diff --git a/.github/values.yaml b/.github/values.yaml index 5fd38b0312..62afb494f1 100644 --- a/.github/values.yaml +++ b/.github/values.yaml @@ -1,93 +1,69 @@ -##### -# INFISICAL K8 DEFAULT VALUES FILE -# PLEASE REPLACE VALUES/EDIT AS REQUIRED -##### - -nameOverride: "" - frontend: + enabled: true name: frontend podAnnotations: {} - deploymentAnnotations: - secrets.infisical.com/auto-reload: "true" + deploymentAnnotations: {} replicaCount: 2 image: repository: infisical/frontend - pullPolicy: Always tag: "latest" + pullPolicy: Always kubeSecretRef: managed-secret-frontend service: - # type of the frontend service - type: ClusterIP - # define the nodePort if service type is NodePort - # nodePort: annotations: {} + type: ClusterIP + nodePort: "" + +frontendEnvironmentVariables: null backend: + enabled: true name: backend podAnnotations: {} - deploymentAnnotations: - secrets.infisical.com/auto-reload: "true" + deploymentAnnotations: {} replicaCount: 2 image: repository: infisical/backend - pullPolicy: Always tag: "latest" + pullPolicy: Always kubeSecretRef: managed-backend-secret service: annotations: {} + type: ClusterIP + nodePort: "" +backendEnvironmentVariables: null + +## Mongo DB persistence mongodb: - name: mongodb - podAnnotations: {} - image: - repository: mongo - pullPolicy: IfNotPresent - tag: "latest" - service: - annotations: {} + enabled: true + persistence: + enabled: false -# By default the backend will be connected to a Mongo instance in the cluster. -# However, it is recommended to add a managed document DB connection string because the DB instance in the cluster does not have persistence yet ( data will be deleted on next deploy). -# Learn about connection string type here https://www.mongodb.com/docs/manual/reference/connection-string/ -mongodbConnection: {} - # externalMongoDBConnectionString: <> +## By default the backend will be connected to a Mongo instance within the cluster +## However, it is recommended to add a managed document DB connection string for production-use (DBaaS) +## Learn about connection string type here https://www.mongodb.com/docs/manual/reference/connection-string/ +## e.g. "mongodb://:@:/" +mongodbConnection: + externalMongoDBConnectionString: "" ingress: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - hostName: gamma.infisical.com # replace with your domain - frontend: + # cert-manager.io/issuer: letsencrypt-nginx + hostName: gamma.infisical.com ## <- Replace with your own domain + frontend: path: / pathType: Prefix backend: path: /api pathType: Prefix - tls: [] + tls: + [] + # - secretName: letsencrypt-nginx + # hosts: + # - infisical.local - -## Complete Ingress example -# ingress: -# enabled: true -# annotations: -# kubernetes.io/ingress.class: "nginx" -# cert-manager.io/issuer: letsencrypt-nginx -# hostName: k8.infisical.com -# frontend: -# path: / -# pathType: Prefix -# backend: -# path: /api -# pathType: Prefix -# tls: -# - secretName: letsencrypt-nginx -# hosts: -# - k8.infisical.com - -### -### YOU MUST FILL IN ALL SECRETS BELOW -### -backendEnvironmentVariables: {} - -frontendEnvironmentVariables: {} +mailhog: + enabled: false diff --git a/docs/self-hosting/deployments/kubernetes.mdx b/docs/self-hosting/deployments/kubernetes.mdx index 28bdc2416a..cbba7a9466 100644 --- a/docs/self-hosting/deployments/kubernetes.mdx +++ b/docs/self-hosting/deployments/kubernetes.mdx @@ -24,114 +24,88 @@ Before you can deploy the Helm chart, you must fill out the required environment Refer to the available [environment variables](../../self-hosting/configuration/envars) to learn more +[View all available Helm chart values parameters](https://github.com/Infisical/infisical/tree/main/helm-charts/infisical) ```yaml -##### -# INFISICAL K8 DEFAULT VALUES FILE -# PLEASE REPLACE VALUES/EDIT AS REQUIRED -##### - -nameOverride: "" - frontend: + enabled: true name: frontend podAnnotations: {} deploymentAnnotations: {} replicaCount: 2 image: repository: infisical/frontend - pullPolicy: Always - tag: "latest" # It it highly recommended to select a specific tag for prod deployment so it is easy to rollback: https://hub.docker.com/r/infisical/frontend/tags - # kubeSecretRef: some-kube-secret-name + tag: "latest" + pullPolicy: IfNotPresent + kubeSecretRef: "" service: - # type of the frontend service - type: ClusterIP - # define the nodePort if service type is NodePort - # nodePort: annotations: {} + type: ClusterIP + nodePort: "" + +frontendEnvironmentVariables: + SITE_URL: infisical.local backend: + enabled: true name: backend podAnnotations: {} deploymentAnnotations: {} replicaCount: 2 image: repository: infisical/backend - pullPolicy: Always - tag: "latest" # It it highly recommended to select a specific tag for prod deployment so it is easy to rollback: https://hub.docker.com/r/infisical/backend/tags - # kubeSecretRef: some-kube-secret-name - service: - annotations: {} - -mongodb: - name: mongodb - podAnnotations: {} - image: - repository: mongo + tag: "latest" pullPolicy: IfNotPresent - tag: "latest" + kubeSecretRef: "" service: annotations: {} + type: ClusterIP + nodePort: "" -# By default the backend will be connected to a Mongo instance in the cluster. -# However, it is recommended to add a managed document DB connection string because the DB instance in the cluster does not have persistence yet ( data will be deleted on next deploy). -# Learn about connection string type here https://www.mongodb.com/docs/manual/reference/connection-string/ -mongodbConnection: {} - # externalMongoDBConnectionString: <> +backendEnvironmentVariables: + ENCRYPTION_KEY: MUST_REPLACE + JWT_SIGNUP_SECRET: MUST_REPLACE + JWT_REFRESH_SECRET: MUST_REPLACE + JWT_AUTH_SECRET: MUST_REPLACE + JWT_SERVICE_SECRET: MUST_REPLACE + SMTP_HOST: MUST_REPLACE + SMTP_PORT: 587 + SMTP_SECURE: false + SMTP_FROM_NAME: Infisical + SMTP_FROM_ADDRESS: MUST_REPLACE + SMTP_USERNAME: MUST_REPLACE + SMTP_PASSWORD: MUST_REPLACE + SITE_URL: infisical.local + +## Mongo DB persistence +mongodb: + enabled: true + +## By default the backend will be connected to a Mongo instance within the cluster +## However, it is recommended to add a managed document DB connection string for production-use (DBaaS) +## Learn about connection string type here https://www.mongodb.com/docs/manual/reference/connection-string/ +## e.g. "mongodb://:@:/" +mongodbConnection: + externalMongoDBConnectionString: "" ingress: enabled: true annotations: kubernetes.io/ingress.class: "nginx" - hostName: example.com # replace with your domain - frontend: + # cert-manager.io/issuer: letsencrypt-nginx + hostName: infisical.local ## <- Replace with your own domain + frontend: path: / pathType: Prefix backend: path: /api pathType: Prefix tls: [] + # - secretName: letsencrypt-nginx + # hosts: + # - infisical.local - -## Complete Ingress example -# ingress: -# enabled: true -# annotations: -# kubernetes.io/ingress.class: "nginx" -# cert-manager.io/issuer: letsencrypt-nginx -# hostName: k8.infisical.com -# frontend: -# path: / -# pathType: Prefix -# backend: -# path: /api -# pathType: Prefix -# tls: -# - secretName: letsencrypt-nginx -# hosts: -# - k8.infisical.com - -### -### YOU MUST FILL IN ALL SECRETS BELOW -### -backendEnvironmentVariables: - # Required keys for platform encryption/decryption ops. Replace with nacl sk keys - ENCRYPTION_KEY: MUST_REPLACE - - # JWT - # Required secrets to sign JWT tokens - JWT_SIGNUP_SECRET: MUST_REPLACE - JWT_REFRESH_SECRET: MUST_REPLACE - JWT_AUTH_SECRET: MUST_REPLACE - - # Mail/SMTP - # Required to send emails - SMTP_HOST: MUST_REPLACE - SMTP_NAME: MUST_REPLACE - SMTP_USERNAME: MUST_REPLACE - SMTP_PASSWORD: MUST_REPLACE - -frontendEnvironmentVariables: {} - +mailhog: + enabled: false ``` diff --git a/helm-charts/README.md b/helm-charts/README.md index 468275e3fb..01675d0b29 100644 --- a/helm-charts/README.md +++ b/helm-charts/README.md @@ -1,17 +1,36 @@ -### helm repository Setup -Assuming you have helm already installed, it is straight-forward to add a Cloudsmith-based chart repository: +# Infisical Helm Charts -``` -helm repo add infisical-helm-charts 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/' +Welcome to Infisical Helm Charts repository! Find instructions below to setup and install our charts. + +```sh +# Add the Infisical repository +helm repo add infisical 'https://dl.cloudsmith.io/public/infisical/helm-charts/helm/charts/' && helm repo update + +# Install Infisical +helm upgrade --install --atomic \ + -n infisical-dev --create-namespace \ + infisical infisical/infisical -helm repo update +# Install Infisical Secrets Operator +helm upgrade --install --atomic \ + -n infisical-dev --create-namespace \ + infisical-secrets-operator infisical/secrets-operator ``` -### Installing a Helm Chart -``` -helm install infisical-helm-charts/ -``` +## Charts -#### Available chart names -- infisical -- secrets-operator +Here's the link to our charts corresponding documentation : +- **`[infisical](./infisical/README.md)`** +- **`secrets-operator`** + +## Documentation + +We're trying to follow a documentation convention across our charts, allowing us to auto-generate markdown documentation thanks to [this tool](https://github.com/bitnami-labs/readme-generator-for-helm) + +Steps to update the documentation : +1. `cd helm-charts/` +1. `git clone https://github.com/bitnami-labs/readme-generator-for-helm` +2. `npm install ./readme-generator-for-helm` +3. `npm exec readme-generator -- --readme README.md --values values.yaml` + - It'll insert the table below the `## Parameters` title + - It'll output errors if some of the path aren't documented \ No newline at end of file diff --git a/helm-charts/infisical/.gitignore b/helm-charts/infisical/.gitignore new file mode 100644 index 0000000000..a2968aad7c --- /dev/null +++ b/helm-charts/infisical/.gitignore @@ -0,0 +1,3 @@ +charts/ +node_modules/ +package*.json \ No newline at end of file diff --git a/helm-charts/infisical/Chart.lock b/helm-charts/infisical/Chart.lock new file mode 100644 index 0000000000..3b5f48ca49 --- /dev/null +++ b/helm-charts/infisical/Chart.lock @@ -0,0 +1,9 @@ +dependencies: +- name: mongodb + repository: https://charts.bitnami.com/bitnami + version: 13.6.7 +- name: mailhog + repository: https://codecentric.github.io/helm-charts + version: 5.2.3 +digest: sha256:a54ae9ee60775f6f1aa916b59aee55b3ed5234b6bd88185fcb118b7f69539d70 +generated: "2023-02-13T14:13:27.525541038+01:00" diff --git a/helm-charts/infisical/Chart.yaml b/helm-charts/infisical/Chart.yaml index fe65e3b114..d0d293b715 100644 --- a/helm-charts/infisical/Chart.yaml +++ b/helm-charts/infisical/Chart.yaml @@ -7,10 +7,20 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.13 +version: 0.1.14 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. appVersion: "1.17.0" + +dependencies: + - name: mongodb + version: "~13.6.7" + repository: "https://charts.bitnami.com/bitnami" + condition: mongodb.enabled + - name: mailhog + version: "~5.2.3" + repository: "https://codecentric.github.io/helm-charts" + condition: mailhog.enabled \ No newline at end of file diff --git a/helm-charts/infisical/README.md b/helm-charts/infisical/README.md new file mode 100644 index 0000000000..6965b818a3 --- /dev/null +++ b/helm-charts/infisical/README.md @@ -0,0 +1,187 @@ +# Infisical - Helm Chart + +This is the Infisical application Helm chart. + +## Parameters + +### Common parameters + +| Name | Description | Value | +| ------------------ | ------------------------- | ----- | +| `nameOverride` | Override release name | `""` | +| `fullnameOverride` | Override release fullname | `""` | + + +### Infisical frontend parameters + +| Name | Description | Value | +| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | +| `frontend.enabled` | Enable frontend | `true` | +| `frontend.name` | Backend name | `frontend` | +| `frontend.fullnameOverride` | Backend fullnameOverride | `""` | +| `frontend.podAnnotations` | Backend pod annotations | `{}` | +| `frontend.deploymentAnnotations` | Backend deployment annotations | `{}` | +| `frontend.replicaCount` | Backend replica count | `2` | +| `frontend.image.repository` | Backend image repository | `infisical/frontend` | +| `frontend.image.tag` | Backend image tag | `latest` | +| `frontend.image.pullPolicy` | Backend image pullPolicy | `IfNotPresent` | +| `frontend.kubeSecretRef` | Backend secret resource reference name (containing required [frontend configuration variables](https://infisical.com/docs/self-hosting/configuration/envars)) | `""` | +| `frontend.service.annotations` | Backend service annotations | `{}` | +| `frontend.service.type` | Backend service type | `ClusterIP` | +| `frontend.service.nodePort` | Backend service nodePort (used if above type is `NodePort`) | `""` | +| `frontendEnvironmentVariables.SITE_URL` | Absolute URL including the protocol (e.g. https://app.infisical.com) | `infisical.local` | + + +### Infisical backend parameters + +| Name | Description | Value | +| ------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------- | +| `backend.enabled` | Enable backend | `true` | +| `backend.name` | Backend name | `backend` | +| `backend.fullnameOverride` | Backend fullnameOverride | `""` | +| `backend.podAnnotations` | Backend pod annotations | `{}` | +| `backend.deploymentAnnotations` | Backend deployment annotations | `{}` | +| `backend.replicaCount` | Backend replica count | `2` | +| `backend.image.repository` | Backend image repository | `infisical/backend` | +| `backend.image.tag` | Backend image tag | `latest` | +| `backend.image.pullPolicy` | Backend image