diff --git a/api/v1alpha1/certificatechaos_types.go b/api/v1alpha1/certificatechaos_types.go new file mode 100644 index 0000000000..4ea4d4da90 --- /dev/null +++ b/api/v1alpha1/certificatechaos_types.go @@ -0,0 +1,120 @@ +// Copyright 2021 Chaos Mesh Authors.PodPVCChaos +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" +) + +// +kubebuilder:object:root=true +// +chaos-mesh:experiment + +// CertificateChaos is the control script`s spec. +type CertificateChaos struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Spec defines the behavior of a certificate chaos experiment + Spec CertificateChaosSpec `json:"spec"` + + // +optional + // Most recently observed status of the chaos experiment about pods + Status CertificateChaosStatus `json:"status,omitempty"` +} + +var _ InnerObjectWithCustomStatus = (*CertificateChaos)(nil) +var _ InnerObjectWithSelector = (*CertificateChaos)(nil) +var _ InnerObject = (*CertificateChaos)(nil) + +// CertificateChaosSpec defines the attributes that a user creates on a chaos experiment about pods. +type CertificateChaosSpec struct { + CertificateSelector `json:"selector"` + + // Duration represents the duration of the chaos action. + // Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + // +optional + // +kubebuilder:default="90m" + Duration *string `json:"duration,omitempty" webhook:"Duration"` + + // CertificateExpiry represents the expiry period for the requested certificate. + // Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + // +optional + // +kubebuilder:default="1h" + CertificateExpiry *metav1.Duration `json:"certificateExpiry,omitempty"` + + // RenewBefore represents when the cert-manager should rotate the certificate. + // Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + // +optional + // +kubebuilder:default="30m" + RenewBefore *metav1.Duration `json:"renewBefore,omitempty"` + + // RemoteCluster represents the remote cluster where the chaos will be deployed + // +optional + RemoteCluster string `json:"remoteCluster,omitempty"` +} + +type CertificateSelector struct { + GenericSelectorSpec `json:",inline"` +} + +// CertificateChaosStatus represents the current status of the chaos experiment about pods. +type CertificateChaosStatus struct { + ChaosStatus `json:",inline"` + + // Instances keeps track of the state for each certificate + // +optional + Instances map[string]Instance `json:"affectedFluxResources,omitempty"` +} + +type Instance struct { + FluxResource FluxResource `json:"fluxResource"` + OriginalExpiry *metav1.Duration `json:"originalExpiry,omitempty"` + OriginalRenewBefore *metav1.Duration `json:"originalRenewBefore,omitempty"` + CertificateReadyAt *metav1.Time `json:"certificateReadyAt,omitempty"` + SecretName string `json:"secretName,omitempty"` +} + +type FluxResource struct { + Group string `json:"group"` + Version string `json:"version"` + Kind string `json:"kind"` + Namespace string `json:"namespace"` + Name string `json:"name"` +} + +func (e *FluxResource) NamespacedName() string { + return types.NamespacedName{Name: e.Name, Namespace: e.Namespace}.String() +} + +func (e *FluxResource) GVK() schema.GroupVersionKind { + return schema.GroupVersionKind{ + Group: e.Group, + Kind: e.Kind, + Version: e.Version, + } +} + +func (obj *CertificateChaos) GetSelectorSpecs() map[string]interface{} { + return map[string]interface{}{ + ".": &obj.Spec.CertificateSelector, + } +} + +func (obj *CertificateChaos) GetCustomStatus() interface{} { + return &obj.Status.Instances +} diff --git a/api/v1alpha1/zz_generated.chaosmesh.go b/api/v1alpha1/zz_generated.chaosmesh.go index 03103b79dc..8dfa130bdd 100644 --- a/api/v1alpha1/zz_generated.chaosmesh.go +++ b/api/v1alpha1/zz_generated.chaosmesh.go @@ -457,6 +457,144 @@ func (in *BlockChaos) Default() { gw.Default(in) } +const KindCertificateChaos = "CertificateChaos" + +// IsDeleted returns whether this resource has been deleted +func (in *CertificateChaos) IsDeleted() bool { + return !in.DeletionTimestamp.IsZero() +} + +// IsPaused returns whether this resource has been paused +func (in *CertificateChaos) IsPaused() bool { + if in.Annotations == nil || in.Annotations[PauseAnnotationKey] != "true" { + return false + } + return true +} + +// GetObjectMeta would return the ObjectMeta for chaos +func (in *CertificateChaos) GetObjectMeta() *metav1.ObjectMeta { + return &in.ObjectMeta +} + +// GetDuration would return the duration for chaos +func (in *CertificateChaosSpec) GetDuration() (*time.Duration, error) { + if in.Duration == nil { + return nil, nil + } + duration, err := time.ParseDuration(string(*in.Duration)) + if err != nil { + return nil, err + } + return &duration, nil +} + +// GetStatus returns the status +func (in *CertificateChaos) GetStatus() *ChaosStatus { + return &in.Status.ChaosStatus +} + +// GetRemoteCluster returns the remoteCluster +func (in *CertificateChaos) GetRemoteCluster() string { + return in.Spec.RemoteCluster +} + +// GetSpecAndMetaString returns a string including the meta and spec field of this chaos object. +func (in *CertificateChaos) GetSpecAndMetaString() (string, error) { + spec, err := json.Marshal(in.Spec) + if err != nil { + return "", err + } + + meta := in.ObjectMeta.DeepCopy() + meta.SetResourceVersion("") + meta.SetGeneration(0) + + return string(spec) + meta.String(), nil +} + +// +kubebuilder:object:root=true + +// CertificateChaosList contains a list of CertificateChaos +type CertificateChaosList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []CertificateChaos `json:"items"` +} + +func (in *CertificateChaosList) DeepCopyList() GenericChaosList { + return in.DeepCopy() +} + +// ListChaos returns a list of chaos +func (in *CertificateChaosList) ListChaos() []GenericChaos { + var result []GenericChaos + for _, item := range in.Items { + item := item + result = append(result, &item) + } + return result +} + +func (in *CertificateChaos) DurationExceeded(now time.Time) (bool, time.Duration, error) { + duration, err := in.Spec.GetDuration() + if err != nil { + return false, 0, err + } + + if duration != nil { + stopTime := in.GetCreationTimestamp().Add(*duration) + if stopTime.Before(now) { + return true, 0, nil + } + + return false, stopTime.Sub(now), nil + } + + return false, 0, nil +} + +func (in *CertificateChaos) IsOneShot() bool { + return false +} + +var CertificateChaosWebhookLog = logf.Log.WithName("CertificateChaos-resource") + +func (in *CertificateChaos) ValidateCreate() (admission.Warnings, error) { + CertificateChaosWebhookLog.V(1).Info("validate create", "name", in.Name) + return in.Validate() +} + +// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type +func (in *CertificateChaos) ValidateUpdate(old runtime.Object) (admission.Warnings, error) { + CertificateChaosWebhookLog.V(1).Info("validate update", "name", in.Name) + if !reflect.DeepEqual(in.Spec, old.(*CertificateChaos).Spec) { + return nil, ErrCanNotUpdateChaos + } + return in.Validate() +} + +// ValidateDelete implements webhook.Validator so a webhook will be registered for the type +func (in *CertificateChaos) ValidateDelete() (admission.Warnings, error) { + CertificateChaosWebhookLog.V(1).Info("validate delete", "name", in.Name) + + // Nothing to do? + return nil, nil +} + +var _ webhook.Validator = &CertificateChaos{} + +func (in *CertificateChaos) Validate() ([]string, error) { + errs := gw.Validate(in) + return nil, gw.Aggregate(errs) +} + +var _ webhook.Defaulter = &CertificateChaos{} + +func (in *CertificateChaos) Default() { + gw.Default(in) +} + const KindCiliumChaos = "CiliumChaos" // IsDeleted returns whether this resource has been deleted @@ -3064,6 +3202,12 @@ func init() { list: &BlockChaosList{}, }) + SchemeBuilder.Register(&CertificateChaos{}, &CertificateChaosList{}) + all.register(KindCertificateChaos, &ChaosKind{ + chaos: &CertificateChaos{}, + list: &CertificateChaosList{}, + }) + SchemeBuilder.Register(&CiliumChaos{}, &CiliumChaosList{}) all.register(KindCiliumChaos, &ChaosKind{ chaos: &CiliumChaos{}, @@ -3194,6 +3338,11 @@ func init() { list: &BlockChaosList{}, }) + allScheduleItem.register(KindCertificateChaos, &ChaosKind{ + chaos: &CertificateChaos{}, + list: &CertificateChaosList{}, + }) + allScheduleItem.register(KindCiliumChaos, &ChaosKind{ chaos: &CiliumChaos{}, list: &CiliumChaosList{}, diff --git a/api/v1alpha1/zz_generated.chaosmesh_test.go b/api/v1alpha1/zz_generated.chaosmesh_test.go index 6b445e9a7b..1a82850529 100644 --- a/api/v1alpha1/zz_generated.chaosmesh_test.go +++ b/api/v1alpha1/zz_generated.chaosmesh_test.go @@ -214,6 +214,69 @@ func TestBlockChaosListChaos(t *testing.T) { chaos.ListChaos() } +func TestCertificateChaosIsDeleted(t *testing.T) { + g := NewGomegaWithT(t) + + chaos := &CertificateChaos{} + err := faker.FakeData(chaos) + + g.Expect(err).To(BeNil()) + + chaos.IsDeleted() +} + +func TestCertificateChaosIsIsPaused(t *testing.T) { + g := NewGomegaWithT(t) + + chaos := &CertificateChaos{} + err := faker.FakeData(chaos) + + g.Expect(err).To(BeNil()) + + chaos.IsPaused() +} + +func TestCertificateChaosGetDuration(t *testing.T) { + g := NewGomegaWithT(t) + + chaos := &CertificateChaos{} + err := faker.FakeData(chaos) + + g.Expect(err).To(BeNil()) + + chaos.Spec.GetDuration() +} + +func TestCertificateChaosGetStatus(t *testing.T) { + g := NewGomegaWithT(t) + + chaos := &CertificateChaos{} + err := faker.FakeData(chaos) + + g.Expect(err).To(BeNil()) + + chaos.GetStatus() +} + +func TestCertificateChaosGetSpecAndMetaString(t *testing.T) { + g := NewGomegaWithT(t) + chaos := &CertificateChaos{} + err := faker.FakeData(chaos) + g.Expect(err).To(BeNil()) + chaos.GetSpecAndMetaString() +} + +func TestCertificateChaosListChaos(t *testing.T) { + g := NewGomegaWithT(t) + + chaos := &CertificateChaosList{} + err := faker.FakeData(chaos) + + g.Expect(err).To(BeNil()) + + chaos.ListChaos() +} + func TestCiliumChaosIsDeleted(t *testing.T) { g := NewGomegaWithT(t) diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 650df4ff85..b28ca7c0f6 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -21,7 +21,8 @@ package v1alpha1 import ( "encoding/json" - "k8s.io/api/core/v1" + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "net/http" ) @@ -532,6 +533,135 @@ func (in *CPUStressor) DeepCopy() *CPUStressor { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateChaos) DeepCopyInto(out *CertificateChaos) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateChaos. +func (in *CertificateChaos) DeepCopy() *CertificateChaos { + if in == nil { + return nil + } + out := new(CertificateChaos) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CertificateChaos) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateChaosList) DeepCopyInto(out *CertificateChaosList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CertificateChaos, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateChaosList. +func (in *CertificateChaosList) DeepCopy() *CertificateChaosList { + if in == nil { + return nil + } + out := new(CertificateChaosList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CertificateChaosList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateChaosSpec) DeepCopyInto(out *CertificateChaosSpec) { + *out = *in + in.CertificateSelector.DeepCopyInto(&out.CertificateSelector) + if in.Duration != nil { + in, out := &in.Duration, &out.Duration + *out = new(string) + **out = **in + } + if in.CertificateExpiry != nil { + in, out := &in.CertificateExpiry, &out.CertificateExpiry + *out = new(v1.Duration) + **out = **in + } + if in.RenewBefore != nil { + in, out := &in.RenewBefore, &out.RenewBefore + *out = new(v1.Duration) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateChaosSpec. +func (in *CertificateChaosSpec) DeepCopy() *CertificateChaosSpec { + if in == nil { + return nil + } + out := new(CertificateChaosSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateChaosStatus) DeepCopyInto(out *CertificateChaosStatus) { + *out = *in + in.ChaosStatus.DeepCopyInto(&out.ChaosStatus) + if in.Instances != nil { + in, out := &in.Instances, &out.Instances + *out = make(map[string]Instance, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateChaosStatus. +func (in *CertificateChaosStatus) DeepCopy() *CertificateChaosStatus { + if in == nil { + return nil + } + out := new(CertificateChaosStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CertificateSelector) DeepCopyInto(out *CertificateSelector) { + *out = *in + in.GenericSelectorSpec.DeepCopyInto(&out.GenericSelectorSpec) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSelector. +func (in *CertificateSelector) DeepCopy() *CertificateSelector { + if in == nil { + return nil + } + out := new(CertificateSelector) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ChaosCondition) DeepCopyInto(out *ChaosCondition) { *out = *in @@ -1308,6 +1438,11 @@ func (in *EmbedChaos) DeepCopyInto(out *EmbedChaos) { *out = new(BlockChaosSpec) (*in).DeepCopyInto(*out) } + if in.CertificateChaos != nil { + in, out := &in.CertificateChaos, &out.CertificateChaos + *out = new(CertificateChaosSpec) + (*in).DeepCopyInto(*out) + } if in.CiliumChaos != nil { in, out := &in.CiliumChaos, &out.CiliumChaos *out = new(CiliumChaosSpec) @@ -1816,6 +1951,21 @@ func (in *Filter) DeepCopy() *Filter { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FluxResource) DeepCopyInto(out *FluxResource) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FluxResource. +func (in *FluxResource) DeepCopy() *FluxResource { + if in == nil { + return nil + } + out := new(FluxResource) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Frame) DeepCopyInto(out *Frame) { *out = *in @@ -2440,6 +2590,36 @@ func (in *IOChaosStatus) DeepCopy() *IOChaosStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Instance) DeepCopyInto(out *Instance) { + *out = *in + out.FluxResource = in.FluxResource + if in.OriginalExpiry != nil { + in, out := &in.OriginalExpiry, &out.OriginalExpiry + *out = new(v1.Duration) + **out = **in + } + if in.OriginalRenewBefore != nil { + in, out := &in.OriginalRenewBefore, &out.OriginalRenewBefore + *out = new(v1.Duration) + **out = **in + } + if in.CertificateReadyAt != nil { + in, out := &in.CertificateReadyAt, &out.CertificateReadyAt + *out = (*in).DeepCopy() + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Instance. +func (in *Instance) DeepCopy() *Instance { + if in == nil { + return nil + } + out := new(Instance) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IoFault) DeepCopyInto(out *IoFault) { *out = *in @@ -5200,7 +5380,7 @@ func (in *ScheduleStatus) DeepCopyInto(out *ScheduleStatus) { *out = *in if in.Active != nil { in, out := &in.Active, &out.Active - *out = make([]v1.ObjectReference, len(*in)) + *out = make([]corev1.ObjectReference, len(*in)) copy(*out, *in) } in.LastScheduleTime.DeepCopyInto(&out.LastScheduleTime) @@ -5595,12 +5775,12 @@ func (in *Task) DeepCopyInto(out *Task) { *out = *in if in.Container != nil { in, out := &in.Container, &out.Container - *out = new(v1.Container) + *out = new(corev1.Container) (*in).DeepCopyInto(*out) } if in.Volumes != nil { in, out := &in.Volumes, &out.Volumes - *out = make([]v1.Volume, len(*in)) + *out = make([]corev1.Volume, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -5629,29 +5809,29 @@ func (in *Task) DeepCopyInto(out *Task) { } if in.SecurityContext != nil { in, out := &in.SecurityContext, &out.SecurityContext - *out = new(v1.PodSecurityContext) + *out = new(corev1.PodSecurityContext) (*in).DeepCopyInto(*out) } if in.ImagePullSecrets != nil { in, out := &in.ImagePullSecrets, &out.ImagePullSecrets - *out = make([]v1.LocalObjectReference, len(*in)) + *out = make([]corev1.LocalObjectReference, len(*in)) copy(*out, *in) } if in.Affinity != nil { in, out := &in.Affinity, &out.Affinity - *out = new(v1.Affinity) + *out = new(corev1.Affinity) (*in).DeepCopyInto(*out) } if in.Tolerations != nil { in, out := &in.Tolerations, &out.Tolerations - *out = make([]v1.Toleration, len(*in)) + *out = make([]corev1.Toleration, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } if in.TopologySpreadConstraints != nil { in, out := &in.TopologySpreadConstraints, &out.TopologySpreadConstraints - *out = make([]v1.TopologySpreadConstraint, len(*in)) + *out = make([]corev1.TopologySpreadConstraint, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -6114,7 +6294,7 @@ func (in *WorkflowNodeStatus) DeepCopyInto(out *WorkflowNodeStatus) { *out = *in if in.ChaosResource != nil { in, out := &in.ChaosResource, &out.ChaosResource - *out = new(v1.TypedLocalObjectReference) + *out = new(corev1.TypedLocalObjectReference) (*in).DeepCopyInto(*out) } if in.ConditionalBranchesStatus != nil { @@ -6124,12 +6304,12 @@ func (in *WorkflowNodeStatus) DeepCopyInto(out *WorkflowNodeStatus) { } if in.ActiveChildren != nil { in, out := &in.ActiveChildren, &out.ActiveChildren - *out = make([]v1.LocalObjectReference, len(*in)) + *out = make([]corev1.LocalObjectReference, len(*in)) copy(*out, *in) } if in.FinishedChildren != nil { in, out := &in.FinishedChildren, &out.FinishedChildren - *out = make([]v1.LocalObjectReference, len(*in)) + *out = make([]corev1.LocalObjectReference, len(*in)) copy(*out, *in) } if in.Conditions != nil { diff --git a/api/v1alpha1/zz_generated.schedule.chaosmesh.go b/api/v1alpha1/zz_generated.schedule.chaosmesh.go index 742249ddbc..a78c068e79 100644 --- a/api/v1alpha1/zz_generated.schedule.chaosmesh.go +++ b/api/v1alpha1/zz_generated.schedule.chaosmesh.go @@ -27,6 +27,7 @@ const ( ScheduleTypeAWSChaos ScheduleTemplateType = "AWSChaos" ScheduleTypeAzureChaos ScheduleTemplateType = "AzureChaos" ScheduleTypeBlockChaos ScheduleTemplateType = "BlockChaos" + ScheduleTypeCertificateChaos ScheduleTemplateType = "CertificateChaos" ScheduleTypeCiliumChaos ScheduleTemplateType = "CiliumChaos" ScheduleTypeCloudStackVMChaos ScheduleTemplateType = "CloudStackVMChaos" ScheduleTypeDNSChaos ScheduleTemplateType = "DNSChaos" @@ -52,6 +53,7 @@ var allScheduleTemplateType = []ScheduleTemplateType{ ScheduleTypeAWSChaos, ScheduleTypeAzureChaos, ScheduleTypeBlockChaos, + ScheduleTypeCertificateChaos, ScheduleTypeCiliumChaos, ScheduleTypeCloudStackVMChaos, ScheduleTypeDNSChaos, @@ -87,6 +89,10 @@ func (it *ScheduleItem) SpawnNewObject(templateType ScheduleTemplateType) (Gener result := BlockChaos{} result.Spec = *it.BlockChaos return &result, nil + case ScheduleTypeCertificateChaos: + result := CertificateChaos{} + result.Spec = *it.CertificateChaos + return &result, nil case ScheduleTypeCiliumChaos: result := CiliumChaos{} result.Spec = *it.CiliumChaos @@ -176,6 +182,9 @@ func (it *ScheduleItem) RestoreChaosSpec(root interface{}) error { case *BlockChaos: *it.BlockChaos = chaos.Spec return nil + case *CertificateChaos: + *it.CertificateChaos = chaos.Spec + return nil case *CiliumChaos: *it.CiliumChaos = chaos.Spec return nil diff --git a/api/v1alpha1/zz_generated.workflow.chaosmesh.go b/api/v1alpha1/zz_generated.workflow.chaosmesh.go index ea55a25789..08087af130 100644 --- a/api/v1alpha1/zz_generated.workflow.chaosmesh.go +++ b/api/v1alpha1/zz_generated.workflow.chaosmesh.go @@ -27,6 +27,7 @@ const ( TypeAWSChaos TemplateType = "AWSChaos" TypeAzureChaos TemplateType = "AzureChaos" TypeBlockChaos TemplateType = "BlockChaos" + TypeCertificateChaos TemplateType = "CertificateChaos" TypeCiliumChaos TemplateType = "CiliumChaos" TypeCloudStackVMChaos TemplateType = "CloudStackVMChaos" TypeDNSChaos TemplateType = "DNSChaos" @@ -52,6 +53,7 @@ var allChaosTemplateType = []TemplateType{ TypeAWSChaos, TypeAzureChaos, TypeBlockChaos, + TypeCertificateChaos, TypeCiliumChaos, TypeCloudStackVMChaos, TypeDNSChaos, @@ -80,6 +82,8 @@ type EmbedChaos struct { // +optional BlockChaos *BlockChaosSpec `json:"blockChaos,omitempty"` // +optional + CertificateChaos *CertificateChaosSpec `json:"certificateChaos,omitempty"` + // +optional CiliumChaos *CiliumChaosSpec `json:"ciliumChaos,omitempty"` // +optional CloudStackVMChaos *CloudStackVMChaosSpec `json:"cloudstackvmChaos,omitempty"` @@ -130,6 +134,10 @@ func (it *EmbedChaos) SpawnNewObject(templateType TemplateType) (GenericChaos, e result := BlockChaos{} result.Spec = *it.BlockChaos return &result, nil + case TypeCertificateChaos: + result := CertificateChaos{} + result.Spec = *it.CertificateChaos + return &result, nil case TypeCiliumChaos: result := CiliumChaos{} result.Spec = *it.CiliumChaos @@ -215,6 +223,9 @@ func (it *EmbedChaos) RestoreChaosSpec(root interface{}) error { case *BlockChaos: *it.BlockChaos = chaos.Spec return nil + case *CertificateChaos: + *it.CertificateChaos = chaos.Spec + return nil case *CiliumChaos: *it.CiliumChaos = chaos.Spec return nil @@ -283,6 +294,9 @@ func (it *EmbedChaos) SpawnNewList(templateType TemplateType) (GenericChaosList, case TypeBlockChaos: result := BlockChaosList{} return &result, nil + case TypeCertificateChaos: + result := CertificateChaosList{} + return &result, nil case TypeCiliumChaos: result := CiliumChaosList{} return &result, nil @@ -364,6 +378,14 @@ func (in *BlockChaosList) GetItems() []GenericChaos { } return result } +func (in *CertificateChaosList) GetItems() []GenericChaos { + var result []GenericChaos + for _, item := range in.Items { + item := item + result = append(result, &item) + } + return result +} func (in *CiliumChaosList) GetItems() []GenericChaos { var result []GenericChaos for _, item := range in.Items { diff --git a/api/v1alpha1/zz_generated.workflow.chaosmesh_test.go b/api/v1alpha1/zz_generated.workflow.chaosmesh_test.go index 400a1563c2..b9902407a5 100644 --- a/api/v1alpha1/zz_generated.workflow.chaosmesh_test.go +++ b/api/v1alpha1/zz_generated.workflow.chaosmesh_test.go @@ -47,6 +47,14 @@ func TestChaosKindMapShouldContainsBlockChaos(t *testing.T) { _, ok := all.kinds[string(requiredType)] g.Expect(ok).To(Equal(true), "all kinds map should contains this type", requiredType) } +func TestChaosKindMapShouldContainsCertificateChaos(t *testing.T) { + g := NewGomegaWithT(t) + var requiredType TemplateType + requiredType = TypeCertificateChaos + + _, ok := all.kinds[string(requiredType)] + g.Expect(ok).To(Equal(true), "all kinds map should contains this type", requiredType) +} func TestChaosKindMapShouldContainsCiliumChaos(t *testing.T) { g := NewGomegaWithT(t) var requiredType TemplateType diff --git a/cmd/chaos-controller-manager/provider/controller.go b/cmd/chaos-controller-manager/provider/controller.go index 3bc23d52b3..0a27d1e9b3 100644 --- a/cmd/chaos-controller-manager/provider/controller.go +++ b/cmd/chaos-controller-manager/provider/controller.go @@ -21,6 +21,7 @@ import ( "net" "strconv" + certmanagerv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" "github.com/go-logr/logr" lru "github.com/hashicorp/golang-lru/v2" "go.uber.org/fx" @@ -46,6 +47,7 @@ var ( ) func init() { + _ = certmanagerv1.AddToScheme(scheme) _ = clientgoscheme.AddToScheme(scheme) _ = v1alpha1.AddToScheme(scheme) @@ -100,6 +102,7 @@ func NewOption(logger logr.Logger, scheme *runtime.Scheme) *ctrl.Options { opts.DefaultNamespaces = map[string]cache.Config{ config.ControllerCfg.TargetNamespace: {}, } + return cache.New(cfg, opts) } } @@ -184,6 +187,7 @@ func NewControlPlaneCacheReader(logger logr.Logger, cfg *rest.Config) (controlPl scheme := runtime.NewScheme() _ = clientgoscheme.AddToScheme(scheme) + _ = certmanagerv1.AddToScheme(scheme) // Create the cache for the cached read client and registering informers cacheReader, err := cache.New(cfg, cache.Options{ diff --git a/config/crd/bases/chaos-mesh.org_certificatechaos.yaml b/config/crd/bases/chaos-mesh.org_certificatechaos.yaml new file mode 100644 index 0000000000..84fdb2ecdd --- /dev/null +++ b/config/crd/bases/chaos-mesh.org_certificatechaos.yaml @@ -0,0 +1,245 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: certificatechaos.chaos-mesh.org +spec: + group: chaos-mesh.org + names: + kind: CertificateChaos + listKind: CertificateChaosList + plural: certificatechaos + singular: certificatechaos + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: CertificateChaos is the control script`s spec. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the behavior of a certificate chaos experiment + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for the + requested certificate. Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where the + chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should rotate + the certificate. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can be + used to select objects. A list of selectors based on set-based + label expressions. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object + status: + description: Most recently observed status of the chaos experiment about + pods + properties: + affectedFluxResources: + additionalProperties: + properties: + certificateReadyAt: + format: date-time + type: string + fluxResource: + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + version: + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + originalExpiry: + type: string + originalRenewBefore: + type: string + secretName: + type: string + required: + - fluxResource + type: object + description: Instances keeps track of the state for each certificate + type: object + conditions: + description: Conditions represents the current global condition of + the chaos + items: + properties: + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + experiment: + description: Experiment records the last experiment state. + properties: + containerRecords: + description: Records are used to track the running status + items: + properties: + events: + description: Events are the essential details about the + injections and recoveries + items: + properties: + message: + description: Message is the detail message, e.g. the + reason why we failed to inject the chaos + type: string + operation: + description: Operation represents the operation we + are doing, when we crate this event + type: string + timestamp: + description: Timestamp is time when we create this + event + format: date-time + type: string + type: + description: Type means the stage of this event + type: string + required: + - operation + - timestamp + - type + type: object + type: array + id: + type: string + injectedCount: + description: InjectedCount is a counter to record the sum + of successful injections + type: integer + phase: + type: string + recoveredCount: + description: RecoveredCount is a counter to record the sum + of successful recoveries + type: integer + selectorKey: + type: string + required: + - id + - injectedCount + - phase + - recoveredCount + - selectorKey + type: object + type: array + desiredPhase: + enum: + - Run + - Stop + type: string + type: object + required: + - experiment + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/config/crd/bases/chaos-mesh.org_schedules.yaml b/config/crd/bases/chaos-mesh.org_schedules.yaml index 4af4aa52c0..d695d0b6cd 100644 --- a/config/crd/bases/chaos-mesh.org_schedules.yaml +++ b/config/crd/bases/chaos-mesh.org_schedules.yaml @@ -278,6 +278,93 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that a user + creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for + the requested certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should + rotate the certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can + be used to select objects. A list of selectors based on + set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium CNI. @@ -4017,6 +4104,98 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the + chaos action. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list of + selectors based on set-based label expressions. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to + which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or @@ -7630,6 +7809,102 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time + units are "ns", "us" (or "µs"), "ms", "s", "m", + "h". + type: string + duration: + default: 90m + description: Duration represents the duration of + the chaos action. Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list + of selectors based on set-based label expressions. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting diff --git a/config/crd/bases/chaos-mesh.org_workflownodes.yaml b/config/crd/bases/chaos-mesh.org_workflownodes.yaml index d74793a048..26b857a3ae 100644 --- a/config/crd/bases/chaos-mesh.org_workflownodes.yaml +++ b/config/crd/bases/chaos-mesh.org_workflownodes.yaml @@ -284,6 +284,93 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that a user + creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for + the requested certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should + rotate the certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can + be used to select objects. A list of selectors based on + set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: items: type: string @@ -3665,6 +3752,95 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that + a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period + for the requested certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos + action. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that + can be used to select objects. A list of selectors based + on set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which + objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium CNI. @@ -7489,6 +7665,102 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time + units are "ns", "us" (or "µs"), "ms", "s", "m", + "h". + type: string + duration: + default: 90m + description: Duration represents the duration of + the chaos action. Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list + of selectors based on set-based label expressions. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial @@ -11212,6 +11484,106 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about + pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the + expiry period for the requested certificate. + Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration + of the chaos action. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the + cert-manager should rotate the certificate. + Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A + list of selectors based on set-based label + expressions. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting diff --git a/config/crd/bases/chaos-mesh.org_workflows.yaml b/config/crd/bases/chaos-mesh.org_workflows.yaml index 630f7f3e13..5e5ff63d88 100644 --- a/config/crd/bases/chaos-mesh.org_workflows.yaml +++ b/config/crd/bases/chaos-mesh.org_workflows.yaml @@ -297,6 +297,95 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that + a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period + for the requested certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos + action. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that + can be used to select objects. A list of selectors + based on set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which + objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or TypeParallel. @@ -3808,6 +3897,98 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the + chaos action. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list of + selectors based on set-based label expressions. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to + which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 2e39db1faf..1fee7d6b59 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -32,6 +32,7 @@ resources: - bases/chaos-mesh.org_k8schaos.yaml - bases/chaos-mesh.org_resourcescalechaos.yaml - bases/chaos-mesh.org_podpvcchaos.yaml +- bases/chaos-mesh.org_certificatechaos.yaml # +kubebuilder:scaffold:crdkustomizeresource patchesStrategicMerge: diff --git a/controllers/chaosimpl/certificatechaos/impl.go b/controllers/chaosimpl/certificatechaos/impl.go new file mode 100644 index 0000000000..ea640f7c50 --- /dev/null +++ b/controllers/chaosimpl/certificatechaos/impl.go @@ -0,0 +1,451 @@ +// Copyright 2023 Chaos Mesh Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package certificatechaos + +import ( + "context" + "errors" + "fmt" + "strings" + "time" + + "github.com/avast/retry-go/v4" + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + "github.com/go-logr/logr" + "go.uber.org/fx" + appsv1 "k8s.io/api/apps/v1" + v1 "k8s.io/api/core/v1" + apiErrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/chaos-mesh/chaos-mesh/api/v1alpha1" + impltypes "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/types" + "github.com/chaos-mesh/chaos-mesh/controllers/utils/controller" +) + +var _ impltypes.ChaosImpl = (*Impl)(nil) + +const FluxSuspended = "Not Injected/FluxSuspended" +const CertUpdated = "Not Injected/CertUpdated" +const CertReady = "Not Injected/CertReady" +const RevertedCerts = "Injected/CertUpdated" + +const restartTimeAnnotation = "chaos-mesh.org/certificateChaosAt" + +type Impl struct { + client.Client + Log logr.Logger +} + +func (impl *Impl) Apply(ctx context.Context, index int, records []*v1alpha1.Record, obj v1alpha1.InnerObject) (v1alpha1.Phase, error) { + impl.Log.Info("certificate chaos Apply", "namespace", obj.GetNamespace(), "name", obj.GetName()) + + chaos, ok := obj.(*v1alpha1.CertificateChaos) + if !ok { + err := errors.New("chaos is not CertificateChaos") + impl.Log.Error(err, "chaos is not CertificateChaos", "chaos", obj) + return v1alpha1.NotInjected, err + } + + if chaos.Status.Instances == nil { + chaos.Status.Instances = make(map[string]v1alpha1.Instance) + } + + record := records[index] + namespacedName, err := controller.ParseNamespacedName(record.Id) + if err != nil { + return v1alpha1.NotInjected, err + } + + switch record.Phase { + case v1alpha1.NotInjected: + var cert cmv1.Certificate + err = impl.Get(ctx, namespacedName, &cert) + if err != nil { + if apiErrors.IsNotFound(err) { + return v1alpha1.Injected, nil + } + return v1alpha1.NotInjected, err + } + + // Find and suspend Flux resources + if entity, ok := getManagedBy(&cert); ok { + impl.Log.Info("Suspending Flux", "resource", entity.NamespacedName()) + if err = impl.suspend(ctx, entity, true); err != nil { + innerErr := errors.New("failed to suspend Flux resource") + impl.Log.Error(err, "failed to suspend Flux resource", "resource", entity) + return v1alpha1.NotInjected, innerErr + } + + chaos.Status.Instances[record.Id] = v1alpha1.Instance{FluxResource: entity} + } + return FluxSuspended, nil + + case FluxSuspended: + var cert cmv1.Certificate + err = impl.Get(ctx, namespacedName, &cert) + if err != nil { + if apiErrors.IsNotFound(err) { + return v1alpha1.Injected, nil + } + return v1alpha1.NotInjected, err + } + + // Update actual certificate + if err = impl.updateCertificate(ctx, &cert, chaos.Spec.CertificateExpiry, chaos.Spec.RenewBefore); err != nil { + impl.Log.Error(err, "Updating Certificate", "resource", cert.Name) + return record.Phase, err + } + newInstance := chaos.Status.Instances[record.Id] + newInstance.OriginalExpiry = cert.Spec.Duration + newInstance.OriginalRenewBefore = cert.Spec.RenewBefore + newInstance.SecretName = cert.Spec.SecretName + chaos.Status.Instances[record.Id] = newInstance + return CertUpdated, nil + + case CertUpdated: + impl.Log.Info("Checking if Certificate is ready", "certificate", namespacedName.String()) + + instance := chaos.Status.Instances[record.Id] + var readyAt metav1.Time + if readyAt, ok = impl.getCertificateReadyAt(ctx, namespacedName, chaos); !ok { + return CertUpdated, errors.New("certificate not yet ready") + } + + instance.CertificateReadyAt = &readyAt + chaos.Status.Instances[record.Id] = instance + return CertReady, nil + + case CertReady: + impl.Log.Info("Finding related PODs", "certificate", namespacedName.String()) + listOptions := &client.ListOptions{ + Namespace: namespacedName.Namespace, + } + podsList := &v1.PodList{} + err := impl.Client.List(ctx, podsList, listOptions) + if err != nil { + impl.Log.Error(err, "Finding related PODs failed", "certificate", namespacedName.String()) + return CertReady, err + } + instance := chaos.Status.Instances[record.Id] + + owners, err := impl.getPodOwnersUsingSecret(ctx, podsList, instance.SecretName) + if err != nil { + return record.Phase, err + } + + for owner := range owners { + err = impl.Restart(ctx, owner, namespacedName.Namespace, instance.CertificateReadyAt) + if err != nil { + return record.Phase, fmt.Errorf("restarting %s/%s: %w", owner.Kind, owner.Name, err) + } + } + + default: + panic("unknown phase: " + record.Phase) + } + + return v1alpha1.Injected, nil +} + +func (impl *Impl) getPodOwnersUsingSecret(ctx context.Context, podsList *v1.PodList, secretName string) (map[Dependent]bool, error) { + owners := make(map[Dependent]bool) + for _, pod := range podsList.Items { + if usesVolume(pod, secretName) { + for _, ref := range pod.GetOwnerReferences() { + if ref.APIVersion == "apps/v1" && ref.Kind == "ReplicaSet" { + // need to find the owner ref of the replicaset + var rs appsv1.ReplicaSet + rsNamespacedName := types.NamespacedName{Name: ref.Name, Namespace: pod.Namespace} + err := impl.Client.Get(ctx, rsNamespacedName, &rs) + if err != nil { + return nil, fmt.Errorf("getting replicaset %s/%s: %w", pod.Namespace, ref.Name, err) + } + + for _, ref := range rs.GetOwnerReferences() { + owners[Dependent{ + APIVersion: ref.APIVersion, + Kind: ref.Kind, + Name: ref.Name, + }] = true + } + } else { + owners[Dependent{ + APIVersion: ref.APIVersion, + Kind: ref.Kind, + Name: ref.Name, + }] = true + } + } + } + + } + return owners, nil +} + +func (impl *Impl) getCertificateReadyAt(ctx context.Context, namespacedName types.NamespacedName, chaos *v1alpha1.CertificateChaos) (metav1.Time, bool) { + var timestamp metav1.Time + err := retry.Do( + func() error { + var cert cmv1.Certificate + if innerErr := impl.Get(ctx, namespacedName, &cert); innerErr != nil { + return innerErr + } + for _, cond := range cert.Status.Conditions { + if cond.Reason == "Ready" && cond.Status == "True" { + // TODO what if certificate was already at the specified duration? Then it won't update + if cond.LastTransitionTime.After(chaos.CreationTimestamp.Time.Add(-3 * time.Second)) { + timestamp = metav1.NewTime((*cond.LastTransitionTime).Time) + return nil + } + break + } + } + + return errors.New("certificate not yet ready") + }, + retry.Attempts(3), + retry.OnRetry(func(n uint, err error) { + impl.Log.Info("Certificate not yet ready", "certificate", namespacedName.String()) + }), + retry.Delay(time.Second), + ) + return timestamp, err == nil +} + +func usesVolume(pod v1.Pod, secretName string) bool { + for _, volume := range pod.Spec.Volumes { + if volume.Secret != nil && volume.Secret.SecretName == secretName { + return true + } + if volume.Projected != nil { + for _, source := range volume.Projected.Sources { + if source.Secret != nil && source.Secret.Name == secretName { + return true + } + } + } + } + return false +} + +func (impl *Impl) updateCertificate(ctx context.Context, cert *cmv1.Certificate, expiry, renewBefore *metav1.Duration) error { + updated := cert.DeepCopy() + + updated.Spec.Duration.Duration = expiry.Duration + updated.Spec.RenewBefore.Duration = renewBefore.Duration + + impl.Log.Info( + "Patching certificate", + "namespace", cert.Namespace, + "name", cert.Name, + "certificateExpiry", *expiry, + "renewBefore", *renewBefore, + ) + err := impl.Patch(ctx, updated, client.MergeFrom(cert)) + if err != nil { + return fmt.Errorf("patching certificate %s/%s: %w", cert.Namespace, cert.Name, err) + } + + return nil +} + +func getManagedBy(cert *cmv1.Certificate) (v1alpha1.FluxResource, bool) { + entity := v1alpha1.FluxResource{} + for k, v := range cert.GetLabels() { + // TODO versions should probably not be hardcoded. We can probably do that later on though + // One idea would be to query the api-resources for it? + switch k { + case "helm.toolkit.fluxcd.io/namespace": + entity.Namespace = v + entity.Group = "helm.toolkit.fluxcd.io" + entity.Version = "v2" + entity.Kind = "helmrelease" + case "helm.toolkit.fluxcd.io/name": + entity.Name = v + entity.Group = "helm.toolkit.fluxcd.io" + entity.Version = "v2" + entity.Kind = "helmrelease" + case "kustomize.toolkit.fluxcd.io/namespace": + entity.Namespace = v + entity.Group = "kustomize.toolkit.fluxcd.io" + entity.Version = "v1" + entity.Kind = "kustomization" + case "kustomize.toolkit.fluxcd.io/name": + entity.Name = v + entity.Group = "kustomize.toolkit.fluxcd.io" + entity.Version = "v1" + entity.Kind = "kustomization" + } + } + + if entity.Name != "" && entity.Namespace != "" { + return entity, true + } + return v1alpha1.FluxResource{}, false +} + +func (impl *Impl) suspend(ctx context.Context, e v1alpha1.FluxResource, state bool) error { + var nilFluxResource v1alpha1.FluxResource + if e == nilFluxResource { + return nil + } + u := &unstructured.Unstructured{} + u.Object = map[string]interface{}{ + "metadata": map[string]interface{}{ + "name": e.Name, + "namespace": e.Namespace, + }, + } + u.SetGroupVersionKind(e.GVK()) + patch := []byte(fmt.Sprintf(`{"spec":{"suspend":%v}}`, state)) + return impl.Client.Patch(ctx, u, client.RawPatch(types.MergePatchType, patch)) +} + +func (impl *Impl) Recover(ctx context.Context, index int, records []*v1alpha1.Record, obj v1alpha1.InnerObject) (v1alpha1.Phase, error) { + impl.Log.Info("certificate chaos Recover", "namespace", obj.GetNamespace(), "name", obj.GetName()) + + chaos, ok := obj.(*v1alpha1.CertificateChaos) + if !ok { + err := errors.New("chaos is not CertificateChaos") + impl.Log.Error(err, "chaos is not CertificateChaos", "chaos", obj) + return v1alpha1.Injected, err + } + + if chaos.Status.Instances == nil { + impl.Log.Info("No Instances to recover") + return v1alpha1.NotInjected, nil + } + + record := records[index] + if instance, ok := chaos.Status.Instances[record.Id]; ok { + switch record.Phase { + case v1alpha1.Injected: + namespacedName, err := controller.ParseNamespacedName(record.Id) + if err != nil { + return v1alpha1.Injected, err + } + + var cert cmv1.Certificate + err = impl.Get(ctx, namespacedName, &cert) + if err != nil { + if apiErrors.IsNotFound(err) { + return v1alpha1.Injected, nil + } + return v1alpha1.Injected, err + } + if err = impl.updateCertificate(ctx, &cert, instance.OriginalExpiry, instance.OriginalRenewBefore); err != nil { + impl.Log.Error(err, "Updating Certificate", "resource", cert.Name) + return record.Phase, err + } + + return RevertedCerts, nil + + case RevertedCerts: + err := impl.suspend(ctx, instance.FluxResource, false) + if err != nil { + innerErr := errors.New("failed to unsuspend Flux resource") + impl.Log.Error(err, "failed to unsuspend Flux resource", "resource", instance.FluxResource) + return v1alpha1.Injected, innerErr + } + + default: + panic("unknown recovery phase: " + record.Phase) + } + + } + + return v1alpha1.NotInjected, nil +} + +type Dependent struct { + APIVersion string + Kind string + Name string +} + +func (owner Dependent) toUnstructured(namespace string) unstructured.Unstructured { + u := unstructured.Unstructured{} + u.SetAPIVersion(owner.APIVersion) + u.SetKind(owner.Kind) + u.SetName(owner.Name) + u.SetNamespace(namespace) + return u + +} + +func (impl *Impl) Restart(ctx context.Context, owner Dependent, namespace string, certificateAt *metav1.Time) error { + resourceType := strings.ToLower(owner.Kind) + if resourceType != string(v1alpha1.DaemonSetResourceType) && + resourceType != string(v1alpha1.DeploymentResourceType) && + resourceType != string(v1alpha1.StatefulSetResourceType) { + impl.Log.Info("Can't restart this resource", "resource", owner.Kind, "name", owner.Name, "namespace", namespace) + return nil + } + + u := owner.toUnstructured(namespace) + _ = impl.Client.Get(context.Background(), client.ObjectKey{ + Namespace: u.GetNamespace(), + Name: u.GetName(), + }, &u) + if annotation, ok := u.GetAnnotations()[restartTimeAnnotation]; ok { + if restartedAt, err := time.Parse(time.RFC3339, annotation); err == nil && restartedAt.After(certificateAt.Time) { + impl.Log.Info("Skipping restart. Already happened", "resource", owner.Kind, + "name", owner.Name, + "namespace", namespace, + "restartedAt", restartedAt.String(), + "certificateAt", certificateAt.String()) + return nil + } + } + + u = owner.toUnstructured(namespace) + + now := time.Now().UTC() + data := []byte(fmt.Sprintf( + `{ + "spec": {"template": {"metadata": {"annotations": {"kubectl.kubernetes.io/restartedAt": "%s"}}}}, + "metadata": {"annotations": {"%s": "%s"}} + }`, + now.Format("20060102150405"), + restartTimeAnnotation, + now.Format(time.RFC3339), + )) + + impl.Log.Info("Patching", "resource", owner.Kind, "name", owner.Name, "namespace", namespace) + return impl.Client.Patch(ctx, &u, client.RawPatch(types.StrategicMergePatchType, data)) +} + +func NewImpl(c client.Client, log logr.Logger) *impltypes.ChaosImplPair { + return &impltypes.ChaosImplPair{ + Name: "certificatechaos", + Object: &v1alpha1.CertificateChaos{}, + Impl: &Impl{ + Client: c, + Log: log.WithName("certificatechaos"), + }, + ObjectList: &v1alpha1.CertificateChaosList{}, + } +} + +var Module = fx.Provide( + fx.Annotated{ + Group: "impl", + Target: NewImpl, + }, +) diff --git a/controllers/chaosimpl/fx.go b/controllers/chaosimpl/fx.go index a379374a58..cedf1af978 100644 --- a/controllers/chaosimpl/fx.go +++ b/controllers/chaosimpl/fx.go @@ -21,6 +21,7 @@ import ( "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/awschaos" "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/azurechaos" "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/blockchaos" + "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/certificatechaos" "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/ciliumchaos" "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/cloudstackvm" "github.com/chaos-mesh/chaos-mesh/controllers/chaosimpl/dnschaos" @@ -62,5 +63,6 @@ var AllImpl = fx.Options( resourcescalechaos.Module, rollingrestartchaos.Module, podpvcchaos.Module, + certificatechaos.Module, utils.Module) diff --git a/e2e-test/go.mod b/e2e-test/go.mod index f890bab60b..1111e26141 100644 --- a/e2e-test/go.mod +++ b/e2e-test/go.mod @@ -19,7 +19,7 @@ require ( k8s.io/kubelet v0.28.1 k8s.io/kubernetes v1.28.2 k8s.io/pod-security-admission v0.28.1 - k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 + k8s.io/utils v0.0.0-20230726121419-3b25d923346b sigs.k8s.io/controller-runtime v0.16.2 ) @@ -37,10 +37,10 @@ require ( github.com/chai2010/gettext-go v1.0.2 // indirect github.com/coreos/go-semver v0.3.1 // indirect github.com/coreos/go-systemd/v22 v22.5.