diff --git a/.changelog/2756.txt b/.changelog/2756.txt new file mode 100644 index 0000000000..d05c3eb2db --- /dev/null +++ b/.changelog/2756.txt @@ -0,0 +1,7 @@ +```release-note:note +Bump Kubernetes dependencies from v0.28.6 to v0.33.2. +``` + +```release-note:breaking-change +kubernetes_pod_security_policy_v1beta1 was deleted. +``` diff --git a/go.mod b/go.mod index d6dedf50e1..752633fffa 100644 --- a/go.mod +++ b/go.mod @@ -24,14 +24,14 @@ require ( github.com/mitchellh/go-homedir v1.1.0 github.com/mitchellh/hashstructure v1.1.0 github.com/robfig/cron v1.2.0 - github.com/stretchr/testify v1.8.3 + github.com/stretchr/testify v1.10.0 golang.org/x/mod v0.24.0 - k8s.io/api v0.28.6 - k8s.io/apiextensions-apiserver v0.28.6 - k8s.io/apimachinery v0.28.6 - k8s.io/client-go v0.28.6 - k8s.io/kube-aggregator v0.28.6 - k8s.io/kubectl v0.28.6 + k8s.io/api v0.33.2 + k8s.io/apiextensions-apiserver v0.33.2 + k8s.io/apimachinery v0.33.2 + k8s.io/client-go v0.33.2 + k8s.io/kube-aggregator v0.33.2 + k8s.io/kubectl v0.33.2 k8s.io/kubernetes v1.28.6 sigs.k8s.io/yaml v1.4.0 ) @@ -44,46 +44,52 @@ require ( github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect github.com/armon/go-radix v1.0.0 // indirect github.com/bgentry/speakeasy v0.1.0 // indirect + github.com/blang/semver/v4 v4.0.0 // indirect github.com/cloudflare/circl v1.6.0 // indirect - github.com/emicklei/go-restful/v3 v3.10.1 // indirect - github.com/google/gnostic-models v0.6.8 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/google/gnostic-models v0.6.9 // indirect + github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect github.com/hashicorp/go-retryablehttp v0.7.7 // indirect github.com/huandu/xstrings v1.3.3 // indirect github.com/invopop/yaml v0.2.0 // indirect github.com/mitchellh/cli v1.1.5 // indirect github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/posener/complete v1.2.3 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/shopspring/decimal v1.3.1 // indirect github.com/spf13/cast v1.5.0 // indirect github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect - golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819 // indirect + github.com/x448/float16 v0.8.4 // indirect + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/sync v0.14.0 // indirect - golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect + golang.org/x/tools v0.26.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect + k8s.io/component-helpers v0.33.2 // indirect + sigs.k8s.io/randfill v1.0.0 // indirect ) require ( - github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect + github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/agext/levenshtein v1.2.3 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/evanphx/json-patch v5.6.0+incompatible // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect github.com/fatih/camelcase v1.0.0 // indirect github.com/fatih/color v1.16.0 // indirect github.com/go-errors/errors v1.4.2 // indirect github.com/go-logr/logr v1.4.2 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/protobuf v1.5.4 // indirect - github.com/google/btree v1.1.2 // indirect - github.com/google/gofuzz v1.2.0 // indirect + github.com/google/btree v1.1.3 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.6.0 // indirect github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect @@ -110,42 +116,40 @@ require ( github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect - github.com/moby/spdystream v0.2.0 // indirect - github.com/moby/term v0.0.0-20221205130635-1aeaba878587 // indirect + github.com/moby/spdystream v0.5.0 // indirect + github.com/moby/term v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/oklog/run v1.1.0 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/russross/blackfriday v1.6.0 // indirect - github.com/spf13/cobra v1.7.0 // indirect + github.com/spf13/cobra v1.8.1 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect github.com/xlab/treeprint v1.2.0 // indirect github.com/zclconf/go-cty v1.16.2 - go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect golang.org/x/crypto v0.38.0 // indirect golang.org/x/net v0.39.0 // indirect - golang.org/x/oauth2 v0.26.0 // indirect + golang.org/x/oauth2 v0.27.0 // indirect golang.org/x/sys v0.33.0 // indirect golang.org/x/term v0.32.0 // indirect golang.org/x/text v0.25.0 // indirect - golang.org/x/time v0.3.0 // indirect + golang.org/x/time v0.9.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/grpc v1.72.1 google.golang.org/protobuf v1.36.6 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/cli-runtime v0.28.6 // indirect - k8s.io/component-base v0.28.6 // indirect - k8s.io/klog/v2 v2.100.1 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect - k8s.io/utils v0.0.0-20231127182322-b307cd553661 - sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + k8s.io/cli-runtime v0.33.2 // indirect + k8s.io/component-base v0.33.2 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff // indirect + k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 + sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect + sigs.k8s.io/kustomize/api v0.19.0 // indirect + sigs.k8s.io/kustomize/kyaml v0.19.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.6.0 // indirect ) diff --git a/go.sum b/go.sum index c084860636..198aac7958 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,7 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= -github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= -github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 h1:L/gRVlceqvL25UVaW/CKtUDjefjrs0SPonmDGUVOYP0= +github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= @@ -32,34 +30,28 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/bgentry/speakeasy v0.1.0 h1:ByYyxL9InA1OWqxJqqp2A5pYHUrCiAL6K3J+LKSsQkY= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= +github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/bufbuild/protocompile v0.4.0 h1:LbFKd2XowZvQ/kajzguUp2DC9UEIQhIq77fZZlaQsNA= github.com/bufbuild/protocompile v0.4.0/go.mod h1:3v93+mbWn/v3xzN+31nwkJfrEpAUwp+BagBSZWx+TP8= -github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudflare/circl v1.6.0 h1:cr5JKic4HI+LkINy2lg3W2jF8sHCVTBncJr5gIIq7qk= github.com/cloudflare/circl v1.6.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs= -github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s= github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ= -github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= -github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= -github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= @@ -70,6 +62,8 @@ github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/getkin/kin-openapi v0.111.0 h1:zspOcFKBCQOY8d9Yockcbit8iVR2hco9qLaoQoj7kmw= github.com/getkin/kin-openapi v0.111.0/go.mod h1:QtwUNt0PAAgIIBEvFWYfB7dfngxtAaqCX1zYHMZDeK8= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= @@ -80,61 +74,46 @@ github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UN github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU= github.com/go-git/go-git/v5 v5.14.0 h1:/MD3lCrGjCen5WfEAzKg00MJJffKhC8gzS80ycmCi60= github.com/go-git/go-git/v5 v5.14.0/go.mod h1:Z5Xhoia5PcWA3NF8vRLURn9E5FRhSl7dGj9ItW3Wk5k= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= -github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= -github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= -github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= -github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= -github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= -github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= -github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= +github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= +github.com/google/gnostic-models v0.6.9 h1:MU/8wDLif2qCXZmzncUQ/BOfxWfthHi63KqpoNbWqVw= +github.com/google/gnostic-models v0.6.9/go.mod h1:CiWsm0s6BSQd1hRn8/QmxqB6BesYcbSZxsz9b0KuDBw= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= -github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -142,7 +121,8 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5THxAzdVpqr6/geYxZytqFMBCOtn/ujyeo= +github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -235,6 +215,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/lithammer/dedent v1.1.0 h1:VNzHMVCBNG1j0fh3OrsFRkVUwStdDArbgBWoPAffktY= +github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= @@ -268,10 +250,10 @@ github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= -github.com/moby/term v0.0.0-20221205130635-1aeaba878587 h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA= -github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= +github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU= +github.com/moby/spdystream v0.5.