pullPolicy | `IfNotPresent` | +| `backend.kubeSecretRef` | Backend secret resource reference name (containing required [backend configuration variables](https://infisical.com/docs/self-hosting/configuration/envars)) | `""` | +| `backend.service.annotations` | Backend service annotations | `{}` | +| `backend.service.type` | Backend service type | `ClusterIP` | +| `backend.service.nodePort` | Backend service nodePort (used if above type is `NodePort`) | `""` | +| `backendEnvironmentVariables.ENCRYPTION_KEY` | **Required** Backend encryption key (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) | `MUST_REPLACE` | +| `backendEnvironmentVariables.JWT_SIGNUP_SECRET` | **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) | `MUST_REPLACE` | +| `backendEnvironmentVariables.JWT_REFRESH_SECRET` | **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) | `MUST_REPLACE` | +| `backendEnvironmentVariables.JWT_AUTH_SECRET` | **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) | `MUST_REPLACE` | +| `backendEnvironmentVariables.JWT_SERVICE_SECRET` | **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) | `MUST_REPLACE` | +| `backendEnvironmentVariables.SMTP_HOST` | **Required** Hostname to connect to for establishing SMTP connections | `MUST_REPLACE` | +| `backendEnvironmentVariables.SMTP_PORT` | Port to connect to for establishing SMTP connections | `587` | +| `backendEnvironmentVariables.SMTP_SECURE` | If true, use TLS when connecting to host. If false, TLS will be used if STARTTLS is supported | `false` | +| `backendEnvironmentVariables.SMTP_FROM_NAME` | Name label to be used in From field (e.g. Infisical) | `Infisical` | +| `backendEnvironmentVariables.SMTP_FROM_ADDRESS` | **Required** Email address to be used for sending emails (e.g. dev@infisical.com) | `MUST_REPLACE` | +| `backendEnvironmentVariables.SMTP_USERNAME` | **Required** Credential to connect to host (e.g. team@infisical.com) | `MUST_REPLACE` | +| `backendEnvironmentVariables.SMTP_PASSWORD` | **Required** Credential to connect to host | `MUST_REPLACE` | +| `backendEnvironmentVariables.SITE_URL` | Absolute URL including the protocol (e.g. https://app.infisical.com) | `infisical.local` | + + +### MongoDB(®) parameters + +| Name | Description | Value | +| --------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- | +| `mongodb.enabled` | Enable MongoDB(®) | `true` | +| `mongodb.name` | Name used to build variables (deprecated) | `mongodb` | +| `mongodb.fullnameOverride` | Fullname override | `mongodb` | +| `mongodb.nameOverride` | Name override | `mongodb` | +| `mongodb.podAnnotations` | Pod annotations | `{}` | +| `mongodb.useStatefulSet` | Set to true to use a StatefulSet instead of a Deployment (only when `architecture: standalone`) | `true` | +| `mongodb.architecture` | MongoDB(®) architecture (`standalone` or `replicaset`) | `standalone` | +| `mongodb.image.repository` | MongoDB(®) image registry | `bitnami/mongodb` | +| `mongodb.image.tag` | MongoDB(®) image tag (immutable tags are recommended) | `6.0.4-debian-11-r0` | +| `mongodb.image.pullPolicy` | MongoDB(®) image pull policy | `IfNotPresent` | +| `mongodb.service.annotations` | Service annotations | `{}` | +| `mongodb.auth.enabled` | Enable custom authentication | `true` | +| `mongodb.auth.usernames` | Custom usernames list ([special characters warning](https://www.mongodb.com/docs/manual/reference/connection-string/#standard-connection-string-format)) | `["infisical"]` | +| `mongodb.auth.passwords` | Custom passwords list, match the above usernames order ([special characters warning](https://www.mongodb.com/docs/manual/reference/connection-string/#standard-connection-string-format)) | `["infisical"]` | +| `mongodb.auth.databases` | Custom databases list ([special characters warning](https://www.mongodb.com/docs/manual/reference/connection-string/#standard-connection-string-format)) | `["infisical"]` | +| `mongodb.persistence.enabled` | Enable database persistence | `true` | +| `mongodb.persistence.existingClaim` | Existing persistent volume claim name | `""` | +| `mongodb.persistence.resourcePolicy` | Keep the persistent volume even on deletion (`keep` or `""`) | `keep` | +| `mongodb.persistence.accessModes` | Persistent volume access modes | `["ReadWriteOnce"]` | +| `mongodb.persistence.size` | Persistent storage request size | `8Gi` | +| `mongodbConnection.externalMongoDBConnectionString` | External MongoDB connection string | `""` | + + +### Ingress parameters + +| Name | Description | Value | +| ------------------ | ------------------------------------------- | ----------------- | +| `ingress.enabled` | Enable ingress | `true` | +| `ingress.hostName` | Ingress hostname (your custom domain name) | `infisical.local` | +| `ingress.tls` | Ingress TLS hosts (matching above hostName) | `[]` | + + +### Mailhog parameters + +| Name | Description | Value | +| ---------------------------------- | -------------------------- | ------------------------- | +| `mailhog.enabled` | Enable Mailhog | `false` | +| `mailhog.fullnameOverride` | Fullname override | `mailhog` | +| `mailhog.nameOverride` | Name override | `""` | +| `mailhog.image.repository` | Image repository | `lytrax/mailhog` | +| `mailhog.image.tag` | Image tag | `latest` | +| `mailhog.image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `mailhog.containerPort.http.port` | Mailhog HTTP port (Web UI) | `8025` | +| `mailhog.containerPort.smtp.port` | Mailhog SMTP port (Mail) | `1025` | +| `mailhog.ingress.enabled` | Enable ingress | `true` | +| `mailhog.ingress.ingressClassName` | Ingress class name | `nginx` | +| `mailhog.ingress.annotations` | Ingress annotations | `{}` | +| `mailhog.ingress.labels` | Ingress labels | `{}` | +| `mailhog.ingress.hosts[0].host` | Mailhog host | `mailhog.infisical.local` | + + +## Persistence + +The database persistence is enabled by default, your volumes will remain on your cluster even after uninstalling the chart. To disable persistence, set this value `mongodb.persistence.enabled: false` + +## Local development + +Use below values if you want to setup a local development environment, and adapt those variables as you need. Below example will deploy the following : +- https://infisical.local + - Your local Infisical instance + - You may have to add `infisical.local` to your `/etc/hosts` or similar depending your OS +- https://mailhog.infisical.local + - Local SMTP server used to receive the signup verification code + - You may have to add `mailhog.infisical.local` to your `/etc/hosts` or similar depending your OS + +```yaml +# values.dev.yaml + +# Enable all services for local development +frontend: + enabled: true +backend: + enabled: true +mongodb: + enabled: true +mailhog: + enabled: true + +# Configure backend development variables +backendEnvironmentVariables: + ENCRYPTION_KEY: 6c1fe4e407b8911c104518103505b218 + JWT_AUTH_SECRET: 4be6ba5602e0fa0ac6ac05c3cd4d247f + JWT_REFRESH_SECRET: 5f2f3c8f0159068dc2bbb3a652a716ff + JWT_SERVICE_SECRET: f32f716d70a42c5703f4656015e76200 + JWT_SIGNUP_SECRET: 3679e04ca949f914c03332aaaeba805a + SITE_URL: https://infisical.local + SMTP_FROM_ADDRESS: dev@infisical.local + SMTP_FROM_NAME: Local Infisical + SMTP_HOST: mailhog + SMTP_PASSWORD: "" + SMTP_PORT: 1025 + SMTP_SECURE: false + SMTP_USERNAME: dev@infisical.local + +# Configure frontend development variables +frontendEnvironmentVariables: + SITE_URL: https://infisical.local +``` + +After creating the above file, run : + +```sh +# Fetch the required charts +helm dep update + +# Install/upgrade Infisical +helm upgrade --install --atomic \ + -n infisical-dev --create-namespace \ + -f ./values.dev.yaml \ + infisical-dev . +``` + +## Upgrading + +### 1.15.0 + +Refactoring in progress, instructions are coming soon \ No newline at end of file diff --git a/helm-charts/infisical/templates/NOTES.txt b/helm-charts/infisical/templates/NOTES.txt index e69de29bb2..027ecde67f 100644 --- a/helm-charts/infisical/templates/NOTES.txt +++ b/helm-charts/infisical/templates/NOTES.txt @@ -0,0 +1,80 @@ +## + +-- Infisical Helm Chart -- + + __ __ + ( _) ( _) + / / \\ / /\_\_ + / / \\ / / | \ \ + / / \\ / / |\ \ \ + / / , \ , / / /| \ \ + / / |\_ /| / / / \ \_\ + / / |\/ _ '_|\ / / / \ \\ + | / |/ 0 \0\\ / | | \ \\ + | |\| \_\_ / / | \ \\ + | | |/ \.\ o\o) / \ | \\ + \ | /\\`v-v / | | \\ + | \/ /_| \\_| / | | \ \\ + | | /__/_ / _____ | | \ \\ + \| [__] \_/ |_________ \ | \ () + / [___] ( \ \ |\ | | // + | [___] |\| \| / |/ + /| [____] \ |/\ / / || + ( \ [____ / ) _\ \ \ \| | || + \ \ [_____| / / __/ \ / / // + | \ [_____/ / / \ | \/ // + | / '----| /=\____ _/ | / // + __ / / | / ___/ _/\ \ | || + (/-(/-\) / \ (/\/\)/ | / | / + (/\/\) / / // + _________/ / / + \____________/ ( + +██╗███╗ ██╗███████╗██╗███████╗██╗ ██████╗ █████╗ ██╗ +██║████╗ ██║██╔════╝██║██╔════╝██║██╔════╝██╔══██╗██║ +██║██╔██╗ ██║█████╗ ██║███████╗██║██║ ███████║██║ +██║██║╚██╗██║██╔══╝ ██║╚════██║██║██║ ██╔══██║██║ +██║██║ ╚████║██║ ██║███████║██║╚██████╗██║ ██║███████╗ +╚═╝╚═╝ ╚═══╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═════╝╚═╝ ╚═╝╚══════╝ +{{ .Chart.Name }} ({{ .Chart.Version }}) + + +╭―― Thank you for installing Infisical! 👋 ―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――┤ +│ +│ Infisical / All-in-one open-source SecretOps solution to manage your secrets across your infra! 🔒🔑 +│ +│ Visit < https://infisical.com/docs/self-hosting/overview > for further documentation about self-hosting! +│ +│ Current installation (infisical) : +│ • infisical-frontend : {{ .Values.frontend.enabled }} +│ • infisical-backend : {{ .Values.backend.enabled }} +│ • mongodb : {{ .Values.mongodb.enabled }} +│ • mailhog : {{ .Values.mailhog.enabled }} +│ +╰―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――┤ + +╭―― Here's a list of helpfull commands to get you started 📝 ―――――――――――――――――――――――――――――――――――――――――┤ +│ +│ → Get all the Infisical resources (excluding secrets/pvcs) +│ $ kubectl get all -n {{ .Release.Namespace }} +│ +│ → Get your release status +│ $ helm status {{ .Release.Namespace }} {{ .Release.Name }} +│ +│ → Get your release resources +│ $ helm get all {{ .Release.Namespace }} {{ .Release.Name }} +│ +│ → Uninstall your release +│ $ helm uninstall {{ .Release.Namespace }} {{ .Release.Name }} +│ +│ → Get MongoDB root password +│ $ kubectl get secret {{ .Release.Namespace }} mongodb +│ -o jsonpath="{.data['mongodb-root-password']}" | base64 -d +│ +│ → Get MongoDB users passwords +│ $ kubectl get secret {{ .Release.Namespace }} mongodb +│ -o jsonpath="{.data['mongodb-passwords']}" | base64 -d +│ +╰―――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――┤ + +## \ No newline at end of file diff --git a/helm-charts/infisical/templates/_helpers.tpl b/helm-charts/infisical/templates/_helpers.tpl index d0ceb06416..bf3f8e3018 100644 --- a/helm-charts/infisical/templates/_helpers.tpl +++ b/helm-charts/infisical/templates/_helpers.tpl @@ -118,9 +118,10 @@ Create the mongodb connection string. {{- define "infisical.mongodb.connectionString" -}} {{- $host := include "infisical.mongodb.fullname" . -}} {{- $port := 27017 -}} -{{- $user := "root" -}} -{{- $pass := "root" -}} -{{- $connectionString := printf "mongodb://%s:%s@%s:%d/" $user $pass $host $port -}} +{{- $user := first .Values.mongodb.auth.usernames | default "root" -}} +{{- $pass := first .Values.mongodb.auth.passwords | default "root" -}} +{{- $database := first .Values.mongodb.auth.databases | default "test" -}} +{{- $connectionString := printf "mongodb://%s:%s@%s:%d/%s" $user $pass $host $port $database -}} {{- if .Values.mongodbConnection.externalMongoDBConnectionString -}} {{- $connectionString = .Values.mongodbConnection.externalMongoDBConnectionString -}} {{- end -}} diff --git a/helm-charts/infisical/templates/backend-deployment.yaml b/helm-charts/infisical/templates/backend-deployment.yaml index 7a366d3905..f93f3c87e1 100644 --- a/helm-charts/infisical/templates/backend-deployment.yaml +++ b/helm-charts/infisical/templates/backend-deployment.yaml @@ -64,9 +64,13 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + type: {{ .Values.backend.service.type }} selector: {{- include "infisical.backend.matchLabels" . | nindent 8 }} ports: - protocol: TCP port: 4000 targetPort: 4000 # container port + {{- if eq .Values.backend.service.type "NodePort" }} + nodePort: {{ .Values.backend.service.nodePort }} + {{- end }} diff --git a/helm-charts/infisical/templates/mongodb-deployment.yaml b/helm-charts/infisical/templates/mongodb-deployment.yaml deleted file mode 100644 index c9a4b13a81..0000000000 --- a/helm-charts/infisical/templates/mongodb-deployment.yaml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "infisical.mongodb.fullname" . }} - labels: - {{- include "infisical.mongodb.labels" . | nindent 4 }} -spec: - replicas: 1 # Cannot be scaled. To scale, you must set up Stateful Set - selector: - matchLabels: - {{- include "infisical.mongodb.matchLabels" . | nindent 6 }} - template: - metadata: - labels: - {{- include "infisical.mongodb.matchLabels" . | nindent 8 }} - {{- with .Values.mongodb.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - spec: - containers: - - name: {{ template "infisical.name" . }}-{{ .Values.mongodb.name }} - image: "{{ .Values.mongodb.image.repository }}:{{ .Values.mongodb.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.mongodb.image.pullPolicy }} - ports: - - containerPort: 27017 - env: - - name: MONGO_INITDB_ROOT_USERNAME - value: root - - name: MONGO_INITDB_ROOT_PASSWORD - value: root ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "infisical.mongodb.fullname" . }} - labels: - {{- include "infisical.mongodb.labels" . | nindent 4 }} - {{- with .Values.mongodb.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - selector: - {{- include "infisical.mongodb.matchLabels" . | nindent 8 }} - ports: - - protocol: TCP - port: 27017 - targetPort: 27017 # container port diff --git a/helm-charts/infisical/values.yaml b/helm-charts/infisical/values.yaml index 9ed7ef9dc7..f670028b3c 100644 --- a/helm-charts/infisical/values.yaml +++ b/helm-charts/infisical/values.yaml @@ -1,88 +1,355 @@ -##### -# INFISICAL K8 DEFAULT VALUES FILE -# PLEASE REPLACE VALUES/EDIT AS REQUIRED -##### +## @section Common parameters +## +## @param nameOverride Override release name +## nameOverride: "" +## @param fullnameOverride Override release fullname +## +fullnameOverride: "" + +## @section Infisical frontend parameters +## Documentation : https://infisical.com/docs/self-hosting/deployments/kubernetes +## frontend: + ## @param frontend.enabled Enable frontend + ## + enabled: true + ## @param frontend.name Backend name + ## name: frontend + ## @param frontend.fullnameOverride Backend fullnameOverride + ## + fullnameOverride: "" + ## @param frontend.podAnnotations Backend pod annotations + ## podAnnotations: {} + ## @param frontend.deploymentAnnotations Backend deployment annotations + ## deploymentAnnotations: {} + ## @param frontend.replicaCount Backend replica count + ## replicaCount: 2 + ## Backend image parameters + ## image: + ## @param frontend.image.repository Backend image repository + ## repository: infisical/frontend - pullPolicy: IfNotPresent + ## @param frontend.image.tag Backend image tag + ## tag: "latest" - # kubeSecretRef: some-kube-secret-name + ## @param frontend.image.pullPolicy Backend image pullPolicy + ## + pullPolicy: IfNotPresent + ## @param frontend.kubeSecretRef Backend secret resource reference name (containing required [frontend configuration variables](https://infisical.com/docs/self-hosting/configuration/envars)) + ## + kubeSecretRef: "" service: - # type of the frontend service - type: ClusterIP - # define the nodePort if service type is NodePort - # nodePort: + ## @param frontend.service.annotations Backend service annotations + ## annotations: {} + ## @param frontend.service.type Backend service type + ## + type: ClusterIP + ## @param frontend.service.nodePort Backend service nodePort (used if above type is `NodePort`) + ## + nodePort: "" + +## Frontend variables configuration +## Documentation : https://infisical.com/docs/self-hosting/configuration/envars +## +frontendEnvironmentVariables: + ## @param frontendEnvironmentVariables.SITE_URL Absolute URL including the protocol (e.g. https://app.infisical.com) + ## + SITE_URL: infisical.local + +## @section Infisical backend parameters +## Documentation : https://infisical.com/docs/self-hosting/deployments/kubernetes +## backend: + ## @param backend.enabled Enable backend + ## + enabled: true + ## @param backend.name Backend name + ## name: backend + ## @param backend.fullnameOverride Backend fullnameOverride + ## + fullnameOverride: "" + ## @param backend.podAnnotations Backend pod annotations + ## podAnnotations: {} + ## @param backend.deploymentAnnotations Backend deployment annotations + ## deploymentAnnotations: {} + ## @param backend.replicaCount Backend replica count + ## replicaCount: 2 + ## Backend image parameters + ## image: + ## @param backend.image.repository Backend image repository + ## repository: infisical/backend - pullPolicy: IfNotPresent + ## @param backend.image.tag Backend image tag + ## tag: "latest" - # kubeSecretRef: some-kube-secret-name + ## @param backend.image.pullPolicy Backend image pullPolicy + ## + pullPolicy: IfNotPresent + ## @param backend.kubeSecretRef Backend secret resource reference name (containing required [backend configuration variables](https://infisical.com/docs/self-hosting/configuration/envars)) + ## + kubeSecretRef: "" service: + ## @param backend.service.annotations Backend service annotations + ## annotations: {} + ## @param backend.service.type Backend service type + ## + type: ClusterIP + ## @param backend.service.nodePort Backend service nodePort (used if above type is `NodePort`) + ## + nodePort: "" + +## Backend variables configuration +## Documentation : https://infisical.com/docs/self-hosting/configuration/envars +## +backendEnvironmentVariables: + ## @param backendEnvironmentVariables.ENCRYPTION_KEY **Required** Backend encryption key (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) + ## Command to generate the required value (linux) : 'hexdump -vn16 -e'4/4 "%08X" 1 "\n"' /dev/urandom', 'openssl rand -hex 16' + ## + ENCRYPTION_KEY: MUST_REPLACE + ## @param backendEnvironmentVariables.JWT_SIGNUP_SECRET **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) + ## @param backendEnvironmentVariables.JWT_REFRESH_SECRET **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) + ## @param backendEnvironmentVariables.JWT_AUTH_SECRET **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) + ## @param backendEnvironmentVariables.JWT_SERVICE_SECRET **Required** Secrets to sign JWT tokens (128-bit hex value, 32-characters hex, [example](https://stackoverflow.com/a/34329057)) + ## Command to generate the required value (linux) : 'hexdump -vn16 -e'4/4 "%08X" 1 "\n"' /dev/urandom', 'openssl rand -hex 16' + ## + JWT_SIGNUP_SECRET: MUST_REPLACE + JWT_REFRESH_SECRET: MUST_REPLACE + JWT_AUTH_SECRET: MUST_REPLACE + JWT_SERVICE_SECRET: MUST_REPLACE + ## @param backendEnvironmentVariables.SMTP_HOST **Required** Hostname to connect to for establishing SMTP connections + ## @param backendEnvironmentVariables.SMTP_PORT Port to connect to for establishing SMTP connections + ## @param backendEnvironmentVariables.SMTP_SECURE If true, use TLS when connecting to host. If false, TLS will be used if STARTTLS is supported + ## @param backendEnvironmentVariables.SMTP_FROM_NAME Name label to be used in From field (e.g. Infisical) + ## @param backendEnvironmentVariables.SMTP_FROM_ADDRESS **Required** Email address to be used for sending emails (e.g. dev@infisical.com) + ## @param backendEnvironmentVariables.SMTP_USERNAME **Required** Credential to connect to host (e.g. team@infisical.com) + ## @param backendEnvironmentVariables.SMTP_PASSWORD **Required** Credential to connect to host + ## + SMTP_HOST: MUST_REPLACE + SMTP_PORT: 587 + SMTP_SECURE: false + SMTP_FROM_NAME: Infisical + SMTP_FROM_ADDRESS: MUST_REPLACE + SMTP_USERNAME: MUST_REPLACE + SMTP_PASSWORD: MUST_REPLACE + ## @param backendEnvironmentVariables.SITE_URL Absolute URL including the protocol (e.g. https://app.infisical.com) + ## + SITE_URL: infisical.local + +## @section MongoDB(®) parameters +## Documentation : https://github.com/bitnami/charts/blob/main/bitnami/mongodb/values.yaml +## mongodb: - name: mongodb + ## @param mongodb.enabled Enable MongoDB(®) + ## + enabled: true + ## @param mongodb.name Name used to build variables (deprecated) + ## + name: "mongodb" + ## @param mongodb.fullnameOverride Fullname override + ## + fullnameOverride: "mongodb" + ## @param mongodb.nameOverride Name override + ## + nameOverride: "mongodb" + ## @param mongodb.podAnnotations Pod annotations + ## podAnnotations: {} + ## @param mongodb.useStatefulSet Set to true to use a StatefulSet instead of a Deployment (only when `architecture: standalone`) + ## + useStatefulSet: true + ## @param mongodb.architecture MongoDB(®) architecture (`standalone` or `replicaset`) + ## + architecture: "standalone" + ## Bitnami MongoDB(®) image + ## ref: https://hub.docker.com/r/bitnami/mongodb/tags/ + ## @param mongodb.image.repository MongoDB(®) image registry + ## @param mongodb.image.tag MongoDB(®) image tag (immutable tags are recommended) + ## @param mongodb.image.pullPolicy MongoDB(®) image pull policy + ## image: - repository: mongo + repository: bitnami/mongodb pullPolicy: IfNotPresent - tag: "latest" + tag: "6.0.4-debian-11-r0" + ## @param mongodb.service.annotations Service annotations + ## service: annotations: {} + ## Infisical MongoDB custom authentication + ## + auth: + ## @param mongodb.auth.enabled Enable custom authentication + ## + enabled: true + ## @param mongodb.auth.usernames Custom usernames list ([special characters warning](https://www.mongodb.com/docs/manual/reference/connection-string/#standard-connection-string-format)) + ## + usernames: + - "infisical" + ## @param mongodb.auth.passwords Custom passwords list, match the above usernames order ([special characters warning](https://www.mongodb.com/docs/manual/reference/connection-string/#standard-connection-string-format)) + ## + passwords: + - "infisical" + ## @param mongodb.auth.databases Custom databases list ([special characters warning](https://www.mongodb.com/docs/manual/reference/connection-string/#standard-connection-string-format)) + ## + databases: + - "infisical" + ## MongoDB persistence configuration + ## + persistence: + ## @param mongodb.persistence.enabled Enable database persistence + ## + enabled: true + ## @param mongodb.persistence.existingClaim Existing persistent volume claim name + ## + existingClaim: "" + ## @param mongodb.persistence.resourcePolicy Keep the persistent volume even on deletion (`keep` or `""`) + ## + resourcePolicy: "keep" + ## @param mongodb.persistence.accessModes Persistent volume access modes + ## + accessModes: ["ReadWriteOnce"] + ## @param mongodb.persistence.size Persistent storage request size + ## + size: 8Gi -# By default the backend will be connected to a Mongo instance in the cluster. -# However, it is recommended to add a managed document DB connection string because the DB instance in the cluster does not have persistence yet ( data will be deleted on next deploy). -# Learn about connection string type here https://www.mongodb.com/docs/manual/reference/connection-string/ -mongodbConnection: {} - # externalMongoDBConnectionString: <> +## @param mongodbConnection.externalMongoDBConnectionString External MongoDB connection string +## By default the backend will be connected to a Mongo instance within the cluster +## However, it is recommended to add a managed document DB connection string for production-use (DBaaS) +## Learn about connection string type here https://www.mongodb.com/docs/manual/reference/connection-string/ +## e.g. "mongodb://:@:/" +## +mongodbConnection: + externalMongoDBConnectionString: "" + +## @section Ingress parameters +## ingress: + ## @param ingress.enabled Enable ingress + ## enabled: true annotations: + ## @skip ingress.annotations.kubernetes.io/ingress.class + ## kubernetes.io/ingress.class: "nginx" - hostName: example.com # replace with your domain - frontend: + # cert-manager.io/issuer: letsencrypt-nginx + ## @param ingress.hostName Ingress hostname (your custom domain name) + ## Replace with your own domain + ## + hostName: infisical.local + ## @skip ingress.frontend + ## + frontend: path: / pathType: Prefix + ## @skip ingress.backend + ## backend: path: /api pathType: Prefix + ## @param ingress.tls Ingress TLS hosts (matching above hostName) + ## Replace with your own domain + ## tls: [] + # - secretName: letsencrypt-nginx + # hosts: + # - infisical.local +## @section Mailhog parameters +## Documentation : https://github.com/codecentric/helm-charts/blob/master/charts/mailhog/values.yaml +## -## Complete Ingress example -# ingress: -# enabled: true -# annotations: -# kubernetes.io/ingress.class: "nginx" -# cert-manager.io/issuer: letsencrypt-nginx -# hostName: k8.infisical.com -# frontend: -# path: / -# pathType: Prefix -# backend: -# path: /api -# pathType: Prefix -# tls: -# - secretName: letsencrypt-nginx -# hosts: -# - k8.infisical.com +mailhog: + ## @param mailhog.enabled Enable Mailhog + ## + enabled: false + ## @param mailhog.fullnameOverride Fullname override + ## + fullnameOverride: "mailhog" + ## @param mailhog.nameOverride Name override + ## + nameOverride: "" + ## @param mailhog.image.repository Image repository + ## Why we use this version : https://github.com/mailhog/MailHog/issues/353#issuecomment-821137362 + ## @param mailhog.image.tag Image tag + ## @param mailhog.image.pullPolicy Image pull policy + ## + image: + repository: lytrax/mailhog + tag: "latest" + pullPolicy: IfNotPresent -frontendEnvironmentVariables: {} - -backendEnvironmentVariables: {} + containerPort: + ## @param mailhog.containerPort.http.port Mailhog HTTP port (Web UI) + ## @skip mailhog.containerPort.http.name + ## + http: + name: http + port: 8025 + ## @param mailhog.containerPort.smtp.port Mailhog SMTP port (Mail) + ## @skip mailhog.containerPort.smtp.name + ## + smtp: + name: tcp-smtp + port: 1025 + ## @skip mailhog.service + ## + service: + annotations: {} + extraPorts: [] + clusterIP: "" + externalIPs: [] + loadBalancerIP: "" + loadBalancerSourceRanges: [] + type: ClusterIP + # Named target ports are not supported by GCE health checks, so when deploying on GKE + # and exposing it via GCE ingress, the health checks fail and the load balancer returns a 502. + namedTargetPort: true + port: + http: 8025 + smtp: 1025 + nodePort: + http: "" + smtp: "" + ## Mailhog ingress + ## + ingress: + ## @param mailhog.ingress.enabled Enable ingress + ## + enabled: true + ## @param mailhog.ingress.ingressClassName Ingress class name + ## + ingressClassName: nginx + ## @param mailhog.ingress.annotations Ingress annotations + ## + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + ## @param mailhog.ingress.labels Ingress labels + ## + labels: {} + hosts: + ## @param mailhog.ingress.hosts[0].host Mailhog host + ## + - host: mailhog.infisical.local + ## @skip mailhog.ingress.hosts[0].paths + ## + paths: + - path: "/" + pathType: Prefix \ No newline at end of file diff --git a/helm-charts/secrets-operator/Chart.yaml b/helm-charts/secrets-operator/Chart.yaml index 21480085be..89f7af5c43 100644 --- a/helm-charts/secrets-operator/Chart.yaml +++ b/helm-charts/secrets-operator/Chart.yaml @@ -18,4 +18,4 @@ version: 0.1.2 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.1.2" +appVersion: "0.1.3" diff --git a/helm-charts/upload-to-cloudsmith.sh b/helm-charts/upload-to-cloudsmith.sh old mode 100644 new mode 100755 index 218c11149a..cc63a04a48 --- a/helm-charts/upload-to-cloudsmith.sh +++ b/helm-charts/upload-to-cloudsmith.sh @@ -1,10 +1,17 @@ ## Loop through each helm chart directoy and build each into helm package for d in */ ; do - helm package $d + cd "$d" + helm dependency update + helm package . + for i in *.tgz; do + [ -f "$i" ] || break + cloudsmith push helm --republish infisical/helm-charts "$i" + done + cd .. done -## Upload each packaged helm chart -for i in *.tgz; do - [ -f "$i" ] || break - cloudsmith push helm --republish infisical/helm-charts $i -done \ No newline at end of file +# ## Upload each packaged helm chart +# for i in *.tgz; do +# [ -f "$i" ] || break +# cloudsmith push helm --republish infisical/helm-charts $i +# done \ No newline at end of file diff --git a/k8-operator/go.mod b/k8-operator/go.mod index 023cc9da73..a4b615409f 100644 --- a/k8-operator/go.mod +++ b/k8-operator/go.mod @@ -3,11 +3,11 @@ module github.com/Infisical/infisical/k8-operator go 1.19 require ( - github.com/onsi/ginkgo/v2 v2.1.4 - github.com/onsi/gomega v1.19.0 - k8s.io/apimachinery v0.25.0 - k8s.io/client-go v0.25.0 - sigs.k8s.io/controller-runtime v0.13.1 + github.com/onsi/ginkgo/v2 v2.6.0 + github.com/onsi/gomega v1.24.1 + k8s.io/apimachinery v0.26.1 + k8s.io/client-go v0.26.1 + sigs.k8s.io/controller-runtime v0.14.4 ) require ( @@ -23,13 +23,13 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.8.0 // indirect + github.com/emicklei/go-restful/v3 v3.9.0 // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect - github.com/fsnotify/fsnotify v1.5.4 // indirect + github.com/fsnotify/fsnotify v1.6.0 // indirect github.com/go-logr/logr v1.2.3 // indirect github.com/go-logr/zapr v1.2.3 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/jsonreference v0.19.5 // indirect + github.com/go-openapi/jsonreference v0.20.0 // indirect github.com/go-openapi/swag v0.19.14 // indirect github.com/go-resty/resty/v2 v2.7.0 github.com/gogo/protobuf v1.3.2 // indirect @@ -37,45 +37,45 @@ require ( github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.2 // indirect github.com/google/gnostic v0.5.7-v3refs // indirect - github.com/google/go-cmp v0.5.8 // indirect + github.com/google/go-cmp v0.5.9 // indirect github.com/google/gofuzz v1.1.0 // indirect github.com/google/uuid v1.1.2 // indirect github.com/imdario/mergo v0.3.12 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.6 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.12.2 // indirect - github.com/prometheus/client_model v0.2.0 // indirect - github.com/prometheus/common v0.32.1 // indirect - github.com/prometheus/procfs v0.7.3 // indirect + github.com/prometheus/client_golang v1.14.0 // indirect + github.com/prometheus/client_model v0.3.0 // indirect + github.com/prometheus/common v0.37.0 // indirect + github.com/prometheus/procfs v0.8.0 // indirect github.com/spf13/pflag v1.0.5 // indirect go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect - go.uber.org/zap v1.21.0 // indirect - golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd - golang.org/x/net v0.0.0-20220722155237-a158d28d115b // indirect - golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect - golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect - golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect - golang.org/x/text v0.3.7 // indirect - golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect + go.uber.org/zap v1.24.0 // indirect + golang.org/x/crypto v0.1.0 + golang.org/x/net v0.7.0 // indirect + golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect + golang.org/x/sys v0.5.0 // indirect + golang.org/x/term v0.5.0 // indirect + golang.org/x/text v0.7.0 // indirect + golang.org/x/time v0.3.0 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect google.golang.org/appengine v1.6.7 // indirect - google.golang.org/protobuf v1.28.0 // indirect + google.golang.org/protobuf v1.28.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.25.0 - k8s.io/apiextensions-apiserver v0.25.0 // indirect - k8s.io/component-base v0.25.0 // indirect - k8s.io/klog/v2 v2.70.1 // indirect - k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect - k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed // indirect + k8s.io/api v0.26.1 + k8s.io/apiextensions-apiserver v0.26.1 // indirect + k8s.io/component-base v0.26.1 // indirect + k8s.io/klog/v2 v2.80.1 // indirect + k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect + k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 // indirect sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect diff --git a/k8-operator/go.sum b/k8-operator/go.sum index a0d400d6d2..1ae17974ab 100644 --- a/k8-operator/go.sum +++ b/k8-operator/go.sum @@ -99,6 +99,8 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/emicklei/go-restful/v3 v3.8.0 h1:eCZ8ulSerjdAiaNpF7GxXIE7ZCMo1moN1qX+S609eVw= github.com/emicklei/go-restful/v3 v3.8.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= +github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= @@ -113,6 +115,8 @@ github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJ github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= github.com/fsnotify/fsnotify v1.5.4 h1:jRbGcIw6P2Meqdwuo0H1p6JVLbL5DHKAKlYndzMwVZI= github.com/fsnotify/fsnotify v1.5.4/go.mod h1:OVB6XrOHzAwXMpEM7uPOzcehqUV2UqJxmVXmkdnm1bU= +github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= +github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -120,9 +124,11 @@ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= +github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -135,6 +141,8 @@ github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUe github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonreference v0.19.5 h1:1WJP/wi4OjB4iV8KVbH73rQaoialJrqv8gitZLxGLtM= github.com/go-openapi/jsonreference v0.19.5/go.mod h1:RdybgQwPxbL4UEjuAruzK1x3nE69AqPYEJeo/TWfEeg= +github.com/go-openapi/jsonreference v0.20.0 h1:MYlu0sBgChmCfJxxUKZ8g1cPWFOB37YSZqewK7OKeyA= +github.com/go-openapi/jsonreference v0.20.0/go.mod h1:Ag74Ico3lPc+zR+qjn4XBUmXymS4zJbYVCZmcgkasdo= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= github.com/go-openapi/swag v0.19.14 h1:gm3vOOXfiuw5i9p5N9xJvfjvuofpyvLA9Wr6QfK5Fng= github.com/go-openapi/swag v0.19.14/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= @@ -199,6 +207,8 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -264,6 +274,8 @@ github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/matttproud/golang_protobuf_extensions v1.0.2 h1:hAHbPm5IJGijwng3PWk09JkG9WeqChjprR5s9bBZ+OM= +github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -281,8 +293,12 @@ github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo/v2 v2.1.4 h1:GNapqRSid3zijZ9H77KrgVG4/8KqiyRsxcSxe+7ApXY= github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU= +github.com/onsi/ginkgo/v2 v2.6.0 h1:9t9b9vRUbFq3C4qKFCGkVuq/fIHji802N1nrtkh1mNc= +github.com/onsi/ginkgo/v2 v2.6.0/go.mod h1:63DOGlLAH8+REH8jUGdL3YpCpu7JODesutUjdENfUAc= github.com/onsi/gomega v1.19.0 h1:4ieX6qQjPP/BfC3mpsAtIGGlxTWPeA3Inl/7DtXw1tw= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= +github.com/onsi/gomega v1.24.1 h1:KORJXNNTzJXzu4ScJWssJfJMnJ+2QJqhoQSRwNlze9E= +github.com/onsi/gomega v1.24.1/go.mod h1:3AOiACssS3/MajrniINInwbfOOtfZvplPzuRSmvt1jM= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -293,24 +309,33 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= +github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= github.com/prometheus/client_golang v1.12.2 h1:51L9cDoUHVrXx4zWYlcLQIZ+d+VXHgqnYKkIuq4g/34= github.com/prometheus/client_golang v1.12.2/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= +github.com/prometheus/client_golang v1.14.0 h1:nJdhIvne2eSX/XRAFV9PcvFFRbrjbcTUj0VP62TMhnw= +github.com/prometheus/client_golang v1.14.0/go.mod h1:8vpkKitgIVNcqrRBWh1C4TIUQgYNtG/XQE4E/Zae36Y= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= +github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= github.com/prometheus/common v0.32.1 h1:hWIdL3N2HoUx3B8j3YN9mWor0qhY/NlEKZEaXxuIRh4= github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= +github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= +github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.7.3 h1:4jVXhlkAyzOScmCkXBTOLRLTz8EeU+eyjrwB/EPq0VU= github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= +github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= +github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= @@ -348,11 +373,14 @@ go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= +go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= go.uber.org/multierr v1.6.0 h1:y6IPFStTAIT5Ytl7/XYmHvzXQ7S3g/IeZW9hyZ5thw4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI= go.uber.org/zap v1.21.0 h1:WefMeulhovoZ2sYXz7st6K0sLj7bBhpiFaud4r4zST8= go.uber.org/zap v1.21.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw= +go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= +go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -363,6 +391,7 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38= golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -439,8 +468,12 @@ golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211029224645-99673261e6eb/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b h1:PxfKdU9lEEDYjdIzOtC4qFWgkU2rGHdKlKowJSMN9h0= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -458,6 +491,8 @@ golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg= golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b h1:clP8eMhB30EHdc0bd2Twtq6kgU7yl5ub2cQLSdrv1Dg= +golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -523,13 +558,19 @@ golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f h1:v4INt8xihDGvnrfjMDVXGxw9wrfxYyCjk0KbXjhR55s= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -540,11 +581,15 @@ golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20220609170525-579cf78fd858 h1:Dpdu/EMxGMFgq0CeYMh4fazTD2vtlZRYE7wyynxJb9U= golang.org/x/time v0.0.0-20220609170525-579cf78fd858/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -738,6 +783,8 @@ google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQ google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0 h1:w43yiav+6bVFTBQFZX0r7ipe9JQ1QsbMgHwbBziscLw= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= +google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -771,26 +818,44 @@ honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= k8s.io/api v0.25.0 h1:H+Q4ma2U/ww0iGB78ijZx6DRByPz6/733jIuFpX70e0= k8s.io/api v0.25.0/go.mod h1:ttceV1GyV1i1rnmvzT3BST08N6nGt+dudGrquzVQWPk= +k8s.io/api v0.26.1 h1:f+SWYiPd/GsiWwVRz+NbFyCgvv75Pk9NK6dlkZgpCRQ= +k8s.io/api v0.26.1/go.mod h1:xd/GBNgR0f707+ATNyPmQ1oyKSgndzXij81FzWGsejg= k8s.io/apiextensions-apiserver v0.25.0 h1:CJ9zlyXAbq0FIW8CD7HHyozCMBpDSiH7EdrSTCZcZFY= k8s.io/apiextensions-apiserver v0.25.0/go.mod h1:3pAjZiN4zw7R8aZC5gR0y3/vCkGlAjCazcg1me8iB/E= +k8s.io/apiextensions-apiserver v0.26.1 h1:cB8h1SRk6e/+i3NOrQgSFij1B2S0Y0wDoNl66bn8RMI= +k8s.io/apiextensions-apiserver v0.26.1/go.mod h1:AptjOSXDGuE0JICx/Em15PaoO7buLwTs0dGleIHixSM= k8s.io/apimachinery v0.25.0 h1:MlP0r6+3XbkUG2itd6vp3oxbtdQLQI94fD5gCS+gnoU= k8s.io/apimachinery v0.25.0/go.mod h1:qMx9eAk0sZQGsXGu86fab8tZdffHbwUfsvzqKn4mfB0= +k8s.io/apimachinery v0.26.1 h1:8EZ/eGJL+hY/MYCNwhmDzVqq2lPl3N3Bo8rvweJwXUQ= +k8s.io/apimachinery v0.26.1/go.mod h1:tnPmbONNJ7ByJNz9+n9kMjNP8ON+1qoAIIC70lztu74= k8s.io/client-go v0.25.0 h1:CVWIaCETLMBNiTUta3d5nzRbXvY5Hy9Dpl+VvREpu5E= k8s.io/client-go v0.25.0/go.mod h1:lxykvypVfKilxhTklov0wz1FoaUZ8X4EwbhS6rpRfN8= +k8s.io/client-go v0.26.1 h1:87CXzYJnAMGaa/IDDfRdhTzxk/wzGZ+/HUQpqgVSZXU= +k8s.io/client-go v0.26.1/go.mod h1:IWNSglg+rQ3OcvDkhY6+QLeasV4OYHDjdqeWkDQZwGE= k8s.io/component-base v0.25.0 h1:haVKlLkPCFZhkcqB6WCvpVxftrg6+FK5x1ZuaIDaQ5Y= k8s.io/component-base v0.25.0/go.mod h1:F2Sumv9CnbBlqrpdf7rKZTmmd2meJq0HizeyY/yAFxk= +k8s.io/component-base v0.26.1 h1:4ahudpeQXHZL5kko+iDHqLj/FSGAEUnSVO0EBbgDd+4= +k8s.io/component-base v0.26.1/go.mod h1:VHrLR0b58oC035w6YQiBSbtsf0ThuSwXP+p5dD/kAWU= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ= k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= +k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA= k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= +k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E= +k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4= k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4= k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y= +k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/controller-runtime v0.13.1 h1:tUsRCSJVM1QQOOeViGeX3GMT3dQF1eePPw6sEE3xSlg= sigs.k8s.io/controller-runtime v0.13.1/go.mod h1:Zbz+el8Yg31jubvAEyglRZGdLAjplZl+PgtYNI6WNTI= +sigs.k8s.io/controller-runtime v0.14.4 h1:Kd/Qgx5pd2XUL08eOV2vwIq3L9GhIbJ5Nxengbd4/0M= +sigs.k8s.io/controller-runtime v0.14.4/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0= sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE=