~va~*MG|Vzunqfum4t&MEl#=-@Th4j2=M+oT>kb^`9dDx0^d_ z`M-+92fksCCituCI_`jfHhwF@ZJlN&G5*hw4qv}NvWLCLsAKy0-`#KSALQl#&hEi_ z{I4Qy2rZ7hMcs}q0}SKx50^iTJ-?L6|k@YGl=1Pnl_tv?gzyj(-?%;1& z_N6Rk7#9OC=A7kPGdwxO_ihHsJ;i^?y)z+6NI<#ldpF~V5+~@9XdDpGT}dePZ{t$5 z(d*E?r4eB!yN{QDA8o_<%O5O@0Nbb^j)pWqfKlKDH)P~HE**q^5As{qUybj+`v?E> z-FI!m(7KMCz#Sk;a#0ZSCH zSOJT5=d3_~t`@af^@_0Ti}q70QS#^N!Tc7_$`x`~_~Cvq%*^Di-UEfR##*7yyd zEcV2{z7pNk!Sx}0chzTs{cAdksEZ8^8G7jhEC1u+|G>+>^KX&&EwnSVGUW0@7zfxZ z`8WYe9TJbI>%j;hKYiaJJuglo?|O_i{SAN&!h0)!2`ygK!lGO*SU|L6$)eWn_pzlG z)hounEr!-TtP4p@-Erh46Y?B--vIdNxr{V6Dlgu3wg?TJYoGQM3;>43Cs7MwSQ3V% zgRlUEmH4qGAn1sQCWK)zzJcEgc-gq(ORm^(6e72-f1z#?6X-{Y;0SgC6$;B}iHue* zqikD$!6nu$T;*{~jOU}1*GnDEADC!?M$f(hw04%E$K@T$Lkk#}L=z^$B@&hu4T=k07)XFY!5AhOx0hR2g9y z-;tlj*E9+!3HurkFt#4|_c(q@|%In{r~7vu#`rWGUi6W-2W@<>rnn1S-++ z5^h3aLxe%zX%h}l_FFyxh;C82%9YwC&lP!)2LUbN3~3c4oiVi}Ba-mS4+B1ZL3?w5 zPLM17>9P;->+hLCs9j>Ovf=ZB%&=8Bf)JoGrU{XIZZDak>LGlZqY~EDQps-^XME5) zKIkAQcd2^|QsC|3$(y5hr*B}CV2?$?cliShoS%+Q-gNobj`(&>p+8e2oj}-VCjq?| zLOjz3Sk2kY!g?$Sgdr0ks8(RU40Qh4ZMbN_j1f~P{2c>{>;~*c%o1c!z^EY95 z<5NQ!o<{-5NV;WX1x&|b{atKvpz0NjhmaYox}=|+A;>K@F7=U0?gt(yMy>-riRnK* z!@K*O@(* z{0b8i(09guGBuO&#VSu#?|(I^76Cv%xq`)|7l7JurL!;XD4;WtOPLA#?5`pLVV}QV z&C0~+4?r~V@t5T<(4S>O7KD7rWr~c@gdUTk`O+NpqudC`L2?n^(%?!K|Hps=i6F5e z6rD`M%8ZQmm_~P=3u4E0`8zCsEoISJ*n4F9W+fmjiN^G5dM2b_%)NXW{TB37>;_*@ z(2@`5@5CCFuapC9V)%Ka7Fh{7b0;7SH7roDH2Ppc7K5yB|9QLFyb|;WcRxnq@G4jQ zg2E)_B&_@6Du&OpFfEOoSa1Ye`VxwJQ5dj6&<8l=&WSuM#RdwW(C$5dP#>VEGaAvL zmlc+Ex36F*F#&_K4eF}+6&C_*zivVLFF#(*%EajZltj)eS(lIjrS!vm3K}d!((yC& z;!?(3B_sce^v8kwBva^|^dALxv6}k}Il|X^^Um3_kI<_1(-#m>&^r~s!jh>gqyHGN zRQtgHwf6rx^v6T`9wj+{>jz(SMUl0hLi^QSF8?=|7NS2Rr5^p?Ch08Ir@ue;eO%a` z!m26qdVI?KLgZu2dNXEXE)jfDK}qVMX_MnV(-3gwhhJDOCKq}_1BVe|k}Lb18x`ym z$Z!Sg&MW(8K04LfLEqpWK|GiF0Qya{7X1V2_{rcEu0qe8WN;;aisSr0g6GUe&B?|E zCynE?D7i2(Clg`2@(K7S) z$4`VAI(hqM>wVULU}LchfgOYQBGwsVX1h>z=6 zGLX}+5PX@-2EBmIt&dO1VhIR4?w^Fo83-!SU9QSAY4mrf8&NTxmC66hd`=t*amf1y zj$*XiV4rZvDDv)b_(t>ww*V%r`~-K_7>w1>U$g&9Yn_&VS+sv~^N%FX&7&c`!~}$K z>*Lf+DgF6u)%5>L5)j7sFw_lg;c}7A37r1m2F6HEmC4J0kqLV|%trLnC={Esf<;2o z*-t`iS*ox9b8c{Qud?EYxO)_{ah>p;3n!Qedo96$g&2(;SA5$CG!`nk%d<4DNIZrG zk`v1s?8y*+76hFVteA2c5MdXV8Wy}AI$UX3i2l0vAK$sAeqNK!w?EIs?DC_L?{OUk zHw8rdkHTKO2%3+U=Ahr}Q+ML}nhYpw|I0Kd8HC|2a>HI(d(NBc(_hg2d2wC;=UXF8 zwdZ~pb7}uqwyM*wB-PjdgRn6S=5R$kZV4DTcQiEt z#IbJ+pPV+~n-$p2mPS8TJ)HxLew~6VS-iOZ(a0s2Bh3EI8UyP0|A<1jbsb#;`l7CV zMGnF@x+E)JXPbY|JsX;S5Z;p^Dv2luw^l}fX?X&|W-R_mO23%P)$En>FU_q=K7|$E zN~+)fF%OxYU!)QLTRLipY%u63{gVV)Vd5Ws02EtfhcY;-c~kA2~K1w~Qwb18c9 zqGulEW}=X7vT~4dEp@Uk{dL#>abfby(_eG`ThY!=y);kzqcp~i-z&BF1*eutYP5cT zV)1mb%hY(Ad-~wi2i$=*F$f6{ora`x$Xx{Z1Sy=IU)Y)w*m%U+M+R=R=zuLg#@+ zU(bnpggY#MEn`E!b=x5HYnd5wgL*OHM17<#Y6^?k1wIDdDQdH>9G{;}DAhMn{P zNLL1;X@wtZO#VXl?R{lU@`XEN{&@I5yag5wM-Xv7spIOvyBWX)gbtv937c6i-~4n0 z9qt8zA}}+-f-Vn*Z9E!jH%x2OeN%12_y=1N-Jz}{eOR#{yQM3Ieux7Ibsnrwl*7<_ zbooCW(V#Q%`Z!@|99TRqq8RdjB)4PeCy)EXUMf0$oNeK7^=3RW;7t#!0Dhp`o2IKF zS(0exg&R`|gT#Yy?Dv$_tr3nBrV{F&#fY=xg6@pngnNxw``2J*;bj1Vh+ z;ZVzC^D6i&rX=4p9{FK-%X%TO1<3ckTM9km>gvikJbxox%e!LO7(bq$z9%zwG1|{Q z>!rRL2F77sdx6Ly0$5Vo{=%QTCQae(1Ay63_(#oiz3ZD3Iu*I zvz{Pap%@*r@jqNEVq*b+i(=;3t+1PQ381Rcpvzo z(@S@hi*02Gp; zg5m>GPzX6k(fGOi8-kk1je-GR*P!A|oWzKrFfc0dSa068$@_7Cl5ra7NZ43$(AAy= z5o)^d^Xm!8BH|>$TjVALOr>M~HO2^zBFBYZlFB9NpoO@5!