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= +github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= +github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -283,28 +265,30 @@ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/oklog/run v1.1.0 h1:GEenZ1cK0+q0+wsJew9qUg/DyD8k3JzYsZAi5gYi2mA= github.com/oklog/run v1.1.0/go.mod h1:sVPdnTZT1zYwAJeCMu2Th4T21pA3FPOQRfWjQlk7DVU= -github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE= -github.com/onsi/ginkgo/v2 v2.9.4/go.mod h1:gCQYp2Q+kSoIj7ykSVb9nskRSsR6PUj4AiLywzIhbKM= -github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= -github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pjbgf/sha1cd v0.3.2 h1:a9wb0bp1oC2TGwStyn0Umc/IGKQnEgF0vVaZ8QF8eo4= github.com/pjbgf/sha1cd v0.3.2/go.mod h1:zQWigSxVmsHEZow5qaLtPYxpcKMMQpa09ixqBxuCS6A= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/posener/complete v1.2.3 h1:NP0eAhjcjImqslEwo/1hq7gpajME0fTLTezBKDqfXqo= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ= github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= +github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= +github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o= github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= @@ -319,14 +303,15 @@ github.com/skeema/knownhosts v1.3.1/go.mod h1:r7KTdC8l4uxWRyK2TpQZ/1o5HaSzh06ePQ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= -github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -337,8 +322,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= -github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= github.com/vmihailenco/msgpack v4.0.4+incompatible h1:dSLoQfGFAo3F6OoNhwUmLwVgaUXK79GlxNBwueZn0xI= github.com/vmihailenco/msgpack v4.0.4+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= @@ -346,6 +331,8 @@ github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IU github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g= github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= @@ -369,8 +356,8 @@ go.opentelemetry.io/otel/sdk/metric v1.34.0 h1:5CeK9ujjbFVL5c1PhLuStg1wxA7vQv7ce go.opentelemetry.io/otel/sdk/metric v1.34.0/go.mod h1:jQ/r8Ze28zRKoNRdkjCZxfs6YvBTG1+YIqyFVFYec5w= go.opentelemetry.io/otel/trace v1.34.0 h1:+ouXS2V8Rd4hp4580a8q23bg0azF2nI8cqLYnC8mh/k= go.opentelemetry.io/otel/trace v1.34.0/go.mod h1:Svm7lSjQD7kG7KJ/MUHPVXSDGz2OX4h0M2jHBhmSfRE= -go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= -go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -380,21 +367,13 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8= golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw= -golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819 h1:EDuYyU/MkFXllv9QF9819VlI9a4tzGuCbhG0ExK9o1U= -golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU= golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww= -golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -404,18 +383,15 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY= golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE= -golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.27.0 h1:da9Vo7/tDv5RH/7nZDz1eMGS/q1Vv1N/7FCrBhI9I3M= +golang.org/x/oauth2 v0.27.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ= golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -428,7 +404,6 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -437,7 +412,6 @@ golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= @@ -448,45 +422,26 @@ golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4= golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY= +golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= +golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= -google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a h1:51aaUVRocpvUOSQKM6Q7VuoaktNIaMCLuhZB6DKksq4= google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a/go.mod h1:uRxBH1mhmO8PGhU89cMcHaXKZqO+OfakD8QQO0oYwlQ= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.72.1 h1:HR03wO6eyZ7lknl75XlxABNVLLFc2PAb6mHlYh756mA= google.golang.org/grpc v1.72.1/go.mod h1:wH5Aktxcg25y1I3w7H69nHfXdOG3UiadoBtjh3izSDM= -google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= -google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= -google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= -google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= -google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= -google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= @@ -495,52 +450,55 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME= gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -k8s.io/api v0.28.6 h1:yy6u9CuIhmg55YvF/BavPBBXB+5QicB64njJXxVnzLo= -k8s.io/api v0.28.6/go.mod h1:AM6Ys6g9MY3dl/XNaNfg/GePI0FT7WBGu8efU/lirAo= -k8s.io/apiextensions-apiserver v0.28.6 h1:myB3iG/3v3jqCg28JDbOefu4sH2/erNEXgytRzJKBOo= -k8s.io/apiextensions-apiserver v0.28.6/go.mod h1:qlp6xRKBgyRhe5AYc81TQpLx4kLNK8/sGQUOwMkVjRk= -k8s.io/apimachinery v0.28.6 h1:RsTeR4z6S07srPg6XYrwXpTJVMXsjPXn0ODakMytSW0= -k8s.io/apimachinery v0.28.6/go.mod h1:QFNX/kCl/EMT2WTSz8k4WLCv2XnkOLMaL8GAVRMdpsA= -k8s.io/cli-runtime v0.28.6 h1:bDH2+ZbHBK3NORGmIygj/zWOkVd/hGWg9RqAa5c/Ev0= -k8s.io/cli-runtime v0.28.6/go.mod h1:KFk67rlb7Pxh15uLbYGBUlW7ZUcpl7IM1GnHtskrcWA= -k8s.io/client-go v0.28.6 h1:Gge6ziyIdafRchfoBKcpaARuz7jfrK1R1azuwORIsQI= -k8s.io/client-go v0.28.6/go.mod h1:+nu0Yp21Oeo/cBCsprNVXB2BfJTV51lFfe5tXl2rUL8= -k8s.io/component-base v0.28.6 h1:G4T8VrcQ7xZou3by/fY5NU5mfxOBlWaivS2lPrEltAo= -k8s.io/component-base v0.28.6/go.mod h1:Dg62OOG3ALu2P4nAG00UdsuHoNLQJ5VsUZKQlLDcS+E= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-aggregator v0.28.6 h1:opRVDw+inLPIyAqG9Fu3+EYWcmbTHOHJNrmuKoeuzQM= -k8s.io/kube-aggregator v0.28.6/go.mod h1:NXzqtkCuAfv/modgRbAkPdfUZF+koazCy8Qrs8L+WyE= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= -k8s.io/kubectl v0.28.6 h1:46O3gGJYlpqy7wtwYlggieemyIcuZqmflnQVDci3MgY= -k8s.io/kubectl v0.28.6/go.mod h1:FS5ugZhi3kywpMQSCnp8MN+gctdFHJACzC6mH3fZ6lc= +k8s.io/api v0.33.2 h1:YgwIS5jKfA+BZg//OQhkJNIfie/kmRsO0BmNaVSimvY= +k8s.io/api v0.33.2/go.mod h1:fhrbphQJSM2cXzCWgqU29xLDuks4mu7ti9vveEnpSXs= +k8s.io/apiextensions-apiserver v0.33.2 h1:6gnkIbngnaUflR3XwE1mCefN3YS8yTD631JXQhsU6M8= +k8s.io/apiextensions-apiserver v0.33.2/go.mod h1:IvVanieYsEHJImTKXGP6XCOjTwv2LUMos0YWc9O+QP8= +k8s.io/apimachinery v0.33.2 h1:IHFVhqg59mb8PJWTLi8m1mAoepkUNYmptHsV+Z1m5jY= +k8s.io/apimachinery v0.33.2/go.mod h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM= +k8s.io/cli-runtime v0.33.2 h1:koNYQKSDdq5AExa/RDudXMhhtFasEg48KLS2KSAU74Y= +k8s.io/cli-runtime v0.33.2/go.mod h1:gnhsAWpovqf1Zj5YRRBBU7PFsRc6NkEkwYNQE+mXL88= +k8s.io/client-go v0.33.2 h1:z8CIcc0P581x/J1ZYf4CNzRKxRvQAwoAolYPbtQes+E= +k8s.io/client-go v0.33.2/go.mod h1:9mCgT4wROvL948w6f6ArJNb7yQd7QsvqavDeZHvNmHo= +k8s.io/component-base v0.33.2 h1:sCCsn9s/dG3ZrQTX/Us0/Sx2R0G5kwa0wbZFYoVp/+0= +k8s.io/component-base v0.33.2/go.mod h1:/41uw9wKzuelhN+u+/C59ixxf4tYQKW7p32ddkYNe2k= +k8s.io/component-helpers v0.33.2 h1:AjCtYzst11NV8ensxV/2LEEXRwctqS7Bs44bje9Qcnw= +k8s.io/component-helpers v0.33.2/go.mod h1:PsPpiCk74n8pGWp1d6kjK/iSKBTyQfIacv02BNkMenU= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-aggregator v0.33.2 h1:eMW63PNucP+3UxnwYcfn5Yt2w2Sj2jI+imA7UWkYHVc= +k8s.io/kube-aggregator v0.33.2/go.mod h1:qQbliLwcdmx7/8mtvkc/9QV/ON2M6ZBMcffEUmrqKFw= +k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4= +k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff/go.mod h1:5jIi+8yX4RIb8wk3XwBo5Pq2ccx4FP10ohkbSKCZoK8= +k8s.io/kubectl v0.33.2 h1:7XKZ6DYCklu5MZQzJe+CkCjoGZwD1wWl7t/FxzhMz7Y= +k8s.io/kubectl v0.33.2/go.mod h1:8rC67FB8tVTYraovAGNi/idWIK90z2CHFNMmGJZJ3KI= k8s.io/kubernetes v1.28.6 h1:Nn2fXNjaqmKyXeFq6verbdqzlj1aqUpBcyeC1OhRFa4= k8s.io/kubernetes v1.28.6/go.mod h1:0qpyGJTR3blkbQOmZA3Z0u1VDZJNxJM8ifLUVNJN0X8= -k8s.io/utils v0.0.0-20231127182322-b307cd553661 h1:FepOBzJ0GXm8t0su67ln2wAZjbQ6RxQGZDnzuLcrUTI= -k8s.io/utils v0.0.0-20231127182322-b307cd553661/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= -sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= -sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM7vh3b7HvGNfXrJ/xL6BDMS0v1V/HHg5U= -sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= +k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8= +sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo= +sigs.k8s.io/kustomize/api v0.19.0 h1:F+2HB2mU1MSiR9Hp1NEgoU2q9ItNOaBJl0I4Dlus5SQ= +sigs.k8s.io/kustomize/api v0.19.0/go.mod h1:/BbwnivGVcBh1r+8m3tH1VNxJmHSk1PzP5fkP6lbL1o= +sigs.k8s.io/kustomize/kyaml v0.19.0 h1:RFge5qsO1uHhwJsu3ipV7RNolC7Uozc0jUBC/61XSlA= +sigs.k8s.io/kustomize/kyaml v0.19.0/go.mod h1:FeKD5jEOH+FbZPpqUghBP8mrLjJ3+zD3/rf9NNu1cwY= +sigs.k8s.io/randfill v0.0.0-20250304075658-069ef1bbf016/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU= +sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY= +sigs.k8s.io/structured-merge-diff/v4 v4.6.0 h1:IUA9nvMmnKWcj5jl84xn+T5MnlZKThmUW1TdblaLVAc= +sigs.k8s.io/structured-merge-diff/v4 v4.6.0/go.mod h1:dDy58f92j70zLsuZVuUX5Wp9vtxXpaZnkPGWeqDfCps= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/kubernetes/provider.go b/kubernetes/provider.go index f0018379df..bbe08e3642 100644 --- a/kubernetes/provider.go +++ b/kubernetes/provider.go @@ -330,10 +330,8 @@ func Provider() *schema.Provider { "kubernetes_network_policy_v1": resourceKubernetesNetworkPolicyV1(), // policy - "kubernetes_pod_disruption_budget": resourceKubernetesPodDisruptionBudget(), - "kubernetes_pod_disruption_budget_v1": resourceKubernetesPodDisruptionBudgetV1(), - "kubernetes_pod_security_policy": resourceKubernetesPodSecurityPolicyV1Beta1(), - "kubernetes_pod_security_policy_v1beta1": resourceKubernetesPodSecurityPolicyV1Beta1(), + "kubernetes_pod_disruption_budget": resourceKubernetesPodDisruptionBudget(), + "kubernetes_pod_disruption_budget_v1": resourceKubernetesPodDisruptionBudgetV1(), // scheduling "kubernetes_priority_class": resourceKubernetesPriorityClassV1(), diff --git a/kubernetes/resource_kubernetes_pod_security_policy_v1beta1.go b/kubernetes/resource_kubernetes_pod_security_policy_v1beta1.go deleted file mode 100644 index da8b3696b7..0000000000 --- a/kubernetes/resource_kubernetes_pod_security_policy_v1beta1.go +++ /dev/null @@ -1,523 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: MPL-2.0 - -package kubernetes - -import ( - "context" - "log" - - "github.com/hashicorp/terraform-plugin-sdk/v2/diag" - - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - policy "k8s.io/api/policy/v1beta1" - "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - pkgApi "k8s.io/apimachinery/pkg/types" -) - -// Use generated swagger docs from kubernetes' client-go to avoid copy/pasting them here -var ( - pspSpecDoc = policy.PodSecurityPolicy{}.SwaggerDoc()["spec"] - pspSpecAllowPrivilegeEscalationDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["allowPrivilegeEscalation"] - pspSpecAllowedCapabilitiesDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["allowedCapabilities"] - pspSpecAllowedFlexVolumesDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["allowedFlexVolumes"] - pspAllowedFlexVolumesDriverDoc = policy.AllowedFlexVolume{}.SwaggerDoc()["driver"] - pspSpecAllowedHostPathsDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["allowedHostPaths"] - pspAllowedHostPathsPathPrefixDoc = policy.AllowedHostPath{}.SwaggerDoc()["pathPrefix"] - pspAllowedHostPathsReadOnlyDoc = policy.AllowedHostPath{}.SwaggerDoc()["readOnly"] - pspSpecAllowedProcMountTypesDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["allowedProcMountTypes"] - pspSpecAllowedUnsafeSysctlsDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["allowedUnsafeSysctls"] - pspSpecDefaultAddCapabilitiesDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["defaultAddCapabilities"] - pspSpecDefaultAllowPrivilegeEscalationDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["defaultAllowPrivilegeEscalation"] - pspSpecForbiddenSysctlsDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["forbiddenSysctls"] - pspSpecFSGroupDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["fsGroup"] - pspFSGroupIDRangeDoc = policy.FSGroupStrategyOptions{}.SwaggerDoc()["ranges"] - pspIDRangeMinDoc = policy.IDRange{}.SwaggerDoc()["min"] - pspIDRangeMaxDoc = policy.IDRange{}.SwaggerDoc()["max"] - pspFSGroupRuleDoc = policy.FSGroupStrategyOptions{}.SwaggerDoc()["rule"] - pspSpecHostIPCDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["hostIPC"] - pspSpecHostNetworkDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["hostNetwork"] - pspSpecHostPIDDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["hostPID"] - pspSpecHostPortsDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["hostPorts"] - pspHostPortRangeMinDoc = policy.HostPortRange{}.SwaggerDoc()["min"] - pspHostPortRangeMaxDoc = policy.HostPortRange{}.SwaggerDoc()["max"] - pspSpecPrivilegedDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["privileged"] - pspSpecReadOnlyRootFilesystemDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["readOnlyRootFilesystem"] - pspSpecRequiredDropCapabilitiesDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["requiredDropCapabilities"] - pspSpecRunAsUserDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["runAsUser"] - pspRunAsUserIDRangeDoc = policy.RunAsUserStrategyOptions{}.SwaggerDoc()["ranges"] - pspRunAsUserRuleDoc = policy.RunAsUserStrategyOptions{}.SwaggerDoc()["rule"] - pspSpecSELinuxDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["seLinux"] - pspSELinuxOptionsDoc = policy.SELinuxStrategyOptions{}.SwaggerDoc()["seLinuxOptions"] - pspSELinuxOptionsLevelDoc = policy.SELinuxStrategyOptions{}.SwaggerDoc()["level"] - pspSELinuxOptionsRoleDoc = policy.SELinuxStrategyOptions{}.SwaggerDoc()["role"] - pspSELinuxOptionsTypeDoc = policy.SELinuxStrategyOptions{}.SwaggerDoc()["type"] - pspSELinuxOptionsUserDoc = policy.SELinuxStrategyOptions{}.SwaggerDoc()["user"] - pspSELinuxOptionsRuleDoc = policy.SELinuxStrategyOptions{}.SwaggerDoc()["rule"] - pspSpecSupplementalGroupsDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["supplementalGroups"] - pspSupplementalGroupsRangesDoc = policy.SupplementalGroupsStrategyOptions{}.SwaggerDoc()["ranges"] - pspSupplementalGroupsRuleDoc = policy.SupplementalGroupsStrategyOptions{}.SwaggerDoc()["rule"] - pspSpecVolumesDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["volumes"] - pspSpecRunAsGroupDoc = policy.PodSecurityPolicySpec{}.SwaggerDoc()["runAsGroup"] - pspRunAsGroupIDRangeDoc = policy.RunAsGroupStrategyOptions{}.SwaggerDoc()["ranges"] - pspRunAsGroupRuleDoc = policy.RunAsGroupStrategyOptions{}.SwaggerDoc()["rule"] -) - -func resourceKubernetesPodSecurityPolicyV1Beta1() *schema.Resource { - return &schema.Resource{ - DeprecationMessage: `"PodSecurityPolicy" was deprecated in Kubernetes v1.21.0; Starting from version 1.21.0 Kubernetes has deprecated PodSecurityPolicy and has been removed entirely in v1.25.0`, - Description: "A Pod Security Policy is a cluster-level resource that controls security sensitive aspects of the pod specification. The PodSecurityPolicy objects define a set of conditions that a pod must run with in order to be accepted into the system, as well as defaults for the related fields.", - CreateContext: resourceKubernetesPodSecurityPolicyV1Beta1Create, - ReadContext: resourceKubernetesPodSecurityPolicyV1Beta1Read, - UpdateContext: resourceKubernetesPodSecurityPolicyV1Beta1Update, - DeleteContext: resourceKubernetesPodSecurityPolicyV1Beta1Delete, - Importer: &schema.ResourceImporter{ - StateContext: schema.ImportStatePassthroughContext, - }, - - Schema: map[string]*schema.Schema{ - "metadata": metadataSchema("podsecuritypolicy", false), - "spec": { - Type: schema.TypeList, - Description: pspSpecDoc, - Required: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "allow_privilege_escalation": { - Type: schema.TypeBool, - Description: pspSpecAllowPrivilegeEscalationDoc, - Optional: true, - Computed: true, - }, - "allowed_capabilities": { - Type: schema.TypeList, - Description: pspSpecAllowedCapabilitiesDoc, - Optional: true, - Computed: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, - "allowed_flex_volumes": { - Type: schema.TypeList, - Description: pspSpecAllowedFlexVolumesDoc, - Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "driver": { - Type: schema.TypeString, - Description: pspAllowedFlexVolumesDriverDoc, - Required: true, - }, - }, - }, - }, - "allowed_host_paths": { - Type: schema.TypeList, - Description: pspSpecAllowedHostPathsDoc, - Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "path_prefix": { - Type: schema.TypeString, - Description: pspAllowedHostPathsPathPrefixDoc, - Required: true, - }, - "read_only": { - Type: schema.TypeBool, - Description: pspAllowedHostPathsReadOnlyDoc, - Optional: true, - }, - }, - }, - }, - "allowed_proc_mount_types": { - Type: schema.TypeList, - Description: pspSpecAllowedProcMountTypesDoc, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, - "allowed_unsafe_sysctls": { - Type: schema.TypeList, - Description: pspSpecAllowedUnsafeSysctlsDoc, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, - "default_add_capabilities": { - Type: schema.TypeList, - Description: pspSpecDefaultAddCapabilitiesDoc, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, - "default_allow_privilege_escalation": { - Type: schema.TypeBool, - Description: pspSpecDefaultAllowPrivilegeEscalationDoc, - Optional: true, - Computed: true, - }, - "forbidden_sysctls": { - Type: schema.TypeList, - Description: pspSpecForbiddenSysctlsDoc, - Optional: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, - "fs_group": { - Type: schema.TypeList, - Description: pspSpecFSGroupDoc, - Required: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "range": { - Type: schema.TypeList, - Description: pspFSGroupIDRangeDoc, - Optional: true, - Computed: true, - Elem: &schema.Resource{ - Schema: idRangeSchema(), - }, - }, - "rule": { - Type: schema.TypeString, - Description: pspFSGroupRuleDoc, - Required: true, - }, - }, - }, - }, - "host_ipc": { - Type: schema.TypeBool, - Description: pspSpecHostIPCDoc, - Optional: true, - Computed: true, - }, - "host_network": { - Type: schema.TypeBool, - Description: pspSpecHostNetworkDoc, - Optional: true, - Computed: true, - }, - "host_pid": { - Type: schema.TypeBool, - Description: pspSpecHostPIDDoc, - Optional: true, - Computed: true, - }, - "host_ports": { - Type: schema.TypeList, - Description: pspSpecHostPortsDoc, - Optional: true, - Computed: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "min": { - Type: schema.TypeInt, - Description: pspHostPortRangeMinDoc, - Required: true, - }, - "max": { - Type: schema.TypeInt, - Description: pspHostPortRangeMaxDoc, - Required: true, - }, - }, - }, - }, - "privileged": { - Type: schema.TypeBool, - Description: pspSpecPrivilegedDoc, - Optional: true, - Computed: true, - }, - "read_only_root_filesystem": { - Type: schema.TypeBool, - Description: pspSpecReadOnlyRootFilesystemDoc, - Optional: true, - Computed: true, - }, - "required_drop_capabilities": { - Type: schema.TypeList, - Description: pspSpecRequiredDropCapabilitiesDoc, - Optional: true, - Computed: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, - "run_as_user": { - Type: schema.TypeList, - Description: pspSpecRunAsUserDoc, - Required: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "range": { - Type: schema.TypeList, - Description: pspRunAsUserIDRangeDoc, - Optional: true, - Elem: &schema.Resource{ - Schema: idRangeSchema(), - }, - }, - "rule": { - Type: schema.TypeString, - Description: pspRunAsUserRuleDoc, - Required: true, - }, - }, - }, - }, - "run_as_group": { - Type: schema.TypeList, - Description: pspSpecRunAsGroupDoc, - Optional: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "range": { - Type: schema.TypeList, - Description: pspRunAsGroupIDRangeDoc, - Optional: true, - Elem: &schema.Resource{ - Schema: idRangeSchema(), - }, - }, - "rule": { - Type: schema.TypeString, - Description: pspRunAsGroupRuleDoc, - Required: true, - }, - }, - }, - }, - "se_linux": { - Type: schema.TypeList, - Description: pspSpecSELinuxDoc, - Optional: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "se_linux_options": { - Type: schema.TypeList, - Description: pspSELinuxOptionsDoc, - Optional: true, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "level": { - Type: schema.TypeString, - Description: pspSELinuxOptionsLevelDoc, - Required: true, - }, - "role": { - Type: schema.TypeString, - Description: pspSELinuxOptionsRoleDoc, - Required: true, - }, - "type": { - Type: schema.TypeString, - Description: pspSELinuxOptionsTypeDoc, - Required: true, - }, - "user": { - Type: schema.TypeString, - Description: pspSELinuxOptionsUserDoc, - Required: true, - }, - }, - }, - }, - "rule": { - Type: schema.TypeString, - Description: pspSELinuxOptionsRuleDoc, - Required: true, - }, - }, - }, - }, - "supplemental_groups": { - Type: schema.TypeList, - Description: pspSpecSupplementalGroupsDoc, - Required: true, - MaxItems: 1, - Elem: &schema.Resource{ - Schema: map[string]*schema.Schema{ - "range": { - Type: schema.TypeList, - Description: pspSupplementalGroupsRangesDoc, - Optional: true, - Elem: &schema.Resource{ - Schema: idRangeSchema(), - }, - }, - "rule": { - Type: schema.TypeString, - Description: pspSupplementalGroupsRuleDoc, - Required: true, - }, - }, - }, - }, - "volumes": { - Type: schema.TypeList, - Description: pspSpecVolumesDoc, - Optional: true, - Computed: true, - Elem: &schema.Schema{Type: schema.TypeString}, - }, - }, - }, - }, - }, - } -} - -func resourceKubernetesPodSecurityPolicyV1Beta1Create(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { - conn, err := meta.(KubeClientsets).MainClientset() - if err != nil { - return diag.FromErr(err) - } - - metadata := expandMetadata(d.Get("metadata").([]interface{})) - spec, err := expandPodSecurityPolicySpec(d.Get("spec").([]interface{})) - - if err != nil { - return diag.FromErr(err) - } - - psp := &policy.PodSecurityPolicy{ - ObjectMeta: metadata, - Spec: spec, - } - - log.Printf("[INFO] Creating new PodSecurityPolicy: %#v", psp) - out, err := conn.PolicyV1beta1().PodSecurityPolicies().Create(ctx, psp, metav1.CreateOptions{}) - - if err != nil { - return diag.FromErr(err) - } - log.Printf("[INFO] Submitted new PodSecurityPolicy: %#v", out) - d.SetId(out.Name) - - return resourceKubernetesPodSecurityPolicyV1Beta1Read(ctx, d, meta) -} - -func resourceKubernetesPodSecurityPolicyV1Beta1Read(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { - exists, err := resourceKubernetesPodSecurityPolicyV1Beta1Exists(ctx, d, meta) - if err != nil { - return diag.FromErr(err) - } - if !exists { - d.SetId("") - return diag.Diagnostics{} - } - conn, err := meta.(KubeClientsets).MainClientset() - if err != nil { - return diag.FromErr(err) - } - - name := d.Id() - - log.Printf("[INFO] Reading PodSecurityPolicy %s", name) - psp, err := conn.PolicyV1beta1().PodSecurityPolicies().Get(ctx, name, metav1.GetOptions{}) - if err != nil { - log.Printf("[DEBUG] Received error: %#v", err) - return diag.FromErr(err) - } - - log.Printf("[INFO] Received PodSecurityPolicy: %#v", psp) - err = d.Set("metadata", flattenMetadata(psp.ObjectMeta, d, meta)) - if err != nil { - return diag.FromErr(err) - } - - flattenedSpec := flattenPodSecurityPolicySpec(psp.Spec) - log.Printf("[DEBUG] Flattened PodSecurityPolicy roleRef: %#v", flattenedSpec) - err = d.Set("spec", flattenedSpec) - if err != nil { - return diag.FromErr(err) - } - - return nil -} - -func resourceKubernetesPodSecurityPolicyV1Beta1Update(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { - conn, err := meta.(KubeClientsets).MainClientset() - if err != nil { - return diag.FromErr(err) - } - - name := d.Id() - - ops := patchMetadata("metadata.0.", "/metadata/", d) - - if d.HasChange("spec") { - diffOps := patchPodSecurityPolicySpec("spec.0.", "/spec", d) - ops = append(ops, *diffOps...) - } - data, err := ops.MarshalJSON() - if err != nil { - return diag.Errorf("Failed to marshal update operations: %s", err) - } - log.Printf("[INFO] Updating PodSecurityPolicy %q: %v", name, string(data)) - out, err := conn.PolicyV1beta1().PodSecurityPolicies().Patch(ctx, name, pkgApi.JSONPatchType, data, metav1.PatchOptions{}) - if err != nil { - return diag.Errorf("Failed to update PodSecurityPolicy: %s", err) - } - log.Printf("[INFO] Submitted updated PodSecurityPolicy: %#v", out) - d.SetId(out.Name) - - return resourceKubernetesPodSecurityPolicyV1Beta1Read(ctx, d, meta) -} - -func resourceKubernetesPodSecurityPolicyV1Beta1Delete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { - conn, err := meta.(KubeClientsets).MainClientset() - if err != nil { - return diag.FromErr(err) - } - - name := d.Id() - - log.Printf("[INFO] Deleting PodSecurityPolicy: %#v", name) - err = conn.PolicyV1beta1().PodSecurityPolicies().Delete(ctx, name, metav1.DeleteOptions{}) - if err != nil { - if statusErr, ok := err.(*errors.StatusError); ok && errors.IsNotFound(statusErr) { - return nil - } - return diag.FromErr(err) - } - log.Printf("[INFO] PodSecurityPolicy %s deleted", name) - - return nil -} - -func resourceKubernetesPodSecurityPolicyV1Beta1Exists(ctx context.Context, d *schema.ResourceData, meta interface{}) (bool, error) { - conn, err := meta.(KubeClientsets).MainClientset() - if err != nil { - return false, err - } - - name := d.Id() - - log.Printf("[INFO] Checking PodSecurityPolicy %s", name) - _, err = conn.PolicyV1beta1().PodSecurityPolicies().Get(ctx, name, metav1.GetOptions{}) - if err != nil { - if statusErr, ok := err.(*errors.StatusError); ok && errors.IsNotFound(statusErr) { - return false, nil - } - log.Printf("[DEBUG] Received error: %#v", err) - } - return true, err -} - -func idRangeSchema() map[string]*schema.Schema { - return map[string]*schema.Schema{ - "min": { - Type: schema.TypeInt, - Description: pspIDRangeMinDoc, - Required: true, - }, - "max": { - Type: schema.TypeInt, - Description: pspIDRangeMaxDoc, - Required: true, - }, - } -} diff --git a/kubernetes/resource_kubernetes_pod_security_policy_v1beta1_test.go b/kubernetes/resource_kubernetes_pod_security_policy_v1beta1_test.go deleted file mode 100644 index b22a1ffcbb..0000000000 --- a/kubernetes/resource_kubernetes_pod_security_policy_v1beta1_test.go +++ /dev/null @@ -1,395 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: MPL-2.0 - -package kubernetes - -import ( - "context" - "fmt" - "testing" - - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" - "github.com/hashicorp/terraform-plugin-testing/helper/resource" - "github.com/hashicorp/terraform-plugin-testing/terraform" - policy "k8s.io/api/policy/v1beta1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -func TestAccKubernetesPodSecurityPolicyV1Beta1_basic(t *testing.T) { - var conf policy.PodSecurityPolicy - name := fmt.Sprintf("tf-acc-test-%s", acctest.RandString(10)) - resourceName := "kubernetes_pod_security_policy_v1beta1.test" - - resource.ParallelTest(t, resource.TestCase{ - PreCheck: func() { - testAccPreCheck(t) - skipIfClusterVersionGreaterThanOrEqual(t, "1.25.0") - }, - - ProviderFactories: testAccProviderFactories, - CheckDestroy: testAccCheckKubernetesPodSecurityPolicyV1Beta1Destroy, - Steps: []resource.TestStep{ - { - Config: testAccKubernetesPodSecurityPolicyV1Beta1Config_basic(name), - Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckKubernetesPodSecurityPolicyV1Beta1Exists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "metadata.0.annotations.%", "1"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.annotations.TestAnnotationOne", "one"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.%", "3"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.TestLabelOne", "one"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.TestLabelThree", "three"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.TestLabelFour", "four"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.name", name), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.generation"), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.resource_version"), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.uid"), - resource.TestCheckResourceAttr(resourceName, "spec.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.privileged", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allow_privilege_escalation", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.host_ipc", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.host_network", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.#", "6"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.0", "configMap"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.1", "emptyDir"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.2", "projected"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.3", "secret"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.4", "downwardAPI"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.5", "persistentVolumeClaim"), - resource.TestCheckResourceAttr(resourceName, "spec.0.run_as_user.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.run_as_user.0.rule", "MustRunAsNonRoot"), - resource.TestCheckResourceAttr(resourceName, "spec.0.se_linux.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.se_linux.0.rule", "RunAsAny"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.rule", "MustRunAs"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.range.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.range.0.min", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.range.0.max", "65535"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.rule", "MustRunAs"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.range.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.range.0.min", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.range.0.max", "65535"), - resource.TestCheckResourceAttr(resourceName, "spec.0.read_only_root_filesystem", "true"), - ), - }, - { - ResourceName: resourceName, - ImportState: true, - ImportStateVerify: true, - ImportStateVerifyIgnore: []string{"metadata.0.resource_version"}, - }, - { - Config: testAccKubernetesPodSecurityPolicyV1Beta1Config_metaModified(name), - Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckKubernetesPodSecurityPolicyV1Beta1Exists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "metadata.0.annotations.%", "2"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.annotations.TestAnnotationOne", "one"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.annotations.TestAnnotationTwo", "two"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.%", "3"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.TestLabelOne", "one"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.TestLabelTwo", "two"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.TestLabelThree", "three"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.name", name), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.generation"), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.resource_version"), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.uid"), - resource.TestCheckResourceAttr(resourceName, "spec.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.privileged", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allow_privilege_escalation", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.host_ipc", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.host_network", "false"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.#", "6"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.0", "configMap"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.1", "emptyDir"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.2", "projected"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.3", "secret"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.4", "downwardAPI"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.5", "persistentVolumeClaim"), - resource.TestCheckResourceAttr(resourceName, "spec.0.run_as_user.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.run_as_user.0.rule", "MustRunAsNonRoot"), - resource.TestCheckResourceAttr(resourceName, "spec.0.se_linux.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.se_linux.0.rule", "RunAsAny"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.rule", "MustRunAs"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.range.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.range.0.min", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.range.0.max", "65535"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.rule", "MustRunAs"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.range.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.range.0.min", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.range.0.max", "65535"), - resource.TestCheckResourceAttr(resourceName, "spec.0.read_only_root_filesystem", "true"), - ), - }, - { - Config: testAccKubernetesPodSecurityPolicyV1Beta1Config_specModified(name), - Check: resource.ComposeAggregateTestCheckFunc( - testAccCheckKubernetesPodSecurityPolicyV1Beta1Exists(resourceName, &conf), - resource.TestCheckResourceAttr(resourceName, "metadata.0.annotations.%", "0"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.labels.%", "0"), - resource.TestCheckResourceAttr(resourceName, "metadata.0.name", name), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.generation"), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.resource_version"), - resource.TestCheckResourceAttrSet(resourceName, "metadata.0.uid"), - resource.TestCheckResourceAttr(resourceName, "spec.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.privileged", "true"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allow_privilege_escalation", "true"), - resource.TestCheckResourceAttr(resourceName, "spec.0.default_allow_privilege_escalation", "true"), - resource.TestCheckResourceAttr(resourceName, "spec.0.host_ipc", "true"), - resource.TestCheckResourceAttr(resourceName, "spec.0.host_network", "true"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allowed_host_paths.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allowed_host_paths.0.path_prefix", "/"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allowed_host_paths.0.read_only", "true"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allowed_unsafe_sysctls.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.allowed_unsafe_sysctls.0", "kernel.msg*"), - resource.TestCheckResourceAttr(resourceName, "spec.0.forbidden_sysctls.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.forbidden_sysctls.0", "kernel.shm_rmid_forced"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.#", "6"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.0", "configMap"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.1", "emptyDir"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.2", "projected"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.3", "secret"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.4", "downwardAPI"), - resource.TestCheckResourceAttr(resourceName, "spec.0.volumes.5", "persistentVolumeClaim"), - resource.TestCheckResourceAttr(resourceName, "spec.0.run_as_user.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.run_as_user.0.rule", "MustRunAsNonRoot"), - resource.TestCheckResourceAttr(resourceName, "spec.0.se_linux.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.se_linux.0.rule", "RunAsAny"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.supplemental_groups.0.rule", "RunAsAny"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.#", "1"), - resource.TestCheckResourceAttr(resourceName, "spec.0.fs_group.0.rule", "RunAsAny"), - resource.TestCheckResourceAttr(resourceName, "spec.0.read_only_root_filesystem", "true"), - ), - }, - }, - }) -} - -func testAccCheckKubernetesPodSecurityPolicyV1Beta1Destroy(s *terraform.State) error { - conn, err := testAccProvider.Meta().(KubeClientsets).MainClientset() - - if err != nil { - return err - } - ctx := context.TODO() - - for _, rs := range s.RootModule().Resources { - if rs.Type != "kubernetes_pod_security_policy_v1beta1" { - continue - } - - name := rs.Primary.ID - - resp, err := conn.PolicyV1beta1().PodSecurityPolicies().Get(ctx, name, metav1.GetOptions{}) - if err == nil { - if resp.Name == name { - return fmt.Errorf("Pod Security Policy still exists: %s", rs.Primary.ID) - } - } - } - - return nil -} - -func testAccCheckKubernetesPodSecurityPolicyV1Beta1Exists(n string, obj *policy.PodSecurityPolicy) resource.TestCheckFunc { - return func(s *terraform.State) error { - rs, ok := s.RootModule().Resources[n] - if !ok { - return fmt.Errorf("Not found: %s", n) - } - - conn, err := testAccProvider.Meta().(KubeClientsets).MainClientset() - if err != nil { - return err - } - ctx := context.TODO() - - name := rs.Primary.ID - - out, err := conn.PolicyV1beta1().PodSecurityPolicies().Get(ctx, name, metav1.GetOptions{}) - if err != nil { - return err - } - - *obj = *out - return nil - } -} - -func testAccKubernetesPodSecurityPolicyV1Beta1Config_basic(name string) string { - return fmt.Sprintf(`resource "kubernetes_pod_security_policy_v1beta1" "test" { - metadata { - name = "%s" - - annotations = { - TestAnnotationOne = "one" - } - - labels = { - TestLabelOne = "one" - TestLabelThree = "three" - TestLabelFour = "four" - } - } - - spec { - volumes = [ - "configMap", - "emptyDir", - "projected", - "secret", - "downwardAPI", - "persistentVolumeClaim", - ] - - run_as_user { - rule = "MustRunAsNonRoot" - } - - se_linux { - rule = "RunAsAny" - } - - supplemental_groups { - rule = "MustRunAs" - range { - min = 1 - max = 65535 - } - } - - fs_group { - rule = "MustRunAs" - range { - min = 1 - max = 65535 - } - } - - host_ports { - min = 0 - max = 65535 - } - - read_only_root_filesystem = true - } -} -`, name) -} - -func testAccKubernetesPodSecurityPolicyV1Beta1Config_metaModified(name string) string { - return fmt.Sprintf(`resource "kubernetes_pod_security_policy_v1beta1" "test" { - metadata { - name = "%s" - - annotations = { - TestAnnotationOne = "one" - TestAnnotationTwo = "two" - } - - labels = { - TestLabelOne = "one" - TestLabelTwo = "two" - TestLabelThree = "three" - } - } - - spec { - volumes = [ - "configMap", - "emptyDir", - "projected", - "secret", - "downwardAPI", - "persistentVolumeClaim", - ] - - run_as_user { - rule = "MustRunAsNonRoot" - } - - se_linux { - rule = "RunAsAny" - } - - supplemental_groups { - rule = "MustRunAs" - range { - min = 1 - max = 65535 - } - } - - fs_group { - rule = "MustRunAs" - range { - min = 1 - max = 65535 - } - } - - read_only_root_filesystem = true - } -} -`, name) -} - -func testAccKubernetesPodSecurityPolicyV1Beta1Config_specModified(name string) string { - return fmt.Sprintf(`resource "kubernetes_pod_security_policy_v1beta1" "test" { - metadata { - name = "%s" - } - - spec { - privileged = true - allow_privilege_escalation = true - default_allow_privilege_escalation = true - host_ipc = true - host_network = true - host_pid = true - - volumes = [ - "configMap", - "emptyDir", - "projected", - "secret", - "downwardAPI", - "persistentVolumeClaim", - ] - - allowed_host_paths { - path_prefix = "/" - read_only = true - } - - allowed_unsafe_sysctls = [ - "kernel.msg*" - ] - - forbidden_sysctls = [ - "kernel.shm_rmid_forced" - ] - - run_as_user { - rule = "MustRunAsNonRoot" - } - - se_linux { - rule = "RunAsAny" - } - - supplemental_groups { - rule = "RunAsAny" - } - - fs_group { - rule = "RunAsAny" - } - - read_only_root_filesystem = true - } -} -`, name) -} diff --git a/kubernetes/structure_persistent_volume_claim.go b/kubernetes/structure_persistent_volume_claim.go index 15c0d916fa..41210552e4 100644 --- a/kubernetes/structure_persistent_volume_claim.go +++ b/kubernetes/structure_persistent_volume_claim.go @@ -32,7 +32,7 @@ func flattenPersistentVolumeClaimSpec(in corev1.PersistentVolumeClaimSpec) []int return []interface{}{att} } -func flattenResourceRequirements(in corev1.ResourceRequirements) []interface{} { +func flattenResourceRequirements(in corev1.VolumeResourceRequirements) []interface{} { att := make(map[string]interface{}) if len(in.Limits) > 0 { att["limits"] = flattenResourceList(in.Limits) @@ -94,8 +94,8 @@ func expandPersistentVolumeClaimSpec(l []interface{}) (*corev1.PersistentVolumeC return obj, nil } -func expandResourceRequirements(l []interface{}) (*corev1.ResourceRequirements, error) { - obj := &corev1.ResourceRequirements{} +func expandResourceRequirements(l []interface{}) (*corev1.VolumeResourceRequirements, error) { + obj := &corev1.VolumeResourceRequirements{} if len(l) == 0 || l[0] == nil { return obj, nil } diff --git a/kubernetes/structure_pod_security_policy_spec.go b/kubernetes/structure_pod_security_policy_spec.go deleted file mode 100644 index d9c70bafca..0000000000 --- a/kubernetes/structure_pod_security_policy_spec.go +++ /dev/null @@ -1,664 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: MPL-2.0 - -package kubernetes - -import ( - "fmt" - - "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" - - v1 "k8s.io/api/core/v1" - v1beta1 "k8s.io/api/policy/v1beta1" - "k8s.io/utils/ptr" -) - -func flattenPodSecurityPolicySpec(in v1beta1.PodSecurityPolicySpec) []interface{} { - spec := make(map[string]interface{}) - - if in.AllowPrivilegeEscalation != nil { - spec["allow_privilege_escalation"] = in.AllowPrivilegeEscalation - } - - if len(in.AllowedCapabilities) > 0 { - spec["allowed_capabilities"] = flattenCapability(in.AllowedCapabilities) - } - - if len(in.AllowedFlexVolumes) > 0 { - spec["allowed_flex_volumes"] = flattenAllowedFlexVolumes(in.AllowedFlexVolumes) - } - - if len(in.AllowedHostPaths) > 0 { - spec["allowed_host_paths"] = flattenAllowedHostPaths(in.AllowedHostPaths) - } - - if len(in.AllowedProcMountTypes) > 0 { - spec["allowed_proc_mount_types"] = flattenAllowedProcMountTypes(in.AllowedProcMountTypes) - } - - if len(in.AllowedUnsafeSysctls) > 0 { - spec["allowed_unsafe_sysctls"] = flattenListOfStrings(in.AllowedUnsafeSysctls) - } - - if len(in.DefaultAddCapabilities) > 0 { - spec["default_add_capabilities"] = flattenCapability(in.DefaultAddCapabilities) - } - - if in.DefaultAllowPrivilegeEscalation != nil { - spec["default_allow_privilege_escalation"] = in.DefaultAllowPrivilegeEscalation - } - - if len(in.ForbiddenSysctls) > 0 { - spec["forbidden_sysctls"] = flattenListOfStrings(in.ForbiddenSysctls) - } - - spec["fs_group"] = flattenFSGroup(in.FSGroup) - spec["host_ipc"] = in.HostIPC - spec["host_network"] = in.HostNetwork - spec["host_pid"] = in.HostPID - - if len(in.HostPorts) > 0 { - spec["host_ports"] = flattenHostPortRangeSlice(in.HostPorts) - } - - spec["privileged"] = in.Privileged - spec["read_only_root_filesystem"] = in.ReadOnlyRootFilesystem - - if len(in.RequiredDropCapabilities) > 0 { - spec["required_drop_capabilities"] = flattenCapability(in.RequiredDropCapabilities) - } - - spec["run_as_user"] = flattenRunAsUser(in.RunAsUser) - - if in.RunAsGroup != nil { - spec["run_as_group"] = flattenRunAsGroup(*in.RunAsGroup) - } - - spec["se_linux"] = flattenSELinuxStrategy(in.SELinux) - spec["supplemental_groups"] = flattenSupplementalGroups(in.SupplementalGroups) - spec["volumes"] = flattenFSTypes(in.Volumes) - - return []interface{}{spec} -} - -func flattenAllowedFlexVolumes(in []v1beta1.AllowedFlexVolume) []interface{} { - result := make([]interface{}, len(in)) - - for k, v := range in { - result[k] = map[string]interface{}{ - "driver": v.Driver, - } - } - - return result -} - -func flattenAllowedHostPaths(in []v1beta1.AllowedHostPath) []interface{} { - result := make([]interface{}, len(in)) - - for k, v := range in { - result[k] = map[string]interface{}{ - "path_prefix": v.PathPrefix, - "read_only": v.ReadOnly, - } - } - - return result -} - -func flattenListOfStrings(in []string) []interface{} { - result := make([]interface{}, len(in)) - - for k, v := range in { - result[k] = v - } - - return result -} - -func flattenAllowedProcMountTypes(in []v1.ProcMountType) []interface{} { - result := make([]interface{}, len(in)) - - for k, v := range in { - result[k] = fmt.Sprintf("%v", v) - } - - return result -} - -func flattenFSGroup(in v1beta1.FSGroupStrategyOptions) []interface{} { - result := map[string]interface{}{ - "rule": in.Rule, - "range": flattenIDRangeSlice(in.Ranges), - } - - return []interface{}{result} -} - -func flattenIDRangeSlice(in []v1beta1.IDRange) []interface{} { - result := make([]interface{}, len(in)) - - for k, v := range in { - result[k] = map[string]interface{}{ - "min": int(v.Min), - "max": int(v.Max), - } - } - - return result -} - -func flattenHostPortRangeSlice(in []v1beta1.HostPortRange) []interface{} { - result := make([]interface{}, len(in)) - - for k, v := range in { - result[k] = map[string]interface{}{ - "min": int(v.Min), - "max": int(v.Max), - } - } - - return result -} - -func flattenRunAsUser(in v1beta1.RunAsUserStrategyOptions) []interface{} { - result := map[string]interface{}{ - "rule": fmt.Sprintf("%v", in.Rule), - "range": flattenIDRangeSlice(in.Ranges), - } - - return []interface{}{result} -} - -func flattenRunAsGroup(in v1beta1.RunAsGroupStrategyOptions) []interface{} { - result := map[string]interface{}{ - "rule": fmt.Sprintf("%v", in.Rule), - "range": flattenIDRangeSlice(in.Ranges), - } - - return []interface{}{result} -} - -func flattenSELinuxStrategy(in v1beta1.SELinuxStrategyOptions) []interface{} { - result := map[string]interface{}{ - "rule": fmt.Sprintf("%v", in.Rule), - } - - if in.SELinuxOptions != nil { - result["se_linux_options"] = flattenSeLinuxOptions(in.SELinuxOptions) - } - - return []interface{}{result} -} - -func flattenSupplementalGroups(in v1beta1.SupplementalGroupsStrategyOptions) []interface{} { - result := map[string]interface{}{ - "rule": fmt.Sprintf("%v", in.Rule), - "range": flattenIDRangeSlice(in.Ranges), - } - - return []interface{}{result} -} - -func flattenFSTypes(in []v1beta1.FSType) []interface{} { - result := make([]interface{}, len(in)) - - for k, v := range in { - result[k] = fmt.Sprintf("%v", v) - } - - return result -} - -func expandPodSecurityPolicySpec(in []interface{}) (v1beta1.PodSecurityPolicySpec, error) { - spec := v1beta1.PodSecurityPolicySpec{} - if len(in) == 0 || in[0] == nil { - return spec, fmt.Errorf("failed to expand PodSecurityPolicy.Spec: null or empty input") - } - - m, ok := in[0].(map[string]interface{}) - if !ok { - return spec, fmt.Errorf("failed to expand PodSecurityPolicy.Spec: malformed input") - } - - if v, ok := m["allow_privilege_escalation"].(bool); ok { - spec.AllowPrivilegeEscalation = ptr.To(v) - } - - if v, ok := m["allowed_capabilities"].([]interface{}); ok && len(v) > 0 { - spec.AllowedCapabilities = expandCapabilitySlice(v) - } - - if v, ok := m["allowed_flex_volumes"].([]interface{}); ok && len(v) > 0 { - spec.AllowedFlexVolumes = expandAllowedFlexVolumeSlice(v) - } - - if v, ok := m["allowed_host_paths"].([]interface{}); ok && len(v) > 0 { - spec.AllowedHostPaths = expandAllowedHostPathSlice(v) - } - - if v, ok := m["allowed_proc_mount_types"].([]interface{}); ok && len(v) > 0 { - spec.AllowedProcMountTypes = expandAllowedProcMountTypes(v) - } - - if v, ok := m["allowed_unsafe_sysctls"].([]interface{}); ok && len(v) > 0 { - spec.AllowedUnsafeSysctls = expandStringSlice(v) - } - - if v, ok := m["default_add_capabilities"].([]interface{}); ok && len(v) > 0 { - spec.DefaultAddCapabilities = expandCapabilitySlice(v) - } - - if v, ok := m["default_allow_privilege_escalation"].(bool); ok { - spec.DefaultAllowPrivilegeEscalation = ptr.To(v) - } - - if v, ok := m["forbidden_sysctls"].([]interface{}); ok && len(v) > 0 { - spec.ForbiddenSysctls = expandStringSlice(v) - } - - if v, ok := m["fs_group"].([]interface{}); ok && len(v) > 0 { - spec.FSGroup = expandFSGroup(v) - } - - if v, ok := m["host_ipc"].(bool); ok { - spec.HostIPC = v - } - - if v, ok := m["host_network"].(bool); ok { - spec.HostNetwork = v - } - - if v, ok := m["host_pid"].(bool); ok { - spec.HostPID = v - } - - if v, ok := m["host_ports"].([]interface{}); ok && len(v) > 0 { - spec.HostPorts = expandHostPortRangeSlice(v) - } - - if v, ok := m["privileged"].(bool); ok { - spec.Privileged = v - } - - if v, ok := m["read_only_root_filesystem"].(bool); ok { - spec.ReadOnlyRootFilesystem = v - } - - if v, ok := m["required_drop_capabilities"].([]interface{}); ok && len(v) > 0 { - spec.RequiredDropCapabilities = expandCapabilitySlice(v) - } - - if v, ok := m["run_as_user"].([]interface{}); ok && len(v) > 0 { - spec.RunAsUser = expandRunAsUser(v) - } - - if v, ok := m["run_as_group"].([]interface{}); ok && len(v) > 0 { - spec.RunAsGroup = expandRunAsGroup(v) - } - - if v, ok := m["se_linux"].([]interface{}); ok && len(v) > 0 { - spec.SELinux = expandSELinux(v) - } - - if v, ok := m["supplemental_groups"].([]interface{}); ok && len(v) > 0 { - spec.SupplementalGroups = expandSupplementalGroup(v) - } - - if v, ok := m["volumes"].([]interface{}); ok && len(v) > 0 { - spec.Volumes = expandVolumeFSTypeSlice(v) - } - - return spec, nil -} - -func expandAllowedFlexVolumeSlice(in []interface{}) []v1beta1.AllowedFlexVolume { - result := make([]v1beta1.AllowedFlexVolume, len(in)) - for k, v := range in { - result[k] = v1beta1.AllowedFlexVolume{ - Driver: v.(string), - } - } - return result -} - -func expandAllowedHostPathSlice(in []interface{}) []v1beta1.AllowedHostPath { - result := make([]v1beta1.AllowedHostPath, len(in)) - for k, v := range in { - if m, ok := v.(map[string]interface{}); ok { - hp := v1beta1.AllowedHostPath{ - PathPrefix: m["path_prefix"].(string), - } - - if ro, ok := m["read_only"].(bool); ok { - hp.ReadOnly = ro - } - - result[k] = hp - } - } - return result -} - -func expandAllowedProcMountTypes(in []interface{}) []v1.ProcMountType { - result := make([]v1.ProcMountType, len(in)) - - for k, v := range in { - result[k] = v1.ProcMountType(v.(string)) - } - - return result -} - -func expandFSGroup(in []interface{}) v1beta1.FSGroupStrategyOptions { - result := v1beta1.FSGroupStrategyOptions{} - - m := in[0].(map[string]interface{}) - - if v, ok := m["rule"].(string); ok { - result.Rule = v1beta1.FSGroupStrategyType(v) - } - - if v, ok := m["range"].([]interface{}); ok && len(v) > 0 { - result.Ranges = expandIDRangeSlice(v) - } - - return result -} - -func expandIDRangeSlice(in []interface{}) []v1beta1.IDRange { - result := make([]v1beta1.IDRange, len(in)) - - for k, v := range in { - if m, ok := v.(map[string]interface{}); ok { - result[k] = v1beta1.IDRange{ - Min: int64(m["min"].(int)), - Max: int64(m["max"].(int)), - } - } - } - - return result -} - -func expandHostPortRangeSlice(in []interface{}) []v1beta1.HostPortRange { - result := make([]v1beta1.HostPortRange, len(in)) - - for k, v := range in { - if m, ok := v.(map[string]interface{}); ok { - result[k] = v1beta1.HostPortRange{ - Min: int32(m["min"].(int)), - Max: int32(m["max"].(int)), - } - } - } - - return result -} - -func expandRunAsUser(in []interface{}) v1beta1.RunAsUserStrategyOptions { - result := v1beta1.RunAsUserStrategyOptions{} - - m := in[0].(map[string]interface{}) - - if v, ok := m["rule"].(string); ok { - result.Rule = v1beta1.RunAsUserStrategy(v) - } - - if v, ok := m["range"].([]interface{}); ok && len(v) > 0 { - result.Ranges = expandIDRangeSlice(v) - } - - return result -} - -func expandRunAsGroup(in []interface{}) *v1beta1.RunAsGroupStrategyOptions { - result := v1beta1.RunAsGroupStrategyOptions{} - - m := in[0].(map[string]interface{}) - - if v, ok := m["rule"].(string); ok { - result.Rule = v1beta1.RunAsGroupStrategy(v) - } - - if v, ok := m["range"].([]interface{}); ok && len(v) > 0 { - result.Ranges = expandIDRangeSlice(v) - } - - return &result -} - -func expandSELinux(in []interface{}) v1beta1.SELinuxStrategyOptions { - result := v1beta1.SELinuxStrategyOptions{} - - m := in[0].(map[string]interface{}) - - if v, ok := m["rule"].(string); ok { - result.Rule = v1beta1.SELinuxStrategy(v) - } - - if v, ok := m["se_linux_options"].([]interface{}); ok && len(v) > 0 { - result.SELinuxOptions = expandSELinuxOptions(v) - } - - return result -} - -func expandSELinuxOptions(in []interface{}) *v1.SELinuxOptions { - result := v1.SELinuxOptions{} - - m := in[0].(map[string]interface{}) - - if v, ok := m["level"].(string); ok { - result.Level = v - } - - if v, ok := m["user"].(string); ok { - result.User = v - } - - if v, ok := m["role"].(string); ok { - result.Role = v - } - - if v, ok := m["type"].(string); ok { - result.Type = v - } - - return &result -} - -func expandSupplementalGroup(in []interface{}) v1beta1.SupplementalGroupsStrategyOptions { - result := v1beta1.SupplementalGroupsStrategyOptions{} - - m := in[0].(map[string]interface{}) - - if v, ok := m["rule"].(string); ok { - result.Rule = v1beta1.SupplementalGroupsStrategyType(v) - } - - if v, ok := m["range"].([]interface{}); ok && len(v) > 0 { - result.Ranges = expandIDRangeSlice(v) - } - - return result -} - -func expandVolumeFSTypeSlice(in []interface{}) []v1beta1.FSType { - result := make([]v1beta1.FSType, len(in)) - for k, v := range in { - if s, ok := v.(string); ok { - result[k] = v1beta1.FSType(s) - } - } - - return result -} - -// Patchers - -func patchPodSecurityPolicySpec(keyPrefix string, pathPrefix string, d *schema.ResourceData) *PatchOperations { - ops := make(PatchOperations, 0) - - if d.HasChange(keyPrefix + "allow_privilege_escalation") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/allowPrivilegeEscalation", - Value: d.Get(keyPrefix + "allow_privilege_escalation").(bool), - }) - } - - if d.HasChange(keyPrefix + "allowed_capabilities") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/allowedCapabilities", - Value: d.Get(keyPrefix + "allowed_capabilities").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "allowed_flex_volumes") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/allowedFlexVolumes", - Value: d.Get(keyPrefix + "allowed_flex_volumes").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "allowed_host_paths") { - n := d.Get(keyPrefix + "allowed_host_paths").([]interface{}) - allowedHostPaths := expandAllowedHostPathSlice(n) - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/allowedHostPaths", - Value: allowedHostPaths, - }) - } - - if d.HasChange(keyPrefix + "allowed_proc_mount_types") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/allowedProcMountTypes", - Value: d.Get(keyPrefix + "allowed_proc_mount_types").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "allowed_unsafe_sysctls") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/allowedUnsafeSysctls", - Value: d.Get(keyPrefix + "allowed_unsafe_sysctls").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "default_add_capabilities") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/defaultAddCapabilities", - Value: d.Get(keyPrefix + "default_add_capabilities").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "default_allow_privilege_escalation") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/defaultAllowPrivilegeEscalation", - Value: d.Get(keyPrefix + "default_allow_privilege_escalation").(bool), - }) - } - - if d.HasChange(keyPrefix + "forbidden_sysctls") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/forbiddenSysctls", - Value: d.Get(keyPrefix + "forbidden_sysctls").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "fs_group") { - fsGroup := expandFSGroup(d.Get(keyPrefix + "fs_group").([]interface{})) - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/fsGroup", - Value: fsGroup, - }) - } - - if d.HasChange(keyPrefix + "host_ipc") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/hostIPC", - Value: d.Get(keyPrefix + "host_ipc").(bool), - }) - } - - if d.HasChange(keyPrefix + "host_network") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/hostNetwork", - Value: d.Get(keyPrefix + "host_network").(bool), - }) - } - - if d.HasChange(keyPrefix + "host_pid") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/hostPID", - Value: d.Get(keyPrefix + "host_pid").(bool), - }) - } - - if d.HasChange(keyPrefix + "host_ports") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/hostPorts", - Value: d.Get(keyPrefix + "host_ports").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "privileged") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/privileged", - Value: d.Get(keyPrefix + "privileged").(bool), - }) - } - - if d.HasChange(keyPrefix + "readonly_root_filesystem") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/readOnlyRootFilesystem", - Value: d.Get(keyPrefix + "readonly_root_filesystem").(bool), - }) - } - - if d.HasChange(keyPrefix + "required_drop_capabilities") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/requiredDropCapabilities", - Value: d.Get(keyPrefix + "required_drop_capabilities").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "run_as_group") { - runAsGroup := expandRunAsGroup(d.Get(keyPrefix + "run_as_group").([]interface{})) - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/runAsGroup", - Value: runAsGroup, - }) - } - - if d.HasChange(keyPrefix + "run_as_user") { - runAsUser := expandRunAsUser(d.Get(keyPrefix + "run_as_user").([]interface{})) - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/runAsUser", - Value: runAsUser, - }) - } - - if d.HasChange(keyPrefix + "se_linux") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/seLinux", - Value: d.Get(keyPrefix + "se_linux").([]interface{}), - }) - } - - if d.HasChange(keyPrefix + "supplemental_groups") { - supplementalGroups := expandSupplementalGroup(d.Get(keyPrefix + "supplemental_groups").([]interface{})) - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/supplementalGroups", - Value: supplementalGroups, - }) - } - - if d.HasChange(keyPrefix + "volumes") { - ops = append(ops, &ReplaceOperation{ - Path: pathPrefix + "/volumes", - Value: d.Get(keyPrefix + "volumes").([]interface{}), - }) - } - - return &ops -}