diff --git a/.github/workflows/api-sync.yml b/.github/workflows/api-sync.yml index f07534a93..0572ef60f 100644 --- a/.github/workflows/api-sync.yml +++ b/.github/workflows/api-sync.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 849425404..0516f7550 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true @@ -53,7 +53,7 @@ jobs: steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod # Linter requires no cache @@ -68,7 +68,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true @@ -85,7 +85,7 @@ jobs: steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true diff --git a/.github/workflows/mirror-image.yml b/.github/workflows/mirror-image.yml index 1623f296d..9423799ce 100644 --- a/.github/workflows/mirror-image.yml +++ b/.github/workflows/mirror-image.yml @@ -29,7 +29,7 @@ jobs: TAG=${{ inputs.image }} echo "image=${TAG##*/}" >> $GITHUB_OUTPUT - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v4.3.1 + uses: aws-actions/configure-aws-credentials@v5.0.0 with: role-to-assume: ${{ secrets.PROD_AWS_ROLE }} aws-region: us-east-1 diff --git a/.github/workflows/mirror.yml b/.github/workflows/mirror.yml index 55652c899..512162490 100644 --- a/.github/workflows/mirror.yml +++ b/.github/workflows/mirror.yml @@ -31,7 +31,7 @@ jobs: curr: ${{ steps.curr.outputs.tags }} steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true diff --git a/.github/workflows/release-beta.yml b/.github/workflows/release-beta.yml index 93dab391b..8d3c6e967 100644 --- a/.github/workflows/release-beta.yml +++ b/.github/workflows/release-beta.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v5 - id: semantic-release - uses: cycjimmy/semantic-release-action@v4 + uses: cycjimmy/semantic-release-action@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -39,7 +39,7 @@ jobs: with: fetch-depth: 0 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true @@ -66,7 +66,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true @@ -83,7 +83,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v5 with: node-version: "16.x" registry-url: "https://registry.npmjs.org" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 616738e90..e6c2d4552 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true @@ -54,7 +54,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true @@ -86,7 +86,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version-file: go.mod cache: true diff --git a/.github/workflows/tag-npm.yml b/.github/workflows/tag-npm.yml index 234c74ac9..0da2161f2 100644 --- a/.github/workflows/tag-npm.yml +++ b/.github/workflows/tag-npm.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v5 with: node-version: "16.x" registry-url: "https://registry.npmjs.org" diff --git a/api/overlay.yaml b/api/overlay.yaml index b455dcc79..58fef786d 100644 --- a/api/overlay.yaml +++ b/api/overlay.yaml @@ -23,6 +23,12 @@ actions: - target: $.components.schemas.*.properties.items.items.properties.saml.properties.attribute_mapping.properties.keys.additionalProperties.properties.default.oneOf description: Replaces list union type with interface for easier casting remove: true +- target: $.components.schemas.*.properties.saml.properties.name_id_format.enum + description: Converts enum with duplicated type to a string + remove: true +- target: $.components.schemas.*.properties.items.items.properties.saml.properties.name_id_format.enum + description: Converts list of enum with duplicated type to a string + remove: true - target: $.components.schemas.*.properties.connectionString description: Removes deprecated field that conflicts with naming convention remove: true diff --git a/cmd/bans.go b/cmd/bans.go index 603e2dd4d..0af4d9f99 100644 --- a/cmd/bans.go +++ b/cmd/bans.go @@ -1,6 +1,8 @@ package cmd import ( + "fmt" + "github.com/spf13/afero" "github.com/spf13/cobra" "github.com/supabase/cli/internal/bans/get" @@ -26,6 +28,9 @@ The subcommands help you view the current bans, and unblock IPs if desired.`, RunE: func(cmd *cobra.Command, args []string) error { return update.Run(cmd.Context(), flags.ProjectRef, dbIpsToUnban, afero.NewOsFs()) }, + PostRun: func(cmd *cobra.Command, args []string) { + fmt.Println("Successfully removed network bans.") + }, } bansGetCmd = &cobra.Command{ diff --git a/cmd/gen.go b/cmd/gen.go index 8893988d4..d4c90d350 100644 --- a/cmd/gen.go +++ b/cmd/gen.go @@ -3,6 +3,7 @@ package cmd import ( "os" "os/signal" + "time" env "github.com/Netflix/go-env" "github.com/go-errors/errors" @@ -26,8 +27,9 @@ var ( keyNames keys.CustomName genKeysCmd = &cobra.Command{ - Use: "keys", - Short: "Generate keys for preview branch", + Deprecated: `use "gen signing-key" instead.`, + Use: "keys", + Short: "Generate keys for preview branch", PersistentPreRunE: func(cmd *cobra.Command, args []string) error { es, err := env.EnvironToEnvSet(override) if err != nil { @@ -56,6 +58,7 @@ var ( }, Value: types.LangTypescript, } + queryTimeout time.Duration postgrestV9Compat bool swiftAccessControl = utils.EnumFlag{ Allowed: []string{ @@ -88,7 +91,7 @@ var ( return err } } - return types.Run(ctx, flags.ProjectRef, flags.DbConfig, lang.Value, schema, postgrestV9Compat, swiftAccessControl.Value, afero.NewOsFs()) + return types.Run(ctx, flags.ProjectRef, flags.DbConfig, lang.Value, schema, postgrestV9Compat, swiftAccessControl.Value, queryTimeout, afero.NewOsFs()) }, Example: ` supabase gen types --local supabase gen types --linked --lang=go @@ -126,8 +129,13 @@ func init() { genTypesCmd.MarkFlagsMutuallyExclusive("local", "linked", "project-id", "db-url") typeFlags.Var(&lang, "lang", "Output language of the generated types.") typeFlags.StringSliceVarP(&schema, "schema", "s", []string{}, "Comma separated list of schema to include.") + // Direct connection only flags typeFlags.Var(&swiftAccessControl, "swift-access-control", "Access control for Swift generated types.") - typeFlags.BoolVar(&postgrestV9Compat, "postgrest-v9-compat", false, "Generate types compatible with PostgREST v9 and below. Only use together with --db-url.") + genTypesCmd.MarkFlagsMutuallyExclusive("linked", "project-id", "swift-access-control") + typeFlags.BoolVar(&postgrestV9Compat, "postgrest-v9-compat", false, "Generate types compatible with PostgREST v9 and below.") + genTypesCmd.MarkFlagsMutuallyExclusive("linked", "project-id", "postgrest-v9-compat") + typeFlags.DurationVar(&queryTimeout, "query-timeout", time.Second*15, "Maximum timeout allowed for the database query.") + genTypesCmd.MarkFlagsMutuallyExclusive("linked", "project-id", "query-timeout") genCmd.AddCommand(genTypesCmd) keyFlags := genKeysCmd.Flags() keyFlags.StringVar(&flags.ProjectRef, "project-ref", "", "Project ref of the Supabase project.") diff --git a/go.mod b/go.mod index d7205b6a0..a36b15130 100644 --- a/go.mod +++ b/go.mod @@ -8,13 +8,13 @@ require ( github.com/andybalholm/brotli v1.2.0 github.com/cenkalti/backoff/v4 v4.3.0 github.com/charmbracelet/bubbles v0.21.0 - github.com/charmbracelet/bubbletea v1.3.6 + github.com/charmbracelet/bubbletea v1.3.7 github.com/charmbracelet/glamour v0.10.0 github.com/charmbracelet/lipgloss v1.1.1-0.20250404203927-76690c660834 github.com/containerd/errdefs v1.0.0 - github.com/containers/common v0.64.1 - github.com/docker/cli v28.3.3+incompatible - github.com/docker/docker v28.3.3+incompatible + github.com/containers/common v0.64.2 + github.com/docker/cli v28.4.0+incompatible + github.com/docker/docker v28.4.0+incompatible github.com/docker/go-connections v0.6.0 github.com/fsnotify/fsnotify v1.9.0 github.com/getsentry/sentry-go v0.35.1 @@ -36,19 +36,19 @@ require ( github.com/oapi-codegen/nullable v1.1.0 github.com/slack-go/slack v0.17.3 github.com/spf13/afero v1.14.0 - github.com/spf13/cobra v1.9.1 - github.com/spf13/pflag v1.0.7 + github.com/spf13/cobra v1.10.1 + github.com/spf13/pflag v1.0.10 github.com/spf13/viper v1.20.1 - github.com/stretchr/testify v1.11.0 - github.com/stripe/pg-schema-diff v0.9.2 + github.com/stretchr/testify v1.11.1 + github.com/stripe/pg-schema-diff v1.0.2 github.com/supabase/cli/pkg v1.0.0 github.com/tidwall/jsonc v0.3.2 github.com/withfig/autocomplete-tools/packages/cobra v1.2.0 github.com/zalando/go-keyring v0.2.6 - go.opentelemetry.io/otel v1.37.0 - golang.org/x/mod v0.27.0 - golang.org/x/oauth2 v0.30.0 - golang.org/x/term v0.34.0 + go.opentelemetry.io/otel v1.38.0 + golang.org/x/mod v0.28.0 + golang.org/x/oauth2 v0.31.0 + golang.org/x/term v0.35.0 google.golang.org/grpc v1.75.0 gopkg.in/yaml.v3 v3.0.1 ) @@ -97,7 +97,7 @@ require ( github.com/charithe/durationcheck v0.0.10 // indirect github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect github.com/charmbracelet/harmonica v0.2.0 // indirect - github.com/charmbracelet/x/ansi v0.9.3 // indirect + github.com/charmbracelet/x/ansi v0.10.1 // indirect github.com/charmbracelet/x/cellbuf v0.0.13 // indirect github.com/charmbracelet/x/exp/slice v0.0.0-20250327172914-2fdc97757edf // indirect github.com/charmbracelet/x/term v0.2.1 // indirect @@ -155,7 +155,6 @@ require ( github.com/gobwas/glob v0.2.3 // indirect github.com/godbus/dbus/v5 v5.1.0 // indirect github.com/gofrs/flock v0.12.1 // indirect - github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt/v5 v5.3.0 // indirect github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/golang/protobuf v1.5.4 // indirect @@ -327,22 +326,22 @@ require ( go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.34.0 // indirect - go.opentelemetry.io/otel/metric v1.37.0 // indirect + go.opentelemetry.io/otel/metric v1.38.0 // indirect go.opentelemetry.io/otel/sdk v1.37.0 // indirect go.opentelemetry.io/otel/sdk/metric v1.37.0 // indirect - go.opentelemetry.io/otel/trace v1.37.0 // indirect + go.opentelemetry.io/otel/trace v1.38.0 // indirect go.opentelemetry.io/proto/otlp v1.5.0 // indirect go.uber.org/atomic v1.9.0 // indirect go.uber.org/automaxprocs v1.6.0 // indirect go.uber.org/multierr v1.9.0 // indirect go.uber.org/zap v1.24.0 // indirect - golang.org/x/crypto v0.40.0 // indirect + golang.org/x/crypto v0.41.0 // indirect golang.org/x/exp/typeparams v0.0.0-20250210185358-939b2ce775ac // indirect - golang.org/x/net v0.42.0 // indirect + golang.org/x/net v0.43.0 // indirect golang.org/x/sync v0.16.0 // indirect - golang.org/x/sys v0.35.0 // indirect - golang.org/x/text v0.27.0 // indirect - golang.org/x/tools v0.35.0 // indirect + golang.org/x/sys v0.36.0 // indirect + golang.org/x/text v0.28.0 // indirect + golang.org/x/tools v0.36.0 // indirect golang.org/x/tools/go/expect v0.1.1-deprecated // indirect golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated // indirect google.golang.org/genproto/googleapis/api v0.0.0-20250707201910-8d1bb00bc6a7 // indirect diff --git a/go.sum b/go.sum index 0e9329b7e..473f705a9 100644 --- a/go.sum +++ b/go.sum @@ -159,8 +159,8 @@ github.com/charithe/durationcheck v0.0.10 h1:wgw73BiocdBDQPik+zcEoBG/ob8uyBHf2iy github.com/charithe/durationcheck v0.0.10/go.mod h1:bCWXb7gYRysD1CU3C+u4ceO49LoGOY1C1L6uouGNreQ= github.com/charmbracelet/bubbles v0.21.0 h1:9TdC97SdRVg/1aaXNVWfFH3nnLAwOXr8Fn6u6mfQdFs= github.com/charmbracelet/bubbles v0.21.0/go.mod h1:HF+v6QUR4HkEpz62dx7ym2xc71/KBHg+zKwJtMw+qtg= -github.com/charmbracelet/bubbletea v1.3.6 h1:VkHIxPJQeDt0aFJIsVxw8BQdh/F/L2KKZGsK6et5taU= -github.com/charmbracelet/bubbletea v1.3.6/go.mod h1:oQD9VCRQFF8KplacJLo28/jofOI2ToOfGYeFgBBxHOc= +github.com/charmbracelet/bubbletea v1.3.7 h1:FNaEEFEenOEPnZsY9MI64thl2c84MI66+1QaQbxGOl4= +github.com/charmbracelet/bubbletea v1.3.7/go.mod h1:PEOcbQCNzJ2BYUd484kHPO5g3kLO28IffOdFeI2EWus= github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc h1:4pZI35227imm7yK2bGPcfpFEmuY1gc2YSTShr4iJBfs= github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc/go.mod h1:X4/0JoqgTIPSFcRA/P6INZzIuyqdFY5rm8tb41s9okk= github.com/charmbracelet/glamour v0.10.0 h1:MtZvfwsYCx8jEPFJm3rIBFIMZUfUJ765oX8V6kXldcY= @@ -169,8 +169,8 @@ github.com/charmbracelet/harmonica v0.2.0 h1:8NxJWRWg/bzKqqEaaeFNipOu77YR5t8aSwG github.com/charmbracelet/harmonica v0.2.0/go.mod h1:KSri/1RMQOZLbw7AHqgcBycp8pgJnQMYYT8QZRqZ1Ao= github.com/charmbracelet/lipgloss v1.1.1-0.20250404203927-76690c660834 h1:ZR7e0ro+SZZiIZD7msJyA+NjkCNNavuiPBLgerbOziE= github.com/charmbracelet/lipgloss v1.1.1-0.20250404203927-76690c660834/go.mod h1:aKC/t2arECF6rNOnaKaVU6y4t4ZeHQzqfxedE/VkVhA= -github.com/charmbracelet/x/ansi v0.9.3 h1:BXt5DHS/MKF+LjuK4huWrC6NCvHtexww7dMayh6GXd0= -github.com/charmbracelet/x/ansi v0.9.3/go.mod h1:3RQDQ6lDnROptfpWuUVIUG64bD2g2BgntdxH0Ya5TeE= +github.com/charmbracelet/x/ansi v0.10.1 h1:rL3Koar5XvX0pHGfovN03f5cxLbCF2YvLeyz7D2jVDQ= +github.com/charmbracelet/x/ansi v0.10.1/go.mod h1:3RQDQ6lDnROptfpWuUVIUG64bD2g2BgntdxH0Ya5TeE= github.com/charmbracelet/x/cellbuf v0.0.13 h1:/KBBKHuVRbq1lYx5BzEHBAFBP8VcQzJejZ/IA3iR28k= github.com/charmbracelet/x/cellbuf v0.0.13/go.mod h1:xe0nKWGd3eJgtqZRaN9RjMtK7xUYchjzPr7q6kcvCCs= github.com/charmbracelet/x/exp/golden v0.0.0-20241011142426-46044092ad91 h1:payRxjMjKgx2PaCWLZ4p3ro9y97+TVLZNaRZgJwSVDQ= @@ -199,8 +199,8 @@ github.com/containerd/errdefs/pkg v0.3.0 h1:9IKJ06FvyNlexW690DXuQNx2KA2cUJXx151X github.com/containerd/errdefs/pkg v0.3.0/go.mod h1:NJw6s9HwNuRhnjJhM7pylWwMyAkmCQvQ4GpJHEqRLVk= github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= -github.com/containers/common v0.64.1 h1:E8vSiL+B84/UCsyVSb70GoxY9cu+0bseLujm4EKF6GE= -github.com/containers/common v0.64.1/go.mod h1:CtfQNHoCAZqWeXMwdShcsxmMJSeGRgKKMqAwRKmWrHE= +github.com/containers/common v0.64.2 h1:1xepE7QwQggUXxmyQ1Dbh6Cn0yd7ktk14sN3McSWf5I= +github.com/containers/common v0.64.2/go.mod h1:o29GfYy4tefUuShm8mOn2AiL5Mpzdio+viHI7n24KJ4= github.com/containers/storage v1.59.1 h1:11Zu68MXsEQGBBd+GadPrHPpWeqjKS8hJDGiAHgIqDs= github.com/containers/storage v1.59.1/go.mod h1:KoAYHnAjP3/cTsRS+mmWZGkufSY2GACiKQ4V3ZLQnR0= github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= @@ -237,13 +237,13 @@ github.com/dlclark/regexp2 v1.11.5 h1:Q/sSnsKerHeCkc/jSTNq1oCm7KiVgUMZRDUoRu0JQZ github.com/dlclark/regexp2 v1.11.5/go.mod h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8= github.com/dnephin/pflag v1.0.7 h1:oxONGlWxhmUct0YzKTgrpQv9AUA1wtPBn7zuSjJqptk= github.com/dnephin/pflag v1.0.7/go.mod h1:uxE91IoWURlOiTUIA8Mq5ZZkAv3dPUfZNaT80Zm7OQE= -github.com/docker/cli v28.3.3+incompatible h1:fp9ZHAr1WWPGdIWBM1b3zLtgCF+83gRdVMTJsUeiyAo= -github.com/docker/cli v28.3.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v28.4.0+incompatible h1:RBcf3Kjw2pMtwui5V0DIMdyeab8glEw5QY0UUU4C9kY= +github.com/docker/cli v28.4.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v28.3.3+incompatible h1:Dypm25kh4rmk49v1eiVbsAtpAsYURjYkaKubwuBdxEI= -github.com/docker/docker v28.3.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker v28.4.0+incompatible h1:KVC7bz5zJY/4AZe/78BIvCnPsLaC9T/zh72xnlrTTOk= +github.com/docker/docker v28.4.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.9.3 h1:gAm/VtF9wgqJMoxzT3Gj5p4AqIjCBS4wrsOh9yRqcz8= github.com/docker/docker-credential-helpers v0.9.3/go.mod h1:x+4Gbw9aGmChi3qTLZj8Dfn0TD20M/fuWy0E5+WDeCo= github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0= @@ -387,8 +387,6 @@ github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPh github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/protobuf v1.0.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= -github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo= github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= @@ -615,7 +613,6 @@ github.com/karamaru-alpha/copyloopvar v1.2.1 h1:wmZaZYIjnJ0b5UoKDjUHrikcV0zuPyyx github.com/karamaru-alpha/copyloopvar v1.2.1/go.mod h1:nFmMlFNlClC2BPvNaHMdkirmTJxVCY0lhxBtlfOypMM= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= -github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/errcheck v1.9.0 h1:9xt1zI9EBfcYBvdU1nVrzMzzUPUtPKs9bVSIM3TAb3M= github.com/kisielk/errcheck v1.9.0/go.mod h1:kQxWMMVZgIkDq7U8xtG/n2juOjbLgZtedi0D+/VL/i8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= @@ -935,14 +932,14 @@ github.com/spf13/cast v0.0.0-20150508191742-4d07383ffe94/go.mod h1:r2rcYCSwa1IEx github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y= github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cobra v0.0.1/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= -github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= -github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= +github.com/spf13/cobra v1.10.1 h1:lJeBwCfmrnXthfAupyUTzJ/J4Nc1RsHC/mSRU2dll/s= +github.com/spf13/cobra v1.10.1/go.mod h1:7SmJGaTHFVBY0jW4NXGluQoLvhqFQM+6XSKD+P4XaB0= github.com/spf13/jwalterweatherman v0.0.0-20141219030609-3d60171a6431/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v1.0.0/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M= -github.com/spf13/pflag v1.0.7/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v0.0.0-20150530192845-be5ff3e4840c/go.mod h1:A8kyI5cUJhb8N+3pkfONlcEcZbueH6nhAm0Fq7SrnBM= github.com/spf13/viper v1.20.1 h1:ZMi+z/lvLyPSCoNtFCpqjy0S4kPbirhpTMwl8BkW9X4= github.com/spf13/viper v1.20.1/go.mod h1:P9Mdzt1zoHIG8m2eZQinpiBjo6kCmZSKBClNNqjJvu4= @@ -967,10 +964,10 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.11.0 h1:ib4sjIrwZKxE5u/Japgo/7SJV3PvgjGiRNAvTVGqQl8= -github.com/stretchr/testify v1.11.0/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -github.com/stripe/pg-schema-diff v0.9.2 h1:Xn0DX2/u46nNTR0u4ATbTkDf6DmruZjSTdHJFkhbcSU= -github.com/stripe/pg-schema-diff v0.9.2/go.mod h1:cl2VC6te/cCTOewTRvv4pYsgQqAOhvRQmatCHfYwy8c= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/stripe/pg-schema-diff v1.0.2 h1:1R4ZQb7mHvOc9BGw1xYrddqb2voL8ICyiUYSoAmTAFo= +github.com/stripe/pg-schema-diff v1.0.2/go.mod h1:LlN2VVP/njIq1Y7o6Nt35ItEyr6OWOCEz6+Jc/axbIY= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/tdakkota/asciicheck v0.4.1 h1:bm0tbcmi0jezRA2b5kg4ozmMuGAFotKI3RZfrhfovg8= @@ -1061,8 +1058,8 @@ go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJyS go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ= -go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ= -go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I= +go.opentelemetry.io/otel v1.38.0 h1:RkfdswUDRimDg0m2Az18RKOsnI8UDzppJAtj01/Ymk8= +go.opentelemetry.io/otel v1.38.0/go.mod h1:zcmtmQ1+YmQM9wrNsTGV/q/uyusom3P8RxwExxkZhjM= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.34.0 h1:ajl4QczuJVA2TU9W9AGw++86Xga/RKt//16z/yxPgdk= go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.34.0/go.mod h1:Vn3/rlOJ3ntf/Q3zAI0V5lDnTbHGaUsNUeF6nZmm7pA= go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 h1:OeNbIYk/2C15ckl7glBlOBp5+WlYsOElzTNmiPW/x60= @@ -1071,14 +1068,14 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0 h1:tgJ0u go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0/go.mod h1:U7HYyW0zt/a9x5J1Kjs+r1f/d4ZHnYFclhYY2+YbeoE= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.34.0 h1:BEj3SPM81McUZHYjRS5pEgNgnmzGJ5tRpU5krWnV8Bs= go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.34.0/go.mod h1:9cKLGBDzI/F3NoHLQGm4ZrYdIHsvGt6ej6hUowxY0J4= -go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE= -go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E= +go.opentelemetry.io/otel/metric v1.38.0 h1:Kl6lzIYGAh5M159u9NgiRkmoMKjvbsKtYRwgfrA6WpA= +go.opentelemetry.io/otel/metric v1.38.0/go.mod h1:kB5n/QoRM8YwmUahxvI3bO34eVtQf2i4utNVLr9gEmI= go.opentelemetry.io/otel/sdk v1.37.0 h1:ItB0QUqnjesGRvNcmAcU0LyvkVyGJ2xftD29bWdDvKI= go.opentelemetry.io/otel/sdk v1.37.0/go.mod h1:VredYzxUvuo2q3WRcDnKDjbdvmO0sCzOvVAiY+yUkAg= go.opentelemetry.io/otel/sdk/metric v1.37.0 h1:90lI228XrB9jCMuSdA0673aubgRobVZFhbjxHHspCPc= go.opentelemetry.io/otel/sdk/metric v1.37.0/go.mod h1:cNen4ZWfiD37l5NhS+Keb5RXVWZWpRE+9WyVCpbo5ps= -go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4= -go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0= +go.opentelemetry.io/otel/trace v1.38.0 h1:Fxk5bKrDZJUH+AMyyIXGcFAPah0oRcT+LuNtJrmcNLE= +go.opentelemetry.io/otel/trace v1.38.0/go.mod h1:j1P9ivuFsTceSWe1oY+EeW3sc+Pp42sO++GHkg4wwhs= go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4= go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= @@ -1122,8 +1119,8 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ= -golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM= -golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= +golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4= +golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1169,8 +1166,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ= -golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc= +golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U= +golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1218,16 +1215,16 @@ golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.16.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs= -golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8= +golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE= +golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= -golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/oauth2 v0.31.0 h1:8Fq0yVZLh4j4YA47vHKFTa9Ew5XIrCP8LC6UeNZnLxo= +golang.org/x/oauth2 v0.31.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1311,8 +1308,8 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI= -golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k= +golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -1323,8 +1320,8 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= -golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4= -golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw= +golang.org/x/term v0.35.0 h1:bZBVKBudEyhRcajGcNc3jIfWPqV4y/Kt2XcoigOWtDQ= +golang.org/x/term v0.35.0/go.mod h1:TPGtkTLesOwf2DE8CgVYiZinHAOuy5AYUYT1lENIZnA= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1339,8 +1336,8 @@ golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4= -golang.org/x/text v0.27.0/go.mod h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU= +golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng= +golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -1390,7 +1387,6 @@ golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200724022722-7017fd6b1305/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= @@ -1398,7 +1394,6 @@ golang.org/x/tools v0.0.0-20200820010801-b793a1359eac/go.mod h1:njjCfa9FT2d7l9Bc golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20201023174141-c8cfbd0f21e6/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.1-0.20210205202024-ef80cdb6ec6d/go.mod h1:9bzcO0MWcOuT0tm1iBGzDVPshzfwoVvREIui8C+MHqU= golang.org/x/tools v0.1.1-0.20210302220138-2ac05c832e1a/go.mod h1:9bzcO0MWcOuT0tm1iBGzDVPshzfwoVvREIui8C+MHqU= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= @@ -1410,8 +1405,8 @@ golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= -golang.org/x/tools v0.35.0 h1:mBffYraMEf7aa0sB+NuKnuCy8qI/9Bughn8dC2Gu5r0= -golang.org/x/tools v0.35.0/go.mod h1:NKdj5HkL/73byiZSJjqJgKn3ep7KjFkBOkR/Hps3VPw= +golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg= +golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s= golang.org/x/tools/go/expect v0.1.1-deprecated h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnpsEAGHaNy0n/rJM= golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY= golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM= diff --git a/internal/bans/update/update.go b/internal/bans/update/update.go index d89fa08f2..d211111a8 100644 --- a/internal/bans/update/update.go +++ b/internal/bans/update/update.go @@ -2,13 +2,11 @@ package update import ( "context" - "fmt" "net" "github.com/go-errors/errors" "github.com/spf13/afero" - "github.com/supabase/cli/internal/utils" - "github.com/supabase/cli/pkg/api" + "github.com/supabase/cli/internal/utils/flags" ) func validateIps(ips []string) error { @@ -25,19 +23,6 @@ func Run(ctx context.Context, projectRef string, dbIpsToUnban []string, fsys afe if err := validateIps(dbIpsToUnban); err != nil { return err } - // 2. remove bans - { - resp, err := utils.GetSupabase().V1DeleteNetworkBansWithResponse(ctx, projectRef, api.RemoveNetworkBanRequest{ - Ipv4Addresses: dbIpsToUnban, - }) - if err != nil { - return errors.Errorf("failed to remove network bans: %w", err) - } - if resp.StatusCode() != 200 { - return errors.New("Unexpected error removing network bans: " + string(resp.Body)) - } - fmt.Printf("Successfully removed bans for %+v.\n", dbIpsToUnban) - return nil - } + return flags.UnbanIP(ctx, projectRef, dbIpsToUnban...) } diff --git a/internal/bans/update/update_test.go b/internal/bans/update/update_test.go index 2a40be2a4..34ee3c007 100644 --- a/internal/bans/update/update_test.go +++ b/internal/bans/update/update_test.go @@ -1,22 +1,75 @@ package update import ( + "context" + "errors" + "net/http" "testing" + "github.com/h2non/gock" "github.com/stretchr/testify/assert" + "github.com/supabase/cli/internal/testing/apitest" + "github.com/supabase/cli/internal/utils" ) -func TestPrivateSubnet(t *testing.T) { - err := validateIps([]string{"12.3.4.5", "10.0.0.0", "1.2.3.1"}) - assert.NoError(t, err) -} +func TestValidateIP(t *testing.T) { + t.Run("accepts private subnet", func(t *testing.T) { + err := validateIps([]string{"12.3.4.5", "10.0.0.0", "1.2.3.1"}) + assert.NoError(t, err) + }) + + t.Run("accepts IPv6 address", func(t *testing.T) { + err := validateIps([]string{"2001:db8:abcd:0012::0", "::0"}) + assert.NoError(t, err) + }) -func TestIPv6(t *testing.T) { - err := validateIps([]string{"2001:db8:abcd:0012::0", "::0"}) - assert.NoError(t, err) + t.Run("throws error on invalid IP", func(t *testing.T) { + // Run test + err := Run(context.Background(), "test-project", []string{"12.3.4"}, nil) + // Check error + assert.ErrorContains(t, err, "invalid IP address: 12.3.4") + }) } -func TestInvalidAddress(t *testing.T) { - err := validateIps([]string{"12.3.4"}) - assert.ErrorContains(t, err, "invalid IP address: 12.3.4") +func TestRemoveBans(t *testing.T) { + // Setup valid access token + token := apitest.RandomAccessToken(t) + t.Setenv("SUPABASE_ACCESS_TOKEN", string(token)) + + t.Run("removes network bans", func(t *testing.T) { + // Setup mock api + defer gock.OffAll() + gock.New(utils.DefaultApiHost). + Delete("/v1/projects/test-project/network-bans"). + Reply(http.StatusOK) + // Run test + err := Run(context.Background(), "test-project", []string{}, nil) + // Check error + assert.NoError(t, err) + }) + + t.Run("throws error on network failure", func(t *testing.T) { + errNetwork := errors.New("network error") + // Setup mock api + defer gock.OffAll() + gock.New(utils.DefaultApiHost). + Delete("/v1/projects/test-project/network-bans"). + ReplyError(errNetwork) + // Run test + err := Run(context.Background(), "test-project", []string{}, nil) + // Check