Merge branch 'scaleway:master' into master

scaleway-bot · web-flow · commit 3dd2629e178b · 2025-09-11T20:10:23.000+02:00
diff --git a/cmd/scw/testdata/test-all-usage-audit-trail-event-list-usage.golden b/cmd/scw/testdata/test-all-usage-audit-trail-event-list-usage.golden
@@ -18,6 +18,8 @@ ARGS:
   [product-name]      (Optional) Name of the Scaleway product in a hyphenated format
   [service-name]      (Optional) Name of the service of the API call performed
   [resource-id]       (Optional) ID of the Scaleway resource
+  [principal-id]      (Optional) ID of the User or IAM application at the origin of the event
+  [source-ip]         (Optional) IP address at the origin of the event
   [organization-id]   Organization ID to use. If none is passed the default organization ID will be used
   [region=fr-par]     Region to target. If none is passed will use default region from the config (fr-par | nl-ams)
 
diff --git a/cmd/scw/testdata/test-all-usage-keymanager-key-create-usage.golden b/cmd/scw/testdata/test-all-usage-keymanager-key-create-usage.golden
@@ -1,16 +1,16 @@
 🎲🎲🎲 EXIT CODE: 0 🎲🎲🎲
 🟥🟥🟥 STDERR️️ 🟥🟥🟥️
-Create a key in a given region specified by the `region` parameter. Keys only support symmetric encryption. You can use keys to encrypt or decrypt arbitrary payloads, or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
+Create a key in a given region specified by the `region` parameter. You can use keys to encrypt or decrypt arbitrary payloads, to sign and verify messages or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
 
 USAGE:
   scw keymanager key create [arg=value ...]
 
 ARGS:
   [project-id]                         Project ID to use. If none is passed the default project ID will be used
   [name]                               (Optional) Name of the key
-  [usage.symmetric-encryption]         Algorithm used to encrypt and decrypt arbitrary payloads. (unknown_symmetric_encryption | aes_256_gcm)
-  [usage.asymmetric-encryption]         (unknown_asymmetric_encryption | rsa_oaep_2048_sha256 | rsa_oaep_3072_sha256 | rsa_oaep_4096_sha256)
-  [usage.asymmetric-signing]            (unknown_asymmetric_signing | ec_p256_sha256 | ec_p384_sha384 | rsa_pss_2048_sha256 | rsa_pss_3072_sha256 | rsa_pss_4096_sha256 | rsa_pkcs1_2048_sha256 | rsa_pkcs1_3072_sha256 | rsa_pkcs1_4096_sha256)
+  [usage.symmetric-encryption]         Encrypt and decrypt arbitrary payloads using a symmetric encryption algorithm. (unknown_symmetric_encryption | aes_256_gcm)
+  [usage.asymmetric-encryption]        Encrypt and decrypt arbitrary payloads using an asymmetric encryption algorithm. (unknown_asymmetric_encryption | rsa_oaep_2048_sha256 | rsa_oaep_3072_sha256 | rsa_oaep_4096_sha256)
+  [usage.asymmetric-signing]           Sign and verify arbitrary messages using an asymmetric signing algorithm. (unknown_asymmetric_signing | ec_p256_sha256 | ec_p384_sha384 | rsa_pss_2048_sha256 | rsa_pss_3072_sha256 | rsa_pss_4096_sha256 | rsa_pkcs1_2048_sha256 | rsa_pkcs1_3072_sha256 | rsa_pkcs1_4096_sha256)
   [description]                        (Optional) Description of the key
   [tags.{index}]                       (Optional) List of the key's tags
   [rotation-policy.rotation-period]    Rotation period
diff --git a/docs/commands/audit-trail.md b/docs/commands/audit-trail.md
@@ -40,6 +40,8 @@ scw audit-trail event list [arg=value ...]
 | product-name |  | (Optional) Name of the Scaleway product in a hyphenated format |
 | service-name |  | (Optional) Name of the service of the API call performed |
 | resource-id |  | (Optional) ID of the Scaleway resource |
+| principal-id |  | (Optional) ID of the User or IAM application at the origin of the event |
+| source-ip |  | (Optional) IP address at the origin of the event |
 | organization-id |  | Organization ID to use. If none is passed the default organization ID will be used |
 | region | Default: `fr-par`<br />One of: `fr-par`, `nl-ams` | Region to target. If none is passed will use default region from the config |
 
diff --git a/docs/commands/keymanager.md b/docs/commands/keymanager.md
@@ -27,7 +27,7 @@ Keys are logical containers which store cryptographic keys.
 