{L~_b9q5Og5DI3-DDim z+)$Yw*kl<0QZ{<8@N);J>8rBc0fdLK18#_`!^pe20j7co=;P!H!zSe(N(e4F0GYRp z^KotmL9GhmE4Vs;*tdK1lQnV@fXrp1WAvPOa2j5 zZFFH!vVksy%IGCApFIar=MyU?R!A^>=A&$kC9_7{2frGCJz0dXQ!PDsEikHI3rIApOlEW!CS#3)>~q- zRdJA57fkhHR&qXHHGTmx!18R~UI*5vIO=noAK=&9{A`N;X0|Uso2a*$ZBuJg^M&d4 z;N@_lyn!EoY!0VT4vJwcnU=-+&iwlIMG7#*SplZLD+l)uI~xd&;UsH00Q>RlCKsL} zs3Z;9OT&9)T+ivr#rg3MA1;nh-e}=Faz8cGLqMi*TgQa31OHI%Fq~_cOxYZy#$GWG z8xiILx&_XuFmzamaNPre8Y0Lo#$tcAx9bU=oW*MS=6i;c?|_#!?=`-ENyL|oI+KfSxH1G zXO;$kE9){FqAsIC7o195;>5Qgf&!!g26N(As?cHX*VIzrS`x06&OVI|9;#iIE4H|8 z(+c|*YCINiFk_n6e+_)oLkCz}XP6Y;!_&|iH8!#j7?FHSC;Y%z5OiLII9g7Y+j8Oz zWI0tv7K67yJBl$cK^P?p_`{*5u#C%_TdDwmbp3GLvu{`gA_JRo8HmLwMB@@`_?SCU z45nkvi?iOC5&C9q!FMri8cwgrLZUr*orJ8ZXyRH3JmzBxe?m*KieND1T?cE+2BE$+ z__6~!s?g6Z{=z7FYzg;0OSaiOc-23}`bwPA9h9TOZX&(~ds|~Sq8YH0kUEUVgzKh6cUKTJE9zn|x zy&M$6%&E|Gca&`0r=Tnb3V>@a97~y=n3IQqXk3OP8pO<|v4qi|0y8eP{rQCuM~o#D z_(AEA8S)w%@}-NQ4Y8xU6#4CYcNDjOiLG?Q*kaJJA+jyRMTmiQ2@X+U>1fP`r~sy* zVWhiM(mIrz$6bGnQEf#S@ilc8-|%`G#; z-c~H6hTQj9T&9V44I{r*w3L1(U|J#y6>G^G+vjG1C}>GYk`-0QYb?-IUb#4W_9)|mDwn@t{HpE#4rRFoX8^sPM;CpFo zKdVRIMB#V@CE1>F)gcB#Atal4n87Bwr4yT|+dpWi7T(dy>KZZw;CKSc>L+#~E?r)PMIWQSj5!-fKUv4Gl7R_OPvc;tX`8+-quFI(S#Bjrl@qj!g$ zi{n?Fqr>x8Z@V8lN9QMp?~fEn>|_nGr@@!)KheoK?Pt3>98wvhEoCn}%?=D`BjFL2 zt48JQu+#a+>G|tNM+FaD0L`=q>`rlc|F7=R$HCAskk!SNF5f(vs_d0OS*_g_-a-F zgdqQEojL9;VB^vtriSWAD@adUMeM{wtHlYP+_sT*gp=wFNKKo66eH}=&MhxQ$blSR zpRq!@uVjOSBYt*+VJKEmj;BSu5ndm)eZV{>TP6a-T!?(!=7gC2Ftpjuq$yrpJCS_B z@3I0IGrSc{{nD$J-4t&!>nMCs1D8!~^6cb^m~dm6!T+?$=dXsLY+djddPom@w?RB- zXgfpaKLF-FW@|5hSjS;Ej4fdgS@7De?Kd92@x7r}GqWKBEBKPoFft!p$Rhk!AzSWf z2Kc6&X;M5tgMQNFjy7co3h3W=XER+-Zk6HH9PAbQ7r zb`+M3FCx5&5ha{IyadF>1ZN)Me8pxS?teAOhMzF;Ad>fg6wir>^M`M-7S9DSVMFv| zHqXH<2`zzKF63~X5qCQAsA#%g6po}=w#ebTcLwg>qZ#is@F(YCnEZ%rg>glPdn}e5s#*Q20SH=?HQ|E}8Uwm94hbDp{K*UHHPZvx&VcdLG(hMX`YC4u zM@1qQBbKCpB@Fq^H`37E3W_|M0k#l{#aSc|sAv=B4q>PV)?iD42*W0lvX*_0*(*Y@ zrpaqB;&P#I)X%KqjALhcF|1{gJtJ-Q4N*^aoKiXw@)~;M;c#N%HZB`GLUdk_dS ziM^8UC**RIx`S}@1=$?X$>v7^SwF04iO_Z17&3={`_P)wiPlUzarW^Q7oNvwC<8%r z_`&fp#uHw!<|FI?5z%&pDWAMC**8Uu6OxzX$l$_uA68*qi#jZU-*JHc9yk+W8R?9E zO%s>`wO$IM-_jv?qG+24x!Y*Y1o9td;;#T>Vn3LP2;1ODKz~R}>HzD)aos9RthL0Mc~=>+xCi@*wL6R(-af}@ z;X+N4HEu^Z*jBW-PM@gNW;L`4174C1&-Zp*R=*^e?ZaW=QJp_fi%ap$^^R*4Fb#APoNAevX1;fvRhf7)nI~O5Fkir$(8Yg$ zQC^{ovmf%62%iFl8y^`!F~F4kRTb7SN#Oa%Cdx>~<8NiP8ftt2bOTg;*s03Qzgzc^ zH}bCd$U5jjHB16eZOvGxc~imuo9!Dd%^Env{hrcy6**f#*aj6zpRFVg;;KQWcZ0PU&z15 zA&``2vIyENQ@q3jE)MzHTpBl@j}j*KSj0W{$ajq#TxFc7<`T6o z4v8O$I38+)@i{DYp}X1QkX>qj{~*q`BxWN;fXxEt78|LcRc!C=0~q)X3U1(%{hcYK z%3;FzFIWB@&HNzj0Lt*uO#}!kM`&Svo?%e3bXOpk7A&+*!8}tOw?#8gHg>0DKcZ8giI8C;7*sbw;myg#MVyUh5JA5IwonKfE}?I>0@jj(fP z)o;=y-B#Y{W@;>zJAg5CkeKBr*RYhwGjCnAe2Sye!rxHqkz74e(Zh>T7#-zfa z#*7nJO*gHkD#YaemokO$*iBGU^6xGjlz*mPR@(r}m&iV91#w$m5sLY~oUSkQ%FxWvo0NuH`n_=t4MjUK;5R*D)`Xmmd`ZsRNU)A0!%0A+@8El(z-i+^TKZ6=oGmN*k9 zQkLZFkYc5ZJk48Ka4+YnVmdj35(s z99i_4D%>nZpyYo)b+auk6~=#eK>ZOkw+(z*QXMnSe`xK&$F=_VG>N$)-g(0|+Zn@H zO;lH2;zeP&LD}X$hnUMa`ZSVPDyvtLv4|4e5cw<-rI(IkK7Z(~>?4~~)rqk50&>N{ z5Py2Z&bZ(AJ`vM03xkoP_evaup4NdP2hXr|d~W)MNthvS;}QA{I?JD69Y_RPmt6-V zBlrRRS$sLaanYlGFJ=devmjfVon?SWW3wA4PCA$u4bZ3+ZdG$76Ngq&5z2?IqnS)Xrbe^^=X~%Fl3?