error + assert.ErrorIs(t, err, errNetwork) + }) + + t.Run("throws error on service unavailable", func(t *testing.T) { + // Setup mock api + defer gock.OffAll() + gock.New(utils.DefaultApiHost). + Delete("/v1/projects/test-project/network-bans"). + Reply(http.StatusServiceUnavailable) + // Run test + err := Run(context.Background(), "test-project", []string{}, nil) + // Check error + assert.ErrorContains(t, err, "unexpected unban status 503:") + }) } diff --git a/internal/db/diff/migra.go b/internal/db/diff/migra.go index 63e0566fd..34b7d579e 100644 --- a/internal/db/diff/migra.go +++ b/internal/db/diff/migra.go @@ -23,11 +23,6 @@ var ( //go:embed templates/migra.ts diffSchemaTypeScript string - //go:embed templates/staging-ca-2021.crt - caStaging string - //go:embed templates/prod-ca-2021.crt - caProd string - managedSchemas = []string{ // Local development "_analytics", @@ -107,12 +102,10 @@ func loadSchema(ctx context.Context, dbURL string, options ...func(*pgx.ConnConf func DiffSchemaMigra(ctx context.Context, source, target string, schema []string, options ...func(*pgx.ConnConfig)) (string, error) { env := []string{"SOURCE=" + source, "TARGET=" + target} - // node-postgres does not support sslmode=prefer - if require, err := types.IsRequireSSL(ctx, target, options...); err != nil { + if ca, err := types.GetRootCA(ctx, target, options...); err != nil { return "", err - } else if require { - rootCA := caStaging + caProd - env = append(env, "SSL_CA="+rootCA) + } else if len(ca) > 0 { + env = append(env, "SSL_CA="+ca) } if len(schema) > 0 { env = append(env, "INCLUDED_SCHEMAS="+strings.Join(schema, ",")) diff --git a/internal/db/diff/templates/prod-ca-2021.crt b/internal/gen/types/templates/prod-ca-2021.crt similarity index 100% rename from internal/db/diff/templates/prod-ca-2021.crt rename to internal/gen/types/templates/prod-ca-2021.crt diff --git a/internal/db/diff/templates/staging-ca-2021.crt b/internal/gen/types/templates/staging-ca-2021.crt similarity index 100% rename from internal/db/diff/templates/staging-ca-2021.crt rename to internal/gen/types/templates/staging-ca-2021.crt diff --git a/internal/gen/types/types.go b/internal/gen/types/types.go index 5aeeb1bd6..aa22c04fa 100644 --- a/internal/gen/types/types.go +++ b/internal/gen/types/types.go @@ -2,9 +2,11 @@ package types import ( "context" + _ "embed" "fmt" "os" "strings" + "time" "github.com/docker/docker/api/types/container" "github.com/docker/docker/api/types/network" @@ -28,7 +30,7 @@ const ( SwiftInternalAccessControl = "internal" ) -func Run(ctx context.Context, projectId string, dbConfig pgconn.Config, lang string, schemas []string, postgrestV9Compat bool, swiftAccessControl string, fsys afero.Fs, options ...func(*pgx.ConnConfig)) error { +func Run(ctx context.Context, projectId string, dbConfig pgconn.Config, lang string, schemas []string, postgrestV9Compat bool, swiftAccessControl string, queryTimeout time.Duration, fsys afero.Fs, options ...func(*pgx.ConnConfig)) error { originalURL := utils.ToPostgresURL(dbConfig) // Add default schemas if --schema flag is not specified if len(schemas) == 0 { @@ -77,26 +79,27 @@ func Run(ctx context.Context, projectId string, dbConfig pgconn.Config, lang str } fmt.Fprintln(os.Stderr, "Connecting to", dbConfig.Host, dbConfig.Port) - escaped := utils.ToPostgresURL(dbConfig) - if require, err := IsRequireSSL(ctx, originalURL, options...); err != nil { + env := []string{ + "PG_META_DB_URL=" + utils.ToPostgresURL(dbConfig), + fmt.Sprintf("PG_CONN_TIMEOUT_SECS=%.0f", queryTimeout.Seconds()), + fmt.Sprintf("PG_QUERY_TIMEOUT_SECS=%.0f", queryTimeout.Seconds()), + "PG_META_GENERATE_TYPES=" + lang, + "PG_META_GENERATE_TYPES_INCLUDED_SCHEMAS=" + included, + "PG_META_GENERATE_TYPES_SWIFT_ACCESS_CONTROL=" + swiftAccessControl, + fmt.Sprintf("PG_META_GENERATE_TYPES_DETECT_ONE_TO_ONE_RELATIONSHIPS=%v", !postgrestV9Compat), + } + if ca, err := GetRootCA(ctx, originalURL, options...); err != nil { return err - } else if require { - // node-postgres does not support sslmode=prefer - escaped += "&sslmode=require" + } else if len(ca) > 0 { + env = append(env, "PG_META_DB_SSL_ROOT_CERT="+ca) } return utils.DockerRunOnceWithConfig( ctx, container.Config{ Image: utils.Config.Studio.PgmetaImage, - Env: []string{ - "PG_META_DB_URL=" + escaped, - "PG_META_GENERATE_TYPES=" + lang, - "PG_META_GENERATE_TYPES_INCLUDED_SCHEMAS=" + included, - "PG_META_GENERATE_TYPES_SWIFT_ACCESS_CONTROL=" + swiftAccessControl, - fmt.Sprintf("PG_META_GENERATE_TYPES_DETECT_ONE_TO_ONE_RELATIONSHIPS=%v", !postgrestV9Compat), - }, - Cmd: []string{"node", "dist/server/server.js"}, + Env: env, + Cmd: []string{"node", "dist/server/server.js"}, }, hostConfig, network.NetworkingConfig{}, @@ -106,7 +109,22 @@ func Run(ctx context.Context, projectId string, dbConfig pgconn.Config, lang str ) } -func IsRequireSSL(ctx context.Context, dbUrl string, options ...func(*pgx.ConnConfig)) (bool, error) { +var ( + //go:embed templates/staging-ca-2021.crt + caStaging string + //go:embed templates/prod-ca-2021.crt + caProd string +) + +func GetRootCA(ctx context.Context, dbURL string, options ...func(*pgx.ConnConfig)) (string, error) { + // node-postgres does not support sslmode=prefer + if require, err := isRequireSSL(ctx, dbURL, options...); !require { + return "", err + } + return caStaging + caProd, nil +} + +func isRequireSSL(ctx context.Context, dbUrl string, options ...func(*pgx.ConnConfig)) (bool, error) { conn, err := utils.ConnectByUrl(ctx, dbUrl+"&sslmode=require", options...) if err != nil { if strings.HasSuffix(err.Error(), "(server refused TLS connection)") { diff --git a/internal/gen/types/types_test.go b/internal/gen/types/types_test.go index bf7ee4067..e7134b182 100644 --- a/internal/gen/types/types_test.go +++ b/internal/gen/types/types_test.go @@ -5,6 +5,7 @@ import ( "errors" "net/http" "testing" + "time" "github.com/docker/docker/api/types/container" "github.com/h2non/gock" @@ -48,7 +49,7 @@ func TestGenLocalCommand(t *testing.T) { conn := pgtest.NewConn() defer conn.Close(t) // Run test - assert.NoError(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{}, true, "", fsys, conn.Intercept)) + assert.NoError(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{}, true, "", time.Second, fsys, conn.Intercept)) // Validate api assert.Empty(t, apitest.ListUnmatchedRequests()) }) @@ -63,7 +64,7 @@ func TestGenLocalCommand(t *testing.T) { Get("/v" + utils.Docker.ClientVersion() + "/containers/" + utils.DbId). Reply(http.StatusServiceUnavailable) // Run test - assert.Error(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{}, true, "", fsys)) + assert.Error(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{}, true, "", time.Second, fsys)) // Validate api assert.Empty(t, apitest.ListUnmatchedRequests()) }) @@ -83,7 +84,7 @@ func TestGenLocalCommand(t *testing.T) { Get("/v" + utils.Docker.ClientVersion() + "/images"). Reply(http.StatusServiceUnavailable) // Run test - assert.Error(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{}, true, "", fsys)) + assert.Error(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{}, true, "", time.Second, fsys)) // Validate api assert.Empty(t, apitest.ListUnmatchedRequests()) }) @@ -106,7 +107,7 @@ func TestGenLocalCommand(t *testing.T) { conn := pgtest.NewConn() defer conn.Close(t) // Run test - assert.NoError(t, Run(context.Background(), "", dbConfig, LangSwift, []string{}, true, SwiftInternalAccessControl, fsys, conn.Intercept)) + assert.NoError(t, Run(context.Background(), "", dbConfig, LangSwift, []string{}, true, SwiftInternalAccessControl, time.Second, fsys, conn.Intercept)) // Validate api assert.Empty(t, apitest.ListUnmatchedRequests()) }) @@ -129,7 +130,7 @@ func TestGenLinkedCommand(t *testing.T) { Reply(200). JSON(api.TypescriptResponse{Types: ""}) // Run test - assert.NoError(t, Run(context.Background(), projectId, pgconn.Config{}, LangTypescript, []string{}, true, "", fsys)) + assert.NoError(t, Run(context.Background(), projectId, pgconn.Config{}, LangTypescript, []string{}, true, "", time.Second, fsys)) // Validate api assert.Empty(t, apitest.ListUnmatchedRequests()) }) @@ -144,7 +145,7 @@ func TestGenLinkedCommand(t *testing.T) { Get("/v1/projects/" + projectId + "/types/typescript"). ReplyError(errNetwork) // Run test - err := Run(context.Background(), projectId, pgconn.Config{}, LangTypescript, []string{}, true, "", fsys) + err := Run(context.Background(), projectId, pgconn.Config{}, LangTypescript, []string{}, true, "", time.Second, fsys) // Validate api assert.ErrorIs(t, err, errNetwork) assert.Empty(t, apitest.ListUnmatchedRequests()) @@ -159,7 +160,7 @@ func TestGenLinkedCommand(t *testing.T) { Get("/v1/projects/" + projectId + "/types/typescript"). Reply(http.StatusServiceUnavailable) // Run test - assert.Error(t, Run(context.Background(), projectId, pgconn.Config{}, LangTypescript, []string{}, true, "", fsys)) + assert.Error(t, Run(context.Background(), projectId, pgconn.Config{}, LangTypescript, []string{}, true, "", time.Second, fsys)) }) } @@ -184,7 +185,7 @@ func TestGenRemoteCommand(t *testing.T) { conn := pgtest.NewConn() defer conn.Close(t) // Run test - assert.NoError(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{"public"}, true, "", afero.NewMemMapFs(), conn.Intercept)) + assert.NoError(t, Run(context.Background(), "", dbConfig, LangTypescript, []string{"public"}, true, "", time.Second, afero.NewMemMapFs(), conn.Intercept)) // Validate api assert.Empty(t, apitest.ListUnmatchedRequests()) }) diff --git a/internal/link/link_test.go b/internal/link/link_test.go index 15ff82962..21de43389 100644 --- a/internal/link/link_test.go +++ b/internal/link/link_test.go @@ -96,8 +96,13 @@ func TestLinkCommand(t *testing.T) { Reply(200). JSON(api.NetworkRestrictionsResponse{}) gock.New(utils.DefaultApiHost). - Post("/v1/projects/" + project + "/database/query"). - Reply(http.StatusCreated) + Post("/v1/projects/" + project + "/cli/login-role"). + Reply(http.StatusCreated). + JSON(api.CreateRoleResponse{ + Password: "pass", + Role: "cli_login_user", + TtlSeconds: 300, + }) // Link versions auth := tenant.HealthResponse{Version: "v2.74.2"} gock.New("https://" + utils.GetSupabaseHost(project)). @@ -167,7 +172,7 @@ func TestLinkCommand(t *testing.T) { Reply(http.StatusOK). JSON(api.NetworkRestrictionsResponse{}) gock.New(utils.DefaultApiHost). - Post("/v1/projects/" + project + "/database/query"). + Post("/v1/projects/" + project + "/cli/login-role"). Reply(http.StatusServiceUnavailable) // Link versions gock.New("https://" + utils.GetSupabaseHost(project)). @@ -233,8 +238,13 @@ func TestLinkCommand(t *testing.T) { Reply(http.StatusOK). JSON(api.NetworkRestrictionsResponse{}) gock.New(utils.DefaultApiHost). - Post("/v1/projects/" + project + "/database/query"). - Reply(http.StatusCreated) + Post("/v1/projects/" + project + "/cli/login-role"). + Reply(http.StatusCreated). + JSON(api.CreateRoleResponse{ + Password: "pass", + Role: "cli_login_user", + TtlSeconds: 300, + }) // Link versions gock.New("https://" + utils.GetSupabaseHost(project)). Get("/auth/v1/health"). diff --git a/internal/utils/connect.go b/internal/utils/connect.go index c7c4124e5..da861ffa1 100644 --- a/internal/utils/connect.go +++ b/internal/utils/connect.go @@ -70,8 +70,8 @@ func GetPoolerConfig(projectRef string) *pgconn.Config { return nil } // There is a risk of MITM attack if we simply trust the hostname specified in pooler URL. - if !isSupabaseDomain(poolerConfig.Host) { - fmt.Fprintln(logger, "Pooler hostname does not belong to Supabase domain:", poolerConfig.Host) + if !strings.HasSuffix(poolerConfig.Host, "."+CurrentProfile.ProjectHost) { + fmt.Fprintln(logger, "Pooler hostname does not belong to current profile:", poolerConfig.Host) return nil } fmt.Fprintln(logger, "Using connection pooler:", Config.Db.Pooler.ConnectionString) @@ -92,15 +92,6 @@ func ParsePoolerURL(connString string) (*pgconn.Config, error) { return poolerConfig, nil } -func isSupabaseDomain(host string) bool { - switch GetSupabaseAPIHost() { - case "https://api.supabase.green": - return strings.HasSuffix(host, ".supabase.green") - default: - return strings.HasSuffix(host, ".supabase.com") - } -} - // Connnect to local Postgres with optimised settings. The caller is responsible for closing the connection returned. func ConnectLocalPostgres(ctx context.Context, config pgconn.Config, options ...func(*pgx.ConnConfig)) (*pgx.Conn, error) { if len(config.Host) == 0 { @@ -121,6 +112,9 @@ func ConnectLocalPostgres(ctx context.Context, config pgconn.Config, options ... if config.ConnectTimeout == 0 { config.ConnectTimeout = 2 * time.Second } + options = append(options, func(cc *pgx.ConnConfig) { + cc.TLSConfig = nil + }) return ConnectByUrl(ctx, ToPostgresURL(config), options...) } @@ -128,6 +122,19 @@ func ConnectByUrl(ctx context.Context, url string, options ...func(*pgx.ConnConf if viper.GetBool("DEBUG") { options = append(options, debug.SetupPGX) } + // No fallback from TLS to unsecure connection + options = append(options, func(cc *pgx.ConnConfig) { + if cc.TLSConfig == nil { + return + } + var fallbacks []*pgconn.FallbackConfig + for _, fc := range cc.Fallbacks { + if fc.TLSConfig != nil { + fallbacks = append(fallbacks, fc) + } + } + cc.Fallbacks = fallbacks + }) return pgxv5.Connect(ctx, url, options...) } diff --git a/internal/utils/connect_test.go b/internal/utils/connect_test.go index 4ea76c126..01195038c 100644 --- a/internal/utils/connect_test.go +++ b/internal/utils/connect_test.go @@ -2,6 +2,7 @@ package utils import ( "context" + "fmt" "net" "net/http" "testing" @@ -25,9 +26,9 @@ var dbConfig = pgconn.Config{ Database: "postgres", } -const ( - PG13_POOLER_URL = "postgres://postgres:[YOUR-PASSWORD]@aws-0-ap-southeast-1.pooler.supabase.com:6543/postgres?options=reference%3Dzupyfdrjfhbeevcogohz" - PG15_POOLER_URL = "postgres://postgres.zupyfdrjfhbeevcogohz:[YOUR-PASSWORD]@fly-0-sin.pooler.supabase.com:6543/postgres" +var ( + PG13_POOLER_URL = fmt.Sprintf("postgres://postgres:[YOUR-PASSWORD]@aws-0-ap-southeast-1.pooler.