 ### Create a key
 
-Create a key in a given region specified by the `region` parameter. Keys only support symmetric encryption. You can use keys to encrypt or decrypt arbitrary payloads, or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
+Create a key in a given region specified by the `region` parameter. You can use keys to encrypt or decrypt arbitrary payloads, to sign and verify messages or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
 
 **Usage:**
 
@@ -42,9 +42,9 @@ scw keymanager key create [arg=value ...]
 |------|---|-------------|
 | project-id |  | Project ID to use. If none is passed the default project ID will be used |
 | name |  | (Optional) Name of the key |
-| usage.symmetric-encryption | One of: `unknown_symmetric_encryption`, `aes_256_gcm` | Algorithm used to encrypt and decrypt arbitrary payloads. |
-| usage.asymmetric-encryption | One of: `unknown_asymmetric_encryption`, `rsa_oaep_2048_sha256`, `rsa_oaep_3072_sha256`, `rsa_oaep_4096_sha256` |  |
-| usage.asymmetric-signing | One of: `unknown_asymmetric_signing`, `ec_p256_sha256`, `ec_p384_sha384`, `rsa_pss_2048_sha256`, `rsa_pss_3072_sha256`, `rsa_pss_4096_sha256`, `rsa_pkcs1_2048_sha256`, `rsa_pkcs1_3072_sha256`, `rsa_pkcs1_4096_sha256` |  |
+| usage.symmetric-encryption | One of: `unknown_symmetric_encryption`, `aes_256_gcm` | Encrypt and decrypt arbitrary payloads using a symmetric encryption algorithm. |
+| usage.asymmetric-encryption | One of: `unknown_asymmetric_encryption`, `rsa_oaep_2048_sha256`, `rsa_oaep_3072_sha256`, `rsa_oaep_4096_sha256` | Encrypt and decrypt arbitrary payloads using an asymmetric encryption algorithm. |
+| usage.asymmetric-signing | One of: `unknown_asymmetric_signing`, `ec_p256_sha256`, `ec_p384_sha384`, `rsa_pss_2048_sha256`, `rsa_pss_3072_sha256`, `rsa_pss_4096_sha256`, `rsa_pkcs1_2048_sha256`, `rsa_pkcs1_3072_sha256`, `rsa_pkcs1_4096_sha256` | Sign and verify arbitrary messages using an asymmetric signing algorithm. |
 | description |  | (Optional) Description of the key |
 | tags.{index} |  | (Optional) List of the key's tags |
 | rotation-policy.rotation-period |  | Rotation period |
diff --git a/go.mod b/go.mod
@@ -4,7 +4,7 @@ go 1.24.6
 