{+I&0+5e-g*8E%g|n`Op8^+d=#P`uv~A zPgMurF0%tH(EfY7>-Jws%D2Cm51xGdxAxZUzlv0O;2f zUl@bZ{$USq4deXi-O*v^2$zo{l)=ctNPo|+=Sb~;mL;z3Qcjo@;PEgIcAbi#1R$2)X)=ux~x(VahFh=9(CdIW! z)pFnBBJB}V_4rRu$9`}fGsb^w_h7dW|G&4l9{;OI8zj92Qrz7ruR9ahV2U^cc1#{# zgsI&cDeq4dSMc$XC@(%FAMo%I!}v}dB|t83@y5#uH^%obj2Hj4$!ZuN>DOe2qeh3{a1JzkIw~m`Z9ks+jQ@l`&Np>l2igT_S?l z7NqZ4rN4=pqFVmTwtx60@GSkW)ynVx9IW?$SCnvrch3`eJz2^3M{I4QOr+?bgOJ9|9ez_kL-Vr0y5CMRPs; ze}$>a{=Yoy-$M33cv##2R*|aOe|grw+46s9yWszGuwMVKCh7LS`3-<<#U)O(l~?FK z%&xaK;jJ=NjsN9Y|7P3&c6JKmfA3&z|6fVMbAiREooW3O#y;H;$8C4twz*H#Ab)Ie ztFrYi*VwlL>zf?=%e1{s)h`v3Tdq^BZ>d~Ss@Fabt7De@Z|3)ZwqZ_K>wharv)2D! zL#+90tpD+iyqHX!TXq!O+2sc;r3dfG`@T^`HjO3O zGgd)QhH8l>EgrvB+@HGduG7O)rGNkL5)D8L*njp~YyYp6q{{YRq5)`@{pVmeAOCr< z-CCdjvy!w-`;Y89D|PIW*Kd|vhvWjUM}3-5c~L0GmwfrcZ%Zq+A&HwbLGk%L4cutL z?uxsmlb6q)J?HmJvSplQMMHV7S-WNLwColUSN9OhCFWoFNsr^m33_;GPk%(Lo=dui z*8g*?|1_;XlP|zRrw4iWn&uWBaQVL(*8I9NiS-Q)XymyPd&|OWfGppGrK#h;%p<8i zS5MWI<9~?;pjrC=?p|L0A2eI*{r{Dujr3Z~+6EwJj3n$@8Sz~#Va+_b^F{G(g-{J(bA`rk?t`hOLVuW$21Z*UmpB%HYD&qxoG zZyU-L^gkW{aCmaqJvw=H{;#u(P|ND9S z&vtWXZ)Yw4SCLfvf4mHXIXi+I*Yenrs3Kl6YxL$!YxHK$8eLIBu|}sx|2St#PsQoO zZ0S!&78>CY%gS-BNP8{-KY45lPf--N7$}FuZYuM^X7)BWD}QKT9xyj(aF#GbDDbAv z6H30~q)>&_5~clCsAWB4ksAc_Mnjv1V z^oi{7b$^ja&G1j%lnbSLGr+^@m^J=)w_8R3@3sARC286I-<7`Ed;zvR=j?LFX*p;Y zH}*btgRD5E=l_G$7hLM%gFTuot&ZvAe{XxIRk;77xxXI&D@opvxk81pA%4XZ+@+lG z+Z1iw@Q9M=+z-LaJ^+l#^#c6MFXJIE zbwr=@yj%P;%=EwwejR`pkm%CP3_9k=iY(%GA^6Uv4^*MPy~L~^;l+r$I*j?{@eUWUcMwK)uv=*_X@C#{N|!*Fva$?$bRwaY+CN@;v)qQ&QVU3$_MY-1t<}9dccY}K8wO@)@t;VY_;Lg33~9;YKcz0L5_x_WJ36fbl!h(6H!`4 zVzolvW@lsH?{N2OlLTQ>GMHv}9}R30`ji_(mIV>773+vgyp{w~T+Eq4)7oMN?0*V~;Z;(KvYj!9LSsb~rI&xz9U*`~Ood^Re_XSETK#ZlKi^gWp4 z9@0ydnJwgZvjDzbpsB0Lk}kVuwtsTYD_it$W*W60+OVkgdz*7jkdHDCELGf^MH0>0 z934k~J$`;TfA=fqCSd;<=rrq45(F|2L42NXVq&RrS`?zhw~%W8J_W&<7dK3P7-Y*)n9RX zQtHm*!a1>o9+P&LrsyUDVSiph4(qIM<lHe=xvqo zLeaoWnV@_}!NpAHCj8q%kl_fwg%R5C@xnfQ$0izh!Tz#bwBHAH9DiP&gh#Lz8Kc%q zNCp^434oIEV9d|%` zV;_DU-vnX$n)ejEynmLJvG~P;9qoE%Cc2%(9UOfc;R=m+Qu#%6R#+pauhbrU94N1a z2Y~X%(t}x&a1{FC&4k4<+@`)wwih-~Ur*=k6*Z>hu_}d`V9YVxOuv3a)4)7@mx@nD zcz$SX69&<%gtW6 z`GRbwB{o0KGjXRlJbb2{F%ha%sgoSHlR*YSp88E1bAU`Jk2*jG;$wa~Oi8KJDqSb; zqJ6hk>#W;m6>Wns8>9+C5WvKYtHKgfABq3_JE)*$-3DGb>AG zvBOR`t?4H0)*N)Say*d3Y93y+9+MZ<+wU4waCaLx;1DJ+~1_%s#@`Chd=1SKP)7+%?Xg6TJ# z-n5ChYzkh_PwV+<74y?f#k4CK{cF-tA252%@3cPhO%0vz)}!W|9W_-m%ZkU(YNnX= zAXyKRc?OB__MptyLwHwp$Db!3=y`%RCQ#+*bI&z9Y{f^#zAC zbUu9uoIA(!ab&egOTO)}z-f4%uj4N0g_p;4{@ocBvPLJq(5cj0qhvAhz^WMQIAtxh zg;_Kz?o|S~w7JXoDj~N7Sz9&|SxMD}6yk zo_|B0rHy`h@*=C%ZK~=>_1q9Nl1o=Uoc8@(til@*>lv!C(G#5~Tm zra5CD>*9AQ3F8YS>BL#WMn#fN)6d&w<`UNr$36Qd3~zkOj=RAC9qU>|=zmyZ9eE6j zWfX9)QbKBupNcTe$~i#ka5b4Gt1REFz(oDkpaYrxOetw_#&Z0Q(yqLMZdQGt!- zideG{nw88-u`eH=0IVy4bz>Ge){R)`*sP9L6>=s`ZHutYpBngkSsmt8$-6ke~FnZ z?Ne#s%30`pZka{7j)n12x=Ri<(fr5#lQ21pXpFT~4CP$OHaYa~ok?7G1gw}Mj$Bo5 zu2hRnBU49VA(fl{xqGUJl~`{7E!R)WQOL(8CC1KVk zX?W2?*DQ|jXXN`2Fn^**9@rk_0IX7={V+-aSI$Ur8ib^kpMwuPT2$;6EUVxCHW``f zLVQz|$JTQG#pCNr^UfUCoy0;HD8K83e=Xc_qF+Vksu!IwXxy;K&)m1&sP2}|Vg_cV zWoMfz(I~`1owLPJW!P#ZkrhT%No|=8wv6-A$Xc(#!*TMhwtx9=w{;h6KHuw8cjEfA zOYeZt3h^d0@oytgRXcd3Qf4rUByA$6le7H@zNlq}+6N6t-O?`QVm?!wY>Gn(`2@3BgE<^3pO1v))6{_ID-I>&^yA2i zIn&9YdI6{us()AqRv$@Ltsa#_o$FMIY(UJb7Rgbe9pf`~U8)*WwNh=;+P3%XR?9y4 z^Rn04xnqWS7tN|GwRT}!Xj=(IG)!}=o+&{d#==Fi2LdO2RC7YMxMp=}^x?wU;b$h5 zZy;r7D&e^T-l&bNI$+i@7I7~Fip5-H_QTL-OLCJxUw=E1e6A<(lYE{sHlHr8>9;0lJgI{&KO1>o5o`YG~!ztlyY=st{=ITkHoH{ z`NCWvo)rWALf&wt4f38BqnA`&a?