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/docker/distribution v2.8.2+incompatible // indirect github.com/docker/go-units v0.5.0 // indirect - github.com/emicklei/go-restful/v3 v3.10.1 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect @@ -48,7 +48,7 @@ require ( github.com/felixge/httpsnoop v1.0.3 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/go-errors/errors v1.4.2 // indirect - github.com/go-logr/logr v1.2.4 // indirect + github.com/go-logr/logr v1.3.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.2.4 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect @@ -61,7 +61,7 @@ require ( github.com/google/btree v1.0.1 // indirect github.com/google/cel-go v0.16.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/go-cmp v0.5.9 // indirect + github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20230207041349-798e818bf904 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect @@ -100,32 +100,32 @@ require ( go.etcd.io/etcd/client/v3 v3.5.9 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 // indirect - go.opentelemetry.io/otel v1.19.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 // indirect - go.opentelemetry.io/otel/metric v1.19.0 // indirect - go.opentelemetry.io/otel/sdk v1.19.0 // indirect - go.opentelemetry.io/otel/trace v1.19.0 // indirect + go.opentelemetry.io/otel v1.20.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 // indirect + go.opentelemetry.io/otel/metric v1.20.0 // indirect + go.opentelemetry.io/otel/sdk v1.20.0 // indirect + go.opentelemetry.io/otel/trace v1.20.0 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.25.0 // indirect golang.org/x/crypto v0.14.0 // indirect - golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc // indirect + golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect golang.org/x/net v0.17.0 // indirect - golang.org/x/oauth2 v0.10.0 // indirect + golang.org/x/oauth2 v0.12.0 // indirect golang.org/x/sync v0.3.0 // indirect - golang.org/x/sys v0.13.0 // indirect + golang.org/x/sys v0.14.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.12.0 // indirect + golang.org/x/tools v0.13.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect - google.golang.org/grpc v1.58.3 // indirect + google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230911183012-2d3300fd4832 // indirect + google.golang.org/grpc v1.59.0 // indirect google.golang.org/protobuf v1.31.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect @@ -136,13 +136,13 @@ require ( k8s.io/component-helpers v0.28.2 // indirect k8s.io/controller-manager v0.28.2 // indirect k8s.io/kms v0.28.2 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect + k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f // indirect k8s.io/kubectl v0.28.1 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) diff --git a/e2e-test/go.sum b/e2e-test/go.sum index 209e645b70..22d97ccdcb 100644 --- a/e2e-test/go.sum +++ b/e2e-test/go.sum @@ -1,6 +1,6 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.110.4 h1:1JYyxKMN9hd5dR2MYTPWkGUgcoxVVhg0LKNKEo0qvmk= -cloud.google.com/go/compute v1.21.0 h1:JNBsyXVoOoNJtTQcnEY5uYpZIbeCTYIeDe0Xh1bySMk= +cloud.google.com/go v0.110.7 h1:rJyC7nWRg2jWGZ4wSJ5nY65GTdYJkg0cd/uXb+ACI6o= +cloud.google.com/go/compute v1.23.0 h1:tP41Zoavr8ptEqaW6j+LQOnyBBhO7OkOMAGrgLopTwY= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= @@ -43,15 +43,16 @@ github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= -github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ= -github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA= @@ -71,8 +72,9 @@ github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxI github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= @@ -90,7 +92,7 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/glog v1.1.0 h1:/d3pCKDPWNnvIWe0vVUpNP32qc8U3PDVxySP/y360qE= +github.com/golang/glog v1.1.2 h1:DVjP2PbBOzHyzA+dn3WhHIq4NdVu3Q+pvivFICf/7fo= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= @@ -119,8 +121,9 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -191,8 +194,8 @@ github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= @@ -208,7 +211,7 @@ github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjR github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/soheilhy/cmux v0.1.5 h1:jjzc5WVemNEDTLwv9tlmemhC73tI08BNOIGwBOo10Js= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= @@ -218,8 +221,8 @@ github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ai github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= @@ -228,7 +231,7 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2 h1:eY9dn8+vbi4tKz5Qo6v2eYzo7kUS51QINcR5jNpbZS8= github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= @@ -251,25 +254,25 @@ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.4 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.42.0/go.mod h1:5z+/ZWJQKXa9YT34fQNx5K8Hd1EoIhvtUygUQPqEOgQ= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0 h1:KfYpVmrjI7JuToy5k8XV3nkapjWx48k4E4JOtVstzQI= go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0/go.mod h1:SeQhzAEccGVZVEy7aH87Nh0km+utSpo1pTv6eMMop48= -go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= -go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 h1:Mne5On7VWdx7omSrSSZvM4Kw7cS7NQkOOmLcgscI51U= -go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0/go.mod h1:IPtUMKL4O3tH5y+iXVyAXqpAwMuzC1IrxVS81rummfE= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 h1:3d+S281UTjM+AbF31XSOYn1qXn3BgIdWl8HNEpx08Jk= -go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0/go.mod h1:0+KuTDyKL4gjKCF75pHOX4wuzYDUZYfAQdSu43o+Z2I= -go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= -go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= -go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o= -go.opentelemetry.io/otel/sdk v1.19.0/go.mod h1:NedEbbS4w3C6zElbLdPJKOpJQOrGUJ+GfzpjUvI0v1A= -go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= -go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= +go.opentelemetry.io/otel v1.20.0 h1:vsb/ggIY+hUjD/zCAQHpzTmndPqv/ml2ArbsbfBYTAc= +go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0 h1:DeFD0VgTZ+Cj6hxravYYZE2W4GlneVH81iAOPjZkzk8= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0/go.mod h1:GijYcYmNpX1KazD5JmWGsi4P7dDTTTnfv1UbGn84MnU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 h1:gvmNvqrPYovvyRmCSygkUDyL8lC5Tl845MLEwqpxhEU= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0/go.mod h1:vNUq47TGFioo+ffTSnKNdob241vePmtNZnAODKapKd0= +go.opentelemetry.io/otel/metric v1.20.0 h1:ZlrO8Hu9+GAhnepmRGhSU7/VkpjrNowxRN9GyKR4wzA= +go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM= +go.opentelemetry.io/otel/sdk v1.20.0 h1:5Jf6imeFZlZtKv9Qbo6qt2ZkmWtdWx/wzcCbNUlAWGM= +go.opentelemetry.io/otel/sdk v1.20.0/go.mod h1:rmkSx1cZCm/tn16iWDn1GQbLtsW/LvsdEEFzCSRM6V0= +go.opentelemetry.io/otel/trace v1.20.0 h1:+yxVAPZPbQhbC3OfAkeIVTky6iTFpcr4SiY9om7mXSQ= +go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU= go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= @@ -282,8 +285,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc h1:mCRnTeVUjcrhlRmO0VK8a6k6Rrf6TF9htwo2pJVSjIU= -golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= @@ -305,8 +308,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8= -golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= +golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= +golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -327,8 +330,8 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= @@ -349,8 +352,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= -golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= +golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -364,17 +367,17 @@ google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 h1:Z0hjGZePRE0ZBWotvtrwxFNrNE9CUAGtplaDK5NNI/g= -google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98/go.mod h1:S7mY02OqCJTD0E1OiQy1F72PWFB4bZJ87cAtLPYgDR0= -google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 h1:FmF5cCW94Ij59cfpoLiwTgodWmm60eEV0CjlsVg2fuw= -google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98/go.mod h1:rsr7RhLuwsDKL7RmgDDCUc6yaGr1iqceVb5Wv6f6YvQ= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 h1:bVf09lpb+OJbByTj913DRJioFFAjf/ZGxEz7MajTp2U= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= +google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d h1:VBu5YqKPv6XiJ199exd8Br+Aetz+o08F+PLMnwJQHAY= +google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4= +google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d h1:DoPTO70H+bcDXcd39vOqb2viZxgqeBeSGtZ55yZU4/Q= +google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230911183012-2d3300fd4832 h1:o4LtQxebKIJ4vkzyhtD2rfUNZ20Zf0ik5YVP5E7G7VE= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230911183012-2d3300fd4832/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.58.3 h1:BjnpXut1btbtgN/6sp+brB2Kbm2LjNXnidYujAVbSoQ= -google.golang.org/grpc v1.58.3/go.mod h1:tgX3ZQDlNJGU96V6yHh1T/JeoBQ2TXdr43YbYSsCJk0= +google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= +google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -431,8 +434,8 @@ k8s.io/kms v0.28.2 h1:KhG63LHopCdzs1oKA1j+NWleuIXudgOyCqJo4yi3GaM= k8s.io/kms v0.28.2/go.mod h1:iAjgIqBrV2+8kmsjbbgUkAyKSuYq5g1dW9knpt6OhaE= k8s.io/kube-aggregator v0.28.2 h1:tCjAfB1p/v18yD2NpegNQRuahzyA/szFfcRARnpjDeo= k8s.io/kube-aggregator v0.28.2/go.mod h1:g4hZVjC4KhJtZHV2pyiRBiU6AdBA/sAjh9Y9GJC/SbU= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f h1:eeEUOoGYWhOz7EyXqhlR2zHKNw2mNJ9vzJmub6YN6kk= +k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= k8s.io/kubectl v0.28.2 h1:fOWOtU6S0smdNjG1PB9WFbqEIMlkzU5ahyHkc7ESHgM= k8s.io/kubectl v0.28.2/go.mod h1:6EQWTPySF1fn7yKoQZHYf9TPwIl2AygHEcJoxFekr64= k8s.io/kubelet v0.28.2 h1:wqe5zKtVhNWwtdABU0mpcWVe8hc6VdVvs2kqQridZRw= @@ -441,8 +444,8 @@ k8s.io/kubernetes v1.28.2 h1:GhcnYeNTukeaC0dD5BC+UWBvzQsFEpWj7XBVMQptfYc= k8s.io/kubernetes v1.28.2/go.mod h1:FmB1Mlp9ua0ezuwQCTGs/y6wj/fVisN2sVxhzjj0WDk= k8s.io/pod-security-admission v0.28.2 h1:3kiOL+gc6auNTGHuQ0hVsGxYu2YO/7DZb0xYR84GxiQ= k8s.io/pod-security-admission v0.28.2/go.mod h1:gReea39xbhIzf4Ry0FDuiTi8uj1N5R9YXOh8zQSuTxs= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 h1:trsWhjU5jZrx6UvFu4WzQDrN7Pga4a7Qg+zcfcj64PA= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2/go.mod h1:+qG7ISXqCDVVcyO8hLn12AKVYYUjM7ftlqsqmrhMZE0= sigs.k8s.io/controller-runtime v0.16.2 h1:mwXAVuEk3EQf478PQwQ48zGOXvW27UJc8NHktQVuIPU= @@ -453,7 +456,7 @@ sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKU sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM7vh3b7HvGNfXrJ/xL6BDMS0v1V/HHg5U= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/go.mod b/go.mod index f55ae0760a..23f53c3b5e 100644 --- a/go.mod +++ b/go.mod @@ -12,11 +12,13 @@ require ( github.com/DATA-DOG/go-sqlmock v1.5.0 github.com/antonmedv/expr v1.8.9 github.com/apache/cloudstack-go/v2 v2.15.0 + github.com/avast/retry-go/v4 v4.6.0 github.com/aws/aws-sdk-go-v2 v1.3.2 github.com/aws/aws-sdk-go-v2/config v1.1.1 github.com/aws/aws-sdk-go-v2/credentials v1.1.1 github.com/aws/aws-sdk-go-v2/service/ec2 v1.5.0 github.com/bxcodec/faker v2.0.1+incompatible + github.com/cert-manager/cert-manager v1.13.3 github.com/chaos-mesh/chaos-driver v0.2.1 github.com/chaos-mesh/chaos-mesh/api v0.0.0 github.com/chaos-mesh/fx-logr v0.1.0 @@ -24,11 +26,11 @@ require ( github.com/containerd/cgroups v1.1.0 github.com/containerd/containerd v1.7.0 github.com/docker/docker v23.0.3+incompatible - github.com/ethereum/go-ethereum v1.12.1 - github.com/fatih/color v1.13.0 + github.com/ethereum/go-ethereum v1.12.2 + github.com/fatih/color v1.15.0 github.com/gin-contrib/pprof v1.3.0 github.com/gin-gonic/gin v1.9.1 - github.com/go-logr/logr v1.2.4 + github.com/go-logr/logr v1.3.0 github.com/go-logr/zapr v1.2.4 github.com/go-playground/validator/v10 v10.14.0 github.com/golang/protobuf v1.5.3 @@ -57,7 +59,7 @@ require ( github.com/shurcooL/vfsgen v0.0.0-20181202132449-6a9ea43bcacd github.com/spf13/cobra v1.7.0 github.com/spf13/pflag v1.0.5 - github.com/stretchr/testify v1.8.3 + github.com/stretchr/testify v1.9.0 github.com/swaggo/files v1.0.1 github.com/swaggo/gin-swagger v1.5.3 github.com/swaggo/swag v1.8.7 @@ -66,14 +68,14 @@ require ( go.uber.org/fx v1.19.2 go.uber.org/zap v1.25.0 golang.org/x/crypto v0.14.0 - golang.org/x/oauth2 v0.8.0 + golang.org/x/oauth2 v0.12.0 golang.org/x/sync v0.3.0 - golang.org/x/sys v0.13.0 + golang.org/x/sys v0.14.0 golang.org/x/term v0.13.0 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 - google.golang.org/api v0.114.0 - google.golang.org/grpc v1.56.3 - google.golang.org/protobuf v1.30.0 + google.golang.org/api v0.140.0 + google.golang.org/grpc v1.59.0 + google.golang.org/protobuf v1.31.0 gopkg.in/yaml.v2 v2.4.0 gopkg.in/yaml.v3 v3.0.1 helm.sh/helm/v3 v3.12.3 @@ -84,12 +86,12 @@ require ( k8s.io/client-go v0.28.2 k8s.io/cri-api v0.28.2 k8s.io/kubectl v0.28.1 - k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 + k8s.io/utils v0.0.0-20230726121419-3b25d923346b sigs.k8s.io/controller-runtime v0.16.2 ) require ( - cloud.google.com/go/compute v1.19.1 // indirect + cloud.google.com/go/compute v1.23.0 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 // indirect github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20221215162035-5330a85ea652 // indirect @@ -129,7 +131,7 @@ require ( github.com/containerd/typeurl/v2 v2.1.0 // indirect github.com/coreos/go-systemd/v22 v22.5.0 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/deckarep/golang-set/v2 v2.1.0 // indirect github.com/denisenkom/go-mssqldb v0.9.0 // indirect github.com/dimchansky/utfbom v1.1.1 // indirect @@ -140,7 +142,7 @@ require ( github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect - github.com/emicklei/go-restful/v3 v3.10.1 // indirect + github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect @@ -172,12 +174,13 @@ require ( github.com/golang/mock v1.6.0 // indirect github.com/google/btree v1.0.1 // indirect github.com/google/gnostic-models v0.6.8 // indirect - github.com/google/go-cmp v0.5.9 // indirect + github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20230207041349-798e818bf904 // indirect + github.com/google/s2a-go v0.1.7 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect - github.com/googleapis/gax-go/v2 v2.7.1 // indirect + github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect + github.com/googleapis/gax-go/v2 v2.12.0 // indirect github.com/gorilla/mux v1.8.0 // indirect github.com/gorilla/websocket v1.4.2 // indirect github.com/gosuri/uitable v0.0.4 // indirect @@ -190,7 +193,7 @@ require ( github.com/imdario/mergo v0.3.13 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jinzhu/inflection v1.0.0 // indirect - github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 // indirect github.com/jmoiron/sqlx v1.3.5 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -212,7 +215,7 @@ require ( github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect - github.com/mitchellh/mapstructure v1.4.3 // indirect + github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/moby/spdystream v0.2.0 // indirect github.com/moby/sys/sequential v0.5.0 // indirect @@ -232,7 +235,7 @@ require ( github.com/pelletier/go-toml/v2 v2.0.8 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect github.com/pingcap/check v0.0.0-20191216031241-8a5a85928f12 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_model v0.4.0 // indirect github.com/prometheus/common v0.44.0 // indirect github.com/prometheus/procfs v0.10.1 // indirect @@ -241,9 +244,9 @@ require ( github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/shopspring/decimal v1.3.1 // indirect github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749 // indirect - github.com/sirupsen/logrus v1.9.0 // indirect + github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/cast v1.5.0 // indirect - github.com/stretchr/objx v0.5.0 // indirect + github.com/stretchr/objx v0.5.2 // indirect github.com/tklauser/go-sysconf v0.3.9 // indirect github.com/tklauser/numcpus v0.3.0 // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect @@ -255,35 +258,36 @@ require ( github.com/xlab/treeprint v1.2.0 // indirect github.com/yusufpapurcu/wmi v1.2.2 // indirect go.opencensus.io v0.24.0 // indirect - go.opentelemetry.io/otel v1.16.0 // indirect - go.opentelemetry.io/otel/metric v1.16.0 // indirect - go.opentelemetry.io/otel/trace v1.16.0 // indirect + go.opentelemetry.io/otel v1.20.0 // indirect + go.opentelemetry.io/otel/metric v1.20.0 // indirect + go.opentelemetry.io/otel/trace v1.20.0 // indirect go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect go.uber.org/dig v1.16.1 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/arch v0.3.0 // indirect - golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc // indirect + golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect golang.org/x/mod v0.12.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.12.0 // indirect + golang.org/x/tools v0.13.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect + google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230911183012-2d3300fd4832 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce // indirect k8s.io/apiextensions-apiserver v0.28.1 // indirect k8s.io/component-base v0.28.2 // indirect k8s.io/klog/v2 v2.100.1 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect + k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f // indirect nhooyr.io/websocket v1.8.6 // indirect oras.land/oras-go v1.2.3 // indirect + sigs.k8s.io/gateway-api v0.8.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect sigs.k8s.io/yaml v1.3.0 // indirect ) diff --git a/go.sum b/go.sum index 91d8c47a0d..6e473b6a91 100644 --- a/go.sum +++ b/go.sum @@ -18,21 +18,19 @@ cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmW cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg= cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8= cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0= -cloud.google.com/go v0.110.0 h1:Zc8gqp3+a9/Eyph2KDmcGaPtbKRIoqq4YTlL4NMD0Ys= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc= cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg= cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc= cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ= -cloud.google.com/go/compute v1.19.1 h1:am86mquDUgjGNWxiGn+5PGLbmgiWXlE/yNWpIpNvuXY= -cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE= +cloud.google.com/go/compute v1.23.0 h1:tP41Zoavr8ptEqaW6j+LQOnyBBhO7OkOMAGrgLopTwY= +cloud.google.com/go/compute v1.23.0/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk= cloud.google.com/go/firestore v1.1.0/go.mod h1:ulACoGHTpvq5r8rxGJ4ddJZBZqakUQqClKRT5SZwBmk= -cloud.google.com/go/longrunning v0.4.1 h1:v+yFJOfKC3yZdY6ZUI933pIYdhyhV8S3NpWrXWmg7jM= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw= cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA= @@ -138,6 +136,8 @@ github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgI github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 h1:4daAzAu0S6Vi7/lbWECcX0j45yZReDZ56BQsrVBOEEY= github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= +github.com/avast/retry-go/v4 v4.6.0 h1:K9xNA+KeB8HHc2aWFuLb25Offp+0iVRXEvFx8IinRJA= +github.com/avast/retry-go/v4 v4.6.0/go.mod h1:gvWlPhBVsvBbLkVGDg/KwvBv0bEkCOLRRSHKIr2PyOE= github.com/aws/aws-sdk-go-v2 v1.2.0/go.mod h1:zEQs02YRBw1DjK0PoJv3ygDYOFTre1ejlJWl8FwAuQo= github.com/aws/aws-sdk-go-v2 v1.3.2 h1:RQj8l98yKUm0UV2Wd3w/Ms+TXV9Rs1E6Kr5tRRMfyU4= github.com/aws/aws-sdk-go-v2 v1.3.2/go.mod h1:7OaACgj2SX3XGWnrIjGlJM22h6yD6MEWKvm7levnnM8= @@ -177,6 +177,8 @@ github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1 github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s= github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= +github.com/cert-manager/cert-manager v1.13.3 h1:3R4G0RI7K0OkTZhWlVOC5SGZMYa2NwqmQJoyKydrz/M= +github.com/cert-manager/cert-manager v1.13.3/go.mod h1:BM2+Pt/NmSv1Zr25/MHv6BgIEF9IUxA1xAjp80qkxgc= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= @@ -229,8 +231,9 @@ github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53E github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v0.0.0-20161028175848-04cdfd42973b/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/deckarep/golang-set/v2 v2.1.0 h1:g47V4Or+DUdzbs8FxCCmgb6VYd+ptPAngjM6dtGktsI= github.com/deckarep/golang-set/v2 v2.1.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4= github.com/denisenkom/go-mssqldb v0.0.0-20191124224453-732737034ffd/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= @@ -260,8 +263,8 @@ github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHz github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arXfYcAtECDFgAgHklGI8CxgjHnXKJ4= -github.com/emicklei/go-restful/v3 v3.10.1 h1:rc42Y5YTp7Am7CS630D7JmhRjq4UlEUuEKfrDac4bSQ= -github.com/emicklei/go-restful/v3 v3.10.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= +github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -271,8 +274,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.m github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y= github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0= -github.com/ethereum/go-ethereum v1.12.1 h1:1kXDPxhLfyySuQYIfRxVBGYuaHdxNNxevA73vjIwsgk= -github.com/ethereum/go-ethereum v1.12.1/go.mod h1:zKetLweqBR8ZS+1O9iJWI8DvmmD2NzD19apjEWDCsnw= +github.com/ethereum/go-ethereum v1.12.2 h1:eGHJ4ij7oyVqUQn48LBz3B7pvQ8sV0wGJiIE6gDq/6Y= +github.com/ethereum/go-ethereum v1.12.2/go.mod h1:1cRAEV+rp/xX0zraSCBnu9Py3HQ+geRMj3HdR+k0wfI= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= @@ -283,9 +286,10 @@ github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8 github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= -github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBdXk= +github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= +github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI= github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE= github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps= @@ -323,8 +327,9 @@ github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= @@ -458,8 +463,9 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -480,6 +486,8 @@ github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20230207041349-798e818bf904 h1:4/hN5RUoecvl+RmJRE2YxKWtnnQls6rQjjW5oV7qg2U= github.com/google/pprof v0.0.0-20230207041349-798e818bf904/go.mod h1:uglQLonpP8qtYCYyzA+8c/9qtqgA3qsXGYqCPKARAFg= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/s2a-go v0.1.7 h1:60BLSyTrOV4/haCDW4zb1guZItoSq8foHCXrAnjBo/o= +github.com/google/s2a-go v0.1.7/go.mod h1:50CgR4k1jNlWBu4UfS4AcfhVe1r6pdZPygJ3R8F0Qdw= github.com/google/shlex v0.0.0-20181106134648-c34317bd91bf/go.mod h1:RpwtwJQFrIEPstU94h88MWPXP2ektJZ8cZ0YntAmXiE= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= @@ -488,12 +496,12 @@ github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/enterprise-certificate-proxy v0.2.3 h1:yk9/cqRKtT9wXZSsRH9aurXEpJX+U6FLtpYTdC3R06k= -github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= +github.com/googleapis/enterprise-certificate-proxy v0.2.5 h1:UR4rDjcgpgEnqpIEvkiqTYKBCKLNmlge2eVjoZfySzM= +github.com/googleapis/enterprise-certificate-proxy v0.2.5/go.mod h1:RxW0N9901Cko1VOCW3SXCpWP+mlIEkk2tP7jnHy9a3w= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= -github.com/googleapis/gax-go/v2 v2.7.1 h1:gF4c0zjUP2H/s/hEGyLA3I0fA2ZWjzYiONAD6cvPr8A= -github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= +github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56etFpas= +github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= @@ -569,8 +577,9 @@ github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= github.com/jinzhu/now v1.0.1 h1:HjfetcXq097iXP0uoPCdnM4Efp5/9MsM0/M+XOTeR3M= github.com/jinzhu/now v1.0.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 h1:liMMTbpW34dhU4az1GN0pTPADwNmvoRSeoZ6PItiqnY= +github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g= @@ -678,7 +687,7 @@ github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5 github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.1.25 h1:dFwPR6SfLtrSwgDcIq2bcU/gVutB4sNApq2HBdqcakg= +github.com/miekg/dns v1.1.55 h1:GoQ4hpsj0nFLYe+bWiCToyrBEJXkQfOOIvFGFy0lEgo= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= @@ -696,8 +705,8 @@ github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:F github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.2.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs= -github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= +github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= +github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= @@ -792,8 +801,9 @@ github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZ github.com/pkg/sftp v1.13.4 h1:Lb0RYJCmgUcBgZosfoi9Y9sbl6+LJgOIgk/2Y4YjMFg= github.com/pkg/sftp v1.13.4/go.mod h1:LzqnAvaD5TWeNBsZpfKxSYn1MbjWwOsCIAFFJbpIsK8= github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= github.com/poy/onpar v0.0.0-20200406201722-06f95a1c68e8/go.mod h1:nSbFQvMj97ZyhFRSJYtut+msi4sOY6zJDGCdSc+/rZU= @@ -836,7 +846,7 @@ github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/romana/ipset v1.0.0 h1:CELryXKTlypCeW/fqqUee/bBIfwjvFn4jBGnWV+UuOY= github.com/romana/ipset v1.0.0/go.mod h1:AeXLBaoBOJKSqnrqAkmNgoNaF6PjtERU9jijfTA6AV4= github.com/romana/rlog v0.0.0-20171115192701-f018bc92e7d7 h1:jkvpcEatpwuMF5O5LVxTnehj6YZ/aEZN4NWD/Xml4pI= @@ -865,8 +875,8 @@ github.com/shurcooL/vfsgen v0.0.0-20181202132449-6a9ea43bcacd/go.mod h1:TrYk7fJV github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= @@ -891,8 +901,9 @@ github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v0.0.0-20161117074351-18a02ba4a312/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= @@ -904,8 +915,9 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/swaggo/files v0.0.0-20220728132757-551d4a08d97a/go.mod h1:lKJPbtWzJ9JhsTN1k1gZgleJWY/cqq0psdoMmaThG3w= github.com/swaggo/files v1.0.1 h1:J1bVJ4XHZNq0I46UU90611i9/YzdrF7x92oX1ig5IdE= @@ -976,12 +988,12 @@ go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk= go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= -go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= -go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= -go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= -go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= -go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= +go.opentelemetry.io/otel v1.20.0 h1:vsb/ggIY+hUjD/zCAQHpzTmndPqv/ml2ArbsbfBYTAc= +go.opentelemetry.io/otel v1.20.0/go.mod h1:oUIGj3D77RwJdM6PPZImDpSZGDvkD9fhesHny69JFrs= +go.opentelemetry.io/otel/metric v1.20.0 h1:ZlrO8Hu9+GAhnepmRGhSU7/VkpjrNowxRN9GyKR4wzA= +go.opentelemetry.io/otel/metric v1.20.0/go.mod h1:90DRw3nfK4D7Sm/75yQ00gTJxtkBxX+wu6YaNymbpVM= +go.opentelemetry.io/otel/trace v1.20.0 h1:+yxVAPZPbQhbC3OfAkeIVTky6iTFpcr4SiY9om7mXSQ= +go.opentelemetry.io/otel/trace v1.20.0/go.mod h1:HJSK7F/hA5RlzpZ0zKDCHCDHm556LCDtKaAo6JmBFUU= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY= go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= @@ -1044,8 +1056,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc h1:mCRnTeVUjcrhlRmO0VK8a6k6Rrf6TF9htwo2pJVSjIU= -golang.org/x/exp v0.0.0-20230515195305-f3d0a9c9a5cc/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1141,8 +1153,8 @@ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= +golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4= +golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1239,8 +1251,8 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -1331,8 +1343,8 @@ golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo= golang.org/x/tools v0.1.9/go.mod h1:nABZi5QlRsZVlzPpHl034qft6wpY4eDcsTt5AaioBiU= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= -golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= +golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -1363,8 +1375,8 @@ google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjR google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= -google.golang.org/api v0.114.0 h1:1xQPji6cO2E2vLiI+C/XiFAnsn1WV3mjaEwGLhi3grE= -google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= +google.golang.org/api v0.140.0 h1:CaXNdYOH5oQQI7l6iKTHHiMTdxZca4/02hRg2U8c2hM= +google.golang.org/api v0.140.0/go.mod h1:aGbCiFgtwb2P6badchFbSBUurV6oR5d50Af4iNJtDdI= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= @@ -1415,11 +1427,11 @@ google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6D google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no= google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A= google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0= -google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54 h1:9NWlQfY2ePejTmfwUH1OWwmznFa+0kKcHGPDvcPza9M= -google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54/go.mod h1:zqTuNwFlFRsw5zIts5VnzLQxSRqh+CGOTVMlYbY0Eyk= -google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9 h1:m8v1xLLLzMe1m5P+gCTF8nJB9epwZQUBERm20Oy1poQ= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 h1:0nDDozoAU19Qb2HwhXadU8OcsiO/09cnTqhUtq2MEOM= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= +google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d h1:VBu5YqKPv6XiJ199exd8Br+Aetz+o08F+PLMnwJQHAY= +google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4= +google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d h1:DoPTO70H+bcDXcd39vOqb2viZxgqeBeSGtZ55yZU4/Q= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230911183012-2d3300fd4832 h1:o4LtQxebKIJ4vkzyhtD2rfUNZ20Zf0ik5YVP5E7G7VE= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230911183012-2d3300fd4832/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -1441,8 +1453,8 @@ google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.56.3 h1:8I4C0Yq1EjstUzUJzpcRVbuYA2mODtEmpWiQoN/b2nc= -google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= +google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= +google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -1457,8 +1469,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= -google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/gometalinter.v2 v2.0.12/go.mod h1:NDRytsqEZyolNuAgTzJkZMkSQM7FIKyzVzGhjB/qfYo= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/alecthomas/kingpin.v3-unstable v3.0.0-20180810215634-df19058c872c/go.mod h1:3HH7i1SgMqlzxCcBmUHW657sD4Kvv9sC3HpL3YukzwA= @@ -1523,12 +1535,12 @@ k8s.io/cri-api v0.28.2 h1:RzDo9YY9tkWhAx9/UZEcn6ug1WcvDhU3eA1YLevFreI= k8s.io/cri-api v0.28.2/go.mod h1:xXygwvSOGcT/2KXg8sMYTHns2xFem3949kCQn5IS1k4= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f h1:eeEUOoGYWhOz7EyXqhlR2zHKNw2mNJ9vzJmub6YN6kk= +k8s.io/kube-openapi v0.0.0-20230905202853-d090da108d2f/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= k8s.io/kubectl v0.28.2 h1:fOWOtU6S0smdNjG1PB9WFbqEIMlkzU5ahyHkc7ESHgM= k8s.io/kubectl v0.28.2/go.mod h1:6EQWTPySF1fn7yKoQZHYf9TPwIl2AygHEcJoxFekr64= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= nhooyr.io/websocket v1.8.6 h1:s+C3xAMLwGmlI31Nyn/eAehUlZPwfYZu2JXM621Q5/k= nhooyr.io/websocket v1.8.6/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= oras.land/oras-go v1.2.3 h1:v8PJl+gEAntI1pJ/LCrDgsuk+1PKVavVEPsYIHFE5uY= @@ -1539,13 +1551,15 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/controller-runtime v0.16.2 h1:mwXAVuEk3EQf478PQwQ48zGOXvW27UJc8NHktQVuIPU= sigs.k8s.io/controller-runtime v0.16.2/go.mod h1:vpMu3LpI5sYWtujJOa2uPK61nB5rbwlN7BAB8aSLvGU= +sigs.k8s.io/gateway-api v0.8.0 h1:isQQ3Jx2qFP7vaA3ls0846F0Amp9Eq14P08xbSwVbQg= +sigs.k8s.io/gateway-api v0.8.0/go.mod h1:okOnjPNBFbIS/Rw9kAhuIUaIkLhTKEu+ARIuXk2dgaM= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 h1:W6cLQc5pnqM7vh3b7HvGNfXrJ/xL6BDMS0v1V/HHg5U= sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3/go.mod h1:JWP1Fj0VWGHyw3YUPjXSQnRnrwezrZSrApfX5S0nIag= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/hack/update_install_script.sh b/hack/update_install_script.sh index 6ac0ade27f..1025406f19 100755 --- a/hack/update_install_script.sh +++ b/hack/update_install_script.sh @@ -26,8 +26,8 @@ helm template chaos-mesh helm/chaos-mesh --namespace=chaos-mesh \ --set enableCtrlServer=true \ --set dashboard.securityMode=false > ${tmp_file} -sed -i.bak '/helm/d' $tmp_file -sed -i.bak '/Helm/d' $tmp_file +sed -i.bak '/helm.sh/d' $tmp_file +sed -i.bak '/managed-by: Helm/d' $tmp_file sed -i.bak 's/rollme:.*/rollme: \"install.sh\"/g' $tmp_file sed -i.bak 's/ca.crt:.*/ca.crt: \"\$\{CA_BUNDLE\}\"/g' $tmp_file sed -i.bak 's/tls.crt:.*/tls.crt: \"\$\{TLS_CRT\}\"/g' $tmp_file diff --git a/helm/chaos-mesh/crds/chaos-mesh.org_certificatechaos.yaml b/helm/chaos-mesh/crds/chaos-mesh.org_certificatechaos.yaml new file mode 100644 index 0000000000..84fdb2ecdd --- /dev/null +++ b/helm/chaos-mesh/crds/chaos-mesh.org_certificatechaos.yaml @@ -0,0 +1,245 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: certificatechaos.chaos-mesh.org +spec: + group: chaos-mesh.org + names: + kind: CertificateChaos + listKind: CertificateChaosList + plural: certificatechaos + singular: certificatechaos + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: CertificateChaos is the control script`s spec. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the behavior of a certificate chaos experiment + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for the + requested certificate. Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where the + chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should rotate + the certificate. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can be + used to select objects. A list of selectors based on set-based + label expressions. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object + status: + description: Most recently observed status of the chaos experiment about + pods + properties: + affectedFluxResources: + additionalProperties: + properties: + certificateReadyAt: + format: date-time + type: string + fluxResource: + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + version: + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + originalExpiry: + type: string + originalRenewBefore: + type: string + secretName: + type: string + required: + - fluxResource + type: object + description: Instances keeps track of the state for each certificate + type: object + conditions: + description: Conditions represents the current global condition of + the chaos + items: + properties: + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + experiment: + description: Experiment records the last experiment state. + properties: + containerRecords: + description: Records are used to track the running status + items: + properties: + events: + description: Events are the essential details about the + injections and recoveries + items: + properties: + message: + description: Message is the detail message, e.g. the + reason why we failed to inject the chaos + type: string + operation: + description: Operation represents the operation we + are doing, when we crate this event + type: string + timestamp: + description: Timestamp is time when we create this + event + format: date-time + type: string + type: + description: Type means the stage of this event + type: string + required: + - operation + - timestamp + - type + type: object + type: array + id: + type: string + injectedCount: + description: InjectedCount is a counter to record the sum + of successful injections + type: integer + phase: + type: string + recoveredCount: + description: RecoveredCount is a counter to record the sum + of successful recoveries + type: integer + selectorKey: + type: string + required: + - id + - injectedCount + - phase + - recoveredCount + - selectorKey + type: object + type: array + desiredPhase: + enum: + - Run + - Stop + type: string + type: object + required: + - experiment + type: object + required: + - spec + type: object + served: true + storage: true diff --git a/helm/chaos-mesh/crds/chaos-mesh.org_schedules.yaml b/helm/chaos-mesh/crds/chaos-mesh.org_schedules.yaml index 4af4aa52c0..d695d0b6cd 100644 --- a/helm/chaos-mesh/crds/chaos-mesh.org_schedules.yaml +++ b/helm/chaos-mesh/crds/chaos-mesh.org_schedules.yaml @@ -278,6 +278,93 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that a user + creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for + the requested certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should + rotate the certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can + be used to select objects. A list of selectors based on + set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium CNI. @@ -4017,6 +4104,98 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the + chaos action. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list of + selectors based on set-based label expressions. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to + which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or @@ -7630,6 +7809,102 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time + units are "ns", "us" (or "µs"), "ms", "s", "m", + "h". + type: string + duration: + default: 90m + description: Duration represents the duration of + the chaos action. Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list + of selectors based on set-based label expressions. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting diff --git a/helm/chaos-mesh/crds/chaos-mesh.org_workflownodes.yaml b/helm/chaos-mesh/crds/chaos-mesh.org_workflownodes.yaml index d74793a048..26b857a3ae 100644 --- a/helm/chaos-mesh/crds/chaos-mesh.org_workflownodes.yaml +++ b/helm/chaos-mesh/crds/chaos-mesh.org_workflownodes.yaml @@ -284,6 +284,93 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that a user + creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for + the requested certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should + rotate the certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can + be used to select objects. A list of selectors based on + set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: items: type: string @@ -3665,6 +3752,95 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that + a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period + for the requested certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos + action. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that + can be used to select objects. A list of selectors based + on set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which + objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium CNI. @@ -7489,6 +7665,102 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time + units are "ns", "us" (or "µs"), "ms", "s", "m", + "h". + type: string + duration: + default: 90m + description: Duration represents the duration of + the chaos action. Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list + of selectors based on set-based label expressions. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial @@ -11212,6 +11484,106 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about + pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the + expiry period for the requested certificate. + Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration + of the chaos action. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the + cert-manager should rotate the certificate. + Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A + list of selectors based on set-based label + expressions. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting diff --git a/helm/chaos-mesh/crds/chaos-mesh.org_workflows.yaml b/helm/chaos-mesh/crds/chaos-mesh.org_workflows.yaml index 630f7f3e13..5e5ff63d88 100644 --- a/helm/chaos-mesh/crds/chaos-mesh.org_workflows.yaml +++ b/helm/chaos-mesh/crds/chaos-mesh.org_workflows.yaml @@ -297,6 +297,95 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that + a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period + for the requested certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos + action. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that + can be used to select objects. A list of selectors + based on set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which + objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or TypeParallel. @@ -3808,6 +3897,98 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the + chaos action. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list of + selectors based on set-based label expressions. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to + which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium diff --git a/helm/chaos-mesh/templates/controller-manager-rbac.yaml b/helm/chaos-mesh/templates/controller-manager-rbac.yaml index 396a7fc856..7c2ea49c02 100644 --- a/helm/chaos-mesh/templates/controller-manager-rbac.yaml +++ b/helm/chaos-mesh/templates/controller-manager-rbac.yaml @@ -39,6 +39,9 @@ rules: - apiGroups: [ "" ] resources: [ "pods", "configmaps", "secrets"] verbs: [ "get", "list", "watch", "delete", "update", "patch" ] + - apiGroups: [ "apps" ] + resources: [ "replicasets", "deployments", "daemonsets", "statefulsets"] + verbs: [ "get", "watch", "list", "patch" ] - apiGroups: - "" resources: @@ -55,10 +58,37 @@ rules: - "" resources: - persistentvolumeclaims - verbs: + verbs: - get - list - delete + - apiGroups: + - "cert-manager.io" + resources: + - certificates + verbs: + - get + - patch + - list + - watch + - apiGroups: + - "helm.toolkit.fluxcd.io" + resources: + - helmreleases + verbs: + - get + - patch + - list + - watch + - apiGroups: + - "kustomize.toolkit.fluxcd.io" + resources: + - kustomizations + verbs: + - get + - patch + - list + - watch - apiGroups: - "" resources: diff --git a/install.sh b/install.sh index 578cd7f4aa..ca25955999 100755 --- a/install.sh +++ b/install.sh @@ -1074,6 +1074,9 @@ rules: - apiGroups: [ "" ] resources: [ "pods", "configmaps", "secrets"] verbs: [ "get", "list", "watch", "delete", "update", "patch" ] + - apiGroups: [ "apps" ] + resources: [ "replicasets", "deployments", "daemonsets", "statefulsets"] + verbs: [ "get", "watch", "list", "patch" ] - apiGroups: - "" resources: @@ -1090,10 +1093,37 @@ rules: - "" resources: - persistentvolumeclaims - verbs: + verbs: - get - list - delete + - apiGroups: + - "cert-manager.io" + resources: + - certificates + verbs: + - get + - patch + - list + - watch + - apiGroups: + - "helm.toolkit.fluxcd.io" + resources: + - helmreleases + verbs: + - get + - patch + - list + - watch + - apiGroups: + - "kustomize.toolkit.fluxcd.io" + resources: + - kustomizations + verbs: + - get + - patch + - list + - watch - apiGroups: - "" resources: diff --git a/manifests/crd.yaml b/manifests/crd.yaml index e88e150e58..044fb957a5 100644 --- a/manifests/crd.yaml +++ b/manifests/crd.yaml @@ -635,6 +635,251 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: certificatechaos.chaos-mesh.org +spec: + group: chaos-mesh.org + names: + kind: CertificateChaos + listKind: CertificateChaosList + plural: certificatechaos + singular: certificatechaos + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: CertificateChaos is the control script`s spec. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec defines the behavior of a certificate chaos experiment + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for the + requested certificate. Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where the + chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should rotate + the certificate. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can be + used to select objects. A list of selectors based on set-based + label expressions. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used to + select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object + status: + description: Most recently observed status of the chaos experiment about + pods + properties: + affectedFluxResources: + additionalProperties: + properties: + certificateReadyAt: + format: date-time + type: string + fluxResource: + properties: + group: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + version: + type: string + required: + - group + - kind + - name + - namespace + - version + type: object + originalExpiry: + type: string + originalRenewBefore: + type: string + secretName: + type: string + required: + - fluxResource + type: object + description: Instances keeps track of the state for each certificate + type: object + conditions: + description: Conditions represents the current global condition of + the chaos + items: + properties: + reason: + type: string + status: + type: string + type: + type: string + required: + - status + - type + type: object + type: array + experiment: + description: Experiment records the last experiment state. + properties: + containerRecords: + description: Records are used to track the running status + items: + properties: + events: + description: Events are the essential details about the + injections and recoveries + items: + properties: + message: + description: Message is the detail message, e.g. the + reason why we failed to inject the chaos + type: string + operation: + description: Operation represents the operation we + are doing, when we crate this event + type: string + timestamp: + description: Timestamp is time when we create this + event + format: date-time + type: string + type: + description: Type means the stage of this event + type: string + required: + - operation + - timestamp + - type + type: object + type: array + id: + type: string + injectedCount: + description: InjectedCount is a counter to record the sum + of successful injections + type: integer + phase: + type: string + recoveredCount: + description: RecoveredCount is a counter to record the sum + of successful recoveries + type: integer + selectorKey: + type: string + required: + - id + - injectedCount + - phase + - recoveredCount + - selectorKey + type: object + type: array + desiredPhase: + enum: + - Run + - Stop + type: string + type: object + required: + - experiment + type: object + required: + - spec + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.13.0 @@ -6756,6 +7001,93 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that a user + creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for + the requested certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should + rotate the certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can + be used to select objects. A list of selectors based on + set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium CNI. @@ -10495,6 +10827,98 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the + chaos action. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list of + selectors based on set-based label expressions. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to + which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or @@ -14108,6 +14532,102 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time + units are "ns", "us" (or "µs"), "ms", "s", "m", + "h". + type: string + duration: + default: 90m + description: Duration represents the duration of + the chaos action. Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list + of selectors based on set-based label expressions. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting @@ -24306,6 +24826,93 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that a user + creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period for + the requested certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager should + rotate the certificate. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that can + be used to select objects. A list of selectors based on + set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If + the operator is In or NotIn, the values array must + be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced + during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be used + to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which objects + belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: items: type: string @@ -27687,6 +28294,95 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that + a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period + for the requested certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos + action. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster where + the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that + can be used to select objects. A list of selectors based + on set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can be + used to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which + objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium CNI. @@ -31460,56 +32156,152 @@ spec: items: type: string type: array - nodeSelectors: - additionalProperties: - type: string - description: Map of string keys and values that - can be used to select nodes. Selector which - must match a node's labels, and objects must - belong to these selected nodes. - type: object - nodes: - description: Nodes is a set of node name and - objects must belong to these nodes. - items: - type: string - type: array - podPhaseSelectors: - description: 'PodPhaseSelectors is a set of - condition of a pod at the current time. supported - value: Pending / Running / Succeeded / Failed - / Unknown' - items: - type: string - type: array - pods: - additionalProperties: - items: - type: string - type: array - description: Pods is a map of string keys and - a set values that used to select pods. The - key defines the namespace which pods belong, - and the each values is a set of pod names. - type: object + nodeSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select nodes. Selector which + must match a node's labels, and objects must + belong to these selected nodes. + type: object + nodes: + description: Nodes is a set of node name and + objects must belong to these nodes. + items: + type: string + type: array + podPhaseSelectors: + description: 'PodPhaseSelectors is a set of + condition of a pod at the current time. supported + value: Pending / Running / Succeeded / Failed + / Unknown' + items: + type: string + type: array + pods: + additionalProperties: + items: + type: string + type: array + description: Pods is a map of string keys and + a set values that used to select pods. The + key defines the namespace which pods belong, + and the each values is a set of pod names. + type: object + type: object + value: + description: Value is required when the mode is + set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. + If `FixedMode`, provide an integer of pods to + do chaos action. If `FixedPercentMode`, provide + a number from 0-100 to specify the percent of + pods the server can do chaos action. IF `RandomMaxPercentMode`, provide + a number from 0-100 to specify the max percent + of pods to do chaos action + type: string + volumeName: + type: string + required: + - action + - mode + - selector + - volumeName + type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time + units are "ns", "us" (or "µs"), "ms", "s", "m", + "h". + type: string + duration: + default: 90m + description: Duration represents the duration of + the chaos action. Valid time units are "ns", "us" + (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list + of selectors based on set-based label expressions. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector + based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array type: object - value: - description: Value is required when the mode is - set to `FixedMode` / `FixedPercentMode` / `RandomMaxPercentMode`. - If `FixedMode`, provide an integer of pods to - do chaos action. If `FixedPercentMode`, provide - a number from 0-100 to specify the percent of - pods the server can do chaos action. IF `RandomMaxPercentMode`, provide - a number from 0-100 to specify the max percent - of pods to do chaos action - type: string - volumeName: - type: string required: - - action - - mode - selector - - volumeName type: object children: description: Children describes the children steps of @@ -35234,6 +36026,106 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about + pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the + expiry period for the requested certificate. + Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration + of the chaos action. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote + cluster where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the + cert-manager should rotate the certificate. + Valid time units are "ns", "us" (or "µs"), + "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A + list of selectors based on set-based label + expressions. + items: + description: A label selector requirement + is a selector that contains values, + a key, and an operator that relates + the key and values. + properties: + key: + description: key is the label key + that the selector applies to. + type: string + operator: + description: operator represents a + key's relationship to a set of values. + Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of + string values. If the operator is + In or NotIn, the values array must + be non-empty. If the operator is + Exists or DoesNotExist, the values + array must be empty. This array + is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values + that can be used to select objects. A + selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace + to which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting @@ -49800,6 +50692,95 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes that + a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry period + for the requested certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the chaos + action. Valid time units are "ns", "us" (or "µs"), "ms", + "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are "ns", + "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions that + can be used to select objects. A list of selectors + based on set-based label expressions. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that can + be used to select objects. A selector based on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to which + objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object children: description: Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or TypeParallel. @@ -53311,6 +54292,98 @@ spec: - selector - volumeName type: object + certificateChaos: + description: CertificateChaosSpec defines the attributes + that a user creates on a chaos experiment about pods. + properties: + certificateExpiry: + default: 1h + description: CertificateExpiry represents the expiry + period for the requested certificate. Valid time units + are "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + duration: + default: 90m + description: Duration represents the duration of the + chaos action. Valid time units are "ns", "us" (or + "µs"), "ms", "s", "m", "h". + type: string + remoteCluster: + description: RemoteCluster represents the remote cluster + where the chaos will be deployed + type: string + renewBefore: + default: 30m + description: RenewBefore represents when the cert-manager + should rotate the certificate. Valid time units are + "ns", "us" (or "µs"), "ms", "s", "m", "h". + type: string + selector: + properties: + annotationSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on annotations. + type: object + expressionSelectors: + description: a slice of label selector expressions + that can be used to select objects. A list of + selectors based on set-based label expressions. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + fieldSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on fields. + type: object + labelSelectors: + additionalProperties: + type: string + description: Map of string keys and values that + can be used to select objects. A selector based + on labels. + type: object + namespaces: + description: Namespaces is a set of namespace to + which objects belong. + items: + type: string + type: array + type: object + required: + - selector + type: object ciliumChaos: description: CiliumChaosSpec defines the attributes that a user creates on a chaos experiment affecting cilium diff --git a/pkg/dashboard/swaggerdocs/docs.go b/pkg/dashboard/swaggerdocs/docs.go index 14fe75ca1c..740c6a85a3 100644 --- a/pkg/dashboard/swaggerdocs/docs.go +++ b/pkg/dashboard/swaggerdocs/docs.go @@ -3469,6 +3469,14 @@ const docTemplate = `{ } } }, + "v1.Duration": { + "type": "object", + "properties": { + "time.Duration": { + "type": "integer" + } + } + }, "v1.EmptyDirVolumeSource": { "type": "object", "properties": { @@ -5427,6 +5435,55 @@ const docTemplate = `{ } } }, + "v1alpha1.CertificateChaosSpec": { + "type": "object", + "properties": { + "annotationSelectors": { + "description": "Map of string keys and values that can be used to select objects.\nA selector based on annotations.\n+optional", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "certificateExpiry": { + "description": "CertificateExpiry represents the expiry period for the requested certificate.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\".\n+optional\n+kubebuilder:default=\"1h\"", + "$ref": "#/definitions/v1.Duration" + }, + "duration": { + "description": "Duration represents the duration of the chaos action.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\".\n+optional\n+kubebuilder:default=\"90m\"", + "type": "string" + }, + "fieldSelectors": { + "description": "Map of string keys and values that can be used to select objects.\nA selector based on fields.\n+optional", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "labelSelectors": { + "description": "Map of string keys and values that can be used to select objects.\nA selector based on labels.\n+optional", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "namespaces": { + "description": "Namespaces is a set of namespace to which objects belong.\n+optional", + "type": "array", + "items": { + "type": "string" + } + }, + "remoteCluster": { + "description": "RemoteCluster represents the remote cluster where the chaos will be deployed\n+optional", + "type": "string" + }, + "renewBefore": { + "description": "RenewBefore represents when the cert-manager should rotate the certificate.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\".\n+optional\n+kubebuilder:default=\"30m\"", + "$ref": "#/definitions/v1.Duration" + } + } + }, "v1alpha1.ChaosOnlyScheduleSpec": { "type": "object", "properties": { @@ -5442,6 +5499,10 @@ const docTemplate = `{ "description": "+optional", "$ref": "#/definitions/v1alpha1.BlockChaosSpec" }, + "certificateChaos": { + "description": "+optional", + "$ref": "#/definitions/v1alpha1.CertificateChaosSpec" + }, "ciliumChaos": { "description": "+optional", "$ref": "#/definitions/v1alpha1.CiliumChaosSpec" @@ -7993,6 +8054,10 @@ const docTemplate = `{ "description": "+optional", "$ref": "#/definitions/v1alpha1.BlockChaosSpec" }, + "certificateChaos": { + "description": "+optional", + "$ref": "#/definitions/v1alpha1.CertificateChaosSpec" + }, "ciliumChaos": { "description": "+optional", "$ref": "#/definitions/v1alpha1.CiliumChaosSpec" @@ -8359,6 +8424,10 @@ const docTemplate = `{ "description": "+optional", "$ref": "#/definitions/v1alpha1.BlockChaosSpec" }, + "certificateChaos": { + "description": "+optional", + "$ref": "#/definitions/v1alpha1.CertificateChaosSpec" + }, "children": { "description": "Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or TypeParallel.\n+optional", "type": "array", diff --git a/pkg/dashboard/swaggerdocs/swagger.json b/pkg/dashboard/swaggerdocs/swagger.json index 577be47aba..91eab201a4 100644 --- a/pkg/dashboard/swaggerdocs/swagger.json +++ b/pkg/dashboard/swaggerdocs/swagger.json @@ -3461,6 +3461,14 @@ } } }, + "v1.Duration": { + "type": "object", + "properties": { + "time.Duration": { + "type": "integer" + } + } + }, "v1.EmptyDirVolumeSource": { "type": "object", "properties": { @@ -5419,6 +5427,55 @@ } } }, + "v1alpha1.CertificateChaosSpec": { + "type": "object", + "properties": { + "annotationSelectors": { + "description": "Map of string keys and values that can be used to select objects.\nA selector based on annotations.\n+optional", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "certificateExpiry": { + "description": "CertificateExpiry represents the expiry period for the requested certificate.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\".\n+optional\n+kubebuilder:default=\"1h\"", + "$ref": "#/definitions/v1.Duration" + }, + "duration": { + "description": "Duration represents the duration of the chaos action.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\".\n+optional\n+kubebuilder:default=\"90m\"", + "type": "string" + }, + "fieldSelectors": { + "description": "Map of string keys and values that can be used to select objects.\nA selector based on fields.\n+optional", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "labelSelectors": { + "description": "Map of string keys and values that can be used to select objects.\nA selector based on labels.\n+optional", + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "namespaces": { + "description": "Namespaces is a set of namespace to which objects belong.\n+optional", + "type": "array", + "items": { + "type": "string" + } + }, + "remoteCluster": { + "description": "RemoteCluster represents the remote cluster where the chaos will be deployed\n+optional", + "type": "string" + }, + "renewBefore": { + "description": "RenewBefore represents when the cert-manager should rotate the certificate.\nValid time units are \"ns\", \"us\" (or \"µs\"), \"ms\", \"s\", \"m\", \"h\".\n+optional\n+kubebuilder:default=\"30m\"", + "$ref": "#/definitions/v1.Duration" + } + } + }, "v1alpha1.ChaosOnlyScheduleSpec": { "type": "object", "properties": { @@ -5434,6 +5491,10 @@ "description": "+optional", "$ref": "#/definitions/v1alpha1.BlockChaosSpec" }, + "certificateChaos": { + "description": "+optional", + "$ref": "#/definitions/v1alpha1.CertificateChaosSpec" + }, "ciliumChaos": { "description": "+optional", "$ref": "#/definitions/v1alpha1.CiliumChaosSpec" @@ -7985,6 +8046,10 @@ "description": "+optional", "$ref": "#/definitions/v1alpha1.BlockChaosSpec" }, + "certificateChaos": { + "description": "+optional", + "$ref": "#/definitions/v1alpha1.CertificateChaosSpec" + }, "ciliumChaos": { "description": "+optional", "$ref": "#/definitions/v1alpha1.CiliumChaosSpec" @@ -8351,6 +8416,10 @@ "description": "+optional", "$ref": "#/definitions/v1alpha1.BlockChaosSpec" }, + "certificateChaos": { + "description": "+optional", + "$ref": "#/definitions/v1alpha1.CertificateChaosSpec" + }, "children": { "description": "Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or TypeParallel.\n+optional", "type": "array", diff --git a/pkg/dashboard/swaggerdocs/swagger.yaml b/pkg/dashboard/swaggerdocs/swagger.yaml index 6139e082e3..b6f5bcec12 100644 --- a/pkg/dashboard/swaggerdocs/swagger.yaml +++ b/pkg/dashboard/swaggerdocs/swagger.yaml @@ -1114,6 +1114,11 @@ definitions: $ref: '#/definitions/v1.DownwardAPIVolumeFile' type: array type: object + v1.Duration: + properties: + time.Duration: + type: integer + type: object v1.EmptyDirVolumeSource: properties: medium: @@ -3874,6 +3879,66 @@ definitions: +kubebuilder:validation:Maximum=8192 type: integer type: object + v1alpha1.CertificateChaosSpec: + properties: + annotationSelectors: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to select objects. + A selector based on annotations. + +optional + type: object + certificateExpiry: + $ref: '#/definitions/v1.Duration' + description: |- + CertificateExpiry represents the expiry period for the requested certificate. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + +optional + +kubebuilder:default="1h" + duration: + description: |- + Duration represents the duration of the chaos action. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + +optional + +kubebuilder:default="90m" + type: string + fieldSelectors: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to select objects. + A selector based on fields. + +optional + type: object + labelSelectors: + additionalProperties: + type: string + description: |- + Map of string keys and values that can be used to select objects. + A selector based on labels. + +optional + type: object + namespaces: + description: |- + Namespaces is a set of namespace to which objects belong. + +optional + items: + type: string + type: array + remoteCluster: + description: |- + RemoteCluster represents the remote cluster where the chaos will be deployed + +optional + type: string + renewBefore: + $ref: '#/definitions/v1.Duration' + description: |- + RenewBefore represents when the cert-manager should rotate the certificate. + Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". + +optional + +kubebuilder:default="30m" + type: object v1alpha1.ChaosOnlyScheduleSpec: properties: awsChaos: @@ -3885,6 +3950,9 @@ definitions: blockChaos: $ref: '#/definitions/v1alpha1.BlockChaosSpec' description: +optional + certificateChaos: + $ref: '#/definitions/v1alpha1.CertificateChaosSpec' + description: +optional ciliumChaos: $ref: '#/definitions/v1alpha1.CiliumChaosSpec' description: +optional @@ -6598,6 +6666,9 @@ definitions: blockChaos: $ref: '#/definitions/v1alpha1.BlockChaosSpec' description: +optional + certificateChaos: + $ref: '#/definitions/v1alpha1.CertificateChaosSpec' + description: +optional ciliumChaos: $ref: '#/definitions/v1alpha1.CiliumChaosSpec' description: +optional @@ -7009,6 +7080,9 @@ definitions: blockChaos: $ref: '#/definitions/v1alpha1.BlockChaosSpec' description: +optional + certificateChaos: + $ref: '#/definitions/v1alpha1.CertificateChaosSpec' + description: +optional children: description: |- Children describes the children steps of serial or parallel node. Only used when Type is TypeSerial or TypeParallel. diff --git a/pkg/selector/certificate/selector.go b/pkg/selector/certificate/selector.go new file mode 100644 index 0000000000..023527c47e --- /dev/null +++ b/pkg/selector/certificate/selector.go @@ -0,0 +1,161 @@ +// Copyright 2021 Chaos Mesh Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package certificate + +import ( + "context" + + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" + "github.com/pkg/errors" + "go.uber.org/fx" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/chaos-mesh/chaos-mesh/api/v1alpha1" + "github.com/chaos-mesh/chaos-mesh/controllers/config" + "github.com/chaos-mesh/chaos-mesh/pkg/log" + "github.com/chaos-mesh/chaos-mesh/pkg/selector/generic" + genericannotation "github.com/chaos-mesh/chaos-mesh/pkg/selector/generic/annotation" + genericfield "github.com/chaos-mesh/chaos-mesh/pkg/selector/generic/field" + genericlabel "github.com/chaos-mesh/chaos-mesh/pkg/selector/generic/label" + genericnamespace "github.com/chaos-mesh/chaos-mesh/pkg/selector/generic/namespace" + "github.com/chaos-mesh/chaos-mesh/pkg/selector/generic/registry" +) + +type SelectImpl struct { + c client.Client + r client.Reader + + generic.Option +} + +type Certificate struct { + cmv1.Certificate +} + +func (cert *Certificate) Id() string { + return (types.NamespacedName{ + Name: cert.Name, + Namespace: cert.Namespace, + }).String() +} + +func (impl *SelectImpl) Select(ctx context.Context, selector *v1alpha1.CertificateSelector) ([]*Certificate, error) { + if selector == nil { + return []*Certificate{}, nil + } + + selectorRegistry := newSelectorRegistry() + selectorChain, err := registry.Parse(selectorRegistry, selector.GenericSelectorSpec, generic.Option{ + ClusterScoped: impl.ClusterScoped, + TargetNamespace: impl.TargetNamespace, + EnableFilterNamespace: impl.EnableFilterNamespace, + }) + if err != nil { + return nil, err + } + + certs, err := listCertificates(ctx, impl.c, impl.r, selector.GenericSelectorSpec, selectorChain, impl.EnableFilterNamespace) + + var result []*Certificate + for _, cert := range certs { + result = append(result, &Certificate{Certificate: cert}) + } + + return result, nil +} + +func newSelectorRegistry() registry.Registry { + return map[string]registry.SelectorFactory{ + genericlabel.Name: genericlabel.New, + genericnamespace.Name: genericnamespace.New, + genericfield.Name: genericfield.New, + genericannotation.Name: genericannotation.New, + } +} + +func listCertificates(ctx context.Context, c client.Client, r client.Reader, spec v1alpha1.GenericSelectorSpec, + selectorChain generic.SelectorChain, enableFilterNamespace bool) ([]cmv1.Certificate, error) { + var certs []cmv1.Certificate + namespaceCheck := make(map[string]bool) + logger, err := log.NewDefaultZapLogger() + if err != nil { + return certs, errors.Wrap(err, "failed to create logger") + } + if err := selectorChain.ListObjects(c, r, + func(listFunc generic.ListFunc, opts client.ListOptions) error { + var certList cmv1.CertificateList + if len(spec.Namespaces) > 0 { + for _, namespace := range spec.Namespaces { + if enableFilterNamespace { + allow, ok := namespaceCheck[namespace] + if !ok { + allow = genericnamespace.CheckNamespace(ctx, c, namespace, logger) + namespaceCheck[namespace] = allow + } + if !allow { + continue + } + } + + opts.Namespace = namespace + if err := listFunc(ctx, &certList, &opts); err != nil { + logger.Error(err, "list func errored", "namespace", namespace) + return err + } + certs = append(certs, certList.Items...) + } + } else { + // in fact, this will never happen + if err := listFunc(ctx, &certList, &opts); err != nil { + logger.Error(err, "list func errored") + return err + } + certs = append(certs, certList.Items...) + } + return nil + }); err != nil { + return nil, err + } + + filterCerts := make([]cmv1.Certificate, 0, len(certs)) + for _, cert := range certs { + cert := cert + if selectorChain.Match(&cert) { + filterCerts = append(filterCerts, cert) + } + } + return filterCerts, nil +} + +type Params struct { + fx.In + + Client client.Client + Reader client.Reader `name:"no-cache"` +} + +func New(params Params) *SelectImpl { + return &SelectImpl{ + params.Client, + params.Reader, + generic.Option{ + ClusterScoped: config.ControllerCfg.ClusterScoped, + TargetNamespace: config.ControllerCfg.TargetNamespace, + EnableFilterNamespace: config.ControllerCfg.EnableFilterNamespace, + }, + } +} diff --git a/pkg/selector/generic/field/selector.go b/pkg/selector/generic/field/selector.go index a98eeb3cdd..96e7f2d086 100644 --- a/pkg/selector/generic/field/selector.go +++ b/pkg/selector/generic/field/selector.go @@ -16,6 +16,7 @@ package field import ( + cmv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" @@ -56,6 +57,9 @@ func (s *fieldSelector) Match(obj client.Object) bool { objFields = toPodSelectableFields(obj) case *v1alpha1.PhysicalMachine: objFields = toPhysicalMachineSelectableFields(obj) + case *cmv1.Certificate: + return true // TODO do we want to allow field selector for certificates? + default: // not support return false diff --git a/pkg/selector/selector.go b/pkg/selector/selector.go index ef53a9f17a..43384dfa1f 100644 --- a/pkg/selector/selector.go +++ b/pkg/selector/selector.go @@ -24,6 +24,7 @@ import ( "github.com/chaos-mesh/chaos-mesh/pkg/selector/aws" "github.com/chaos-mesh/chaos-mesh/pkg/selector/azure" + "github.com/chaos-mesh/chaos-mesh/pkg/selector/certificate" "github.com/chaos-mesh/chaos-mesh/pkg/selector/cloudstackvm" "github.com/chaos-mesh/chaos-mesh/pkg/selector/container" "github.com/chaos-mesh/chaos-mesh/pkg/selector/gcp" @@ -87,6 +88,7 @@ type SelectorParams struct { ResourceScaleSelector *resourcescale.SelectImpl RollingRestartSelector *rollingrestart.SelectImpl PodPVCSelector *podpvc.SelectImpl + CertificateSelector *certificate.SelectImpl } func New(p SelectorParams) *Selector { @@ -122,4 +124,5 @@ var Module = fx.Provide( resourcescale.New, rollingrestart.New, podpvc.New, + certificate.New, ) diff --git a/ui/app/src/api/zz_generated.frontend.chaos-mesh.ts b/ui/app/src/api/zz_generated.frontend.chaos-mesh.ts index 07df9cf880..e353fa0972 100644 --- a/ui/app/src/api/zz_generated.frontend.chaos-mesh.ts +++ b/ui/app/src/api/zz_generated.frontend.chaos-mesh.ts @@ -4,6 +4,7 @@ const mapping = new Map([ ['AWSChaos', 'awsChaos'], ['AzureChaos', 'azureChaos'], ['BlockChaos', 'blockChaos'], + ['CertificateChaos', 'certificateChaos'], ['CiliumChaos', 'ciliumChaos'], ['CloudStackVMChaos', 'cloudstackvmChaos'], ['DNSChaos', 'dnsChaos'], diff --git a/ui/app/src/components/NewExperiment/types.ts b/ui/app/src/components/NewExperiment/types.ts index ef04b093e1..560d0999ab 100644 --- a/ui/app/src/components/NewExperiment/types.ts +++ b/ui/app/src/components/NewExperiment/types.ts @@ -179,6 +179,7 @@ export interface Time { export interface ExperimentType { AWSChaos: AWS AzureChaos?: unknown + CertificateChaos?: unknown CiliumChaos?: unknown CloudStackVMChaos?: unknown DNSChaos: DNS diff --git a/ui/app/src/components/NewExperimentNext/data/types.ts b/ui/app/src/components/NewExperimentNext/data/types.ts index d2e10fc425..c80dc7cb0a 100644 --- a/ui/app/src/components/NewExperimentNext/data/types.ts +++ b/ui/app/src/components/NewExperimentNext/data/types.ts @@ -369,6 +369,7 @@ const data: Record = { }, ], }, + CertificateChaos: {}, CloudStackVMChaos: {}, // DNS Fault DNSChaos: {