 require (
 	github.com/aws/aws-sdk-go-v2 v1.39.0
-	github.com/aws/aws-sdk-go-v2/service/s3 v1.88.0
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.88.1
 	github.com/buildpacks/pack v0.38.2
 	github.com/c-bata/go-prompt v0.2.6
 	github.com/charmbracelet/bubbletea v1.3.8
@@ -14,7 +14,7 @@ require (
 	github.com/docker/docker v28.4.0+incompatible
 	github.com/dustin/go-humanize v1.0.1
 	github.com/fatih/color v1.18.0
-	github.com/getsentry/sentry-go v0.35.1
+	github.com/getsentry/sentry-go v0.35.2
 	github.com/ghodss/yaml v1.0.0
 	github.com/gorilla/websocket v1.5.3
 	github.com/hashicorp/go-version v1.7.0
@@ -23,7 +23,7 @@ require (
 	github.com/mattn/go-isatty v0.0.20
 	github.com/moby/buildkit v0.24.0
 	github.com/opencontainers/go-digest v1.0.0
-	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250909122954-71c9aae6a7e3
+	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250911091431-3c6786e253d0
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/spf13/cobra v1.10.1
 	github.com/spf13/pflag v1.0.10
diff --git a/go.sum b/go.sum
@@ -91,8 +91,8 @@ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.7 h1:mLgc5QIgO
 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.7/go.mod h1:wXb/eQnqt8mDQIQTTmcw58B5mYGxzLGZGK8PWNFZ0BA=
 github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.7 h1:u3VbDKUCWarWiU+aIUK4gjTr/wQFXV17y3hgNno9fcA=
 github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.7/go.mod h1:/OuMQwhSyRapYxq6ZNpPer8juGNrB4P5Oz8bZ2cgjQE=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.88.0 h1:k5JXPr+2SrPDwM3PdygZUenn0lVPLa3KOs7cCYqinFs=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.88.0/go.mod h1:xajPTguLoeQMAOE44AAP2RQoUhF8ey1g5IFHARv71po=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.88.1 h1:+RpGuaQ72qnU83qBKVwxkznewEdAGhIWo/PQCmkhhog=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.88.1/go.mod h1:xajPTguLoeQMAOE44AAP2RQoUhF8ey1g5IFHARv71po=
 github.com/aws/aws-sdk-go-v2/service/sso v1.29.1 h1:8OLZnVJPvjnrxEwHFg9hVUof/P4sibH+Ea4KKuqAGSg=
 github.com/aws/aws-sdk-go-v2/service/sso v1.29.1/go.mod h1:27M3BpVi0C02UiQh1w9nsBEit6pLhlaH3NHna6WUbDE=
 github.com/aws/aws-sdk-go-v2/service/ssooidc v1.34.2 h1:gKWSTnqudpo8dAxqBqZnDoDWCiEh/40FziUjr/mo6uA=
@@ -231,8 +231,8 @@ github.com/gdamore/encoding v1.0.1 h1:YzKZckdBL6jVt2Gc+5p82qhrGiqMdG/eNs6Wy0u3Uh
 github.com/gdamore/encoding v1.0.1/go.mod h1:0Z0cMFinngz9kS1QfMjCP8TY7em3bZYeeklsSDPivEo=
 github.com/gdamore/tcell/v2 v2.9.0 h1:N6t+eqK7/xwtRPwxzs1PXeRWnm0H9l02CrgJ7DLn1ys=
 github.com/gdamore/tcell/v2 v2.9.0/go.mod h1:8/ZoqM9rxzYphT9tH/9LnunhV9oPBqwS8WHGYm5nrmo=
-github.com/getsentry/sentry-go v0.35.1 h1:iopow6UVLE2aXu46xKVIs8Z9D/YZkJrHkgozrxa+tOQ=
-github.com/getsentry/sentry-go v0.35.1/go.mod h1:C55omcY9ChRQIUcVcGcs+Zdy4ZpQGvNJ7JYHIoSWOtE=
+github.com/getsentry/sentry-go v0.35.2 h1:jKuujpRwa8FFRYMIwwZpu83Xh0voll9bmvyc6310WBM=
+github.com/getsentry/sentry-go v0.35.2/go.mod h1:mdL49ixwT2yi57k5eh7mpnDyPybixPzlzEJFu0Z76QA=
 github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c=
@@ -460,8 +460,8 @@ github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 h1:OkMGxebDjyw0ULyrTYWeN0UNCCkmCWfjPnIA2W6oviI=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+ePHsJ1keEjQtpvf9HHw0f4ZeJ0TLRsxhunSI2hYJSs=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250909122954-71c9aae6a7e3 h1:bUgIIouQdnYoZ95+pB/WYEZh20P/So2sUZ44NaWEIBU=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250909122954-71c9aae6a7e3/go.mod h1:2Cfo14o/ZO3hZg9GjbyD/BHKbyri3K5BiEHq4fBcUHY=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250911091431-3c6786e253d0 h1:EOCbW0MnUjNKndDwoWiGwXix7no3Fe74sVDiXp8wMag=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250911091431-3c6786e253d0/go.mod h1:47B1d/YXmSAxlJxUJxClzHR6b3T4M1WyCvwENPQNBWc=
 github.com/sclevine/spec v1.4.0 h1:z/Q9idDcay5m5irkZ28M7PtQM4aOISzOpj4bUPkDee8=
 github.com/sclevine/spec v1.4.0/go.mod h1:LvpgJaFyvQzRvc1kaDs0bulYwzC70PbiYjC4QnFHkOM=
 github.com/secure-systems-lab/go-securesystemslib v0.8.0 h1:mr5An6X45Kb2nddcFlbmfHkLguCE9laoZCUzEEpIZXA=
diff --git a/internal/namespaces/audit_trail/v1alpha1/audit_trail_cli.go b/internal/namespaces/audit_trail/v1alpha1/audit_trail_cli.go
@@ -192,6 +192,20 @@ func auditTrailEventList() *core.Command {
 				Deprecated: false,
 				Positional: false,
 			},
+			{
+				Name:       "principal-id",
+				Short:      `(Optional) ID of the User or IAM application at the origin of the event`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
+			{
+				Name:       "source-ip",
+				Short:      `(Optional) IP address at the origin of the event`,
+				Required:   false,
+				Deprecated: false,
+				Positional: false,
+			},
 			core.OrganizationIDArgSpec(),
 			core.RegionArgSpec(
 				scw.RegionFrPar,
diff --git a/internal/namespaces/key_manager/v1alpha1/key_manager_cli.go b/internal/namespaces/key_manager/v1alpha1/key_manager_cli.go
@@ -59,7 +59,7 @@ func keymanagerKey() *core.Command {
 func keymanagerKeyCreate() *core.Command {
 	return &core.Command{
 		Short:     `Create a key`,
-		Long:      `Create a key in a given region specified by the ` + "`" + `region` + "`" + ` parameter. Keys only support symmetric encryption. You can use keys to encrypt or decrypt arbitrary payloads, or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.`,
+		Long:      `Create a key in a given region specified by the ` + "`" + `region` + "`" + ` parameter. You can use keys to encrypt or decrypt arbitrary payloads, to sign and verify messages or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.`,
 		Namespace: "keymanager",
 		Resource:  "key",
 		Verb:      "create",
@@ -76,7 +76,7 @@ func keymanagerKeyCreate() *core.Command {
 			},
 			{
 				Name:       "usage.symmetric-encryption",
-				Short:      `Algorithm used to encrypt and decrypt arbitrary payloads.`,
+				Short:      `Encrypt and decrypt arbitrary payloads using a symmetric encryption algorithm.`,
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
@@ -87,6 +87,7 @@ func keymanagerKeyCreate() *core.Command {
 			},
 			{
 				Name:       "usage.asymmetric-encryption",
+				Short:      `Encrypt and decrypt arbitrary payloads using an asymmetric encryption algorithm.`,
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
@@ -99,6 +100,7 @@ func keymanagerKeyCreate() *core.Command {
 			},
 			{
 				Name:       "usage.asymmetric-signing",
+				Short:      `Sign and verify arbitrary messages using an asymmetric signing algorithm.`,
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