%s:6543/postgres?options=reference%%3Dzupyfdrjfhbeevcogohz", CurrentProfile.ProjectHost) + PG15_POOLER_URL = fmt.Sprintf("postgres://postgres.zupyfdrjfhbeevcogohz:[YOUR-PASSWORD]@fly-0-sin.pooler.%s:6543/postgres", CurrentProfile.ProjectHost) ) func TestConnectByConfig(t *testing.T) { diff --git a/internal/utils/flags/db_url.go b/internal/utils/flags/db_url.go index 5caedda32..070d47f22 100644 --- a/internal/utils/flags/db_url.go +++ b/internal/utils/flags/db_url.go @@ -1,7 +1,6 @@ package flags import ( - "bytes" "context" "crypto/rand" _ "embed" @@ -10,7 +9,6 @@ import ( "net/http" "os" "strings" - "text/template" "github.com/cenkalti/backoff/v4" "github.com/go-errors/errors" @@ -22,7 +20,6 @@ import ( "github.com/supabase/cli/internal/utils/credentials" "github.com/supabase/cli/pkg/api" "github.com/supabase/cli/pkg/config" - "github.com/supabase/cli/pkg/pgxv5" ) type connection int @@ -124,24 +121,12 @@ func NewDbConfigWithPassword(ctx context.Context, projectRef string) pgconn.Conf if len(config.Password) > 0 { return config } - var err error - if config.Password, err = RandomString(32); err == nil { - newRole := pgconn.Config{ - User: pgxv5.CLI_LOGIN_ROLE, - Password: config.Password, - } - if err := initLoginRole(ctx, projectRef, newRole); err == nil { - // Special handling for pooler username - if suffix := "." + projectRef; strings.HasSuffix(config.User, suffix) { - newRole.User += suffix - defer tryPooler(ctx, &config) - } - config.User = newRole.User - return config - } else { - fmt.Fprintln(utils.GetDebugLogger(), err) - } + loginRole, err := initLoginRole(ctx, projectRef, config) + if err == nil { + return loginRole } + // Proceed with password prompt + fmt.Fprintln(utils.GetDebugLogger(), err) if config.Password, err = credentials.StoreProvider.Get(projectRef); err == nil { return config } @@ -152,35 +137,55 @@ func NewDbConfigWithPassword(ctx context.Context, projectRef string) pgconn.Conf return config } -func tryPooler(ctx context.Context, config *pgconn.Config) { - if err := backoff.RetryNotify(func() error { - conn, err := pgconn.ConnectConfig(ctx, config) +func initLoginRole(ctx context.Context, projectRef string, config pgconn.Config) (pgconn.Config, error) { + fmt.Fprintln(os.Stderr, "Initialising login role...") + body := api.CreateRoleBody{ReadOnly: false} + resp, err := utils.GetSupabase().V1CreateLoginRoleWithResponse(ctx, projectRef, body) + if err != nil { + return pgconn.Config{}, errors.Errorf("failed to initialise login role: %w", err) + } else if resp.JSON201 == nil { + return pgconn.Config{}, errors.Errorf("unexpected login role status %d: %s", resp.StatusCode(), string(resp.Body)) + } + // Direct connection can be tried immediately + suffix := "." + projectRef + if !strings.HasSuffix(config.User, suffix) { + config.User = resp.JSON201.Role + config.Password = resp.JSON201.Password + return config, nil + } + // Wait for pooler to refresh password + config.User = resp.JSON201.Role + suffix + config.Password = resp.JSON201.Password + login := func() error { + conn, err := pgconn.ConnectConfig(ctx, &config) if err != nil { return errors.Errorf("failed to connect as temp role: %w", err) } return conn.Close(ctx) - }, utils.NewBackoffPolicy(ctx), utils.NewErrorCallback()); err != nil { - fmt.Fprintln(os.Stderr, err) } + // Fallback to password prompt on error + notify := utils.NewErrorCallback(func(attempt uint) error { + if attempt%3 > 0 { + return nil + } + return UnbanIP(ctx, projectRef) + }) + if err := backoff.RetryNotify(login, utils.NewBackoffPolicy(ctx), notify); err != nil { + return pgconn.Config{}, err + } + return config, nil } -var ( - //go:embed queries/role.sql - initRoleEmbed string - initRoleTemplate = template.Must(template.New("initRole").Parse(initRoleEmbed)) -) - -func initLoginRole(ctx context.Context, projectRef string, config pgconn.Config) error { - fmt.Fprintf(os.Stderr, "Initialising %s role...\n", config.User) - var initRoleBuf bytes.Buffer - if err := initRoleTemplate.Option("missingkey=error").Execute(&initRoleBuf, config); err != nil { - return errors.Errorf("failed to exec template: %w", err) - } - body := api.V1RunQueryBody{Query: initRoleBuf.String()} - if resp, err := utils.GetSupabase().V1RunAQueryWithResponse(ctx, projectRef, body); err != nil { - return errors.Errorf("failed to initialise login role: %w", err) - } else if resp.StatusCode() != http.StatusCreated { - return errors.Errorf("unexpected query status %d: %s", resp.StatusCode(), string(resp.Body)) +func UnbanIP(ctx context.Context, projectRef string, addrs ...string) error { + includeSelf := len(addrs) == 0 + body := api.RemoveNetworkBanRequest{ + Ipv4Addresses: addrs, + RequesterIp: &includeSelf, + } + if resp, err := utils.GetSupabase().V1DeleteNetworkBansWithResponse(ctx, projectRef, body); err != nil { + return errors.Errorf("failed to remove network bans: %w", err) + } else if resp.StatusCode() != http.StatusOK { + return errors.Errorf("unexpected unban status %d: %s", resp.StatusCode(), string(resp.Body)) } return nil } diff --git a/internal/utils/flags/queries/role.sql b/internal/utils/flags/queries/role.sql deleted file mode 100644 index 2e10035ae..000000000 --- a/internal/utils/flags/queries/role.sql +++ /dev/null @@ -1,16 +0,0 @@ -do $func$ -begin - if not exists ( - select 1 - from pg_roles - where rolname = '{{ .User }}' - ) - then - create role "{{ .User }}" noinherit login noreplication in role postgres; - end if; - execute format( - $$alter role "{{ .User }}" with password '{{ .Password }}' valid until %L$$, - now() + interval '5 minutes' - ); -end -$func$ language plpgsql; diff --git a/internal/utils/profile.go b/internal/utils/profile.go index 55afa4e89..53da75858 100644 --- a/internal/utils/profile.go +++ b/internal/utils/profile.go @@ -2,6 +2,7 @@ package utils import ( "context" + "fmt" "strings" "github.com/go-errors/errors" @@ -45,6 +46,7 @@ func LoadProfile(ctx context.Context, fsys afero.Fs) error { prof := viper.GetString("PROFILE") for _, p := range allProfiles { if strings.EqualFold(p.Name, prof) { + fmt.Fprintln(GetDebugLogger(), "Using project host:", p.ProjectHost) CurrentProfile = p return nil } diff --git a/internal/utils/retry.go b/internal/utils/retry.go index 2c94d82dc..6f0fb57e1 100644 --- a/internal/utils/retry.go +++ b/internal/utils/retry.go @@ -16,14 +16,19 @@ func NewBackoffPolicy(ctx context.Context) backoff.BackOffContext { return backoff.WithContext(backoff.WithMaxRetries(b, maxRetries), ctx) } -func NewErrorCallback() backoff.Notify { - failureCount := 0 +func NewErrorCallback(callbacks ...func(attempt uint) error) backoff.Notify { + failureCount := uint(0) logger := GetDebugLogger() return func(err error, d time.Duration) { failureCount += 1 if failureCount*3 > maxRetries { logger = os.Stderr } + for _, cb := range callbacks { + if err := cb(failureCount); err != nil { + fmt.Fprintln(logger, err) + } + } fmt.Fprintln(logger, err) fmt.Fprintf(logger, "Retry (%d/%d): ", failureCount, maxRetries) } diff --git a/pkg/api/client.gen.go b/pkg/api/client.gen.go index 1ca272ffd..a1cd952c2 100644 --- a/pkg/api/client.gen.go +++ b/pkg/api/client.gen.go @@ -175,6 +175,9 @@ type ClientInterface interface { // V1GetSecurityAdvisors request V1GetSecurityAdvisors(ctx context.Context, ref string, params *V1GetSecurityAdvisorsParams, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1GetProjectFunctionCombinedStats request + V1GetProjectFunctionCombinedStats(ctx context.Context, ref string, params *V1GetProjectFunctionCombinedStatsParams, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1GetProjectLogs request V1GetProjectLogs(ctx context.Context, ref string, params *V1GetProjectLogsParams, reqEditors ...RequestEditorFn) (*http.Response, error) @@ -245,6 +248,14 @@ type ClientInterface interface { // V1CreateProjectClaimToken request V1CreateProjectClaimToken(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1DeleteLoginRoles request + V1DeleteLoginRoles(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*http.Response, error) + + // V1CreateLoginRoleWithBody request with any body + V1CreateLoginRoleWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) + + V1CreateLoginRole(ctx context.Context, ref string, body V1CreateLoginRoleJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1GetAuthServiceConfig request V1GetAuthServiceConfig(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*http.Response, error) @@ -382,6 +393,11 @@ type ClientInterface interface { // V1GetJitAccess request V1GetJitAccess(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1AuthorizeJitAccessWithBody request with any body + V1AuthorizeJitAccessWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) + + V1AuthorizeJitAccess(ctx context.Context, ref string, body V1AuthorizeJitAccessJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1UpdateJitAccessWithBody request with any body V1UpdateJitAccessWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) @@ -461,6 +477,11 @@ type ClientInterface interface { // V1GetNetworkRestrictions request V1GetNetworkRestrictions(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1PatchNetworkRestrictionsWithBody request with any body + V1PatchNetworkRestrictionsWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) + + V1PatchNetworkRestrictions(ctx context.Context, ref string, body V1PatchNetworkRestrictionsJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) + // V1UpdateNetworkRestrictionsWithBody request with any body V1UpdateNetworkRestrictionsWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) @@ -943,6 +964,18 @@ func (c *Client) V1GetSecurityAdvisors(ctx context.Context, ref string, params * return c.Client.Do(req) } +func (c *Client) V1GetProjectFunctionCombinedStats(ctx context.Context, ref string, params *V1GetProjectFunctionCombinedStatsParams, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1GetProjectFunctionCombinedStatsRequest(c.Server, ref, params) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + func (c *Client) V1GetProjectLogs(ctx context.Context, ref string, params *V1GetProjectLogsParams, reqEditors ...RequestEditorFn) (*http.Response, error) { req, err := NewV1GetProjectLogsRequest(c.Server, ref, params) if err != nil { @@ -1233,6 +1266,42 @@ func (c *Client) V1CreateProjectClaimToken(ctx context.Context, ref string, reqE return c.Client.Do(req) } +func (c *Client) V1DeleteLoginRoles(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1DeleteLoginRolesRequest(c.Server, ref) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + +func (c *Client) V1CreateLoginRoleWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1CreateLoginRoleRequestWithBody(c.Server, ref, contentType, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + +func (c *Client) V1CreateLoginRole(ctx context.Context, ref string, body V1CreateLoginRoleJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1CreateLoginRoleRequest(c.Server, ref, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + func (c *Client) V1GetAuthServiceConfig(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*http.Response, error) { req, err := NewV1GetAuthServiceConfigRequest(c.Server, ref) if err != nil { @@ -1833,6 +1902,30 @@ func (c *Client) V1GetJitAccess(ctx context.Context, ref string, reqEditors ...R return c.Client.Do(req) } +func (c *Client) V1AuthorizeJitAccessWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1AuthorizeJitAccessRequestWithBody(c.Server, ref, contentType, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + +func (c *Client) V1AuthorizeJitAccess(ctx context.Context, ref string, body V1AuthorizeJitAccessJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1AuthorizeJitAccessRequest(c.Server, ref, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + func (c *Client) V1UpdateJitAccessWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { req, err := NewV1UpdateJitAccessRequestWithBody(c.Server, ref, contentType, body) if err != nil { @@ -2181,6 +2274,30 @@ func (c *Client) V1GetNetworkRestrictions(ctx context.Context, ref string, reqEd return c.Client.Do(req) } +func (c *Client) V1PatchNetworkRestrictionsWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1PatchNetworkRestrictionsRequestWithBody(c.Server, ref, contentType, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + +func (c *Client) V1PatchNetworkRestrictions(ctx context.Context, ref string, body V1PatchNetworkRestrictionsJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) { + req, err := NewV1PatchNetworkRestrictionsRequest(c.Server, ref, body) + if err != nil { + return nil, err + } + req = req.WithContext(ctx) + if err := c.applyEditors(ctx, req, reqEditors); err != nil { + return nil, err + } + return c.Client.Do(req) +} + func (c *Client) V1UpdateNetworkRestrictionsWithBody(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) { req, err := NewV1UpdateNetworkRestrictionsRequestWithBody(c.Server, ref, contentType, body) if err != nil { @@ -3821,6 +3938,70 @@ func NewV1GetSecurityAdvisorsRequest(server string, ref string, params *V1GetSec return req, nil } +// NewV1GetProjectFunctionCombinedStatsRequest generates requests for V1GetProjectFunctionCombinedStats +func NewV1GetProjectFunctionCombinedStatsRequest(server string, ref string, params *V1GetProjectFunctionCombinedStatsParams) (*http.Request, error) { + var err error + + var pathParam0 string + + pathParam0, err = runtime.StyleParamWithLocation("simple", false, "ref", runtime.ParamLocationPath, ref) + if err != nil { + return nil, err + } + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/v1/projects/%s/analytics/endpoints/functions.combined-stats", pathParam0) + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + if params != nil { + queryValues := queryURL.Query() + + if queryFrag, err := runtime.StyleParamWithLocation("form", true, "interval", runtime.ParamLocationQuery, params.Interval); err != nil { + return nil, err + } else if parsed, err := url.ParseQuery(queryFrag); err != nil { + return nil, err + } else { + for k, v := range parsed { + for _, v2 := range v { + queryValues.Add(k, v2) + } + } + } + + if queryFrag, err := runtime.StyleParamWithLocation("form", true, "function_id", runtime.ParamLocationQuery, params.FunctionId); err != nil { + return nil, err + } else if parsed, err := url.ParseQuery(queryFrag); err != nil { + return nil, err + } else { + for k, v := range parsed { + for _, v2 := range v { + queryValues.Add(k, v2) + } + } + } + + queryURL.RawQuery = queryValues.Encode() + } + + req, err := http.NewRequest("GET", queryURL.String(), nil) + if err != nil { + return nil, err + } + + return req, nil +} + // NewV1GetProjectLogsRequest generates requests for V1GetProjectLogs func NewV1GetProjectLogsRequest(server string, ref string, params *V1GetProjectLogsParams) (*http.Request, error) { var err error @@ -4826,6 +5007,87 @@ func NewV1CreateProjectClaimTokenRequest(server string, ref string) (*http.Reque return req, nil } +// NewV1DeleteLoginRolesRequest generates requests for V1DeleteLoginRoles +func NewV1DeleteLoginRolesRequest(server string, ref string) (*http.Request, error) { + var err error + + var pathParam0 string + + pathParam0, err = runtime.StyleParamWithLocation("simple", false, "ref", runtime.ParamLocationPath, ref) + if err != nil { + return nil, err + } + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/v1/projects/%s/cli/login-role", pathParam0) + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + req, err := http.NewRequest("DELETE", queryURL.String(), nil) + if err != nil { + return nil, err + } + + return req, nil +} + +// NewV1CreateLoginRoleRequest calls the generic V1CreateLoginRole builder with application/json body +func NewV1CreateLoginRoleRequest(server string, ref string, body V1CreateLoginRoleJSONRequestBody) (*http.Request, error) { + var bodyReader io.Reader + buf, err := json.Marshal(body) + if err != nil { + return nil, err + } + bodyReader = bytes.NewReader(buf) + return NewV1CreateLoginRoleRequestWithBody(server, ref, "application/json", bodyReader) +} + +// NewV1CreateLoginRoleRequestWithBody generates requests for V1CreateLoginRole with any type of body +func NewV1CreateLoginRoleRequestWithBody(server string, ref string, contentType string, body io.Reader) (*http.Request, error) { + var err error + + var pathParam0 string + + pathParam0, err = runtime.StyleParamWithLocation("simple", false, "ref", runtime.ParamLocationPath, ref) + if err != nil { + return nil, err + } + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/v1/projects/%s/cli/login-role", pathParam0) + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + req, err := http.NewRequest("POST", queryURL.String(), body) + if err != nil { + return nil, err + } + + req.Header.Add("Content-Type", contentType) + + return req, nil +} + // NewV1GetAuthServiceConfigRequest generates requests for V1GetAuthServiceConfig func NewV1GetAuthServiceConfigRequest(server string, ref string) (*http.Request, error) { var err error @@ -6331,6 +6593,53 @@ func NewV1GetJitAccessRequest(server string, ref string) (*http.Request, error) return req, nil } +// NewV1AuthorizeJitAccessRequest calls the generic V1AuthorizeJitAccess builder with application/json body +func NewV1AuthorizeJitAccessRequest(server string, ref string, body V1AuthorizeJitAccessJSONRequestBody) (*http.Request, error) { + var bodyReader io.Reader + buf, err := json.Marshal(body) + if err != nil { + return nil, err + } + bodyReader = bytes.NewReader(buf) + return NewV1AuthorizeJitAccessRequestWithBody(server, ref, "application/json", bodyReader) +} + +// NewV1AuthorizeJitAccessRequestWithBody generates requests for V1AuthorizeJitAccess with any type of body +func NewV1AuthorizeJitAccessRequestWithBody(server string, ref string, contentType string, body io.Reader) (*http.Request, error) { + var err error + + var pathParam0 string + + pathParam0, err = runtime.StyleParamWithLocation("simple", false, "ref", runtime.ParamLocationPath, ref) + if err != nil { + return nil, err + } + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/v1/projects/%s/database/jit", pathParam0) + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + req, err := http.NewRequest("POST", queryURL.String(), body) + if err != nil { + return nil, err + } + + req.Header.Add("Content-Type", contentType) + + return req, nil +} + // NewV1UpdateJitAccessRequest calls the generic V1UpdateJitAccess builder with application/json body func NewV1UpdateJitAccessRequest(server string, ref string, body V1UpdateJitAccessJSONRequestBody) (*http.Request, error) { var bodyReader io.Reader @@ -7490,8 +7799,53 @@ func NewV1ListAllNetworkBansEnrichedRequest(server string, ref string) (*http.Re return req, nil } -// NewV1GetNetworkRestrictionsRequest generates requests for V1GetNetworkRestrictions -func NewV1GetNetworkRestrictionsRequest(server string, ref string) (*http.Request, error) { +// NewV1GetNetworkRestrictionsRequest generates requests for V1GetNetworkRestrictions +func NewV1GetNetworkRestrictionsRequest(server string, ref string) (*http.Request, error) { + var err error + + var pathParam0 string + + pathParam0, err = runtime.StyleParamWithLocation("simple", false, "ref", runtime.ParamLocationPath, ref) + if err != nil { + return nil, err + } + + serverURL, err := url.Parse(server) + if err != nil { + return nil, err + } + + operationPath := fmt.Sprintf("/v1/projects/%s/network-restrictions", pathParam0) + if operationPath[0] == '/' { + operationPath = "." + operationPath + } + + queryURL, err := serverURL.Parse(operationPath) + if err != nil { + return nil, err + } + + req, err := http.NewRequest("GET", queryURL.String(), nil) + if err != nil { + return nil, err + } + + return req, nil +} + +// NewV1PatchNetworkRestrictionsRequest calls the generic V1PatchNetworkRestrictions builder with application/json body +func NewV1PatchNetworkRestrictionsRequest(server string, ref string, body V1PatchNetworkRestrictionsJSONRequestBody) (*http.Request, error) { + var bodyReader io.Reader + buf, err := json.Marshal(body) + if err != nil { + return nil, err + } + bodyReader = bytes.NewReader(buf) + return NewV1PatchNetworkRestrictionsRequestWithBody(server, ref, "application/json", bodyReader) +} + +// NewV1PatchNetworkRestrictionsRequestWithBody generates requests for V1PatchNetworkRestrictions with any type of body +func NewV1PatchNetworkRestrictionsRequestWithBody(server string, ref string, contentType string, body io.Reader) (*http.Request, error) { var err error var pathParam0 string @@ -7516,11 +7870,13 @@ func NewV1GetNetworkRestrictionsRequest(server string, ref string) (*http.Reques return nil, err } - req, err := http.NewRequest("GET", queryURL.String(), nil) + req, err := http.NewRequest("PATCH", queryURL.String(), body) if err != nil { return nil, err } + req.Header.Add("Content-Type", contentType) + return req, nil } @@ -8904,6 +9260,9 @@ type ClientWithResponsesInterface interface { // V1GetSecurityAdvisorsWithResponse request V1GetSecurityAdvisorsWithResponse(ctx context.Context, ref string, params *V1GetSecurityAdvisorsParams, reqEditors ...RequestEditorFn) (*V1GetSecurityAdvisorsResponse, error) + // V1GetProjectFunctionCombinedStatsWithResponse request + V1GetProjectFunctionCombinedStatsWithResponse(ctx context.Context, ref string, params *V1GetProjectFunctionCombinedStatsParams, reqEditors ...RequestEditorFn) (*V1GetProjectFunctionCombinedStatsResponse, error) + // V1GetProjectLogsWithResponse request V1GetProjectLogsWithResponse(ctx context.Context, ref string, params *V1GetProjectLogsParams, reqEditors ...RequestEditorFn) (*V1GetProjectLogsResponse, error) @@ -8974,6 +9333,14 @@ type ClientWithResponsesInterface interface { // V1CreateProjectClaimTokenWithResponse request V1CreateProjectClaimTokenWithResponse(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*V1CreateProjectClaimTokenResponse, error) + // V1DeleteLoginRolesWithResponse request + V1DeleteLoginRolesWithResponse(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*V1DeleteLoginRolesResponse, error) + + // V1CreateLoginRoleWithBodyWithResponse request with any body + V1CreateLoginRoleWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1CreateLoginRoleResponse, error) + + V1CreateLoginRoleWithResponse(ctx context.Context, ref string, body V1CreateLoginRoleJSONRequestBody, reqEditors ...RequestEditorFn) (*V1CreateLoginRoleResponse, error) + // V1GetAuthServiceConfigWithResponse request V1GetAuthServiceConfigWithResponse(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*V1GetAuthServiceConfigResponse, error) @@ -9111,6 +9478,11 @@ type ClientWithResponsesInterface interface { // V1GetJitAccessWithResponse request V1GetJitAccessWithResponse(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*V1GetJitAccessResponse, error) + // V1AuthorizeJitAccessWithBodyWithResponse request with any body + V1AuthorizeJitAccessWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1AuthorizeJitAccessResponse, error) + + V1AuthorizeJitAccessWithResponse(ctx context.Context, ref string, body V1AuthorizeJitAccessJSONRequestBody, reqEditors ...RequestEditorFn) (*V1AuthorizeJitAccessResponse, error) + // V1UpdateJitAccessWithBodyWithResponse request with any body V1UpdateJitAccessWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1UpdateJitAccessResponse, error) @@ -9190,6 +9562,11 @@ type ClientWithResponsesInterface interface { // V1GetNetworkRestrictionsWithResponse request V1GetNetworkRestrictionsWithResponse(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*V1GetNetworkRestrictionsResponse, error) + // V1PatchNetworkRestrictionsWithBodyWithResponse request with any body + V1PatchNetworkRestrictionsWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1PatchNetworkRestrictionsResponse, error) + + V1PatchNetworkRestrictionsWithResponse(ctx context.Context, ref string, body V1PatchNetworkRestrictionsJSONRequestBody, reqEditors ...RequestEditorFn) (*V1PatchNetworkRestrictionsResponse, error) + // V1UpdateNetworkRestrictionsWithBodyWithResponse request with any body V1UpdateNetworkRestrictionsWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1UpdateNetworkRestrictionsResponse, error) @@ -9801,6 +10178,28 @@ func (r V1GetSecurityAdvisorsResponse) StatusCode() int { return 0 } +type V1GetProjectFunctionCombinedStatsResponse struct { + Body []byte + HTTPResponse *http.Response + JSON200 *AnalyticsResponse +} + +// Status returns HTTPResponse.Status +func (r V1GetProjectFunctionCombinedStatsResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r V1GetProjectFunctionCombinedStatsResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + type V1GetProjectLogsResponse struct { Body []byte HTTPResponse *http.Response @@ -10237,6 +10636,50 @@ func (r V1CreateProjectClaimTokenResponse) StatusCode() int { return 0 } +type V1DeleteLoginRolesResponse struct { + Body []byte + HTTPResponse *http.Response + JSON200 *DeleteRolesResponse +} + +// Status returns HTTPResponse.Status +func (r V1DeleteLoginRolesResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r V1DeleteLoginRolesResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + +type V1CreateLoginRoleResponse struct { + Body []byte + HTTPResponse *http.Response + JSON201 *CreateRoleResponse +} + +// Status returns HTTPResponse.Status +func (r V1CreateLoginRoleResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r V1CreateLoginRoleResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + type V1GetAuthServiceConfigResponse struct { Body []byte HTTPResponse *http.Response @@ -11047,6 +11490,28 @@ func (r V1GetJitAccessResponse) StatusCode() int { return 0 } +type V1AuthorizeJitAccessResponse struct { + Body []byte + HTTPResponse *http.Response + JSON200 *JitAuthorizeAccessResponse +} + +// Status returns HTTPResponse.Status +func (r V1AuthorizeJitAccessResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r V1AuthorizeJitAccessResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + type V1UpdateJitAccessResponse struct { Body []byte HTTPResponse *http.Response @@ -11502,6 +11967,28 @@ func (r V1GetNetworkRestrictionsResponse) StatusCode() int { return 0 } +type V1PatchNetworkRestrictionsResponse struct { + Body []byte + HTTPResponse *http.Response + JSON200 *NetworkRestrictionsV2Response +} + +// Status returns HTTPResponse.Status +func (r V1PatchNetworkRestrictionsResponse) Status() string { + if r.HTTPResponse != nil { + return r.HTTPResponse.Status + } + return http.StatusText(0) +} + +// StatusCode returns HTTPResponse.StatusCode +func (r V1PatchNetworkRestrictionsResponse) StatusCode() int { + if r.HTTPResponse != nil { + return r.HTTPResponse.StatusCode + } + return 0 +} + type V1UpdateNetworkRestrictionsResponse struct { Body []byte HTTPResponse *http.Response @@ -12402,6 +12889,15 @@ func (c *ClientWithResponses) V1GetSecurityAdvisorsWithResponse(ctx context.Cont return ParseV1GetSecurityAdvisorsResponse(rsp) } +// V1GetProjectFunctionCombinedStatsWithResponse request returning *V1GetProjectFunctionCombinedStatsResponse +func (c *ClientWithResponses) V1GetProjectFunctionCombinedStatsWithResponse(ctx context.Context, ref string, params *V1GetProjectFunctionCombinedStatsParams, reqEditors ...RequestEditorFn) (*V1GetProjectFunctionCombinedStatsResponse, error) { + rsp, err := c.V1GetProjectFunctionCombinedStats(ctx, ref, params, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1GetProjectFunctionCombinedStatsResponse(rsp) +} + // V1GetProjectLogsWithResponse request returning *V1GetProjectLogsResponse func (c *ClientWithResponses) V1GetProjectLogsWithResponse(ctx context.Context, ref string, params *V1GetProjectLogsParams, reqEditors ...RequestEditorFn) (*V1GetProjectLogsResponse, error) { rsp, err := c.V1GetProjectLogs(ctx, ref, params, reqEditors...) @@ -12616,6 +13112,32 @@ func (c *ClientWithResponses) V1CreateProjectClaimTokenWithResponse(ctx context. return ParseV1CreateProjectClaimTokenResponse(rsp) } +// V1DeleteLoginRolesWithResponse request returning *V1DeleteLoginRolesResponse +func (c *ClientWithResponses) V1DeleteLoginRolesWithResponse(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*V1DeleteLoginRolesResponse, error) { + rsp, err := c.V1DeleteLoginRoles(ctx, ref, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1DeleteLoginRolesResponse(rsp) +} + +// V1CreateLoginRoleWithBodyWithResponse request with arbitrary body returning *V1CreateLoginRoleResponse +func (c *ClientWithResponses) V1CreateLoginRoleWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1CreateLoginRoleResponse, error) { + rsp, err := c.V1CreateLoginRoleWithBody(ctx, ref, contentType, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1CreateLoginRoleResponse(rsp) +} + +func (c *ClientWithResponses) V1CreateLoginRoleWithResponse(ctx context.Context, ref string, body V1CreateLoginRoleJSONRequestBody, reqEditors ...RequestEditorFn) (*V1CreateLoginRoleResponse, error) { + rsp, err := c.V1CreateLoginRole(ctx, ref, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1CreateLoginRoleResponse(rsp) +} + // V1GetAuthServiceConfigWithResponse request returning *V1GetAuthServiceConfigResponse func (c *ClientWithResponses) V1GetAuthServiceConfigWithResponse(ctx context.Context, ref string, reqEditors ...RequestEditorFn) (*V1GetAuthServiceConfigResponse, error) { rsp, err := c.V1GetAuthServiceConfig(ctx, ref, reqEditors...) @@ -13053,6 +13575,23 @@ func (c *ClientWithResponses) V1GetJitAccessWithResponse(ctx context.Context, re return ParseV1GetJitAccessResponse(rsp) } +// V1AuthorizeJitAccessWithBodyWithResponse request with arbitrary body returning *V1AuthorizeJitAccessResponse +func (c *ClientWithResponses) V1AuthorizeJitAccessWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1AuthorizeJitAccessResponse, error) { + rsp, err := c.V1AuthorizeJitAccessWithBody(ctx, ref, contentType, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1AuthorizeJitAccessResponse(rsp) +} + +func (c *ClientWithResponses) V1AuthorizeJitAccessWithResponse(ctx context.Context, ref string, body V1AuthorizeJitAccessJSONRequestBody, reqEditors ...RequestEditorFn) (*V1AuthorizeJitAccessResponse, error) { + rsp, err := c.V1AuthorizeJitAccess(ctx, ref, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1AuthorizeJitAccessResponse(rsp) +} + // V1UpdateJitAccessWithBodyWithResponse request with arbitrary body returning *V1UpdateJitAccessResponse func (c *ClientWithResponses) V1UpdateJitAccessWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1UpdateJitAccessResponse, error) { rsp, err := c.V1UpdateJitAccessWithBody(ctx, ref, contentType, body, reqEditors...) @@ -13306,6 +13845,23 @@ func (c *ClientWithResponses) V1GetNetworkRestrictionsWithResponse(ctx context.C return ParseV1GetNetworkRestrictionsResponse(rsp) } +// V1PatchNetworkRestrictionsWithBodyWithResponse request with arbitrary body returning *V1PatchNetworkRestrictionsResponse +func (c *ClientWithResponses) V1PatchNetworkRestrictionsWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1PatchNetworkRestrictionsResponse, error) { + rsp, err := c.V1PatchNetworkRestrictionsWithBody(ctx, ref, contentType, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1PatchNetworkRestrictionsResponse(rsp) +} + +func (c *ClientWithResponses) V1PatchNetworkRestrictionsWithResponse(ctx context.Context, ref string, body V1PatchNetworkRestrictionsJSONRequestBody, reqEditors ...RequestEditorFn) (*V1PatchNetworkRestrictionsResponse, error) { + rsp, err := c.V1PatchNetworkRestrictions(ctx, ref, body, reqEditors...) + if err != nil { + return nil, err + } + return ParseV1PatchNetworkRestrictionsResponse(rsp) +} + // V1UpdateNetworkRestrictionsWithBodyWithResponse request with arbitrary body returning *V1UpdateNetworkRestrictionsResponse func (c *ClientWithResponses) V1UpdateNetworkRestrictionsWithBodyWithResponse(ctx context.Context, ref string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*V1UpdateNetworkRestrictionsResponse, error) { rsp, err := c.V1UpdateNetworkRestrictionsWithBody(ctx, ref, contentType, body, reqEditors...) @@ -14203,6 +14759,32 @@ func ParseV1GetSecurityAdvisorsResponse(rsp *http.Response) (*V1GetSecurityAdvis return response, nil } +// ParseV1GetProjectFunctionCombinedStatsResponse parses an HTTP response from a V1GetProjectFunctionCombinedStatsWithResponse call +func ParseV1GetProjectFunctionCombinedStatsResponse(rsp *http.Response) (*V1GetProjectFunctionCombinedStatsResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &V1GetProjectFunctionCombinedStatsResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: + var dest AnalyticsResponse + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON200 = &dest + + } + + return response, nil +} + // ParseV1GetProjectLogsResponse parses an HTTP response from a V1GetProjectLogsWithResponse call func ParseV1GetProjectLogsResponse(rsp *http.Response) (*V1GetProjectLogsResponse, error) { bodyBytes, err := io.ReadAll(rsp.Body) @@ -14683,6 +15265,58 @@ func ParseV1CreateProjectClaimTokenResponse(rsp *http.Response) (*V1CreateProjec return response, nil } +// ParseV1DeleteLoginRolesResponse parses an HTTP response from a V1DeleteLoginRolesWithResponse call +func ParseV1DeleteLoginRolesResponse(rsp *http.Response) (*V1DeleteLoginRolesResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &V1DeleteLoginRolesResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: + var dest DeleteRolesResponse + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON200 = &dest + + } + + return response, nil +} + +// ParseV1CreateLoginRoleResponse parses an HTTP response from a V1CreateLoginRoleWithResponse call +func ParseV1CreateLoginRoleResponse(rsp *http.Response) (*V1CreateLoginRoleResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &V1CreateLoginRoleResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 201: + var dest CreateRoleResponse + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON201 = &dest + + } + + return response, nil +} + // ParseV1GetAuthServiceConfigResponse parses an HTTP response from a V1GetAuthServiceConfigWithResponse call func ParseV1GetAuthServiceConfigResponse(rsp *http.Response) (*V1GetAuthServiceConfigResponse, error) { bodyBytes, err := io.ReadAll(rsp.Body) @@ -15605,6 +16239,32 @@ func ParseV1GetJitAccessResponse(rsp *http.Response) (*V1GetJitAccessResponse, e return response, nil } +// ParseV1AuthorizeJitAccessResponse parses an HTTP response from a V1AuthorizeJitAccessWithResponse call +func ParseV1AuthorizeJitAccessResponse(rsp *http.Response) (*V1AuthorizeJitAccessResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &V1AuthorizeJitAccessResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: + var dest JitAuthorizeAccessResponse + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON200 = &dest + + } + + return response, nil +} + // ParseV1UpdateJitAccessResponse parses an HTTP response from a V1UpdateJitAccessWithResponse call func ParseV1UpdateJitAccessResponse(rsp *http.Response) (*V1UpdateJitAccessResponse, error) { bodyBytes, err := io.ReadAll(rsp.Body) @@ -16081,6 +16741,32 @@ func ParseV1GetNetworkRestrictionsResponse(rsp *http.Response) (*V1GetNetworkRes return response, nil } +// ParseV1PatchNetworkRestrictionsResponse parses an HTTP response from a V1PatchNetworkRestrictionsWithResponse call +func ParseV1PatchNetworkRestrictionsResponse(rsp *http.Response) (*V1PatchNetworkRestrictionsResponse, error) { + bodyBytes, err := io.ReadAll(rsp.Body) + defer func() { _ = rsp.Body.Close() }() + if err != nil { + return nil, err + } + + response := &V1PatchNetworkRestrictionsResponse{ + Body: bodyBytes, + HTTPResponse: rsp, + } + + switch { + case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200: + var dest NetworkRestrictionsV2Response + if err := json.Unmarshal(bodyBytes, &dest); err != nil { + return nil, err + } + response.JSON200 = &dest + + } + + return response, nil +} + // ParseV1UpdateNetworkRestrictionsResponse parses an HTTP response from a V1UpdateNetworkRestrictionsWithResponse call func ParseV1UpdateNetworkRestrictionsResponse(rsp *http.Response) (*V1UpdateNetworkRestrictionsResponse, error) { bodyBytes, err := io.ReadAll(rsp.Body) diff --git a/pkg/api/types.gen.go b/pkg/api/types.gen.go index 105856d48..4abb004f8 100644 --- a/pkg/api/types.gen.go +++ b/pkg/api/types.gen.go @@ -198,6 +198,14 @@ const ( CreateBranchBodyReleaseChannelWithdrawn CreateBranchBodyReleaseChannel = "withdrawn" ) +// Defines values for CreateProviderBodyNameIdFormat. +const ( + CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatEmailAddress CreateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" + CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatUnspecified CreateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatPersistent CreateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" + CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatTransient CreateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" +) + // Defines values for CreateProviderBodyType. const ( Saml CreateProviderBodyType = "saml" @@ -280,6 +288,11 @@ const ( N9CompletedUpgrade DatabaseUpgradeStatusResponseDatabaseUpgradeStatusProgress = "9_completed_upgrade" ) +// Defines values for DeleteRolesResponseMessage. +const ( + Ok DeleteRolesResponseMessage = "ok" +) + // Defines values for DeployFunctionResponseStatus. const ( DeployFunctionResponseStatusACTIVE DeployFunctionResponseStatus = "ACTIVE" @@ -476,14 +489,38 @@ const ( // Defines values for NetworkRestrictionsResponseEntitlement. const ( - Allowed NetworkRestrictionsResponseEntitlement = "allowed" - Disallowed NetworkRestrictionsResponseEntitlement = "disallowed" + NetworkRestrictionsResponseEntitlementAllowed NetworkRestrictionsResponseEntitlement = "allowed" + NetworkRestrictionsResponseEntitlementDisallowed NetworkRestrictionsResponseEntitlement = "disallowed" ) // Defines values for NetworkRestrictionsResponseStatus. const ( - Applied NetworkRestrictionsResponseStatus = "applied" - Stored NetworkRestrictionsResponseStatus = "stored" + NetworkRestrictionsResponseStatusApplied NetworkRestrictionsResponseStatus = "applied" + NetworkRestrictionsResponseStatusStored NetworkRestrictionsResponseStatus = "stored" +) + +// Defines values for NetworkRestrictionsV2ResponseConfigDbAllowedCidrsType. +const ( + NetworkRestrictionsV2ResponseConfigDbAllowedCidrsTypeV4 NetworkRestrictionsV2ResponseConfigDbAllowedCidrsType = "v4" + NetworkRestrictionsV2ResponseConfigDbAllowedCidrsTypeV6 NetworkRestrictionsV2ResponseConfigDbAllowedCidrsType = "v6" +) + +// Defines values for NetworkRestrictionsV2ResponseEntitlement. +const ( + NetworkRestrictionsV2ResponseEntitlementAllowed NetworkRestrictionsV2ResponseEntitlement = "allowed" + NetworkRestrictionsV2ResponseEntitlementDisallowed NetworkRestrictionsV2ResponseEntitlement = "disallowed" +) + +// Defines values for NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsType. +const ( + NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsTypeV4 NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsType = "v4" + NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsTypeV6 NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsType = "v6" +) + +// Defines values for NetworkRestrictionsV2ResponseStatus. +const ( + NetworkRestrictionsV2ResponseStatusApplied NetworkRestrictionsV2ResponseStatus = "applied" + NetworkRestrictionsV2ResponseStatusStored NetworkRestrictionsV2ResponseStatus = "stored" ) // Defines values for OAuthTokenBodyGrantType. @@ -701,6 +738,14 @@ const ( UpdatePostgresConfigBodySessionReplicationRoleReplica UpdatePostgresConfigBodySessionReplicationRole = "replica" ) +// Defines values for UpdateProviderBodyNameIdFormat. +const ( + UpdateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatEmailAddress UpdateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" + UpdateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatUnspecified UpdateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" + UpdateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatPersistent UpdateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" + UpdateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatTransient UpdateProviderBodyNameIdFormat = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" +) + // Defines values for UpdateSigningKeyBodyStatus. const ( UpdateSigningKeyBodyStatusInUse UpdateSigningKeyBodyStatus = "in_use" @@ -999,15 +1044,23 @@ const ( Sql V1GetSecurityAdvisorsParamsLintType = "sql" ) +// Defines values for V1GetProjectFunctionCombinedStatsParamsInterval. +const ( + V1GetProjectFunctionCombinedStatsParamsIntervalN15min V1GetProjectFunctionCombinedStatsParamsInterval = "15min" + V1GetProjectFunctionCombinedStatsParamsIntervalN1day V1GetProjectFunctionCombinedStatsParamsInterval = "1day" + V1GetProjectFunctionCombinedStatsParamsIntervalN1hr V1GetProjectFunctionCombinedStatsParamsInterval = "1hr" + V1GetProjectFunctionCombinedStatsParamsIntervalN3hr V1GetProjectFunctionCombinedStatsParamsInterval = "3hr" +) + // Defines values for V1GetProjectUsageApiCountParamsInterval. const ( - N15min V1GetProjectUsageApiCountParamsInterval = "15min" - N1day V1GetProjectUsageApiCountParamsInterval = "1day" - N1hr V1GetProjectUsageApiCountParamsInterval = "1hr" - N30min V1GetProjectUsageApiCountParamsInterval = "30min" - N3day V1GetProjectUsageApiCountParamsInterval = "3day" - N3hr V1GetProjectUsageApiCountParamsInterval = "3hr" - N7day V1GetProjectUsageApiCountParamsInterval = "7day" + V1GetProjectUsageApiCountParamsIntervalN15min V1GetProjectUsageApiCountParamsInterval = "15min" + V1GetProjectUsageApiCountParamsIntervalN1day V1GetProjectUsageApiCountParamsInterval = "1day" + V1GetProjectUsageApiCountParamsIntervalN1hr V1GetProjectUsageApiCountParamsInterval = "1hr" + V1GetProjectUsageApiCountParamsIntervalN30min V1GetProjectUsageApiCountParamsInterval = "30min" + V1GetProjectUsageApiCountParamsIntervalN3day V1GetProjectUsageApiCountParamsInterval = "3day" + V1GetProjectUsageApiCountParamsIntervalN3hr V1GetProjectUsageApiCountParamsInterval = "3hr" + V1GetProjectUsageApiCountParamsIntervalN7day V1GetProjectUsageApiCountParamsInterval = "7day" ) // Defines values for V1RemoveProjectAddonParamsAddonVariant0. @@ -1272,6 +1325,8 @@ type AuthConfigResponse struct { MfaTotpVerifyEnabled nullable.Nullable[bool] `json:"mfa_totp_verify_enabled"` MfaWebAuthnEnrollEnabled nullable.Nullable[bool] `json:"mfa_web_authn_enroll_enabled"` MfaWebAuthnVerifyEnabled nullable.Nullable[bool] `json:"mfa_web_authn_verify_enabled"` + NimbusOauthClientId nullable.Nullable[string] `json:"nimbus_oauth_client_id"` + NimbusOauthClientSecret nullable.Nullable[string] `json:"nimbus_oauth_client_secret"` PasswordHibpEnabled nullable.Nullable[bool] `json:"password_hibp_enabled"` PasswordMinLength nullable.Nullable[int] `json:"password_min_length"` PasswordRequiredCharacters nullable.Nullable[AuthConfigResponsePasswordRequiredCharacters] `json:"password_required_characters"` @@ -1338,6 +1393,12 @@ type AuthConfigResponseSecurityCaptchaProvider string // AuthConfigResponseSmsProvider defines model for AuthConfigResponse.SmsProvider. type AuthConfigResponseSmsProvider string +// AuthorizeJitAccessBody defines model for AuthorizeJitAccessBody. +type AuthorizeJitAccessBody struct { + Rhost string `json:"rhost"` + Role string `json:"role"` +} + // BranchActionBody defines model for BranchActionBody. type BranchActionBody struct { MigrationVersion *string `json:"migration_version,omitempty"` @@ -1502,14 +1563,18 @@ type CreateProviderBody struct { Names *[]string `json:"names,omitempty"` } `json:"keys"` } `json:"attribute_mapping,omitempty"` - Domains *[]string `json:"domains,omitempty"` - MetadataUrl *string `json:"metadata_url,omitempty"` - MetadataXml *string `json:"metadata_xml,omitempty"` + Domains *[]string `json:"domains,omitempty"` + MetadataUrl *string `json:"metadata_url,omitempty"` + MetadataXml *string `json:"metadata_xml,omitempty"` + NameIdFormat *CreateProviderBodyNameIdFormat `json:"name_id_format,omitempty"` // Type What type of provider will be created Type CreateProviderBodyType `json:"type"` } +// CreateProviderBodyNameIdFormat defines model for CreateProviderBody.NameIdFormat. +type CreateProviderBodyNameIdFormat string + // CreateProviderBodyType What type of provider will be created type CreateProviderBodyType string @@ -1532,14 +1597,27 @@ type CreateProviderResponse struct { Names *[]string `json:"names,omitempty"` } `json:"keys"` } `json:"attribute_mapping,omitempty"` - EntityId string `json:"entity_id"` - Id string `json:"id"` - MetadataUrl *string `json:"metadata_url,omitempty"` - MetadataXml *string `json:"metadata_xml,omitempty"` + EntityId string `json:"entity_id"` + Id string `json:"id"` + MetadataUrl *string `json:"metadata_url,omitempty"` + MetadataXml *string `json:"metadata_xml,omitempty"` + NameIdFormat *string `json:"name_id_format,omitempty"` } `json:"saml,omitempty"` UpdatedAt *string `json:"updated_at,omitempty"` } +// CreateRoleBody defines model for CreateRoleBody. +type CreateRoleBody struct { + ReadOnly bool `json:"read_only"` +} + +// CreateRoleResponse defines model for CreateRoleResponse. +type CreateRoleResponse struct { + Password string `json:"password"` + Role string `json:"role"` + TtlSeconds int64 `json:"ttl_seconds"` +} + // CreateSecretBody defines model for CreateSecretBody. type CreateSecretBody = []struct { // Name Secret name must not start with the SUPABASE_ prefix. @@ -1666,14 +1744,23 @@ type DeleteProviderResponse struct { Names *[]string `json:"names,omitempty"` } `json:"keys"` } `json:"attribute_mapping,omitempty"` - EntityId string `json:"entity_id"` - Id string `json:"id"` - MetadataUrl *string `json:"metadata_url,omitempty"` - MetadataXml *string `json:"metadata_xml,omitempty"` + EntityId string `json:"entity_id"` + Id string `json:"id"` + MetadataUrl *string `json:"metadata_url,omitempty"` + MetadataXml *string `json:"metadata_xml,omitempty"` + NameIdFormat *string `json:"name_id_format,omitempty"` } `json:"saml,omitempty"` UpdatedAt *string `json:"updated_at,omitempty"` } +// DeleteRolesResponse defines model for DeleteRolesResponse. +type DeleteRolesResponse struct { + Message DeleteRolesResponseMessage `json:"message"` +} + +// DeleteRolesResponseMessage defines model for DeleteRolesResponse.Message. +type DeleteRolesResponseMessage string + // DeployFunctionResponse defines model for DeployFunctionResponse. type DeployFunctionResponse struct { CreatedAt *int64 `json:"created_at,omitempty"` @@ -1795,10 +1882,11 @@ type GetProviderResponse struct { Names *[]string `json:"names,omitempty"` } `json:"keys"` } `json:"attribute_mapping,omitempty"` - EntityId string `json:"entity_id"` - Id string `json:"id"` - MetadataUrl *string `json:"metadata_url,omitempty"` - MetadataXml *string `json:"metadata_xml,omitempty"` + EntityId string `json:"entity_id"` + Id string `json:"id"` + MetadataUrl *string `json:"metadata_url,omitempty"` + MetadataXml *string `json:"metadata_xml,omitempty"` + NameIdFormat *string `json:"name_id_format,omitempty"` } `json:"saml,omitempty"` UpdatedAt *string `json:"updated_at,omitempty"` } @@ -1807,18 +1895,51 @@ type GetProviderResponse struct { type JitAccessResponse struct { UserId openapi_types.UUID `json:"user_id"` UserRoles []struct { - ExpiresAt *string `json:"expires_at,omitempty"` - Role string `json:"role"` + AllowedNetworks *struct { + AllowedCidrs *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs,omitempty"` + AllowedCidrsV6 *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs_v6,omitempty"` + } `json:"allowed_networks,omitempty"` + ExpiresAt *float32 `json:"expires_at,omitempty"` + Role string `json:"role"` } `json:"user_roles"` } +// JitAuthorizeAccessResponse defines model for JitAuthorizeAccessResponse. +type JitAuthorizeAccessResponse struct { + UserId openapi_types.UUID `json:"user_id"` + UserRole struct { + AllowedNetworks *struct { + AllowedCidrs *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs,omitempty"` + AllowedCidrsV6 *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs_v6,omitempty"` + } `json:"allowed_networks,omitempty"` + ExpiresAt *float32 `json:"expires_at,omitempty"` + Role string `json:"role"` + } `json:"user_role"` +} + // JitListAccessResponse defines model for JitListAccessResponse. type JitListAccessResponse struct { Items []struct { UserId openapi_types.UUID `json:"user_id"` UserRoles []struct { - ExpiresAt *string `json:"expires_at,omitempty"` - Role string `json:"role"` + AllowedNetworks *struct { + AllowedCidrs *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs,omitempty"` + AllowedCidrsV6 *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs_v6,omitempty"` + } `json:"allowed_networks,omitempty"` + ExpiresAt *float32 `json:"expires_at,omitempty"` + Role string `json:"role"` } `json:"user_roles"` } `json:"items"` } @@ -1955,10 +2076,11 @@ type ListProvidersResponse struct { Names *[]string `json:"names,omitempty"` } `json:"keys"` } `json:"attribute_mapping,omitempty"` - EntityId string `json:"entity_id"` - Id string `json:"id"` - MetadataUrl *string `json:"metadata_url,omitempty"` - MetadataXml *string `json:"metadata_xml,omitempty"` + EntityId string `json:"entity_id"` + Id string `json:"id"` + MetadataUrl *string `json:"metadata_url,omitempty"` + MetadataXml *string `json:"metadata_xml,omitempty"` + NameIdFormat *string `json:"name_id_format,omitempty"` } `json:"saml,omitempty"` UpdatedAt *string `json:"updated_at,omitempty"` } `json:"items"` @@ -1978,6 +2100,18 @@ type NetworkBanResponseEnriched struct { } `json:"banned_ipv4_addresses"` } +// NetworkRestrictionsPatchRequest defines model for NetworkRestrictionsPatchRequest. +type NetworkRestrictionsPatchRequest struct { + Add *struct { + DbAllowedCidrs *[]string `json:"dbAllowedCidrs,omitempty"` + DbAllowedCidrsV6 *[]string `json:"dbAllowedCidrsV6,omitempty"` + } `json:"add,omitempty"` + Remove *struct { + DbAllowedCidrs *[]string `json:"dbAllowedCidrs,omitempty"` + DbAllowedCidrsV6 *[]string `json:"dbAllowedCidrsV6,omitempty"` + } `json:"remove,omitempty"` +} + // NetworkRestrictionsRequest defines model for NetworkRestrictionsRequest. type NetworkRestrictionsRequest struct { DbAllowedCidrs *[]string `json:"dbAllowedCidrs,omitempty"` @@ -1986,6 +2120,8 @@ type NetworkRestrictionsRequest struct { // NetworkRestrictionsResponse defines model for NetworkRestrictionsResponse. type NetworkRestrictionsResponse struct { + AppliedAt *time.Time `json:"applied_at,omitempty"` + // Config At any given point in time, this is the config that the user has requested be applied to their project. The `status` field indicates if it has been applied to the project, or is pending. When an updated config is received, the applied config is moved to `old_config`. Config struct { DbAllowedCidrs *[]string `json:"dbAllowedCidrs,omitempty"` @@ -1998,7 +2134,8 @@ type NetworkRestrictionsResponse struct { DbAllowedCidrs *[]string `json:"dbAllowedCidrs,omitempty"` DbAllowedCidrsV6 *[]string `json:"dbAllowedCidrsV6,omitempty"` } `json:"old_config,omitempty"` - Status NetworkRestrictionsResponseStatus `json:"status"` + Status NetworkRestrictionsResponseStatus `json:"status"` + UpdatedAt *time.Time `json:"updated_at,omitempty"` } // NetworkRestrictionsResponseEntitlement defines model for NetworkRestrictionsResponse.Entitlement. @@ -2007,6 +2144,42 @@ type NetworkRestrictionsResponseEntitlement string // NetworkRestrictionsResponseStatus defines model for NetworkRestrictionsResponse.Status. type NetworkRestrictionsResponseStatus string +// NetworkRestrictionsV2Response defines model for NetworkRestrictionsV2Response. +type NetworkRestrictionsV2Response struct { + AppliedAt *time.Time `json:"applied_at,omitempty"` + + // Config At any given point in time, this is the config that the user has requested be applied to their project. The `status` field indicates if it has been applied to the project, or is pending. When an updated config is received, the applied config is moved to `old_config`. + Config struct { + DbAllowedCidrs *[]struct { + Address string `json:"address"` + Type NetworkRestrictionsV2ResponseConfigDbAllowedCidrsType `json:"type"` + } `json:"dbAllowedCidrs,omitempty"` + } `json:"config"` + Entitlement NetworkRestrictionsV2ResponseEntitlement `json:"entitlement"` + + // OldConfig Populated when a new config has been received, but not registered as successfully applied to a project. + OldConfig *struct { + DbAllowedCidrs *[]struct { + Address string `json:"address"` + Type NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsType `json:"type"` + } `json:"dbAllowedCidrs,omitempty"` + } `json:"old_config,omitempty"` + Status NetworkRestrictionsV2ResponseStatus `json:"status"` + UpdatedAt *time.Time `json:"updated_at,omitempty"` +} + +// NetworkRestrictionsV2ResponseConfigDbAllowedCidrsType defines model for NetworkRestrictionsV2Response.Config.DbAllowedCidrs.Type. +type NetworkRestrictionsV2ResponseConfigDbAllowedCidrsType string + +// NetworkRestrictionsV2ResponseEntitlement defines model for NetworkRestrictionsV2Response.Entitlement. +type NetworkRestrictionsV2ResponseEntitlement string + +// NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsType defines model for NetworkRestrictionsV2Response.OldConfig.DbAllowedCidrs.Type. +type NetworkRestrictionsV2ResponseOldConfigDbAllowedCidrsType string + +// NetworkRestrictionsV2ResponseStatus defines model for NetworkRestrictionsV2Response.Status. +type NetworkRestrictionsV2ResponseStatus string + // OAuthRevokeTokenBody defines model for OAuthRevokeTokenBody. type OAuthRevokeTokenBody struct { ClientId openapi_types.UUID `json:"client_id"` @@ -2186,8 +2359,13 @@ type ReadOnlyStatusResponse struct { // RemoveNetworkBanRequest defines model for RemoveNetworkBanRequest. type RemoveNetworkBanRequest struct { - Identifier *string `json:"identifier,omitempty"` + Identifier *string `json:"identifier,omitempty"` + + // Ipv4Addresses List of IP addresses to unban. Ipv4Addresses []string `json:"ipv4_addresses"` + + // RequesterIp Include requester's public IP in the list of addresses to unban. + RequesterIp *bool `json:"requester_ip,omitempty"` } // RemoveReadReplicaBody defines model for RemoveReadReplicaBody. @@ -2529,6 +2707,8 @@ type UpdateAuthConfigBody struct { MfaTotpVerifyEnabled nullable.Nullable[bool] `json:"mfa_totp_verify_enabled,omitempty"` MfaWebAuthnEnrollEnabled nullable.Nullable[bool] `json:"mfa_web_authn_enroll_enabled,omitempty"` MfaWebAuthnVerifyEnabled nullable.Nullable[bool] `json:"mfa_web_authn_verify_enabled,omitempty"` + NimbusOauthClientId nullable.Nullable[string] `json:"nimbus_oauth_client_id,omitempty"` + NimbusOauthClientSecret nullable.Nullable[string] `json:"nimbus_oauth_client_secret,omitempty"` PasswordHibpEnabled nullable.Nullable[bool] `json:"password_hibp_enabled,omitempty"` PasswordMinLength nullable.Nullable[int] `json:"password_min_length,omitempty"` PasswordRequiredCharacters nullable.Nullable[UpdateAuthConfigBodyPasswordRequiredCharacters] `json:"password_required_characters,omitempty"` @@ -2654,8 +2834,16 @@ type UpdateCustomHostnameResponseStatus string // UpdateJitAccessBody defines model for UpdateJitAccessBody. type UpdateJitAccessBody struct { Roles []struct { - ExpiresAt *string `json:"expires_at,omitempty"` - Role string `json:"role"` + AllowedNetworks *struct { + AllowedCidrs *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs,omitempty"` + AllowedCidrsV6 *[]struct { + Cidr string `json:"cidr"` + } `json:"allowed_cidrs_v6,omitempty"` + } `json:"allowed_networks,omitempty"` + ExpiresAt *float32 `json:"expires_at,omitempty"` + Role string `json:"role"` } `json:"roles"` UserId openapi_types.UUID `json:"user_id"` } @@ -2706,11 +2894,15 @@ type UpdateProviderBody struct { Names *[]string `json:"names,omitempty"` } `json:"keys"` } `json:"attribute_mapping,omitempty"` - Domains *[]string `json:"domains,omitempty"` - MetadataUrl *string `json:"metadata_url,omitempty"` - MetadataXml *string `json:"metadata_xml,omitempty"` + Domains *[]string `json:"domains,omitempty"` + MetadataUrl *string `json:"metadata_url,omitempty"` + MetadataXml *string `json:"metadata_xml,omitempty"` + NameIdFormat *UpdateProviderBodyNameIdFormat `json:"name_id_format,omitempty"` } +// UpdateProviderBodyNameIdFormat defines model for UpdateProviderBody.NameIdFormat. +type UpdateProviderBodyNameIdFormat string + // UpdateProviderResponse defines model for UpdateProviderResponse. type UpdateProviderResponse struct { CreatedAt *string `json:"created_at,omitempty"` @@ -2730,10 +2922,11 @@ type UpdateProviderResponse struct { Names *[]string `json:"names,omitempty"` } `json:"keys"` } `json:"attribute_mapping,omitempty"` - EntityId string `json:"entity_id"` - Id string `json:"id"` - MetadataUrl *string `json:"metadata_url,omitempty"` - MetadataXml *string `json:"metadata_xml,omitempty"` + EntityId string `json:"entity_id"` + Id string `json:"id"` + MetadataUrl *string `json:"metadata_url,omitempty"` + MetadataXml *string `json:"metadata_xml,omitempty"` + NameIdFormat *string `json:"name_id_format,omitempty"` } `json:"saml,omitempty"` UpdatedAt *string `json:"updated_at,omitempty"` } @@ -3259,6 +3452,15 @@ type V1GetSecurityAdvisorsParams struct { // V1GetSecurityAdvisorsParamsLintType defines parameters for V1GetSecurityAdvisors. type V1GetSecurityAdvisorsParamsLintType string +// V1GetProjectFunctionCombinedStatsParams defines parameters for V1GetProjectFunctionCombinedStats. +type V1GetProjectFunctionCombinedStatsParams struct { + Interval V1GetProjectFunctionCombinedStatsParamsInterval `form:"interval" json:"interval"` + FunctionId string `form:"function_id" json:"function_id"` +} + +// V1GetProjectFunctionCombinedStatsParamsInterval defines parameters for V1GetProjectFunctionCombinedStats. +type V1GetProjectFunctionCombinedStatsParamsInterval string + // V1GetProjectLogsParams defines parameters for V1GetProjectLogs. type V1GetProjectLogsParams struct { Sql *string `form:"sql,omitempty" json:"sql,omitempty"` @@ -3455,6 +3657,9 @@ type V1ApplyProjectAddonJSONRequestBody = ApplyProjectAddonBody // V1CreateABranchJSONRequestBody defines body for V1CreateABranch for application/json ContentType. type V1CreateABranchJSONRequestBody = CreateBranchBody +// V1CreateLoginRoleJSONRequestBody defines body for V1CreateLoginRole for application/json ContentType. +type V1CreateLoginRoleJSONRequestBody = CreateRoleBody + // V1UpdateAuthServiceConfigJSONRequestBody defines body for V1UpdateAuthServiceConfig for application/json ContentType. type V1UpdateAuthServiceConfigJSONRequestBody = UpdateAuthConfigBody @@ -3494,6 +3699,9 @@ type V1CreateRestorePointJSONRequestBody = V1RestorePointPostBody // V1UndoJSONRequestBody defines body for V1Undo for application/json ContentType. type V1UndoJSONRequestBody = V1UndoBody +// V1AuthorizeJitAccessJSONRequestBody defines body for V1AuthorizeJitAccess for application/json ContentType. +type V1AuthorizeJitAccessJSONRequestBody = AuthorizeJitAccessBody + // V1UpdateJitAccessJSONRequestBody defines body for V1UpdateJitAccess for application/json ContentType. type V1UpdateJitAccessJSONRequestBody = UpdateJitAccessBody @@ -3521,6 +3729,9 @@ type V1UpdateAFunctionJSONRequestBody = V1UpdateFunctionBody // V1DeleteNetworkBansJSONRequestBody defines body for V1DeleteNetworkBans for application/json ContentType. type V1DeleteNetworkBansJSONRequestBody = RemoveNetworkBanRequest +// V1PatchNetworkRestrictionsJSONRequestBody defines body for V1PatchNetworkRestrictions for application/json ContentType. +type V1PatchNetworkRestrictionsJSONRequestBody = NetworkRestrictionsPatchRequest + // V1UpdateNetworkRestrictionsJSONRequestBody defines body for V1UpdateNetworkRestrictions for application/json ContentType. type V1UpdateNetworkRestrictionsJSONRequestBody = NetworkRestrictionsRequest diff --git a/pkg/config/templates/Dockerfile b/pkg/config/templates/Dockerfile index 4213074e5..ca817f6df 100644 --- a/pkg/config/templates/Dockerfile +++ b/pkg/config/templates/Dockerfile @@ -1,18 +1,18 @@ # Exposed for updates by .github/dependabot.yml -FROM supabase/postgres:17.4.1.074 AS pg +FROM supabase/postgres:17.6.1.002 AS pg # Append to ServiceImages when adding new dependencies below FROM library/kong:2.8.1 AS kong FROM axllent/mailpit:v1.22.3 AS mailpit -FROM postgrest/postgrest:v13.0.4 AS postgrest -FROM supabase/postgres-meta:v0.91.5 AS pgmeta -FROM supabase/studio:2025.08.18-sha-c153df2 AS studio +FROM postgrest/postgrest:v13.0.6 AS postgrest +FROM supabase/postgres-meta:v0.91.6 AS pgmeta +FROM supabase/studio:2025.09.08-sha-67c1421 AS studio FROM darthsim/imgproxy:v3.8.0 AS imgproxy -FROM supabase/edge-runtime:v1.69.1 AS edgeruntime +FROM supabase/edge-runtime:v1.69.8 AS edgeruntime FROM timberio/vector:0.28.1-alpine AS vector -FROM supabase/supavisor:2.6.1 AS supavisor -FROM supabase/gotrue:v2.178.0 AS gotrue -FROM supabase/realtime:v2.43.0 AS realtime -FROM supabase/storage-api:v1.26.4 AS storage +FROM supabase/supavisor:2.6.2 AS supavisor +FROM supabase/gotrue:v2.179.0 AS gotrue +FROM supabase/realtime:v2.47.0 AS realtime +FROM supabase/storage-api:v1.26.5 AS storage FROM supabase/logflare:1.18.4 AS logflare # Append to JobImages when adding new dependencies below FROM supabase/pgadmin-schema-diff:cli-0.0.5 AS differ diff --git a/pkg/function/bundle.go b/pkg/function/bundle.go index eb178539a..fb13ae64c 100644 --- a/pkg/function/bundle.go +++ b/pkg/function/bundle.go @@ -10,6 +10,7 @@ import ( "os/exec" "path/filepath" "strings" + "time" "github.com/andybalholm/brotli" "github.com/go-errors/errors" @@ -19,13 +20,24 @@ import ( type nativeBundler struct { tempDir string fsys fs.FS + timeout time.Duration } -func NewNativeBundler(tempDir string, fsys fs.FS) EszipBundler { - return &nativeBundler{ +func NewNativeBundler(tempDir string, fsys fs.FS, opts ...func(*nativeBundler)) EszipBundler { + b := &nativeBundler{ tempDir: tempDir, fsys: fsys, } + for _, apply := range opts { + apply(b) + } + return b +} + +func WithTimeout(timeout time.Duration) func(*nativeBundler) { + return func(b *nativeBundler) { + b.timeout = timeout + } } var ( @@ -48,6 +60,11 @@ func (b *nativeBundler) Bundle(ctx context.Context, slug, entrypoint, importMap args = append(args, "--static", staticFile) } args = append(args, BundleFlags...) + if b.timeout > 0 { + timeoutCtx, cancel := context.WithTimeout(ctx, b.timeout) + defer cancel() // release resources if command exits before timeout + ctx = timeoutCtx + } cmd := exec.CommandContext(ctx, edgeRuntimeBin, args...) cmd.Stderr = os.Stderr cmd.Stdout = os.Stdout diff --git a/pkg/go.mod b/pkg/go.mod index 4270c4fbb..c9df92d37 100644 --- a/pkg/go.mod +++ b/pkg/go.mod @@ -24,9 +24,9 @@ require ( github.com/oapi-codegen/runtime v1.1.2 github.com/spf13/afero v1.14.0 github.com/spf13/viper v1.20.1 - github.com/stretchr/testify v1.11.0 + github.com/stretchr/testify v1.11.1 github.com/tidwall/jsonc v0.3.2 - golang.org/x/mod v0.27.0 + golang.org/x/mod v0.28.0 google.golang.org/grpc v1.75.0 ) @@ -48,7 +48,7 @@ require ( github.com/sagikazarmark/locafero v0.7.0 // indirect github.com/sourcegraph/conc v0.3.0 // indirect github.com/spf13/cast v1.7.1 // indirect - github.com/spf13/pflag v1.0.7 // indirect + github.com/spf13/pflag v1.0.10 // indirect github.com/stretchr/objx v0.5.2 // indirect github.com/subosito/gotenv v1.6.0 // indirect go.uber.org/atomic v1.9.0 // indirect diff --git a/pkg/go.sum b/pkg/go.sum index 59b2f80ba..81fddafe7 100644 --- a/pkg/go.sum +++ b/pkg/go.sum @@ -162,8 +162,8 @@ github.com/spf13/afero v1.14.0 h1:9tH6MapGnn/j0eb0yIXiLjERO8RB6xIVZRDCX7PtqWA= github.com/spf13/afero v1.14.0/go.mod h1:acJQ8t0ohCGuMN3O+Pv0V0hgMxNYDlvdk+VTfyZmbYo= github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y= github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= -github.com/spf13/pflag v1.0.7 h1:vN6T9TfwStFPFM5XzjsvmzZkLuaLX+HS+0SeFLRgU6M= -github.com/spf13/pflag v1.0.7/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk= +github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.20.1 h1:ZMi+z/lvLyPSCoNtFCpqjy0S4kPbirhpTMwl8BkW9X4= github.com/spf13/viper v1.20.1/go.mod h1:P9Mdzt1zoHIG8m2eZQinpiBjo6kCmZSKBClNNqjJvu4= github.com/spkg/bom v0.0.0-20160624110644-59b7046e48ad/go.mod h1:qLr4V1qq6nMqFKkMo8ZTx3f+BZEkzsRUY10Xsm2mwU0= @@ -182,8 +182,8 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.11.0 h1:ib4sjIrwZKxE5u/Japgo/7SJV3PvgjGiRNAvTVGqQl8= -github.com/stretchr/testify v1.11.0/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= +github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= +github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/tidwall/jsonc v0.3.2 h1:ZTKrmejRlAJYdn0kcaFqRAKlxxFIC21pYq8vLa4p2Wc= @@ -226,8 +226,8 @@ golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKG golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ= -golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc= +golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U= +golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= diff --git a/pkg/pgxv5/connect.go b/pkg/pgxv5/connect.go index d32afca5b..528742921 100644 --- a/pkg/pgxv5/connect.go +++ b/pkg/pgxv5/connect.go @@ -12,7 +12,7 @@ import ( ) const ( - CLI_LOGIN_ROLE = "cli_login_postgres" + CLI_LOGIN_PREFIX = "cli_login_" SET_SESSION_ROLE = "SET SESSION ROLE postgres" ) @@ -28,7 +28,7 @@ func Connect(ctx context.Context, connString string, options ...func(*pgx.ConnCo fmt.Fprintf(os.Stderr, "%s (%s): %s\n", n.Severity, n.Code, n.Message) } } - if strings.HasPrefix(config.User, CLI_LOGIN_ROLE) { + if strings.HasPrefix(config.User, CLI_LOGIN_PREFIX) { config.AfterConnect = func(ctx context.Context, pgconn *pgconn.PgConn) error { return pgconn.Exec(ctx, SET_SESSION_ROLE).Close() }