@mGKbD$~(ai_udbr@Bt-v`*{vt4aSKa{Aqo0Av9G&hB&G diff --git a/tests/product/tests/data/aws/aws_s3_test_cases.py b/tests/product/tests/data/aws/aws_s3_test_cases.py new file mode 100644 index 0000000000..7052ff1bb0 --- /dev/null +++ b/tests/product/tests/data/aws/aws_s3_test_cases.py @@ -0,0 +1,38 @@ +""" +This module provides AWS S3 service rule test cases. +Cases are organized as rules. +Each rule has one or more test cases. +S3 buckets identification is performed by resource name. +""" + +from ..eks_test_case import EksAwsServiceCase +from ..constants import RULE_PASS_STATUS, RULE_FAIL_STATUS + + +cis_aws_s3_2_1_1_pass = EksAwsServiceCase( + rule_tag="CIS 2.1.1", + case_identifier="test-aws-sse-s3-pass", + expected=RULE_PASS_STATUS, +) + +cis_aws_s3_2_1_1_pass_2 = EksAwsServiceCase( + rule_tag="CIS 2.1.1", + case_identifier="test-aws-kms-key-pass", + expected=RULE_PASS_STATUS, +) + +cis_aws_s3_2_1_1_fail = EksAwsServiceCase( + rule_tag="CIS 2.1.1", + case_identifier="test-aws-no-encryption-fail", + expected=RULE_FAIL_STATUS, +) + +cis_aws_s3_2_1_1 = { + "2.1.1 Ensure S3 bucket encryption: SSEAlgorithm=AES256 expect: passed": cis_aws_s3_2_1_1_pass, + "2.1.1 Ensure S3 bucket encryption: SSEAlgorithm=aws:kms expect: passed": cis_aws_s3_2_1_1_pass_2, + "2.1.1 Ensure S3 bucket encryption: encryption disabled - expect: failed": cis_aws_s3_2_1_1_fail, +} + +cis_aws_s3_cases = { + **cis_aws_s3_2_1_1, +} diff --git a/tests/product/tests/data/aws/managed_services_test_cases.py b/tests/product/tests/data/aws/managed_services_test_cases.py index 21b9f09d00..22b907cfa3 100644 --- a/tests/product/tests/data/aws/managed_services_test_cases.py +++ b/tests/product/tests/data/aws/managed_services_test_cases.py @@ -70,47 +70,32 @@ aws_test_config_1 = { **cis_eks_5_1_1, - **dict( - zip( - cis_eks_5_4_3_config_1.keys(), - skip_param_case( - skip_list=[*cis_eks_5_4_3_config_1.values()], - data_to_report=SkipReportData( - skip_reason="Retest after testing configuration will be fixed.", - url_title="cloudbeat: #500", - url_link="https://github.com/elastic/cloudbeat/issues/500", - ), - ), + **skip_param_case( + cis_eks_5_4_3_config_1, + data_to_report=SkipReportData( + skip_reason="Retest after testing configuration will be fixed.", + url_title="cloudbeat: #500", + url_link="https://github.com/elastic/cloudbeat/issues/500", ), ), **cis_eks_5_4_5_config_1, - **dict( - zip( - cis_eks_2_1_1_config_1.keys(), - skip_param_case( - skip_list=[*cis_eks_2_1_1_config_1.values()], - data_to_report=SkipReportData( - skip_reason="This rule is implemented partially", - url_title="security-team: #3929", - url_link="https://github.com/elastic/security-team/issues/3929", - ), - ), + **skip_param_case( + cis_eks_2_1_1_config_1, + data_to_report=SkipReportData( + skip_reason="This rule is implemented partially", + url_title="security-team: #3929", + url_link="https://github.com/elastic/security-team/issues/3929", ), ), } aws_test_config_2 = { - **dict( - zip( - cis_eks_2_1_1_config_2.keys(), - skip_param_case( - skip_list=[*cis_eks_2_1_1_config_2.values()], - data_to_report=SkipReportData( - skip_reason="This rule is implemented partially", - url_title="security-team: #3929", - url_link="https://github.com/elastic/security-team/issues/3929", - ), - ), + **skip_param_case( + cis_eks_2_1_1_config_2, + data_to_report=SkipReportData( + skip_reason="This rule is implemented partially", + url_title="security-team: #3929", + url_link="https://github.com/elastic/security-team/issues/3929", ), ), } diff --git a/tests/product/tests/data/k8s_object/eks_k8s_object_test_cases.py b/tests/product/tests/data/k8s_object/eks_k8s_object_test_cases.py index 81a6e877ac..e2ef78c1e8 100644 --- a/tests/product/tests/data/k8s_object/eks_k8s_object_test_cases.py +++ b/tests/product/tests/data/k8s_object/eks_k8s_object_test_cases.py @@ -164,17 +164,12 @@ k8s_object_config_1 = { **cis_eks_4_2_7, - **dict( - zip( - cis_eks_4_2_8.keys(), - skip_param_case( - skip_list=[*cis_eks_4_2_8.values()], - data_to_report=SkipReportData( - skip_reason="Retest after testing configuration will be fixed.", - url_title="cloudbeat: #500", - url_link="https://github.com/elastic/cloudbeat/issues/500", - ), - ), + **skip_param_case( + cis_eks_4_2_8, + data_to_report=SkipReportData( + skip_reason="Retest after testing configuration will be fixed.", + url_title="cloudbeat: #500", + url_link="https://github.com/elastic/cloudbeat/issues/500", ), ), **cis_eks_4_2_9, diff --git a/tests/product/tests/data/process/eks_process_test_cases.py b/tests/product/tests/data/process/eks_process_test_cases.py index 962c087b11..b241b10863 100644 --- a/tests/product/tests/data/process/eks_process_test_cases.py +++ b/tests/product/tests/data/process/eks_process_test_cases.py @@ -281,36 +281,26 @@ **cis_eks_3_2_3_config_1, **cis_eks_3_2_4_config_1, **cis_eks_3_2_5_config_1, - **dict( - zip( - cis_eks_3_2_5_config_1_skip.keys(), - skip_param_case( - skip_list=[*cis_eks_3_2_5_config_1_skip.values()], - data_to_report=SkipReportData( - skip_reason=( - "When streamingConnectionIdleTimeout or " - "--streaming-connection-idle-timeout equals 0 evaluation is passed " - ), - url_title="cloudbeat: #632", - url_link="https://github.com/elastic/cloudbeat/issues/632", - ), + **skip_param_case( + cis_eks_3_2_5_config_1_skip, + data_to_report=SkipReportData( + skip_reason=( + "When streamingConnectionIdleTimeout or " + "--streaming-connection-idle-timeout equals 0 evaluation is passed " ), + url_title="cloudbeat: #632", + url_link="https://github.com/elastic/cloudbeat/issues/632", ), ), **cis_eks_3_2_6_config_1, **cis_eks_3_2_7_config_1, **cis_eks_3_2_8_config_1, - **dict( - zip( - cis_eks_3_2_9_config_1.keys(), - skip_param_case( - skip_list=[*cis_eks_3_2_9_config_1.values()], - data_to_report=SkipReportData( - skip_reason="Rule 3.2.9 - unclear CIS definition and implementation", - url_title="security-team: #4947", - url_link="https://github.com/elastic/security-team/issues/4947", - ), - ), + **skip_param_case( + skip_objects=cis_eks_3_2_9_config_1, + data_to_report=SkipReportData( + skip_reason="Rule 3.2.9 - unclear CIS definition and implementation", + url_title="security-team: #4947", + url_link="https://github.com/elastic/security-team/issues/4947", ), ), **cis_eks_3_2_10_config_1, @@ -319,61 +309,41 @@ eks_process_config_2 = { **cis_eks_3_2_4_config_2, - **dict( - zip( - cis_eks_3_2_4_config_2_skip.keys(), - skip_param_case( - skip_list=[*cis_eks_3_2_4_config_2_skip.values()], - data_to_report=SkipReportData( - skip_reason="Rule 3.2.4 - When multiple args provided cloudbeat evaluates results incorrectly.", - url_title="cloudbeat: #719", - url_link="https://github.com/elastic/cloudbeat/issues/719", - ), - ), + **skip_param_case( + cis_eks_3_2_4_config_2_skip, + data_to_report=SkipReportData( + skip_reason="Rule 3.2.4 - When multiple args provided cloudbeat evaluates results incorrectly.", + url_title="cloudbeat: #719", + url_link="https://github.com/elastic/cloudbeat/issues/719", ), ), **cis_eks_3_2_5_config_2, - **dict( - zip( - cis_eks_3_2_5_config_2_skip.keys(), - skip_param_case( - skip_list=[*cis_eks_3_2_5_config_2_skip.values()], - data_to_report=SkipReportData( - skip_reason=( - "When streamingConnectionIdleTimeout or " - "--streaming-connection-idle-timeout equals 0 evaluation is passed " - ), - url_title="cloudbeat: #632", - url_link="https://github.com/elastic/cloudbeat/issues/632", - ), + **skip_param_case( + cis_eks_3_2_5_config_2_skip, + data_to_report=SkipReportData( + skip_reason=( + "When streamingConnectionIdleTimeout or " + "--streaming-connection-idle-timeout equals 0 evaluation is passed" ), + url_title="cloudbeat: #632", + url_link="https://github.com/elastic/cloudbeat/issues/632", ), ), **cis_eks_3_2_7_config_2, - **dict( - zip( - cis_eks_3_2_7_config_2_skip.keys(), - skip_param_case( - skip_list=[*cis_eks_3_2_7_config_2_skip.values()], - data_to_report=SkipReportData( - skip_reason="Rule 3.2.7 - When multiple args provided cloudbeat evaluates results incorrectly.", - url_title="cloudbeat: #719", - url_link="https://github.com/elastic/cloudbeat/issues/719", - ), - ), + **skip_param_case( + cis_eks_3_2_7_config_2_skip, + data_to_report=SkipReportData( + skip_reason="Rule 3.2.7 - When multiple args provided cloudbeat evaluates results incorrectly.", + url_title="cloudbeat: #719", + url_link="https://github.com/elastic/cloudbeat/issues/719", ), ), - **dict( - zip( - cis_eks_3_2_9_config_2.keys(), - skip_param_case( - skip_list=[*cis_eks_3_2_9_config_2.values()], - data_to_report=SkipReportData( - skip_reason="Rule 3.2.9 - unclear CIS definition and implementation", - url_title="security-team: #4947", - url_link="https://github.com/elastic/security-team/issues/4947", - ), - ), + **skip_param_case( + cis_eks_3_2_9_config_2, + data_to_report=SkipReportData( + skip_reason="Rule 3.2.9 - unclear CIS definition and implementation", + url_title="security-team: #4947", + url_link="https://github.com/elastic/security-team/issues/4947", ), ), } diff --git a/tests/product/tests/data/process/process_test_cases.py b/tests/product/tests/data/process/process_test_cases.py index 61e5873138..c26850ebb2 100644 --- a/tests/product/tests/data/process/process_test_cases.py +++ b/tests/product/tests/data/process/process_test_cases.py @@ -947,7 +947,7 @@ *cis_2_1, *cis_2_2, *skip_param_case( - skip_list=[*cis_2_5], + skip_objects=[*cis_2_5], data_to_report=SkipReportData( url_title="cloudbeat: #512", url_link="https://github.com/elastic/cloudbeat/issues/512", @@ -960,7 +960,7 @@ api_server_rules = [ *cis_1_2_2, *skip_param_case( - skip_list=[*cis_1_2_3], + skip_objects=[*cis_1_2_3], data_to_report=SkipReportData( url_title="security-team: #4975", url_link="https://github.com/elastic/security-team/issues/4975", @@ -973,7 +973,7 @@ *cis_1_2_7, *cis_1_2_8, *skip_param_case( - skip_list=[*cis_1_2_9], + skip_objects=[*cis_1_2_9], data_to_report=SkipReportData( url_title="security-team: #5128", url_link="https://github.com/elastic/security-team/issues/5128", @@ -1021,7 +1021,7 @@ *cis_4_2_1, *cis_4_2_2, *skip_param_case( - skip_list=[*cis_4_2_3], + skip_objects=[*cis_4_2_3], data_to_report=SkipReportData( skip_reason="Known issue", url_link="https://github.com/elastic/security-team/issues/5106", diff --git a/tests/product/tests/test_aws_s3_service_rules.py b/tests/product/tests/test_aws_s3_service_rules.py new file mode 100644 index 0000000000..aba0b103a8 --- /dev/null +++ b/tests/product/tests/test_aws_s3_service_rules.py @@ -0,0 +1,59 @@ +""" +CIS AWS S3 Service rules verification. +This module verifies correctness of retrieved findings by manipulating audit actions +""" +from datetime import datetime, timedelta +import pytest +from commonlib.utils import get_ES_evaluation + +from product.tests.data.aws import aws_s3_test_cases as aws_s3_tc +from product.tests.parameters import register_params, Parameters + + +@pytest.mark.aws_s3_service_rules +def test_aws_s3_service_rules( + elastic_client, + cloudbeat_agent, + rule_tag, + case_identifier, + expected, +): + """ + This data driven test verifies rules and findings return by cloudbeat agent. + In order to add new cases @pytest.mark.parameterize section shall be updated. + Setup and teardown actions are defined in data method. + This test creates verifies that cloudbeat returns correct finding. + @param rule_tag: Name of rule to be verified. + @param case_identifier: Resource unique identifier + @param expected: Result to be found in finding evaluation field. + @return: None - Test Pass / Fail result is generated. + """ + # pylint: disable=duplicate-code + + def identifier(eval_resource): + try: + eval_resource = eval_resource.resource + return eval_resource.name == case_identifier + except AttributeError: + return False + + evaluation = get_ES_evaluation( + elastic_client=elastic_client, + timeout=cloudbeat_agent.aws_findings_timeout, + rule_tag=rule_tag, + exec_timestamp=datetime.utcnow() - timedelta(hours=2), + resource_identifier=identifier, + ) + + assert evaluation is not None, f"No evaluation for rule {rule_tag} could be found" + assert evaluation == expected, f"Rule {rule_tag} verification failed," f"expected: {expected}, got: {evaluation}" + + +register_params( + test_aws_s3_service_rules, + Parameters( + ("rule_tag", "case_identifier", "expected"), + [*aws_s3_tc.cis_aws_s3_cases.values()], + ids=[*aws_s3_tc.cis_aws_s3_cases.keys()], + ), +) diff --git a/tests/product/tests/test_eks_aws_managed_services_rules.py b/tests/product/tests/test_eks_managed_services_rules.py similarity index 95% rename from tests/product/tests/test_eks_aws_managed_services_rules.py rename to tests/product/tests/test_eks_managed_services_rules.py index 6d7d624081..473875d385 100644 --- a/tests/product/tests/test_eks_aws_managed_services_rules.py +++ b/tests/product/tests/test_eks_managed_services_rules.py @@ -10,8 +10,8 @@ from product.tests.parameters import register_params, Parameters -@pytest.mark.eks_aws_service_rules -def test_eks_aws_service_rules( +@pytest.mark.eks_service_rules +def test_eks_service_rules( elastic_client, cloudbeat_agent, rule_tag, @@ -50,7 +50,7 @@ def identifier(eval_resource): register_params( - test_eks_aws_service_rules, + test_eks_service_rules, Parameters( ("rule_tag", "case_identifier", "expected"), [*ms_tc.cis_eks_aws_cases.values()], diff --git a/tests/product/tests/test_k8s_objects_rules.py b/tests/product/tests/test_k8s_objects_rules.py index 0ede4d2bd0..66a234ef50 100644 --- a/tests/product/tests/test_k8s_objects_rules.py +++ b/tests/product/tests/test_k8s_objects_rules.py @@ -100,7 +100,7 @@ def match_resource(ident_resource): *k8s_tc.cis_5_2_2.values(), *k8s_tc.cis_5_2_6.values(), *skip_param_case( - skip_list=[*k8s_tc.cis_5_2_7.values()], + skip_objects=[*k8s_tc.cis_5_2_7.values()], data_to_report=SkipReportData( url_title="security-team: #4540", url_link="https://github.com/elastic/security-team/issues/4540", diff --git a/tests/pyproject.toml b/tests/pyproject.toml index bf6984ff40..d6297badb9 100644 --- a/tests/pyproject.toml +++ b/tests/pyproject.toml @@ -42,5 +42,6 @@ markers = [ "eks_file_system_rules", "eks_process_rules", "eks_k8s_objects_rules", - "eks_aws_service_rules", + "eks_service_rules", + "aws_s3_service_rules", ] From 61d49b03d64fda89a9efcf9c711b8a68b6ade880 Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Thu, 23 Feb 2023 19:12:43 +0200 Subject: [PATCH 27/28] Terraform formatting --- deploy/weekly-environment/main.tf | 4 ++-- deploy/weekly-environment/variables.tf | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy/weekly-environment/main.tf b/deploy/weekly-environment/main.tf index a1f0ef3336..8493db9dcf 100644 --- a/deploy/weekly-environment/main.tf +++ b/deploy/weekly-environment/main.tf @@ -1,6 +1,6 @@ provider "ec" { - apikey = var.ec_api_key - endpoint= var.endpoint + apikey = var.ec_api_key + endpoint = var.endpoint } module "ec_deployment" { diff --git a/deploy/weekly-environment/variables.tf b/deploy/weekly-environment/variables.tf index e64aed6df6..83c9159ad2 100644 --- a/deploy/weekly-environment/variables.tf +++ b/deploy/weekly-environment/variables.tf @@ -60,6 +60,6 @@ variable "deployment_name_prefix" { } variable "endpoint" { - default = "https://staging.found.no/" - description = "Optional endpoint for the Elastic Cloud API" + default = "https://staging.found.no/" + description = "Optional endpoint for the Elastic Cloud API" } From 473fee2fef92ef462d0e5aa830005b90aa0a840f Mon Sep 17 00:00:00 2001 From: ofiriro3 Date: Sun, 26 Feb 2023 12:59:22 +0200 Subject: [PATCH 28/28] Reduce time in Cloudbeat CI (#773) Trying to reduce ci time in Cloudbeat --- .github/workflows/unit-test.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index 6d47d776c1..fde4015d83 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -49,13 +49,9 @@ jobs: - name: Unit-Test Cloudbeat run: | - GOOS=linux go test -v -coverpkg=./... -coverprofile=cover.out.tmp ./... + GOOS=linux go test -v -race -coverpkg=./... -coverprofile=cover.out.tmp ./... cat cover.out.tmp | grep -v "mock_.*.go" > cover.out # remove mock files from coverage report - - name: Unit-Test with Race Detector - run: | - GOOS=linux go test -v -race ./... - - name: Upload coverage artifact uses: actions/upload-artifact@v3 with: